PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Journalist Privilege and Law Enforcement Leaks

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 17, 2005

Law Enforcement Leaks

In a very interesting case, U.S. District Court Judge Rosemary Collyer recently held a Washington Post reporter in contempt of court for not revealing the source of a leak in the investigation of Wen Ho Lee. [Click here for the court’s opinion.] The case involves a civil suit by Lee against a number of federal agencies for violating the Privacy Act of 1974, 5 U.S.C. § 552a. Lee was a scientist employed by the Department of Energy and was being investigated by the FBI for espionage for China. Ultimately, the espionage case collapsed and Lee pled guilty to one count of mishandling computer files.

Continue Reading

Is Anonymous Blogging Possible?

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 17, 2005

Anonymity

Howard Bashman at How Appealing muses whether anonymous blogging is really possible:

These days, however, most users of the internet understand that every bit of information communicated electronically leaves electronic fingerprints that can be used to trace the source of the information, even if the source hoped to remain anonymous. To be sure, there are ways to anonymize emails and other forms of communication, but they tend to be complicated to use and difficult to figure out. . . .

I doubt whether anonymous blogging is possible. It surely isn’t possible if the blogger conducts email correspondence with others and fails to mask his or her internet protocol address. Plus, even the act of logging on to a blogging service provider, such as TypePad or blogger, leaves electronic fingerprints, and I’d have to assume that “UTR” had a TypePad subscription, enabling someone to subpoena the blog owner’s identity and/or payment information. So, to you anonymous bloggers out there, have fun, but don’t fool yourselves into thinking that simply by not providing your identity you are doing an effective job of remaining hidden.

Continue Reading

What’s On the Net Stays on the Net: Thoughts on the Wayback Machine

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 16, 2005

Wayback Machine

Steve Vladeck (law, Miami) visiting at PrawfsBlawg tells an interesting anecdote about the Internet Archive, otherwise known as the “Wayback Machine.” Steve writes about a student who discovered his childhood pictures:

Continue Reading

Does Anything Really Disappear from the Internet?

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 16, 2005

Eraser Privacy

I just posted about the Wayback Machine and that got me wondering whether anything really disappears from the Internet when it is deleted. Certainly, a ton gets archived in the Wayback Machine as well as in Google cache and in RSS readers. Of course, if something appears on the Internet, somebody could see it and copy it before it gets taken down.

Continue Reading

Article III Groupie Disrobed: Thoughts on Blogging and Anonymity

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 14, 2005

David Lat Article III Groupie Underneath Their Robes Blog

“Article III Groupie” is the pseudonym for the mysterious author of a wildly popular blog about the federal judiciary, Underneath Their Robes. The blog is a lighthearted and witty discussion of the federal judiciary, chronicling the lives of judges and law clerks. Article III Groupie (or A3G for short) describes herself as an attorney from a Top 5 law school who works at a “large law firm in a major city, where she now toils in obscurity.” She writes: “During her free time, she consoles herself through the overconsumption of luxury goods. Her goal in life is to become a federal judicial diva.” Her identity has long remained shrouded in secrecy.

As she describes her blog:

Continue Reading

FTC: Letting Experian Keep the Spoils

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 13, 2005

Free Credit Report

Suppose a company engages in an unfair and deceptive trade practice. It makes about $1 billion. The FTC investigates. A settlement is reached for a fine of $1 million and refunds to only some customers — yielding a net penalty of several million dollars — just a fraction of the spoils. That’s deterrence . . . FTC style!

Continue Reading

ChoicePoint: More Than 145,000 Victims?

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 9, 2005

ChoicePoint Data Breach

ChoicePoint just won’t be outdone. They were, after all, the company that started all the extensive attention on data security breaches. Back in February 2005, ChoicePoint announced that it had improperly sold personal data on about 145,000 people to identity thieves. Pursuant to a California data security breach notice law, ChoicePoint notified the affected individuals in California. Soon afterwards, many states started thinking: Geez, we’d like our citizens to be informed too. They put up a fuss, and ChoicePoint voluntarily agreed to notify all of the 145,000 people it said were affected. Many states subsequently passed data security breach notification laws similar to California’s.

Continue Reading

Your Microsoft Word Documents Can Rat on You

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 7, 2005

Word Document Metadata and Privacy

Many people don’t realize that Microsoft Word encodes information about the authors and editors of each document. It’s called “metadata.” For example, some of this data is contained under the “Properties” section of the “File” pull down menu.

An article in the New York Times describes what can be revealed when metadata is examined:

Continue Reading

National Security Letters

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 6, 2005

National Security Letter - NSL

Did you know that the FBI can issue a letter to an Internet Service Provider or a financial institution demanding that they turn over data on a customer? The letter doesn’t require probable cause. No judge must authorize the letter. The FBI simply issues the letter and gets the information. There’s a gag order, too, preventing the institution receiving the letter from mentioning this fact.

Continue Reading