Category Archives: In-Secure Data

Missouri Lawmakers Confused, Frustrated by Dept. of Revenue Story

Kaye Beach

March 16, 2013

I am trying to keep up with this story out of Missouri regarding the state’s  implementation of portions of the federal Real ID Act and the impact on Second Amendment rights.

According to Lt. Governor Peter Kinder, Eric Griffin went to his Department of Motor Vehicles fee office after he passed the application process for a concealed carry gun permit. Griffin refused to let DMV employees scan some of his documentation and he was subsequently denied a permit.

Source: Real ID Act raises privacy concerns for Mo. handgun carry permit holders, March 6, 2013, Examiner.com

Now Missouri has a REAL problem on it’s hands.  Many people, unaware of the many negative implications of the Real ID Act, might not gripe when they they run into new procedures at the DMV as a result of it but get between the Missourian and his gun rights-and watch out!

Long and Deputy Director John Mollenkamp [Mo. Dept. of Revenue] told the committee they now require documents from state residents, including conceal-carry endorsements, to be scanned into a computer system as part of an effort to cut down on fraud.  http://www.kcur.org/post/mo-dept-revenue-were-not-sending-copies-citizens-documents-dc-0

The Dept. of Revenue will not admit that they are implementing the technical tenants of the Real ID Act, they may not even know that they are.  Here is why.  The Dept. of Homeland Security and AAMVA, (the American Association of Motor Vehicles) which has set motor vehicle associated and licensing standards for the states for decades, agreed to roll the Real ID Act requirement into AAMVA’s North American Standards for Driver’s Licenses and ID cards (2012)

“In addition, DHS has worked with the American Association of Motor Vehicle Administrators (AAMVA) to coordinate state implementation of the standards of the REAL ID regulation. In particular, DHS participated with the states in the drafting of the Personal Identification – AAMVA North American Standard – DL/ID Card Design (July 2009) . . .the design must meet or exceed REAL ID requirements.”

Department of Homeland Security,Secure Identification State Progress Fiscal Year 2012 Report to Congress

“AAMVA (the American Association of Motor Vehicle Administrators) is called the “backbone” and hub” of the Real ID Act in the final rules issued by DHS” Mark Lerner, testimony before the Michigan House of Representatives, 2008

The state bureaucrats will tell you that they aren’t implementing Real ID, they are just following ‘best practices’ as they have always done.

Anxious and frustrated Missourians might find it interesting to compare notes and see how Oklahoma is continuing to implement the provisions of the Real ID Act despite it being prohibited by law.

Now Missouri lawmakers want to know where is the personal information (including biometric data) of citizens going and why? But instead of a straight answer, lawmakers are running into a whole lot of obfuscation and misdirects from the Dept. of Revenue and this is making them hopping mad.

CBS St. Louis reports:

March 13, 2013

JEFFERSON CITY, Mo. (KMOX/MDN) – Earlier this week, KMOX told you about allegations that the state was creating a database of gun owners.

Now, Missouri lawmakers say the Department of Revenue lied about that and is breaking the law, because they’re collecting certain personal information from everyone.

Missouri senators spoke out in the chamber Wednesday.

Senate Appropriations chairman Kurt Schaefer said the department has lied to him three times now.

“This marks the third time I’ve been lied to in two weeks,” announced Schaefer.

The department first told Schaefer it received a grant from the U.S. Department of Homeland Security that was not related to the gathering of information at license offices.

Later, the department told him the grant was used for hole punchers to void old licenses. The hole punchers were bought at 138 bucks a pop.

In a later hearing, the department then said the grant was used for gathering information at license offices, leaving Schaefer furious.

Read More

If the people of Missouri do not insist on getting to the bottom of all of this they run the risk of either political muscle silencing the lawmakers that are currently demanding answers or that they will eventually becoming so baffled by BS, that they give up.  Stay with it ‘Show Me’ state!

IRS facing class action suit for medical record breach

irs

Kaye Beach

March 14, 2013

Via HealthITSecurity.com;

A HIPAA-covered entity of the Southern District of California announced today that it is suing 15 Internal Revenue Service (IRS) agents for “an unlawful search and seizure conducted on March 11, 2011.” Though the surrounding details of the health data breach and pending class action lawsuit are minimal, Courthousenews.com reports that IRS agents have been accused of improperly accessing and taking 10 million medical records, such as the personal health records of all California state judges.

