judgecorp writes "Facebook's links to the NSA's PRISM program could be investigated in Ireland, thanks to the persistence of some Austrian law students. The group has challenged Facebook in Europe as it has its regional headquarters there for tax reasons. 'The [Data Protection Commissioner] simply wanted to get this hot potato off his table instead of doing his job. But when it comes to the fundamental rights of millions of users and the biggest surveillance scandal in years, he will have to take responsibility and do something about it,' said the leader of the student group, Max Schrems."

Daniel_Stuckey writes "This week, the verification company Service Objects announced a new tool to help websites detect 'suspicious' visitors using Tor and other anonymous proxies. Its updated DOTS IP Address Validation product identifies 'suspicious' discrepancies between the user's home location and the location of the IP address the order's coming from. It joins a handful of other tools on the market promising Tor-detection for retailers. It's a logical strategy: If you're trying to buy something with a stolen credit card, you're obviously going to want to block your real identity and location while doing it. But it also raises the question of whether targeting anonymity services to hunt out fraudsters could have chilling effects for harmless Tor users trying to protect their privacy online—particularly this year in light of the NSA-spying scandal."

McGruber writes "The Wall Street Journal reports on the new level of surveillance available to bosses of blue collar workers. Thanks to mobile devices and inexpensive monitoring software, managers can now know where workers are, eavesdrop on their phone calls, tell if a truck driver is wearing his seat belt and intervene if he is tailgating. 'Twenty-five years ago this was pipe dream stuff,' said Paul Sangster, CEO of JouBeh Technologies, a Canadian company that develops tracking, or 'telematics,' technology for businesses. 'Now it is commonly accepted that you are being tracked.' In the U.S., workplace tracking technology is largely unregulated, and courts have found that employees have few rights to privacy on the job. No federal statutes restrict the use of GPS by employers, nor force them to disclose whether they are using it. Only two states, Delaware and Connecticut, require employers to tell workers that their electronic communications — anything from emails to instant messages to texts — are being monitored."

Nerval's Lobster writes "In Boston, a number of UberX drivers reportedly planned to strike yesterday afternoon in response to a rate cut. (UberX is a low-cost program from Uber, which is attempting to "disrupt" the traditional cab industry via a mobile app that connects ordinary drivers in need of cash with passengers who want to go somewhere.) Uber tried to preempt the strike with a blog posting explaining that the rate cut actually translated into more customers and thus more revenue to drivers, but it needn't have bothered: according to local media (the same media that reported a strike was in the making) a strike failed to materialize. Many of the biggest firms of the so-called 'sharing economy,' such as Uber and Airbnb, are locked in battle with some combination of deeply entrenched industries and government regulators. But if the 'labor' that drives the sharing economy becomes more agitated about its compensation, it could create yet another interesting wrinkle. The Boston strike may have fizzled, but that doesn't mean another one, in a different city, won't enjoy more success." Free (or freer) entry makes occupation-based roadblocks harder to enforce, though, so Uber and other crowd-sourcing matchmakers are tougher to pin down and disrupt in the way that more tightly controlled enterprises are. (Not that city councils and other bodies aren't trying to corral crowd-sourced undertakings into their regulatory purviews, putting a damper on some of that freewheeling disintermediation.)

judgecorp writes "Hewlett-Packard wants to cash in a lot of mobile patents, as part of Meg Whitman's restructuring, according to reports. HP acquired the WebOS operating system, as seen on phones and tablets, when it bought Palm, but failed to build a business on it. It's since sold its WebOS business to LG for use in TVs and cars but hung onto the patents which are licensed to LG. Now, Bloomberg reports the patents themselves may be for sale — possibly to whoever fails to buy BlackBerry's tempting bundle of mobile technology."

New submitter mrspoonsi writes with this news, excerpted from the BBC: "The European Parliament has voted to suspend the sharing of financial data with the U.S., following allegations that citizens' data was spied on....The European Parliament voted to suspend its Terrorist Finance Tracking Program (TFTP) agreement with the US, in response to the alleged tapping of EU citizens' bank data held by the Belgian company SWIFT. The agreement granted the U.S. authorities access to bank data for terror-related investigations but leaked documents made public by whistleblower Edward Snowden allege that the global bank transfer network was the target of wider U.S. surveillance."

New submitter bhv writes "After firmly denying that it used software on its rent-to-own computers to spy on customers, including capturing passwords, sensitive financial information and images of private intimate moments, Atlanta-based Aaron's has owned up to the practice in a settlement with the Federal Trade Commission."

First time accepted submitter jellie writes "According to Ars Technica, a new bill introduced by Rep. Bob Goodlatte (R-VA), the chairman of the House Judiciary Committee, has received bipartisan support and has a real chance of passing. In a press call, lawyers from the CCIA, EFF, and Public Knowledge had universal praise for the bill, which is called the Innovation Act of 2013. The EFF has a short summary of the good and bad parts of an earlier draft of the bill. The bill will require patent holders who are filing a suit to identify the specific products and claims which are being infringed, require the loser in a suit to pay attorney's fees and costs, and force trolls to reveal anyone who has a 'financial interest' in the case, making them possibly liable for damages."

