Domain: privacy.org
Stories and comments across the archive that link to privacy.org.
Comments · 22
-
Re:give me a break
Totalitarian governments methodically consolidate power (Castro, Putin, ect).
I understand your concern, but is the LACK of a national ID the only thing keeping the Feds from tracking me? Granted, this card could be used as a tool to collect data, but no more or less than my existing state ID card. There is no difference except that it might make it a bit easier. Then again, you could say that about any tool, such as computers, and federal buildings, and federal cars for government employees, and every other tool federal employees use in their day to day lives. Should we ban them all because they might make it easier for the government to collect data on you?
Also, it is not nationalized ID cards that cause totalitarian governments. For that matter, I don't think Cuba and Russia are on the list of countries that have a national ID standard. I do know that hose that do have such a card include Germany, France, Belgium, Greece, Luxembourg, Portugal and Spain. Not exactly totalitarian regimes.
A universal identity card and the accompanying database is a wonderful tool for a power-hungry politician (think of Bloomberg and then BATFE trace data).
How? How does this help the corrupt in a such a way that the current banking (credit card, ATM cards), Social Security and state ID system can not? -
Re:But no privacy in the land of the free
Protect peoples' privacy from whom? Companies? They come and go. How about governments? Which ones?
Good thing there is no such thing as having video surveillance seized by UK government, or the ID card scheme that will potentially tie-in seemless ability to quickly pull all purchases, where you drive and how fast, whether or not you prefer regular or free-range eggs...
http://www.privacy.org/pi/activities/idcard/uk/uk- idcard-faq.html
In particular, note the legal protections to limit the use of any information. As a yank living in the UK for a number of years now, I don't see much difference in the information gathering capabilities between US/UK. I see the UK as more bold in their actions because the citizens here do not have an underpinning constitution. This is important as laws can change much more quickly than with a constitution.
This does make me question just how solid a move Germany has made with this log deal, and if it can't be over-ruled by a higher court. -
Re:I have nothing to hide...
You do have something to hid: Your business. It's not Their business. Keep it that
way. Pretty soon it will become Their business to know your business and you won't be
able to stop them. They will want to know what medicines you take, what time you have
sex, what books you read, etc. The TSA probably already collects that information.
http://www.privacy.org/
http://www.epic.org/ -
Re:One word:
In Spain identity cards are compulsory from the age of 14 onwards:
http://www.privacy.org/pi/activities/idcard/idcard _faq.html
Yet that didn't stop the Madrid Train Bombings
http://news.bbc.co.uk/1/hi/in_depth/europe/2004/ma drid_train_attacks/default.stm -
Re:National ID cards redux
I thought the Australians had already rejected the idea of a national ID card (and associated unified database) outright?
Is this the Australian government pulling a flanker on the Australian electorate?
Yes, in 1986-87 - see http://www.privacy.org/pi/activities/idcard/idcard _faq.html -
Re:meh
There are ID verification processes and cards for welfare at the moment. Privacy.org state Australian Social Security as believing that the level of benefit overpayment that exists as a result of identity fraud represents 0.6% of the welfare fraud burden. http://www.privacy.org/pi/activities/idcard/idcar
d _faq.html If tackling welfare fraud is not a significant reason for the card then the "combatting terrorism" justification is the only real arguement. But what use are ID cards in combatting Terrorism unless people are forced to produce them in every day life? Regardless, even if there was one compulsory ID card it just makes it easier for forgers to know what to copy... unless ths Australians know how to make a card copy proof??? hmmm - maybe not... -
Re:BahBe thankful you're not in the UK: the government is hell-bent on forcing ID cards, with embedded biometrics (facial, maybe others), onto a public that doesn't want them and doesn't want to pay for them.
All sorts of benefits are being touted; David Blunkett, Home Secretary, had this to say regarding these cards use:
Identity cards would help us tackle the organised criminals and terrorists who use fake identities to carry out their crimes. They would also aid the fight against illegal working and immigration abuse, enable easier and more convenient access to services and ensure free public services are only used by those entitled to them. The Identity Cards Bill will set out the stringent safeguards we want for the use of the cards, what information they contain and who can access it.