Read more

Missouri compliance with REAL ID has Lt. Gov., CCW permit holders up in arms

States that Stand Against REAL ID - Really?

States that Stand Against REAL ID – Really?

Kaye Beach

March 10, 2013

Residents of Missouri are in an uproar following the discovery that their state is apparently continuing to implement the REAL ID Act requirements in Missouri despite the fact that the state passed a law prohibiting the implementation of Real ID.

Though Missouri isn’t one of the 19 states certified by the Department of Homeland Security as REAL ID compliant, its steps towards compliance is raising privacy concerns by handgun carry permit holders and state lawmakers.

Source:  Real ID Act raises privacy concerns for Mo. handgun carry permit holders, March 6, 2013, Examiner.com

Opponents of The Real ID Act of 2005 span the political spectrum and not least among these opponents has always been those who value their right to keep and bear arms.  This may be one of the first visible eruptions at the inevitable intersection of Real ID and gun rights.  It will not be the last.

According to Lt. Governor Peter Kinder, Eric Griffin went to his Department of Motor Vehicles fee office after he passed the application process for a concealed carry gun permit. Griffin refused to let DMV employees scan some of his documentation and he was subsequently denied a permit.

Source:  Real ID Act raises privacy concerns for Mo. handgun carry permit holders, March 6, 2013, Examiner.com

From the Missouri Watchdog, March 6, 2013;

“What is going on is improper and is a new and illegal impediment to citizens’ rights to obtain a concealed-carry permit,” said Stoddard County prosecutor Russell Oliver, who is acting as the private attorney for plaintiff Eric Griffin.

The state statute governing the actions of the Department of Revenue forbids it from disclosing such personal information as photographs, driver’s license numbers, names and addresses without express consent.

In investigating the matter, Oliver said, he discovered that a third-party company — Morphotrust — licenses the equipment. On its website, the company says it’s a partner with all states and many federal agencies in providing “identity solutions” “to simplify, protect and secure the lives of the American people.”

Oliver said he’s not sure how long the Morphotrust scanning machines have been in place or how far-reaching they are in Missouri license fee offices. Stoddard County is in the southeast corner of the state.

“This is new, at least it’s new to us,” said Lt. Gov. Peter Kinder, who joined Oliver at the Capitol in announcing the lawsuit.

. . .Oliver and Kinder said the DOR may be collecting the information to comply with the federal Real ID Act of 2005, but they said the state opted out of that law and instead implemented its own in response.

Read more

CCHF: Cost Savings from Electronic Health Records Is Hype

Kaye Beach

Oct. 22, 2012

From the Citizens Council for Health Freedom’s Oct. 2012 Newsletter. (If you are not subscribed to this free informative newsletter, you can do so here)

 

HHS has spent $25 billion of Recovery Act funds on health IT.

