Weekly News Digest for 29 August 2014

California Senate approves measure banning warrantless drone surveillance

27 August 2014
The California state Senate passed legislation this week that limits how law enforcement and other government agencies can use drones in the state. Law enforcement agencies will be required to get a warrant to conduct surveillance with a drone for criminal investigations. Other state agencies can only use drones for their “core mission” and not for criminal investigation. Finally, information collected with a drone can only be retained for one year. California joins a number of other states that have adopted similar measures.

ICREACH: How the NSA Built Its Own Secret Google

25 August 2014
The National Security Agency (NSA) has created a Google-like search interface that allows it and a dozen other government agencies to search communications metadata that the NSA has collected. In all, the search interface known as “ICREACH” provides access to roughly 850 billion records, which is more than the number of stars in our galaxy. While most of these records are believed to pertain to foreigners, perhaps millions of them could related to Americans’ whose information was “incidentally” collected and not properly “minimized,” raising concerns about the possibility of improper use of such information by law enforcement.

How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law

26 August 2014
California has implemented a law that requires all new cell phones to come with a “kill switch” that allows users to remotely render their phones useless in the event that the phone is lost or stolen. However, some civil liberties and technology groups are raising concerns that the feature could be misused, causing more privacy problems than it solves. For example, the law allows law enforcement to remotely kill someone’s phone under certain circumstances. Also, there is the concern that hackers and criminals could figure out how to access the feature and wipe peoples’ phones to prevent them from calling for help or as a form of extortion.

Comcast Data Breach Leaks Thousands of Unlisted Phone Numbers, Threatening Customers’ Privacy

25 August 2014
Tens of thousands of Comcast customers in California and elsewhere around the country had their unlisted phone numbers released publicly. These customers were paying Comcast a monthly fee to insure that their contact information would not be shared publicly. But many began to notice their information showing up online anyway. Now, the Public Utility Commission in California is conducting an investigation to see how and why this personal information was leaked. This is just one more in a long string of incidents where individuals’ personal information stored with a private company is breached and made available to criminals or the general public against their wishes or against the law.

The FTC’s Controversial Battle To Force Companies To Protect Your Data

21 August 2014
The Federal Trade Commission (FTC) is increasingly attempting to regulate the way companies store consumer data. Even though there have been a growing number of breaches of company databases in recent years resulting in the theft of personal information leading to fraud and identity theft, there is no one federal agency responsible for protecting consumer privacy. The FTC is attempting to become that agency. However, while some welcome this move, it is not entirely clear whether the FTC actually has the legal authority to take on this role.