Of course, he fails to mention that ID cards didn't stop the Madrid bombings (Spain has ID cards). He also failed to mention the scope of access of previous projects was way too broad which'll probably happen again (e.g. the Food Standards Agency at one time had full access to all you e-mail and surfing habits thanks to the R.I.P. bill, as well as local councils!). But then, there are many, many flaws and concerns. Originally they were supposed to be _purely_ for identification purposes, but compulsion and links to public services/benefits are being pushed, as well as circumventing checks and balances such as this case of forcing employers to check their staff with the National ID Register even though it'll be illegal to force a check, until they become compulsory, at least.
It's all very disturbing, the public really doesn't want them so the government's conducting heavily-loaded research to lie with, then they can use statistics to pretend the people are in favour. The costs will be prohibitive, with the money much better spent on the likes of education & healthcare, but they've got the bit firmly between the teeth and are serious about imposing these on us, whether we like it or not.
For more details check out No2ID.net and read the concerns of Privacy International in their (slightly old but still relevant) ID Card FAQ.
-
Re:Who am I?
Much opposition to ID cards stems from a backlash against them after WWII; there is a feeling in the older generations that compulsary ID cards are one of the things we fought against.
Some people feel that it's worth it to avoid the hassles in proving ID when opening bank accounts or getting a drivers license, but I feel that overlooks the obvious point that these issues are under government control - is there really a need to produce three separate forms of ID before making a 1GBP deposit?
Many of the British technical community are opposed to the scheme on the grounds of the linked database. The government has thus far been vague about the content of this database, but budget overruns, security lapses and uncontrolled increase in scope seem likely on the basis of past history. For example, a recent NHS IT upgrade was slated to cost 2.3bn GBP over 3 years. The cost is now estimated to be 6.2bn over ten years, with a 12-24bn cost of roll-out [source]. That's a fairly typical example of government IT project management, whatever the country.
It's also unclear why a central database is even needed; a card with a digital photograph cryptographically signed by a government authority would surely prove identity without the associated risks of identity theft and privacy loss that a database represents.
More Information:
PI FAQ on "Entitlement Cards"
Register commentary (anti)
BBC (neutral) -
Amtrak shares data with the government tooAmtrak has worked hand in hand with the DEA to target supposed drug couriers. From EPIC-DIGEST April 11, 2001:
Amtrak Sharing Rider Information, Profit from Seizures, with DEA
Amtrak is providing the DEA with ticketing information about passengers in an effort to stem the flow of illegal drugs. DEA agents have direct access to an Amtrak computer that contains information on passenger names, origination points, destinations, and payment information. In exchange for access to the database, Amtrak receives 10% of whatever seizures the DEA makes using the information.- Amtrak Helps DEA Hunt Drug Couriers, Albuquerque Journal, April 11, 2001. (Ed.: link broken)
- Amtrak shares passenger info with DEA for drug prosecutions, Declan
McCullagh's politechbot.com, April 11, 2001. - Your Rights Online: Keeping DEA In The Loop About Amtrak Travelers, Slashdot, April 15, 2001.
- Amtrak 'Sharing' Information With D.E.A., New York Times, April 15, 2001 (registration required).
You might think that Amtrak could be tempted to give up a lot of passenger data in return for $1 billion. Well, what if the feds doubled that? Senator Olympia Snowe (R) wants to raise Amtrak's funding to $2 billion a year over the next six years, with an additional $48 billion for maintenance and new construction. It's probably just coincidence that Snowe introduced a bill (S. 1599) pushing for "the Secretary of Homeland Security to conduct a study of the feasibility of implementing a program for the full screening of passengers, baggage, and cargo on Amtrak trains, and for other purposes." The best part is section 1.b, which says:
PILOT PROGRAM- As part of the study under subsection (a), the Secretary shall conduct a pilot program of random security screening of passengers and baggage at 5 of the 10 busiest passenger rail stations served by Amtrak (measured by the average number of boardings of Amtrak passenger trains) and at up to five additional rail stations served by Amtrak that are selected by the Secretary. In selecting the additional train stations the Secretary shall attempt to achieve a distribution of participating stations in terms of geographic location and size.
I feel safer already! -
Re:wow ...Very interesting links you gave as I really don't know that much about subpoenas and requirements for government officials except for what I have read on slashdot, eff.org and Epic. And since there are a lot of paranoid people out there (including me) it's hard to find out whats correct.
About Europe and subphoenas.
I know for sure that companies in Scandinavia don't have to release information until a judge have ordered them to do so. They can give information but very few do so without an approval from a judge.
