[Clips] Storm Brews Over Encryption 'Safe Harbor' in Data Breach Bills

Fri Jun 3 11:51:36 EDT 2005

On Friday 03 June 2005 14:38, Greg Rose wrote:
> At 00:48 2005-06-03 +0100, Ian G wrote:
> >Just to make it more interesting, the AG of New York, Elliot Spitzer
> >has introduced a  package of legislation intended to "rein in identity
> > theft" including:
> >
> >   Facilitating prosecutions against computer hackers by creating
> >   specific criminal penalties for the use of encryption to conceal
> >   a crime, to conceal the identity of another person who commits
> >   a crime, or to disrupt the normal operation of a computer;
>
> Ah, imagine the beautiful circularity of the Justice Department using
> encryption to protect their criminal identity database from disclosure...
> or not.

They might have a problem with meeting the legal requirements
for disclosure if the alleged criminals were not as yet behind bars... 
I wonder if bin Laden would have an action against the Justice
Department if his file was stolen?

Anyway...

FBI Probes Theft of Justice Dept. Data
http://www.washingtonpost.com/wp-dyn/content/article/2005/05/31/AR2005053101379.html

The FBI is investigating the theft of a laptop computer containing travel 
account information for as many as 80,000 Justice Department employees, but 
it is unclear how much personal data are at risk of falling into the wrong 
hands.
Authorities think the computer was stolen between May 7 and May 9 from Omega 
World Travel of Fairfax, which is one of the largest travel companies in the 
Washington area and does extensive business with government agencies.

  Justice Department spokeswoman Gina Talamona said the data included names 
and account numbers from travel account credit cards issued to government 
employees by J.P Morgan Chase & Co. and its subsidiary Bank One Corp.
She said the information did not include Social Security numbers or home 
addresses that often are used by identity thieves to establish credit or to 
purchase goods in other people's names.
In addition, she said the account information was protected by passwords, 
although sophisticated hackers often can break into stored databases.
Omega World Travel officials declined to comment on how the laptop was stolen 
or other elements of the case, as did the FBI, which is investigating.
The theft is one of a spate of incidents over the past several months that 
have resulted in sensitive data on millions of U.S. consumers being stolen or 
exposed.
In December, Bank of America Corp. lost computer tapes containing records on 
1.2 million federal workers, including several U.S. senators.
Talamona said that no Justice Department worker has reported suspicious 
activity on his or her financial accounts since the incident.
The banks issuing the travel cards have placed alerts on the workers' 
accounts, Talamona said.
She added that Omega World Travel has agreed to several changes to its 
security practices, including beefing up physical security at its offices, 
conducting a computer security review and ensuring that the stolen computer 
cannot be reconnected to the firm's network.
The travel cards have not been canceled, Talamona said.

-- 
Advances in Financial Cryptography:
   https://www.financialcryptography.com/mt/archives/000458.html

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com