Site Map - Privacy


- The U.S. Supreme Court has ruled that an individual whose Social Security number was released to the public by the government cannot collect damages because he cannot prove that the disclosure caused him actual harm. In the case, a miner making a claim of black lung disease to the Department of Labor found that some of the information on official agency documents, which included the claimant's Social Security number, was revealed to the public. The miner sued the department, claiming that he was entitled to $1,000 damages from the government under the Privacy Act of 1974. The Supreme Court has ruled that because the disclosure did not cause the miner actual harm, he may not recover damages. (Doe v. Chao, United States Supreme Court, No. 02-1377, 2004)

Tagging RFID's Privacy Problems

- A new bill introduced by California State Senator Debra Bowen (D-Redondo Beach) would restrict the use of information collected by radio frequency identification (RFID) tags. The measure, SB 1834, which passed the Senate at the end of April and was scheduled to be considered by the full Assembly by July, sets out four conditions that would have to be met before RFID tags and readers could be used to collect personal information. The full text of SB 1834 and the letter opposing it are at SM Online.


- A federal appeals court has ordered that the sentencing of Brandon Lifshitz, who was convicted of transmitting child pornography, be evaluated for potential abuses of privacy. Under the sentencing, Lifshitz's computer must be equipped with computer monitoring and filtering software to ensure that Lifshitz does not access child pornography on his home computer during his probation. The court ordered the review to evaluate the sentence's possible violation of the Fourth Amendment. (U.S. v. Lifshitz, U.S. Court of Appeals for the Second Circuit, No. 03-1221, 2004)

Data Diamonds Not Gathering Dust

- Privacy advocates are fighting a losing battle when it comes to the practice of private companies collecting personal information about customers. That's because technology makes it cheap and easy and marketing makes it profitable. And the terrorist threat makes that information valuable to the government as well. A report by the Department of Defense's Technology and Privacy Advisory Committee, which addresses privacy in the age of terrorism, can be reached via SM Online.


- A bill (S.B. 1841) recently approved by the California Senate would require that employers inform workers before they monitor employee e-mail accounts. The measure would provide electronic communication with the same protections as voice communications.


- A bill (H.R. 2971) that would restrict the sale and public display of Social Security numbers by both private sector and government entities has been approved by the House Ways and Means Committee.


- One bill (S. 1350) considered by lawmakers would have required that companies victimized by an electronic security breach notify customers that their information may have been compromised. The bill, which was similar to one that took effect in California this year, was considered in committee, where hearings were held, but was not brought to a vote.


- In Colorado, a new law (formerly H.B. 1134) establishes an investigations department within the state's motor vehicles administration to investigate and prevent fraud committed by using driver's licenses, identification cards, motor vehicle titles and registrations, or other documents issued by the administration.

Public records

- A new Maryland law (formerly S.B. 377) will prohibit the release of public records that identify or contain information about individuals or companies that maintain alarms or security systems. In an emergency situation, the records could be released to authorized personnel.

Prescription for Data Protection

- This month, HIPAA security provisions take effect. Here's what you need to know.

Arkansas: Background Screening

- A bill (H.B. 1012) that would have allowed certain employers access to expunged criminal records has been defeated in the Arkansas General Assembly. The bill would have allowed companies to access the expunged criminal records of employees and volunteers having direct, unsupervised contact with children. The checks would have been repeated every two years.

Computer searches

- After being arrested for possession of child pornography and actively soliciting minors via e-mail, Jack Mni Leck filed a lawsuit claiming that the police violated his Fourth Amendment rights by searching a computer he had used. Because the computer Leck used was owned by a nonprofit organization for which Leck volunteered, and because the owner of the computer consented to a police search, the court found that Leck had no legal standing to contest the search. (State of Washington v. Jack Mni Leck, Washington Court of Appeals, No. 30714-6-II, 2004)

Quick Bytes: DHS privacy group

- The Department of Homeland Security (DHS) has appointed 20 members to its Data Privacy and Integrity Advisory Committee, whose task it is to advise the DHS Secretary and Chief Privacy Officer “on programmatic, policy, operational, administrative, and technological issues within the DHS that affect individual privacy, as well as data integrity and data interoperability,” according to the committee’s charter. The members come from private-sector companies such as Oracle and Computer Associates, academic institutions such as The George Washington University, and think tanks like the Cato Institute.

Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.