MassPrivateIA man who goes by the internet handle“Puking Monkey,” did an analysis of the many ways his car could be tracked and stumbled upon something rather interesting: his E-ZPass, which he obtained for the purpose of paying tolls, was being used to track his car in unexpected places, far away from any toll booths.
Puking Monkey is an electronics tinkerer, so he hacked his RFID-enabled E-ZPass to set off a light and a “moo cow” every time it was being read. Then he drove around New York.
At Defcon, where he presented his findings, Puking Monkey said he found the reading of the E-ZPass outside of where he thought it would be read when he put it in his car “intrusive and unsettling,” quoting from Sen. Chuck Schumer’s remarks about retailers tracking people who come into their stores using their cell phones.
This isn’t a part of the Lower Manhattan Security Initiative, the millions-dollar project emulating London’s Ring of Steel with extreme surveillance. It’s part of Midtown in Motion, an initiative to feed information from lots of sensors into New York’s traffic management center. A spokesperson for the New York Department of Transportation, Scott Gastel, says the E-Z Pass readers are on highways across the city, and on streets in Manhattan, Brooklyn and Staten Island, and have been in use for years. The city uses the data from the readers to provide real-time traffic information, as for this tool. The DoT was not forthcoming about what exactly was read from the passes or how long geolocation information from the passes was kept. Notably, the fact that E-ZPasses will be used as a tracking device outside of toll payment, is not disclosed anywhere that I could see in the terms and conditions.
E-ZPass Inter-agency Group — the umbrella association that oversees the use of the pay-toll-paying tags in 15 different states — it said New York is the only state that is employing this inventive re-use of the tags.
As for blocking that tracking, if you’re not excited about it, Puking Monkey recommends that you “bag the tag, and only bring it out when you want to pay a toll.” Most tags come with a “Faraday cage” type bag through which it can’t be read.
“If NYDOT can put up readers,” says Puking Monkey, “other agencies could as well.”
TransCore, the company that makes the RFID readers that New York is using to pick up on E-ZPasses, was more forthcoming. A 2013 case study from the company notes that the $50 million project to improve traffic congestion in New York also involved the installation of a network of traffic microwave sensors, and has been successful enough that the city plans to expand it another 270 blocks.
http://www.forbes.com/sites/kashmirhill/2013/09/12/e-zpasses-get-read-all-over-new-york-not-just-at-toll-booths/
6 ways your car can spy on you:
1.) EZ-pass
2.) Black boxes
3.) Cell phone navigation
4.) Telematics (OnStar)
5.) Insurance deals
6.) Spying on your teenage drivers
click on the link below to read more:
http://money.cnn.com/galleries/2011/technology/1109/gallery.autos_privacy/index.html
The Consumer Financial Protection Bureau wants to monitor every U.S. consumer credit card transaction made this year:
The Consumer Financial Protection Bureau officials are seeking to monitor four out of every five U.S. consumer credit card transactions this year — up to 42 billion transactions – through a controversial data-mining program, according to documents obtained by the Washington Examiner.
A CFPB strategic planning document for fiscal years 2013-17 describes the “markets monitoring” program through which officials aim to monitor 80 percent of all credit card transactions in 2013.
The U.S. Census Bureau reports that 1.16 billion consumer credit cards were in use in 2012 for an estimated 52.6 billion transactions. If CFPB officials reach their stated “performance goal,” they would collect data on 42 billion transactions made with 933 million credit cards used by American consumers.
In addition, CFPB officials hope to monitor up to 95 percent of all mortgage transactions, according to the planning document.
“This is one step closer to a Big Brother form of government where they know everything about us,” said Rep. Sean Duffy, R-Wis.
http://washingtonexaminer.com/cfpbs-data-mining-on-consumer-credit-cards-challenged-in-heated-house-hearing/article/2535726
The Centers for Medicare and Medicaid Services wants to spy on Americans ‘Social and Behavioral’ data in electronic health records:
The Centers for Medicare and Medicaid Services (CMS) wants to require health care providers to include “social and behavioral” data in Electronic Health Records (EHR) and to link patient’s records to public health departments, it was announced last week.
Health care experts say the proposal raises additional privacy concerns over Americans’ personal health information, on top of worries that the Obamacare “data hub” could lead to abuse by bureaucrats and identify theft.
The CMS currently covers 100 million people through Medicare, Medicaid, and the Children’s Hospital Insurance Program and is tasked with running Obamacare.
According to a solicitation posted by the Department of Health and Human Services on Sept. 4, the CMS is commissioning the National Academy of Sciences to study how best to add social and behavioral factors to electronic health record reporting.
The agency said adding social and behavioral data to patients’ online records will improve health care.
“Increasing EHR adoption has the potential to improve health and health care quality,” the contract’s statement of work (SOW) reads. “Parallel advances in analytic tools applied to such records are fueling new approaches to discovering determinants of population health.”
The project sets out to identify “core data standards for behavioral and social determinants of health to be included in EHRs.”
Critics suggested this would create new bureaucracies and negatively impact health care.
“This sounds like an example of the federal government further intruding on the practice of medicine,” said Chris Jacobs, a senior policy analyst at the Heritage Foundation
.
