copyright notice


accesses since November 26, 2013
(rev.hist: 021116,080315,072815,051215,050715;030515,122214;111314;082714;082214,052714,052014,041414,022814,022414;021214,122313)

Nevada Privacy Notebook

Hal Berghel


Mission Statement of Nevada Privacy Subcommittee:

The purpose of this Board is to focus on relevant privacy issues, privacy crime, and the protection of personally identifiable information in Nevada. This Board will (a) make recommendations to the Nevada Attorney General, (b) monitor changes in international, Federal, and State policy and legislation regarding privacy protections, and (c) serve an advisory function to the Attorney General and Technological Crime Advisory Board regarding the protection of personal privacy in Nevada including, but not limited to, medical data, financial information, location information, and communications.

Membership of Nevada Privacy Subcommittee:

This advisory subcommittee will consist of six (6) members who will serve a term of five years (staggered) having expertise in privacy issues, privacy litigation, and privacy advocacy. At least two (2) of the advisory board members must also be current members of the Technological Crimes Advisory Board.

References

  1. Privacy
    1. Privacy Proposals
      1. Unlawful to sell anonymizing services that fail to disclose all methods and means of compromize (e.g., backdoors) to end user/purchaser.
        1. Hushmail: https://en.wikipedia.org/wiki/Hushmail
      2. Unlawful to sell software that contains known vulnerabilities (e.g., weak PRNGs, contained malware, ) without disclosure to end user/purchaser
        1. Reuters Report of NSA/RSA cooperation: http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220
        2. Ars Technica Report on NSA mole in IETF: http://arstechnica.com/security/2013/12/critics-nsa-agent-co-chairing-key-crypto-standards-body-should-be-removed/
      3. Unlawful to infect software without court order::
        1. TAO - http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
      4. Unlawful to digitally surveil citizens without court order
      5. Unlawful to sell one-hop proxy services
        1. Hide My Ass - https://hidemyass.com/
    2. Privacy Statutes
      1. Constitution of the State of Nevada: http://www.leg.state.nv.us/const/nvconst.html
      2. Constitution of the State of California: http://www.leginfo.ca.gov/const-toc.html
        1. comparison of NV & CA Article 1, Sec. 1:
          • CA: "SECTION 1. All people are by nature free and independent and have inalienable rights. Among these are enjoying and defending life and liberty, acquiring, possessing, and protecting property, and pursuing and obtaining safety, happiness, and privacy. " [italics added]
          • NV: " Section. 1. Inalienable rights. All men are by Nature free and equal and have certain inalienable rights among which are those of enjoying and defending life and liberty; Acquiring, Possessing and Protecting property and pursuing and obtaining safety and happiness[.] "
      3. Center for Democracy and Technology, Existing Federal Privacy Laws https://www.cdt.org/privacy/guide/protect/laws.php
      4. InformationShield
        1. List of US Privacy Laws: http://www.informationshield.com/usprivacylaws.html
        2. List of International Privacy Laws: http://www.informationshield.com/intprivacylaws.html
      5. Compilation of State and Federal Privacy Laws (2013) (http://www.privacyjournal.net/_center_compilation_of_state_and_federal_privacy_laws__center__3077.htm )
      6. Compilation of Privacy Protections in State Constitutions (12-11-2013)
      7. Center for Democracy and Technology Survey of State Location Privacy Laws (7/23/15)
      8. State of California AG office Privacy Law Website: http://oag.ca.gov/privacy/privacy-laws
      9. State of California "Right to Know" Act of 2013- http://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140AB1291
      10. National Conference of State Legislatures: (n.b., requires tolerance of 3 rd party scripts)
        1. Main Page:http://www.ncsl.org/GoogleResults.aspx?q=privacy
        2. State Law Listing http://www.ncsl.org/research/telecommunications-and-information-technology/state-laws-related-to-Internet-privacy.aspx
      11. State of Virginia's summary of relevant federal privacy laws ( http://www.privacy.va.gov/docs/plregulations_po_book.pdf )
      12. Consumer Privacy Bill of Rights (White House 02/2012)
        1. http://www.whitehouse.gov/sites/default/files/privacy-final.pdf
        2. http://www.whitehouse.gov/the-press-office/2012/02/23/we-can-t-wait-obama-administration-unveils-blueprint-privacy-bill-rights
      13. President Obama's Privacy Task Force http://www.politico.com/story/2013/08/white-house-privacy-task-force-95409.html
      14. State of Nevada Privacy Policy (last updated 11/25/2002)  http://nv.gov/privacy-policy/
      15. Nevada Encryption Statute in (Bloomberg Law Reports) - http://www.dorsey.com/files/Publication/9398e5a7-607f-4a37-a49a-0b65ea030f3d/Presentation/PublicationAttachment/2bc648b1-581a-40e3-b1b1-0063b3b9619a/dorsey_whitney_krasnow_article_revised.pdf
      16. Solove/Schwartz: Informationm Privacy Law (hardcopy): http://docs.law.gwu.edu/facweb/dsolove/Information-Privacy-Law/
      17. UN "Right to Privacy in the Digital Age", 11/26/13 https://www.un.org/News/Press/docs/2013/gashc4094.doc.htm"
      18. "No U.S. Action,So States Move on Privacy Law," N.Y. Times, 10/30/13 http://www.nytimes.com/2013/10/31/technology/no-us-action-so-states-move-on-privacy-law.html?_r=0
      19. License Plate Readers
        1. Utah License Plate Reader Statute (41-6a-2001 to 41-6a-2005) ; Digital Recognition Network/Vigilant Solutions v. Gary Herbert (2/24/14)
        2. Arkansas House Bill 1996 (2013)
          1. Tech Dirt Article (6/18/14)
          2. Ars Technica article (06/11/14)
        3. Media Coverage
          1. Louisiana Governor vetoes license plate reader statute S.250 permitting use by law enforcement (June 19, 2015)
          2. BetaBoston (Boston Globe) article on Hidden Surveillance by Repo Industry
          3. ACLU discussion on License Plate Readers
          4. Watchdog.org article on License plate readers
          5. Bloomberg.com article on License plate readers
          6. Even the FBI Had Privacy Concerns on License Plate Readers, WIred, May 15, 2015
      20. California vehicle code to include "Black Box" Law (7/1/04)
      21. "Kill Switch" Legislation in 2015
        1. Nevada Bill Draft Request 52-471
        2. U.S. Senate Bill S.2032
        3. California Senate Bill 962 (approved 8/25/14
      22. IMSI Catching
        1. Washington Statute H.B. 1440 Requiring Warrant for IMSI Catching (cf. 1.3.5., below)
        2. California SB741 amended
      23. Drone Leguslation (see 6.12, below)
        1. EPIC's State Drone Laws And UAV Policy Project Website
        2. EPIC's recommendation to teh FAA on Drone Privacy
        3. Oregon's HB 2710 (2013)
        4. Maryland's HB620 (2015)
        5. National Conf. on State Legislatures Status Report on Drone Legislation (2015)
        6. Florida Law against Unwarranted Drone Surveillance (2015); Florida Law against Law Enforcement's Warrantless Use of Drones for Evidence Collection (2013)
    3. U.S. Government Reports
      1. Liberty and Security in a Changin World: Report and Recommendations of the Presidents Review Group... (12/12/2013) http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf
    4. Legal Interpretations
      1. Jim Harper (CATO) on Smith v. Maryland (10/8/13)
      2. Google Scanning of Gmail
  2. Privacy Associations
    1. International Association of Privacy Professionals (IAPP): https://www.privacyassociation.org/resource_center
    2. Electronic Frontier Foundation: https://www.eff.org/issues/international-privacy-standards
  3. Privacy Threats
    1. Identity Theft and Financial Fraud Research and Operations Center archive only (deprecated 6/10/14)
    2. What the Government Could Do With All That Location Data (posted 12/10/13)
    3. Tech Giants Launch Site for Government Surveillance Reform (12/9/13)
    4. What the Government Does with Americans' Data (Brennan Center for Justice) (12/9/13)
    5. IMSI Catching/Stingray (cf. 1.2.21 above)

