FDA Staffers Sue Agency Over Surveillance Of Personal E-Mail

February 1, 2012

Washington Post

By Ellen Nakashima and Lisa Rein

“Here is just one more example that the FDA is out of control.” –KTRN

The Food and Drug Administration secretly monitored the personal e-mail of a group of its own scientists and doctors after they warned Congress that the agency was approving medical devices that they believed posed unacceptable risks to patients, government documents show.

The surveillance — detailed in e-mails and memos unearthed by six of the scientists and doctors, who filed a lawsuit against the FDA in U.S. District Court in Washington last week — took place over two years as the plaintiffs accessed their personal Gmail accounts from government computers.

Information garnered this way eventually contributed to the harassment or dismissal of all six of the FDA employees, the suit alleges. All had worked in an office responsible for reviewing devices for cancer screening and other purposes.

Copies of the e-mails show that, starting in January 2009, the FDA intercepted communications with congressional staffers and draft versions of whistleblower complaints complete with editing notes in the margins. The agency also took electronic snapshots of the computer desktops of the FDA employees and reviewed documents they saved on the hard drives of their government computers.

FDA computers post a warning, visible when users log on, that they should have “no reasonable expectation of privacy” in any data passing through or stored on the system, and that the government may intercept any such data at any time for any lawful government purpose.

Click here for the full report.

FDA Spied On Personal E-Mails Of Its Own Staff

January 30, 2012

Washington Post

By Ellen Nakashima and Lisa Rein

The Food and Drug Administration secretly monitored the personal e-mail of a group of its own scientists and doctors after they warned Congress that the agency was approving medical devices that they believed posed unacceptable risks to patients, government documents show.

The surveillance — detailed in e-mails and memos unearthed by six of the scientists and doctors, who filed a lawsuit against the FDA in U.S. District Court in Washington last week — took place over two years as the plaintiffs accessed their personal Gmail accounts from government computers.

Information garnered this way eventually contributed to the harassment or dismissal of all six of the FDA employees, the suit alleges. All had worked in an office responsible for reviewing devices for cancer screening and other purposes.

Copies of the e-mails show that, starting in January 2009, the FDA intercepted communications with congressional staffers and draft versions of whistleblower complaints complete with editing notes in the margins. The agency also took electronic snapshots of the computer desktops of the FDA employees and reviewed documents they saved on the hard drives of their government computers.

FDA computers post a warning, visible when users log on, that they should have “no reasonable expectation of privacy” in any data passing through or stored on the system, and that the government may intercept any such data at any time for any lawful government purpose.

But in the suit, the doctors and scientists say the government violated their constitutional privacy rights by gazing into personal e-mail accounts for the purpose of monitoring activity that they say was lawful.

“Who would have thought that they would have the nerve to be monitoring my communications to Congress?” said Robert C. Smith, one of the plaintiffs in the suit, a former radiology professor at Yale and Cornell universities who worked as a device reviewer at the FDA until his contract was not renewed in July 2010. “How dare they?”

An FDA spokeswoman, Erica Jefferson, said the agency does not comment on litigation.

But according to FDA internal documents that the scientists and doctors obtained under the Freedom of Information Act, the agency told the Department of Health and Human Services’ inspector general that they had improperly disclosed confidential business information about the devices. The agency requested that an investigation be opened in May 2010.

Click here for the full report from the Washington Post.

Google To Track Users…Like Never Before

January 26, 2012

RT

By RT

“Why does Google care what you and I search? Stop invading our privacy.” –KTRN

In a move that has triggered outrage, Google has announced plans to bring all data collected from users’ separate accounts on its sites into a combined profile. Besides raising dubious questions about privacy, this offer is one you… cannot refuse.

­The changes will take effect on March 1. Before that date, Google will notify its hundreds of millions of users about the new rules of the game. In preparation, the company is boosting its privacy policy and terms of service. Users will have to decide whether to agree with the new terms – or lose access to some of their favorite sites. There is no way of opting out of the changes.

Some say Google’s privacy announcement is frustrating and a little frightening.”Even if the company believes that tracking users across all platforms improves their services, consumers should still have the option to opt out,” said Common Sense Media chief executive James Steyer, as cited by the Washington Post.

Google says the new policy reflects a “desire to create a simple product experience” that does what one needs, when one needs it. The changes, apparently, will also allow Google to offer more new services and other “cool things.”

Google is consolidating more than 60 separate legal notes into a single main Privacy Policy, which will make it easier for consumers to comprehend – or, at least, read – the terms of service in full.

But these changes come with an unprecedented boost to Google’s right to collect and combine your personal data in ways you could never have imagined when you were registering for Gmail or Picasa.

“Our new Privacy Policy makes clear that, if you’re signed in [to your Google account], we may combine information you’ve provided from one service with information from other services,” Google’s Director of Privacy Alma Whitten wrote in her official blog.

Click here for the full report.

US Wants to Ease Telecom Wiretapping

October 19th, 2010

Agence France Presse

An Obama administration taskforce is seeking to overhaul a federal law requiring telephone and broadband carriers to ensure their networks can be wiretapped, The New York Times reported Tuesday.

Law enforcement and counterterrorism officials from the Justice and Commerce Departments, the FBI and other federal agencies told the Times tougher legislation was necessary because some telecommunications firms have launched new services and system upgrades that impede surveillance.

As part of their draft legislation to expand and strengthen the 1994 law, the officials want more legal incentives and penalties to push AT&T, Comcast, Verizon and other carriers to make sure any changes to their networks will not disrupt efforts to conduct wiretaps, the report added.

According to the Times, President Barack Obama’s administration intends to submit a package of draft legislation to Congress next year. Citing officials familiar with the deliberations, it noted there was still no agreement over the details.

Officials cited two previously undisclosed episodes during which major carriers struggled for weeks or months when they tried to comply with court-approved wiretap orders in criminal or terrorism investigations.

The newspaper said the FBI spends about 20 million dollars a year on efforts to help companies fix such problems.

Last month, the Times reported that the White House is also pushing to require all online services that enable communications — such as Gmail, Facebook, BlackBerry and Skype — to be technically capable of complying with a wiretap order, bringing them under the law’s mandate for the first time.

Among proposals floated by the Obama administration, one would increase the likelihood that a firm would pay a fine for wiretapping lapses, while another would create incentives for companies to show new systems to the FBI before implementing them, the Times said.

Click here for the full report from the Raw Story

Google Releases User Information To Government

September 21, 2010

BBC News

The US government asked Google for user information 4,287 times during the first six months of 2010.

During the same timeframe the UK government put in over 1,000 such requests.

This is just two snippets from Google’s new Transparency Report, a set of tools designed to show censorship levels around the globe.

Civil liberty groups welcomed the tool but called on Google to provide even more detail about the requests.

Earlier this year, Google released details about how often countries around the world ask it to hand over user data or to censor information.

The new map and tools follows on from that and allows users to click an individual country to see how many removal requests were fully or partially complied with, as well as which Google services were affected.

In the US, for example, there were seven court orders to remove content from YouTube from July 2009 to the end of the year.

There is also a traffic graph showing Google services around the world and related traffic outages, caused either by governments blocking access to information or, more mundanely, cables being cut.

Google’s public policy head Scott Rubin demonstrated the tool to the BBC.

“Last year after the Iranian elections access to the internet was cut off and we saw a sudden drop in traffic to YouTube,” he said.

Civil liberties groups said the tool would prove invaluable to activists determined to plot against government censorship around the globe.

“I think it is a tremendous initiative and it would be helpful if other networks could do the same thing,” said Lilian Edwards, professor of internet law at the University of Sheffield and board member of the Open Rights Group.

“I think there will be some embarrassing data and it will vary from country to country. The UK is neither the best or the worst,” she said.

More data about the nature of the requests would be useful, she added.

“It would be interesting to see whether these take-downs refer to libel, surveillance and intercepts or the content industries. The more data we have the more useful it will be,” she said.

“It would, for example, be interesting to compare Google’s data with published UK surveillance requests.”

Free expression

Google can provide such data and is examining whether it can release more detail about the requests.

Explaining the genesis of the tool, David Drummond, Google’s chief legal officer wrote in the official blog: “When Google’s services are blocked or filtered, we can’t serve our users effectively. That’s why we act every day to maximize free expression and access to information.

“Free expression is one of our core values. We believe that more information means more choice, more freedom and ultimately more power for the individual,” he added.

Google is keen to reassert its freedom of expression credentials after a very public spat with the Chinese government over censorship.

It threatened to pull the plug on services when it emerged that the authorities had been spying on some Gmail accounts.

It began re-routing traffic via Hong Kong but in June agreed to tweak the system to placate the Chinese government.

In July its license to do business in China was renewed.

Data on information requests from China is absent from the current map.

“Chinese officials consider censorship demands to be state secrets so we cannot disclose that information at this time,” said Google.

Click here for the full report

More Email Passwords Hacked

October 7, 2009

Mail Online

By Kate Loveys and Graham Smith

The massive security breach that led to millions of Hotmail customers being advised to change their passwords has now spread to users of email services including Gmail and Yahoo! Mail.

Up to 21million people and businesses who use the Hotmail service in the UK were warned they are potentially at risk of being defrauded after passwords were acquired illegally.

Around 10,000 passwords were obtained by hackers who created a fake website identical to Hotmail’s to fool users into entering their email address and password in a ‘phishing’ scam.

‘Phishing’ scams involve using false websites to lure people into revealing important data such as bank account details, login names or passwords.

Now the BBC claims that another list of over 30,000 email addresses and passwords is circulating, which contains the details for Gmail, Yahoo! Mail, AOL, Comcast and Earthlink accounts.

The latest list was posted on Pastebin.com, the same website to which the Hotmail list was originally uploaded.

How to avoid being defrauded

- Change your passwords every 90 days

- Use different passwords for various internet log-ins

- Do not open unsolicited email attachments and links

The site, which is intended for web developers to share code, has since been taken down for maintenance.

Hotmail’s list of users was posted anonymously on to Pastebin.com on October 1. The list was reported by technology blog Neowin.

It is feared that the information could be used by fraudsters to access email accounts and steal personal information such as credit card account details.

A spokesman for Google, which runs Gmail, said: ‘We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail account.

‘As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.’

The firm stressed that the scam was ‘not a breach of Gmail security’ but rather ‘a scam to get users to give away their personal information to hackers’.

A spokesman for the Metropolitan Police said: ‘We advise people to take a commonsense approach and change their password.

‘It is early days but we have yet to receive reports of fraud linked to this breach.’

A Microsoft spokesman added: ‘We are aware that some Windows Live Hotmail customers’ credentials were acquired illegally and exposed on a website.

‘Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers.

‘We are working diligently to help customers regain control of their accounts.’

Some of the accounts appear to be old, unused or fake. Other addresses on the list include Comcast and Earthlink accounts.

A spokesperson for Yahoo urged consumers to ‘take measures to secure their accounts whenever possible, including changing their passwords’.

Click here for the full report.