“It’s including more pay for performance requirements on physicians to collect all sorts of data in order to get government reimbursements,” he said.
http://freebeacon.com/government-seeking-inclusion-of-social-and-behavioral-in-health-records/
Lawsuit claims Minnesota state license database were accessed hundreds of times for political purposes:
State Rep. Steve Drazkowski is one of 18 plaintiffs in a lawsuit filed Thursday that claims employees from Wabasha and Winona counties, the city of Winona and nearly 50 other counties and cities illegally accessed personal information hundreds of times.
The lawsuit claims that an unknown number of state employees used the state’s driver’s license database more than 600 times since April 2003 to look up their records, which include photos, Social Security numbers, addresses, weight, height and other private information.
The suit is one of about 20 filed so far against counties, municipalities and state agencies in an escalating backlash against snooping by public employees into driver’s license data. A Star Tribune survey of major cities and counties and the insurers for smaller government bodies show the total number of inappropriate lookups being claimed surpasses 8,400 — not counting a Department of Natural Resources employee accused of thousands of inappropriate searches.
The 18 plaintiffs, a majority of whom are from Wabasha County, say they were targeted because of political reasons, such as for writing a letter to a newspaper, running for election, supporting a campaign or pushing for government reform.
“My clients do something (political),” said attorney Erick Kaardal, who represents the clients. “Police identify them and then run a check.”
The suit seeks least $1 million in damages, noting that the law allows for at least $2,500 in damages for each use of the database without a legitimate reason, as well as any additional damages a court finds appropriate.
Drazkowski said in an interview Thursday that the way the records were used leaves little room for interpretation. He counted 133 times his records were accessed, and in multiple occasions they were accessed almost at the same time as other family members’ information, he said.
“When I found out my wife and daughter were being targeted by these people, that became a problem,” Drazkowski said.
He said the suit came about after he and a few friends heard about similar lawsuits and decided to see how many times their records had been accessed.
“Our eyes became wide open,” he said.
http://www.winonadailynews.com/news/local/article_dc8ee980-1c2e-11e3-84b5-0019bb2963f4.html
http://www.startribune.com/local/223567701.html
Ohio’s law enforcement biometric database could be misused by state employees who want to check anyone’s pictures:
Ohio’s law enforcement database and its facial recognition software are open to more than just law enforcement, a concern of members of the advisory group reviewing the security of the systems.
The 30,000 users that access the Ohio Law Enforcement Gateway, or OHLEG, include court employees such as clerks of courts, bailiffs and parole officers, along with out-of-state and national law enforcement agencies, officials from the attorney general’s office told the advisory group at its first meeting Tuesday.
And while Ohio law enforcement officers’ access is removed immediately from OHLEG if they leave or are fired, the Bureau of Criminal Investigation only updates its user list from courts or other agencies annually, said Steve Raubenolt, a BCI official who oversees OHLEG. That’s not often enough, considering employee turnover in courts and agencies, said former Ohio Supreme Court Justice Eve Stratton, who is co-chairing the advisory group.
Those issues topped the list of concerns expressed Tuesday by advisory group members – current and former judges, police, a prosecutor, a public defender and a coroner. The group has until Oct. 25 to make recommendations to Attorney General Mike DeWine on what audits, restrictions, security upgrades or other changes the state should make to OHLEG or the facial recognition system.
OHLEG users can currently access social security numbers, driver’s license information and photos, along with registries of license plate numbers, concealed-carry permits, identity theft victims, sex offenders, financial fraud cases and pharmacy thefts. The facial recognition software, OHLEG’s newest feature, is designed to help identify crime suspects by analyzing a snapshot and matching it with a driver’s license photo or police mug shot.
Panel members seemed to agree on the importance of law enforcement’s access to that information. But while law enforcement officers have special training and take an oath to drive home the seriousness of their job, court employees don’t go through the same hiring process.
“If I’m a court employee, and I use my iPhone to take a photo of somebody that I’m curious about or maybe that I have a crush on or just want to know who they are, then I could use that cell phone photograph to access or find their identity if I otherwise have access to OHLEG?” asked Yvette McGee Brown, a former Ohio Supreme Court justice, who is the group’s other co-chair.
Technically, yes, Raubenolt said – although that is illegal. A handful of people have been caught and prosecuted for misuse in OHLEG’s 10 years of existence.
“Yes, you can be prosecuted afterwards, but all of us who work in courts know employees who, there’s a new guy they’re dating, so they want to run him through the system to see if he’s got a record, or they want to check out some girl that they want information on,” Brown said.
http://news.cincinnati.com/article/20130910/NEWS010801/309100121/Could-law-enforcement-database-misused-dating-?nclick_check=1
—————–
http://massprivatei.blogspot.com/2013/09/ez-pass-is-being-used-to-track-your.html
This shouldn’t surprise anyone, because the EZ-pass data has already been used as evidence to convict people in court.
All of today’s “modern conveniences” are used to spy on the people who use them, as well as allowing the elimination of a salaried worker.
The ez-pass user has his every moved recorded, and the toll collector loses his job.