A new extensive study on the use of health information technology (IT) shows that the purported cost savings associated with electronic health records (EHR) is more hype than reality. Researchers from McMaster University Medical Center in Hamilton, Ontario, and scholars from other research centers (including U.S.-based centers) poured through almost 36,000 research studies of health IT. They were able to identify 31 that specifically addressed the outcomes of cost savings from health IT. The Wall Street Journal reports:
With a few isolated exceptions, the preponderance of evidence shows that the [health IT] systems had not improved health or saved money.
The authors of “The Economics of Health Information Technology in Medication Management: A Systematic Review of Economic Evaluations” found no evidence from four to five decades of studies that health IT reduces overall health costs. Three studies examined in that McMaster review incorporated the gold standard of evidence: large randomized, controlled trials. They provide the best measure of the effects of health IT systems on total medical costs.
A study from Regenstrief, a leading health IT research center associated with the Indiana University School of Medicine, found that there were no savings, and another from the same center found a significant increase in costs of $2,200 per doctor per year. The third study measured a small and statistically questionable savings of $22 per patient each year.
In short, the most rigorous studies to date contradict the widely broadcast claims that the national investment in health IT – some $1 trillion will be spent, by our estimate – will pay off in reducing medical costs. Those studies that do claim savings rarely include the full cost of installation, training and maintenance – a large chunk of that trillion dollars – for the nation’s nearly 6,000 hospitals and more than 600,000 physicians. But by the time these health-care providers find out that the promised cost savings are an illusion, it will be too late. . . . [All emphasis added.]
As cited above, it is estimated that the United States will spend some $1 trillion on health IT. Billions of dollars from the Recovery Act of 2009 have already been spent on it. The federal government’s Recovery Act-Funded Programs website shows that HHS has spent over $25 billion on health IT as of January 2012. Of that, $20.6 billion was spent on the Medicare and Medicaid EHRs Incentive Program, while another $2 billion was spent on the Office of the National Coordinator for Health Information Technology’s Implementation Plan.
Yet the federal government recently questioned whether now is the time to move forward with regulations for a National Health Information Network. In response to its request, HHS received over 140 comments on the proposed nationwide health information network, according to ModernHealthCare.com. The article notes that the federal government concluded that “now is not the time, probably, to pursue a regulatory approach that follows what we laid out in the RFI [request for information].” [Emphasis added.]
Furthermore, an analysis of Medicare data by the New York Times says:
The move to electronic health records may be contributing to billions of dollars in higher costs for Medicare, private insurers and patients by making it easier for hospitals and physicians to bill more for their services, whether or not they provide additional care. . . . Regulators say physicians have changed the way they bill for office visits similarly, increasing their payments by billions of dollars as well.
As a result, four committee chairs in the U.S. House have called for the suspension of “meaningful use” incentive payments “until your agency [HHS] promulgates universal interoperable standards” that would “also require a commensurate delay of penalties for providers who choose not to integrate HIT into their practice.” The October 4 letter is signed by Reps. Dave Camp, Fred Upton, Wally Herger, and Joe Pitts.
Americans must demand accountability and corrective action from policymakers for the enormous financial investment in health IT, which has not proven to save money or lives, according to the empirical evidence cited above.
Sources:

Health Freedom Watch is a monthly email newsletter published by the Citizens’ Council for Health Freedom (formerly Citizens’ Council on Health Care), a national nonprofit, educational organization whose mission is to support patient and doctor freedom, medical innovation and the right to a confidential patient-doctor relationship. Health Freedom Watch provides reports on national and state policies that impact citizens’ freedom to choose their health-care treatments and practitioners, and to maintain their health privacy – including genetic privacy. Citizens’ Council for Health Freedom (CCHF) is not affiliated with any other organization. © Citizens’ Council for Health Freedom.

Schools-Social Laboratories for Human Surveillance

Kaye Beach

Oct. 10, 2012

The latest story about Texas school children being tagged and tracked with active RFID tracking devices  (the passive variety is considered “a little less Big Brotherish.”) has caused some controversy.  We are told that this is no big deal, that the RFID tracking simply allows the school to more efficiently do what it already does-take attendance and keep track of students whose safety and well-being is entrusted to the school by parents. But there is much more going on here and the issue deserves to be examined in a broader context.

Here is an excellent article by David Rosen of AlterNet that pulls together a variety of news relating to the tracking and surveillance of students.  If you are even slightly uncomfortable about the implementation of these high tech schemes being unleashed on our children, you should read every word of this article which provides some much needed context to the individual stories that trickle down to us from time to time.

These children are the leaders of tomorrow and their experiences at school help serve to fix the values that they will carry with them into adulthood and they are being immersed in an environment saturated with sensors designed to supervise, control and correct them.  (Here are some other objections to student RFID tracking)

Rosen’s article covers RFID and GPS tracking, electronic monitoring devices being used on kids to combat obesity in New York, electronic monitoring of calories consumed in school cafeterias,  networked CCTV systems that are directly  accessible to police and disturbing abuse of student privacy through CCTV cameras,  school computers that use cameras to remotely spy on students in their own homes, federal funding of school surveillance and more.

I would like to add one thing to  Rosen’s litany; biometric identification such as finger scanning to make lunch lines more efficient 

Rosen writes;

Few parents or children are fully aware of the scope of the tracking and surveillance now going on in American schools. Three simple questions need to be addressed: What is happening to all the personal data captured about the students? How long it is being retained? And are school administrators providing it to law enforcement authorities or commercial vendors?

Here is the AlterNet article.

Kids Tagged With RFID Chips? The Creepy New Technology Schools Use to Track Everything Kids Do — And the Profit Motive Behind It

Smartworld: Identity Profiling With Radio Frequency

Kaye Beach

September 6, 2012

Excellent, information and reference packed article!  More than you ever wanted to know about RFID.

Published Sept. 4, 2012

Julie Beal, Contributor
Activist Post

RFID, or radio frequency identification (also known as near field communication, or NFC) is used for wireless communication between devices, one of which is a transmitter and the other is a receiver. This involves the use of low frequency radio waves passing between the devices; it is in widespread use, although the impact on health is rarely alluded to. RFID is being used for a multitude of applications involving sensing and communication of information, especially ID verification using smart cards/phones, miniscule sensors known as smart dust, bodily implants, and product tracking.

There are already many well-established ID Management companies who are also using or advocating RFID and biometrics. These companies are heavily involved in the emerging global identity ecosystem (eg, the NSTIC program, the work of the ITU, and the European initiatives, including STORK), and include Accenture, IBM, Verisign/Symantec and Oracle. The industry has grown significantly and the trend looks set to continue – especially considering the heavy investment by leading corporations like Google, IBM, and Microsoft.

The smart card industry is playing a leading role in identity management, indicating that in the near future the public will expect to manage their digitised identity with extrinsic devices such as contactless cards and mobile phones.

In Denver, for instance, Auraria Higher Education Center recently decided to issue new contactless smart cards to students (over 43,000 of them), and to staff. The cards will control door access using RFID, and will even serve as Visa debit cards. The plan is to eventually integrate the cards with other applications for student services, including parking, meal payment, library checkout, event management, emergency incidents, and lab and recreational tracking.

Read more

You Are The Product, Not The Client: The Personal Data Economy Explained

Kaye Beach

August, 6, 2012

Didn’t our parents tell us that “you don’t get something for nothing”?   They were right, of course.

This article published July 16, 2012 by Chris Hoffman explains how you are the product and not the client for the companies providing all of these  supposedly ‘free’ services (like Facebook, Gmail and more)  Also, check out some of the tools provided to see just who is tracking you online and how.

 

You Are The Product, Not The Client: The Personal Data Economy Explained

As Andrew Lewis once said “If you’re not paying for something, you’re not the customer; you’re the product being sold”. Think about the implications of that quote for a moment – how many free services do we use online every day? When we use Facebook, make a search on Google, or check our Gmail, we like to think that we’re the customer – Facebook, Google, or whatever other website is providing a service to us. But we’re rarely the customer online – instead, we’re the product being sold to advertisers and tracking networks.

More accurately, the product is our personal data, which is being sold to advertisers, collected in massive databases, and used to target advertising and built up detailed profiles on us.

Read more

Insanity: CISPA Just Got Way Worse, And Then Passed On Rushed Vote

Kaye Beach

April 26, 2012

Lankford, Cole Sullivan, Boren, and Lukas all voted for HR 3523. Roll Call

There were 6 Amendments offered in the name of improve privacy protections and some were adopted before final passage of the bill today.   (See below)

As Techdirt points out, some amendments did nothing to improve the bill at all from a privacy perspective.

Summary of Amendments to HR 3523

Techdirt’s take on it;

from the this-is-crazy dept

Up until this afternoon, the final vote on CISPA was supposed to be tomorrow. Then, abruptly, it was moved up today—and the House voted in favor of its passage with a vote of 248-168. But that’s not even the worst part.

The vote followed the debate on amendments, several of which were passed. Among them was an absolutely terrible change (pdf and embedded below—scroll to amendment #6) to the definition of what the government can do with shared information, put forth by Rep. Quayle. Astonishingly, it was described as limiting the government’s power, even though it in fact expands it by adding more items to the list of acceptable purposes for which shared information can be used. Even more astonishingly, it passed with a near-unanimous vote. The CISPA that was just approved by the House is much worse than the CISPA being discussed as recently as this morning.