  4. State-of-the-Practice
    1. Encryption 3rd party trust relationships- http://lifehacker.com/this-infographic-shows-which-sites-properly-encypt-your-1471169272
    2. Surveillance Meshes: (http://rt.com/usa/seattle-mesh-network-disabled-676/, http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845).
    3. Did NSA Pay RSA $10m to Weaken Encryption? http://www.sci-tech-today.com/story.xhtml?story_id=11300BKWYADC&co=f000000013912s-1248979084
    4. Daniel J. Solove, A Taxonomy of Privacy, U. Penn Law Review (January, 2006)
    5. Harold Abelson, et al: Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications, CSAIL, MIT (July 6, 2015)

  5. Nevada Privacy Subcommittee Meetings: Agendas and Minutes
    1. December 6, 2013 agenda; minutes
    2. February 21, 2014 agenda; minutes
    3. April 17, 2014 agenda minutes
    4. May 30, 2014 agenda; minutes
    5. August 29, 2014 agenda minutes
    6. October 24, 2014 agenda minutes
    7. January 23, 2015 agenda minutes
    8. March 6, 2015 agenda minutes
    9. May 8, 2015 agenda minutes
    10. July 31, 2015 agenda
    11. February 26, 2016 agenda (cancelled)

  6. Proposed Statutory Changes, Articles, and Publications of the Committee
    1. Proposed Revision to Nevada Constitution, Article 1 Section 1, to include privacy (May 1, 2014)
    2. Nevada Senate and Assembly proposed Joint Resolution on Privacy (May 1, 2014)
    3. NRS 603A.040 "Personal Information" defined @4/17/14)
    4. NRS 179.045 (committee draft rev.; 4/17/14)
      1. relevant reference: FIPS 140-3 Final Draft Standards for Security Requirements for Cryptographic Modules (2007)
      2. A.B.179 (submitted 2/19/15)
    5. NRS_49.275 (shield law) (draft rev.; 5/28/14)
    6. NRS_205.473ff (draft rev.; 2/6/14)
    7. Evaluation Framework Overview (draft; 2/21/14)
    8. Privacy Evaluation Framework (draft; 2/21/14)
    9. Notional Information Security Taxonomy (draft; 2/21/14)
    10. Proposed Revisions to Nevada SLAPP Statute: SB444 (draft; 3/23/15)
    11. Proposed Revisions to Nevada Educational Data Collection Laws: AB221 (draft; 3/4/15)
    12. Proposed Revisions to Nevada Privacy Laws: AB179 (draft; 2/29/15)
    13. Proposed Nevada UAV Law: AB239 (draft; 4/21/15)

  7. Historical Documentation and Reports of the Commitee
    1. Proposal: September 5, 2013 (approved without dissent by TCAB)
    2. Subcommittee Chair Report to TCAB (March 6, 2014)
    3. Subcommittee Chair Report to TCAB (June 5, 2014)
    4. Hal Berghel: "Noirware" (IEEE Computer, March, 2015)
    5. Hal Berghel: "Legislating Technology Badly" (IEEE Computer, October, 2015)