Mark Gibbs writes "Knight Capital monumentally fouled up a software update. According to the SEC, 'Knight did not have supervisory procedures to guide its relevant personnel when significant issues developed.' In other words, not only was Knight's code management inadequate but their human management processes were just as bad. The fine for what could have been a biblical financial disaster? A measly $12 million."

sl4shd0rk writes "Michael Powell, A former United States FCC chairman, is pushing for 'usage-based internet access' which he says is good for consumers who are 'accustomed to paying for what they use'. Apparently Time Warner and Comcast (maybe others) are already developing plans to set monthly rates based on bandwidth usage. The reasoning on the NCTA website lays out the argument behind Powell's plan."

Nerval's Lobster writes "Google is still the tech company that spends most lavishly to make its influence known in Washington, D.C., according to a report analyzing the lobbying activity of technology firms. Using data from disclosure forms filed with the Clerk of the House of Representatives, the oversight group Consumer Watchdog added up the efforts of tech-company representatives to get in front of lawmakers and state their employers' case. Facebook's spending on lobbying rose 47 percent between 2012 and 2013, from $980,000 during the third quarter of 2012 to 1.4 million during 2013. Microsoft also boosted its spending by 20 percent, from $1.9 million in 2012 to $2.2 million during the third quarter of this year. Google cut its spending on lobbyists, but still spent $3.4 million during the third quarter – three times what Facebook spent during the same quarter. Apple's lobbying efforts shot up 111 percent between the third quarter of 2012 and 2013, but still amounted to only $970,000 this year. Cisco Systems spent $890,000; IBM spent $1.18 million; Intel spent $980,000 and Oracle spent $1.36 million. Though telecommunications firms are in a separate category, Google still outspent Verizon (down 2 percent, to $3.04 million) and Verizon Wireless (up 19 percent, to $1.2 million). It was trumped by AT&T (up 23 percent, to $4.3 million)."

cold fjord writes "According to a report in the Miami Herald, 'Chancellor Angela Merkel has called President Barack Obama after receiving information that U.S. intelligence may have targeted her mobile phone. Merkel spokesman Steffen Seibert said Merkel made clear in Wednesday's call that "she views such practices, if the indications are confirmed ... as completely unacceptable" and called for U.S. authorities to clarify the extent of surveillance in Germany.' Der Spiegel has some information on Germany's own "PRISM" project. White House spokesman Jay Carney said President Obama 'assured the chancellor that the United States is not monitoring and will not monitor' her communications. He didn't mention anything about past communications. This news follows allegations of U.S. surveillance of the Presidents of Mexico, and France. Yesterday the LA Times noted, 'French authorities are shocked — shocked — to learn that the American government is spying on French citizens. The Foreign Ministry summoned the U.S. ambassador to the Quai D'Orsay to inform him that what's going on is "unacceptable," and President Francois Hollande claimed to have issued a stern rebuke to President Obama in a phone conversation.' Up until now, Merkel had been reluctant to say anything bad about the U.S. over the NSA leaks."

Lucas123 writes "Two of the contractors involved in developing online health insurance exchanges under the Affordable Care Act, which have been plagued by technical problems since launching this month, have had serious data security issues in the past. Quality Software Services developed the software for the Affordable Care Act's data services hub and oversaw development of tools to connect the hub to the databases of other federal agencies. Last June, an audit report by the Health and Human Services Inspector General found QSS failed to adhere to federal security standards (PDF) in delivering IT testing services for the Centers for Medicare & Medicaid Services. Additionally, services firm Serco suffered a major security breach in 2012. Serco won a five-year $1.3 billion contract to process and verify paper applications for health insurance via the online exchanges. Serco's breach exposed sensitive data of more than 123,000 members of the Thrift Savings Plan, a $313 billion retirement plan run by the U.S. Federal Retirement Thrift Investment Board. The exposed data included full names, addresses, Social Security Numbers, financial account information, and bank routing information."