Previously, CISPA allowed the government to use information for “cybersecurity” or “national security” purposes. Those purposes have not been limited or removed. Instead, three more valid uses have been added: investigation and prosecution of cybersecurity crime, protection of individuals, and protection of children. Cybersecurity crime is defined as any crime involving network disruption or hacking, plus any violation of the CFAA.

Read more

Here is one bit of good news-The Big Sis Amendment Failed!

Homeland Security Internet monitoring dropped from CISPA

Rep. Sheila Jackson Lee, a Democrat, withdraws her amendment to CISPA that would give Homeland Security more Internet-monitoring authority — after CISPA’s author dubbed it “Big Brother.”

However….

The Obama administration, meanwhile, wants Homeland Security Department in charge of domestic cybersecurity, but criticizes the bill for not prioritizing the privacy of U.S. citizens. read more

The Amash Amendment

Among the amendments the House approved was one by Rep. Justin Amash, R-Mich., that put certain personal information off limits: library, medical and gun sale records, tax returns and education documents.

“I don’t know why the government would want to snoop through library records or tax returns to counter the cybersecurity threat,” Amash said.

The House approved his amendment, 415-0.

Read more

Congressman Tim Griffin writes;

UPDATED Thursday, April 26, 6:30 PM CT:

The House passed CISPA after agreeing to six amendments that strengthen individuals’ privacy rights and directly address the concerns my constituents expressed to me. After careful consideration, I voted for it. You can see how everyone else voted here.

Here are the six amendments to CISPA that were agreed to before passage. I voted for them all.

1) Rogers (MI) Amendment: Makes clear that information already subject to FOIA by law remains subject to FOIA.

2) Quayle Amendment: Amendment to further limit government use of information shared under the bill only to: 1) cybersecurity purposes, 2) investigation and prosecution of cybersecurity crimes, 3) protection of individuals from danger of death or serious bodily harm, 4) protection of minors from child pornography or risk of sexual exploitation or serious threats to physical safety, and 5) protection of the national security of the United States.

3) Amash Amendment: Prohibits the federal government from using library records, firearms sales records, and tax returns it receives from private entities under the bill.

4) Mulvaney Amendment #8: Improves anonymization and minimization provisions by providing clear authority to create procedures to protect privacy and civil liberties.

5) Goodlatte Amendment: Improves the definitions in the bill to clarify and narrow the information that can be shared with the government.

6) Mulvaney Amendment #15: Sunsets the provisions of the bill five years after enactment.

Protect Online Privacy – Stop CISPA!

Kaye Beach

April 26, 2012

Action on this terrible bill is drawing near.  Please read and follow the link below to take action!  In addition, a call to your congressional representative would be helpful.

If you do not know who your congressman is, click here

Tom Cole 202-225-6165

John Sullivan 202-225-2211

Frank Lukas 202-225-5565

Dan Boren 202-225-2701

James Lankford 202-225-2132

Protect Online Privacy – Stop CISPA!

By Dave Nalle – April 24, 2012

On Thursday the House of Representatives is expected to begin debate on the Cybersecurity Information Sharing and Protection Act (CISPA), leading to a vote next week. This is yet another bill similar to SOPA which is designed to limit privacy and individual liberty on the internet. Now is the time to take action to let them know you don’t want the government accessing and sharing your email and personal data.

CISPA would massively reduce the privacy and security of your online communications and personal data. It would give government agencies and many private companies access to your personal communications and financial information and would allow government security agencies like the National Security Agency unprecedented power to access your data including medical records, private emails and financial information – all without a warrant, oversight by any court or due process of law.

Read more and send a message to your Representative

FBI Cuts Off Info Sharing to State Fusion Centers-No explanation offered

Kaye Beach

April 19, 2012

This is very intriguing news.

Read the article from PJ Media;

BREAKING: Without Warning, FBI Halts Intel Sharing Update

On March 1, the FBI stopped sharing vital terror intel with state and local officials without explanation.