I'm not so sure about the rest of Europe, but I think the situation is similar in Germany, France, Belgium, Netherland, Switzerland, Austria, Spain and Portugal. Within EU there is a lots of project on hamonisation of laws so its difficault to track each country. But I belive Europe is heading in the right direction on these matters. For example EU has implemented laws that don't allow companies to transfer information to other countries with less privacy.
But since there are both national laws and new EU laws on this subject its hard to get a reasonable overwiev.
This page from Privacy International gives an overwiev on EU privacy laws and technology. (looks like some of the links points to a EU server that is down)
But this don't cover the matter of disclosure that is still up to each country. -
Are Diebold ATMs more secure?From the NYT Article:
The systems, in which voters are given computer-chip-bearing smart cards to operate the machines, could be tricked by anyone with $100 worth of computer equipment, said Adam Stubblefield, a co-author of the paper.
It would be interesting to see how worried Diebold is about fraudulent misrepresentation in its voting machines as opposed to its ATMs. I wonder aloud how vigilant they are (read: how much money they spend in a year) in each area.
"With what we found, practically anyone in the country -- from a teenager on up -- could produce these smart cards that could allow someone to vote as many times as they like," Mr. Stubblefield said.
Just from the above quote, this doesn't sound like the kind of security that any bank would tolerate. Is this a case of lawmakers awarding contracts under duress after being wowed by cool "tecknoligee" in order to avoid being the next "Florida 2000," or is Diebold simply a victim of its own success for having potentially higher standards for commerce than voting?
[sarcasm]
It almost seems like the authentication process to make this work would need something as stringent as, say, a National ID card...
Ooh, and we could use a Poll tax to pay for the equipment!
[/sarcasm] -
my submission
The Center for Public Integrity has intercepted a sequel to the Patriot Act that is being called the "Domestic Security Enhancement Act of 2003". Here are a few mirrors to the document... (we will need more): one, two, and three. A notable part of the prospective legislation is that a new federal felony is created for willfully using encryption during the comission of a felony and that a judge in a different part of the country can issue a search warrant for another part of the country for terrorism or "computer crime". Why should you care if this isn't even close to law yet? 1) It's written by John Ashcroft and 2) The Bush administration is great at getting these things passed during emergencies (wasn't the homeland color just kicked up a notch?)
-
Re:Who didn't see this coming?
It'll still be in English dictionaries, its the American ones it'll be removed from....
Ooooh, so it will still be in British-English dictionaries, where an estimated 300,000 closed-circuit TV cameras monitor your movement on the streets? -
Re:EFF snafu
I won't comment on the EFF, but a year or more ago I had thought that it would be the EPIC in the more prominent position that EFF is today. I really don't know much about the EFF's history, while I know that EPIC is responsible for Privacy.org, and has worked closely with the ACLU. Actually, I think a lot more could be accomplished if the EFF and EPIC were to become one. Or at least, work together alongside the ACLU. They seem to have the same priorities.
-
ID Card FAQ
Has anyone read the FAQ on ID Cards?
http://www.privacy.org/pi/activities/idcard/idcard _faq.html -
Re:FUDReading briefly through the replies to this comment shows that a few people have picked up on the points I'd like to address. First the quote from Benjamin Franklin:
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
Despite this quote, some think a temporary loss of liberty is not much of a loss since it can always be regained. This is pure speculation. I am not a historian or a constitutional lawyer but there have been instances in the past where knee-jerk legislation had been passed and then not rescinded. For example legislation passed immediately after the Flight 800 crash. This granted expanded ability for officials to expel aliens from the country. This was during the period where it was thought that a bomb caused the crash. It wasn't a bomb, the law, however, still stands.Knee-jerk reactions to this event (and others like it) are not likely to 1) prevent these types of activities 2) be fully thought out to maintain our liberties. I can't, for the life of me, understand how making plastic knives illegal in airports will really help prevent a catastrophy like this.
Government Officials are already calling for restrictions on cryptography (prohibiting export, key escrow, etc). Sigh. I direct those interested to a review on key escrow here.
Our liberties are constantly under siege. From overzealous profit motivated sources to foreign (or even domestic) aggressors our freedom is slowly being eroded away. Without the federal government helping us protect our rights there is no hope. Misguided legislation could push us drastically in the wrong direction. Giving up rights is remarkably easy (and in some cases the loss may go unrecognized), getting them back (or obtaining them at all) can be at a tremendous cost.
