The UK Parliament has launched an enquiry into the surveillance conducted on citizens by the Government. It will investigate the growing number and scope of government databases holding increasing amounts of information on citizens. The Home Affairs Committee will conduct the inquiry, called 'A Surveillance Society?', so that it can produce rules for Government to follow when building up increasing amounts of sensitive and private information on the general public. "The inquiry will consider the growth of numerous public and private databases and forms of surveillance," said a Committee statement. "They either derive directly from the work of the Home Office and its related public functions or are controversial because whilst they offer the potential to play a part in the fight against crime their use may impinge on individual liberty." "The inquiry will focus on Home Office responsibilities such as identity cards, the National DNA Database and CCTV, but where relevant will look also at other departments’ responsibilities in this area, for instance the implications of databases being developed by the Department of Health and the Department for Education and Skills for use in the fight against crime," it said.
Friday, March 30, 2007
This study identifies likely developments in information technology in the near future, considers their impact on thecitizen, and makes recommendations on how to optimize their benefits to society. The report focuses on an area wherethe developments in IT have had a particularly significant impact in our everyday lives - the use of IT in surveillance,data-capture, and identity management. It looks at the threats that these technologies may pose and at the roleengineering can play in avoiding and managing these risks.
Tuesday, March 20, 2007
The European Commission will make changes to the Privacy and Electronic Communications Directive to take account of the exploding market in radio frequency identification (RFID) chips, it has said. Amendments will be proposed by the middle of this year. The Commission has published a Communication, intended as "a step towards a policy framework," for dealing with RFID chips, whose usefulness is seen by some to be at odds with privacy and data protection. RFID is a radio technology which allows chips to be identified at short distances by chip readers. The chips themselves are so cheap – just a few pence each – that they are useful in all sorts of commercial applications, from goods transit to stock management and even shop checkouts. It is the application of the chips to people and the things people do with the chipped goods, though, that has always worried privacy activists. Information Society and Media Commissioner Viviane Reding said that the advisory group she was forming to monitor RFID would work in conjunction with the Article 29 Data Protection Working Group, an existing, independent EU advisory body. Reding announced the creation of an RFID Stakeholder Group to help the Commission develop its RFID policy as part of an action plan to address the potential pitfalls and benefits of using RFID technology.
Thursday, March 15, 2007
Privacy bodies have welcomed Google's decision to anonymise personal data it receives from users' web searches. The firm previously held information about searches for an indefinite period but will now anonymise it after 18 to 24 months. "This is an extremely positive development," said Ari Schwartz, deputy director of the Center for Democracy and Technology, a US-based watchdog. "It's the type of thing we have been advocating for a number of years." However, governments could still force Google to hold onto data or hand it over to authorities. "By anonymising our server logs after 18 to 24 months, we think we're striking the right balance between two goals: continuing to improve Google's services for you, while providing more transparency and certainty about our retention practices," a statement from the search giant said. It's a step forward, but I would like to see them anonymising data in a much shorter period Richard Clayton, Cambridge University It added: "Unless we're legally required to retain log data for longer, we will anonymise our server logs after a limited period of time." Peter Fleischer, Google's privacy counsel for Europe, said the decision has been taken after consulting with privacy bodies in theUS and Europe. He said: "We believe that privacy is one of the cornerstones of trust. We will be retroactively going back into our log database and anonymising all the information there."
Thursday, March 08, 2007
Microsoft Chairman Bill Gates has added to his legislative wish list, renewing his push for Congress to pass an "all-inclusive" consumer privacy and security law by year's end.
In his keynote speech at a dinner here Wednesday hosted by the advocacy group Center for Democracy and Technology, Gates shifted his focus away from the calls for education and immigration changes that dominated his appearance at a morning Senate hearing. There's a critical need for federal privacy rules that require transparency about data collection practices, grant users access to their own data and dictate what companies must do if a breach occurs, Gates told an audience of about 900 people in a cavernous ballroom at the Ritz-Carlton Hotel here. Microsoft isn't alone in requesting federal privacy legislation. The Windows maker is allied with a number of tech titans, including eBay, Hewlett-Packard, Google, Intel and Oracle, that have begun lobbying Congress to override what they deem a patchwork of disparate state laws.
Privacy in the US certainly seems to be patchy, but whereas the European Data Protection Framework is much stricter in protecting the privacy of individuals (Art. 1 states fundamental rights and freedoms of individuals), this cannot be said of the US. Whether the legislation will be framed along the lines of the European Data Protection Directive is not clear, but for anyone interested in the differences between the US/Europe protection of privacy, see:
- Kang and Buchner. Privacy in Atlantis, Harvard Journal of Law and Technology, Vol. 18, No. 1, Fall 2004.
Reidenberg, R. and P. Schwartz. Data privacy Law (Michie, 1996).
Tuesday, March 06, 2007
This opinion and its annexes (frequently asked questions and model notices) are aimed attravel agents, airlines, and any other organisations providing travel services to passengersflying to and from the United States of America. This opinion and the annexes update andreplace the previous opinion of 30 September 2004 (WP97).The current legal framework for transferring PNR information to the US authorities iscovered by the interim agreement of 16 October 2006. Negotiations for a new agreementare expected to start in 2007.There remain obligations on travel agents, airlines and other organisations to provideinformation to passengers about the processing of their personal information, and thisopinion aims to give advice and guidance on who needs to provide what information, how and when. Information should be provided to passengers when they agree to buy a flight ticket, andwhen they receive confirmation of this ticket.The opinion gives advice on providing information by phone, in person and on theinternet. The Art. 29 Working Party has established the model information notices (the annexes tothis opinion) to make providing this information easier for organisations, and to makesure the information provided is consistent across the European Union.The shorter information notice gives passengers summary information about transfers oftheir data to the US authorities, and how to find out more information.The longer notice is in the form of frequently asked questions and has more details aboutthe processing. It explains passenger data more widely, before focusing on PNR data. It also includes links to the interim agreement and other relevant documents.
Monday, March 05, 2007
The Information Commissioner will tomorrow demolish one of the main arguments being used by Government to introduce restrictions on people’s right to know about the State. Richard Thomas, who will be appearing before MPs on the Constitutional Affairs Committee, is expected to say that public bodies already have wide-ranging powers to ignore requests that are designed to waste civil servants’ time. The Government believes that laws introduced in 2005 requiring much greater disclosure of information from the public sector place an unfair burden on civil servants. However campaigners say that the proposed restrictions are unnecessary and designed to save the Government from embarrassment after a series of damaging disclosures.