Hugh Pickens DOT Com writes "BBC reports that Jofi Joseph, a senior National Security Council staffer who was a key member of the White House team negotiating on Iran's nuclear weapons program, has been fired ... after a months-long probe into a barrage of tweets that included caustic criticisms of former Secretary of State Hillary Clinton and top NSC officials, especially Ben Rhodes – whom he accused of dodging questions about Benghazi. Joseph, who posted under the now defunct Twitter name @NatSecWonk, gave a lacerating commentary on anything from policy to personal appearance. 'Was Huma Abedin wearing beer goggles the night she met Anthony Weiner,' he tweeted, referring to the scandal-hit former New York mayoral candidate and his wife, a former aide of Hillary Clinton. He tweeted that Mrs Clinton 'had few policy goals and no wins' in the Middle East. He said Chelsea Clinton was 'assuming all of her parents' vices,' and targeted figures such as Republican commentator Liz Cheney and Mitt Romney's wife Ann for their looks and weight. Many in the foreign policy community reacted with shock to the revelation that Joseph was the mystery tweeter because Joseph was well known among policy wonks and his wife, Carolyn Leddy, is a well-respected professional staffer on the Republican side of the Senate Foreign Relations Committee. 'What started out as an intended parody account of DC culture developed over time into a series of inappropriate and mean-spirited comments,' said Joseph in an apology. 'I bear complete responsibility for this affair and I sincerely apologize to everyone I insulted.'"

schwit1 tips this news from Wired: "An appellate court has finally supplied an answer to an open question left dangling by the Supreme Court in 2012: Do law enforcement agencies need a probable-cause warrant to affix a GPS tracker to a target's vehicle? The justices said the government's statement 'wags the dog rather vigorously,' noting that the primary reason for a search cannot be to generate evidence for law enforcement purposes. They also noted that 'Generally speaking, a warrantless search is not rendered reasonable merely because probable cause existed that would have justified the issuance of a warrant.' The justices also rejected the government's argument that obtaining a warrant would impede the ability of law enforcement to investigate crimes."

Slashdot contributor Bennett Haselton writes "A recent webinar for newsletter publishers suggested that if you want your emails not to be blocked as 'spam,' you paradoxically have to engage in some practices that contribute to the erosion of users' privacy, including some tactics similar to what many spammers are doing. The consequences aren't disastrous, but besides being a loss for privacy, it's another piece of evidence that free-market forces do not necessarily lead to spam filters that are optimal for end users." Read on for the rest of Bennett's thoughts.

Kyle Jacoby writes "The NSA was right when it postulated that the mere knowledge of the existence of their program could weaken its ability to function. Virtual Private Networks (VPNs), which serve to mask the source and destination of data by routing it through a third-party server, have been a popular method for maintaining internet anonymity for the paranoid and prudent. However, the all-but-silent fall of secure email server Lavabit, and VPN provider CryptoSeal, have shown us just how pervasive the government's eye on our communications is. These companies chose to fold rather than to divulge customer data entrusted to them, which raises the million-dollar question: how many have chosen to remain open and silently hand over the keys to your data? Google has decided to put the private back in VPN by supporting uProxy, a project developed at the University of Washington with help from Brave New Software. Still using a VPN schema, their aim is to keep the VPN amongst friends (literally). Of course, you'll need a friend who is willing to let you route your net through their tubes. Their simple integration into Firefox and Chrome will lower the barrier, creating a decentralized VPN architecture that would make sweeping pen register orders more difficult, and would also make blocking VPNs a rather difficult task for countries like China, who block citizens' access to numerous websites. On a related note, when will the public finally demand that communications which pass encrypted through a third party still retain an reasonable expectation of privacy (rendering them pen register order-resistant)?"

beerdragoon writes "One of Canada's biggest mobile and TV providers will soon begin collecting detailed information on usage patterns of its subscribers. Starting November 16th, Bell plans on using this information to provide targeted ads for subscribers. According to Bell this policy will allow customers 'to receive Internet advertising that's relevant to them rather than the random online advertising they're receiving now.' Customers have until the 16th to opt out of the targeted ads, but there doesn't appear to be a way to opt out of the data collection. Apparently this is not illegal, but it is certainly considered unethical by many."

schwit1 writes "Oregon is moving ahead with a controversial plan to tax motorists based on the number of miles they drive as opposed to the amount of fuel they consume, raising myriad concerns about cost and privacy. The problem for lawmakers is that the existing per-gallon gas tax has hit a point of diminishing returns, as Americans drive less and vehicles become more fuel efficient. Economists and civil libertarians are concerned about the Oregon pilot project in large part because some mileage meters can track and record residents' every vehicular move. Rick Geddes, a Cornell University professor, said the basic device is okay because it is simply attached to a vehicle's computer, which cannot track locations. However, Geddes said privacy concerns could resurface should governments expand the program and use SmartPhone or apps to track movements and reward motorists who avoid congested roads and drive during off-peak hours. Mark Perry, a University of Michigan scholar, says the GPS or 'black box' system is 'particularly untenable.'" Per-car tracking and taxation has been a long time coming in Oregon, and it's not the only state where such an idea's been floated.

An anonymous reader writes "As described on the DigitalBond blog, a security researcher was subjected to a court ordered search in which a lack of pre-notification was premised on his self description as a 'hacker.' From the court order, 'The tipping point for the Court comes from evidence that the defendants – in their own words – are hackers. By labeling themselves this way, they have essentially announced that they have the necessary computer skills and intent to simultaneously release the code publicly and conceal their role in that act.'"