For those eager, or at least not reluctant, to temporarily give up your liberties I suggest the following links and their references (note: I have drawn from these sources to some degree).
This Month's Cryptogram
Activists Defend Civil Liberties in Wake of Attack at privacy.org. -
Lots of questions
Will kids be brought up to think that having an authority figure constantly monitoring them is ok?
Do kids have privacy rights or not?
How long before Skyward or some other business, sells the information parents receive through this program? Kids habits and tastes are valuable to marketers, and plenty of schools eagerly seek out corporate funding. Will Skyward sell the information to businesses, or will schools cut out the middle-man and sell it themselves?
How many third parties will get a hold of the information when they aren't supposed to?
Can information collected on state property (schools) be held from the Government, if they demand access? -
Lots of questions
Will kids be brought up to think that having an authority figure constantly monitoring them is ok?
Do kids have privacy rights or not?
How long before Skyward or some other business, sells the information parents receive through this program? Kids habits and tastes are valuable to marketers, and plenty of schools eagerly seek out corporate funding. Will Skyward sell the information to businesses, or will schools cut out the middle-man and sell it themselves?
How many third parties will get a hold of the information when they aren't supposed to?
Can information collected on state property (schools) be held from the Government, if they demand access? -
"Cutting off" is incorrectThat's just alarmist. All the EU Data Protection Directive affects is privacy of personal data, data that has somebody's name, address, etc. attached. If you collect such data within the EU, you can't use it in ways the owner of the data (by law, the person mentioned) didn't specifically approve. To make this enforceable, the EU prohibits getting around the EU rules by sending such data to areas with weaker rules, unless there's an enforceable agreement in place to protect the data while it's outside the EU. The EU has had rules in this area since 1981, and the current rules date from 1995. So this is old stuff in the EU. US complaints are mostly whining by the Direct Marketing Association. Even the DMA, though, points out that companies which actually comply with the DMA's own "principles" don't have real problems. What scares them is that the EU Directive has enforcement power behind it. If a company misuses your personal data, it might be denied the right to maintain files of personal data at all.
Basically, it put a lid on most slimy marketing practices that misuse personal data. Too many US companies are used to getting away with this, and much of the direct mail industry depends on it.
But it has zero effect on open source or anything like that.
-
Re:Clarification
-
Re:HailStorm Services. . .Should be a helluva load of fun, when Micro$oft attempts to apply hailstorm to European slave^H^H^H^H^Hconsumers.
They might be interested in this piece of European legislation.
In short, it says about that...
Companies must notify both employees and consumers about how information collected about them will be used;
Companies can only use data for its intended purpose;
Companies cannot transfer data on employees and consumers to countries with inadequate privacy protection laws;
Consumers will have a right to access data collected about them;
Consumers will have a right to have inaccurate data rectified;
Consumers will have a right to know the origin of data about them (if this information is available);
Consumers will have a right of recourse in the event of unlawful processing of data about them;
Consumers will have a right to withhold permission to use their data (e.g. the right to opt-out of direct marketing campaigns for free without providing a reason);
Companies need explicit permission of consumers to process sensitive information, including information on racial origin, political or religious beliefs, trade union membership, medical data, and sexual life.
I can see it now, the M$ Hail$torm license agreement going like:
All your database are belong to us and in an event that your local laws conflict with our right of ownership of your data then Washington State laws and the word of our Lord Gates supersede such laws...
Well, they just might be laughed out of any European court.
For starters: Click through licenses are not legally binding in most European countries. And their certainly not binding when they conflict with mandatory local laws.
-
I don't think Brin understands SQUAT...
about human nature. In the US, we've become more voyeuristic than ever, and it's not Brin's rumored "politeness" that we're seeing. In some quarters, people make their actions (brazen violence or disregard for others) MORE visible, and couldn't care less about what people think. Surveylance may elicit more "polite" behavior, but only from people that actually CARE (people who were polite to begin with). For those that don't give a rat's hiney, it won't make a bit of difference.
As for Brin's statistics on crime prevention in the U.K. that has allegedly resulted from public surveylance, they don't tell the full story. For another perspective, visit www.privacy.org, which discusses the issue of public surveylance in much greater detail.