Print 15 comment(s) - last by bitterman0.. on Aug 24 at 3:53 PM

Employers in Germany will no longer be able to snoop on Facebook profiles to screen applicants.  (Source: The Guardian UK)

The law also prevents employers from using video surveillance in private locations like restrooms.  (Source: Boston News)

Germany's plan to roll out RFID-equipped national identification cards, which would allow the government to track individuals more easily, is creating controversy. Security experts complain that some information on the card may be easy to steal due to lax protections.  (Source: International Business Times)
One move draws praise from privacy advocates, the other concern

Germany's campaign to protect its citizens from corporate snooping has taken another step forward.  German publications Die Welt ("The World") and Süddeutsche Zeitung ("South German Newspaper") are reporting that the nation's Interior Minister, Thomas de Maizière, has drafted a new privacy law that will restrict the kinds of info current and potential employers can gather. Süddeutsche Zeitung reports that the German cabinet will likely approve the measure on Wednesday, making it law.

The new law, among other things, will prevent employers from snooping on social networking site profiles -- such as MySpace or Facebook pages -- of current employees or job applicants.  From photos of drug abuse to complaints about former employers; such private information has frequently landed individuals in trouble with law enforcement or potential employers.

Employers are allowed to Google search employees still, but the information is out-of-bounds if the individual did not have control of it (for example criticism from a third party) or if it is considered too old.  Employers can still access employee pages specifically designed for professional networking or job seeking, such as 

The measure also bans businesses from employing video monitoring of employees in "personal" locations such as bathrooms, changing rooms and break rooms.  It mandates that if certain other locations 
are under video surveillance, that employees must be notified.  Similarly, the law puts limitations on email and telephone surveillance.  Employers must notify employees if they are going to snoop on these forms of communication.

The German law comes after discount retail chain LIDL was caught spying on employees in restrooms and collecting info on their personal lives.  National railway Deutsche Bahn and telecommunications giant Deutsche Telekom (owner of the U.S. T-Mobile network) were also embroiled in surveillance cases.

Germany has recently taken a stricter stance on corporate privacy intrusions, investigatingApple's collection of users' locations via its iPhone and iPad devices.  It has also sued 
Facebook for what it views as misleading changes to the site's privacy policy.

The new anti-snooping law is perhaps the first of its kind and comes at a time when a recent 2009 CareerBuilder survey indicated that 45 percent of employers look at potential applicants' Facebook profiles and 35 percent have rejected candidates because of their findings.  Other past surveys have indicated similar snooping trends.

Despite Germany's progressive advances in preventing businesses from snooping, the nation is also rolling out another measure that's drawing criticism from privacy advocates.

Germany will be mandating that citizens carry RFID-equipped identification cards.  While identification cards (similar to U.S. driver's licenses) are nothing new, the RFID chips in the new cards will allow government officials to quickly track and locate individuals.  The government says the information stored on the chips will be used by police, customs, tax officials, and passport granting authorities.

Critics are concerned about the possibility of government tracking.  They also complain that the "basic access control" (BAC) protocol used to protect the information on the front of the card, including the picture and the name, has been shown to be easy to hack.  Hackers could steal this information from law-abiding citizens and create forged ID cards, potentially implicating the original owners in drug transactions and other crimes.  

Other information on the card is reportedly protected by a stronger undisclosed proprietary protocol, so it might not be quite that easy for criminal types to gather the necessary info to make a full forged duplicate ID.

German authorities point out that RFID chips are already used in German and U.S. passports and that a great deal of money could be saved by mandating citizens carry the chips.  They insist that their citizens' private data will be kept secure with the cards.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Privacy Smiracy
By mozfet on 8/24/2010 8:08:29 AM , Rating: 2
I don't understand why people are so concerned with the idea that a hacker can read the information that is printed on the front of the card, and can get your photo... who cares? its public information... Everyone can see what your face looks like, and it's easy to photograph people without their knowing. And figuring out your name is just a question of social engineering.

There are so many ways to get to the data that can be read from the ID card, so lets imagine a hacker leaving his computer and goes looking for some personal data "on the street" (ha), and he forgets his laptop and scanning antennae. The hacker employs a little bit of social engineering and asks people to sign a petition against the new ID card project since these cards will leak their private detail to hackers lurking around corners with big antennas. Being all for privacy you do your part, fill in the form, and while you are filling in the form his accomplice takes a picture of you with his mobile phone...

In the real world, that hacker would have stayed home and surfed facebook; or worse hack your facebook account, or worse infect your PC with a Trojan and steal all your user names and passwords as you type. He can even listen in to your VOIP conversations, and steal that naughty little video you made...

The point is that only extremely vigilant people (and paranoid people wearing tinfoil hats) with extremely high standards of privacy are successfully at hiding their identity. These people would also not enjoy the same involvement in society as the rest of us (being nameless and faceless), rarely leave their apartments (cameras everywhere), and probably do not use mobile phones (can be used to trace you), furthermore they would have friends sharing these values in case their privacy leaks...

In my whole life I've not any people matching the description above, so either they do not exist, or they are really good at keeping private.

In general however, people actively hiding their identity are hiding from something else, for example drug dealers and terrorists.

Instead of worrying about bad men lurking around corners with antennae that can figure out my name and what I look like when I walk past them, I would rather enjoy the security of strong cryptography on a smart token to help me prove my identity through a reader installed at home which I can use to login securely at websites and access services... can I have one of those German ID cards please?

"Let's face it, we're not changing the world. We're building a product that helps people buy more crap - and watch porn." -- Seagate CEO Bill Watkins

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki