CyberLaw Blog

Archive for the ‘Security’ Category

Google gains a little Latitude – Which? News: “Google gains a little Latitude Privacy concerns raised over latest service

04 February 2009
Google Maps logo

Search giant Google is introducing a service called Latitude, which will allow people to track the whereabouts of others from mobile devices and via the web.

People can opt-in to the service and allow trusted people such as their partner or friends to see their approximate location, for instance if they’re stuck in traffic or held up due to bad conditions such as snow.

As well as seeing friends’ locations on a map, you can use text messaging, Google Talk or Gmail to update your status message.
Shared data

Privacy experts have expressed concerns that the service is open to abuse.

Yaman Akdeniz, founder and directory of civil liberties organisation Cyber-rights and Cyber-liberties, said: ‘Users need more education before consenting for their data to be shared. What if your boss is one of your friends and you say you’re ill and you are in the pub!

‘There is a danger that companies want to use it for offering services when we go shopping such as in the film Minority Report. Today, it is Google, tomorrow it will be others, the question is will privacy concerns be taken into consideration.’

Google Latitude is the latest in a number of web and mobile based technologies to track individuals’ data including the controversial Street View within Google Maps. Similarly, Vodafone has shared customers’ data with sat-nav maker Tom-Tom to help it to predict traffic jams.

Google says it has taken privacy concerns into consideration and that it has ‘built fine-grained privacy controls right into the application. Everything about Latitude is opt-in’.”

(Via .)

UK – Firms back data protection pledge: “(BBC)
Firms are being encouraged to back a pledge to safeguard the data they hold about citizens and customers. Drafted by the Information Commissioner, the Personal Information Promise tries to improve respect for the data companies have gathered. Firms and organisations who use data that people surrender do not always take enough care with it, said Richard Thomas, Information Commissioner. 2008 saw a series of data breaches and losses that left the personal details of millions of people at risk from ID thieves. By signing up to the promise firms say they will go beyond the strictures laid down by law which govern what they can do with the personal data they hold on their customers or clients. Those backing the promise will be exhorted to consider privacy risks when they start work on new information systems that draw on databases of personal data. They must also put in place safeguards to ensure data is securely stored and does not fall into the hands of ID thieves. On the day the promise was launched 20 organisations pledged to back it. Those signing up included BT, Vodafone, Royal Mail, British Gas, Experian, Equifax, AstraZeneca and T-Mobile. see Personal Information Promise and Press Release.”

(Via QuickLinks Update.)

Government ‘loses one PC a week’: “The Tories demand a Whitehall security review as it is revealed 53 computers disappeared in a year.”

(Via BBC News.)

BBC News: BNP members ‘targeted by threats’

19 November, 2008

BNP leader Nick Griffin: ‘We’re disappointed’

BNP members have told BBC News they have received threatening and abusive phone calls and e-mails after a leaked document was published online.”

(Via .)

European Commission consults on network and information security: “The European Commission has launched a consultation on how it can strengthen the European Union’s response to computer attacks. The Commission is canvassing views ahead of a debate early next year about an EU-wide co-ordination of computer security.”

(Via OUT-LAW News.)

Official fined for leaving al-Qaida papers on train

A senior Whitehall official who left highly classified intelligence documents about al-Qaida and the capabilities of the Iraqi security forces on a train was fined £2,500 yesterday by Westminster magistrates court after admitting negligence.

Richard Jackson, 37, of Yateley, Hampshire, who had been seconded from the Ministry of Defence to the Cabinet Office, was charged under a section of the Official Secrets Act covering the safeguarding of information. It is the first prosecution of its kind and it had been assumed in Whitehall he would be disciplined by internal procedures rather than charged under the criminal law. The court heard he had already taken a ‘drastic’ pay cut and effectively been demoted by three grades.

The two joint intelligence committee documents were left on a London Waterloo to Surrey train on June 10.

They were found inside an orange cardboard envelope on a train by a member of the public who passed them to the BBC’s security correspondent, Frank Gardner. He subsequently reported the loss. A damage assessment carried out by the Cabinet Office found the loss had the ‘potential to damage national security and the UK’s international relationships but to date this appears negligible’, the court heard.

District judge Timothy Workman said: ‘Had there been real risks to national security a custodial sentence, possibly suspended, would have been inevitable.’ He said he had taken into account Jackson’s good character, remorse, full cooperation and guilty plea. ‘I am conscious that he has already paid a heavy penalty, a significant reduction in income and damage to his own and his family’s health,’ the judge said.

Jackson, who had a previous warning for not locking secret files in his safe, had accidentally picked up the files with some other papers as he left the office on June 9 and did not realise he had them until he was almost home, the court heard.

As he returned them to the office the next morning he put the folder on the train seat beside him, then got off at Waterloo without them. By the time he realised he had forgotten them the train was already on its way to Woking. He then spent the day frantically visiting lost property offices in the hope of recovering the files.

Neil Saunders, defending, said his client accepted his mistake but ‘there was never any risk to any lives whatsoever’. He said: ‘He was under extreme pressure at this time and it may well be partly because of his own role, the team he was leading and the work he was being asked to conduct that he has made this gross error of judgment.’

Deborah Walsh, prosecuting, said Jackson, who has been sent back to the MoD, did not report the loss of the files until the next day as his superiors were abroad. She added: ‘There’s ample evidence that Mr Jackson failed to take such care to prevent the unauthorised disclosure of the documents as somebody in his position may reasonably be expected to take.’

One of the documents was a seven-page assessment on al-Qaida. The other was described by Gardner at the time as a ‘top-secret and in some cases damning’ assessment of Iraq’s security forces.

Jackson had permission to take the documents out of the office as long as sufficient security was provided, meaning a locked box, Whitehall officials said.

(Via Latest news, sport, business, comment and reviews from the Guardian | guardian.co.uk.)

MoD computer hard drive missing: “Police investigate the loss of a computer hard drive which could hold details of about 100,000 Armed Forces personnel.”

(Via BBC News.)

T-Mobile joins data loss elite: “

17m customer records

T-Mobile has admitted losing 17m customer records including names, addresses, phone numbers, dates of birth and email addresses.…

“

(Via The Register – Public Sector.)

Palmtop computer stolen from open window in M15 hideout: “A handheld computer containing secret intelligence documents about terrorism
has been stolen through the open window of an MI5 hideout, in what appeared
a fresh British data disaster.”

(Via Tech and Web from Times Online.)

MI6 photos ’sold on auction site’: “Police are probing the sale of a digital camera said to contain MI6 images, the Foreign Office confirms.”

(Via BBC News.)