Feeds

Secret printer ID codes may breach EU privacy laws

Commissioner has a mull

Protecting against web application threats using SSL

A little-noticed system that allows printed documents to be tracked by government agents has gotten the attention of the EU Commissioner for Justice Freedom and Security, who says the technology may violate EU human rights guarantees.

The technology is baked in to many popular color laser printers and photocopiers, including those made by Brother, Canon, Xerox and HP, according to this list compiled by the Electronic Frontier Foundation. It embeds almost invisible tracking dots onto documents that uniquely identify the machine that printed them.

The enables the tracking of currency counterfeiters, but the EFF has been warning for years there's nothing that prevents government spooks from using them for broader types of surveillance. Those concerns have at last found a home with Commissioner Franco Frattini.

"To the extent that individuals may be identified through material printed or copied using certain equipment, such processing may give rise to the violation of fundamental human rights, namely the right to privacy and private life," he wrote (Microsoft Word document here) last month in response to a question about the legality of the system. "It also might violate the right to protection of personal data."

Applicable EU documents include Article 8 of the Convention of Human Rights, which provides for the protection of personal data, and Article 7 of the Fundamental Freedoms and the Charter of Fundamental Rights of the European Union, which ensures the protection of private and family life, home and communication, he said. Directive 95/46/EC of Parliament and of the Council of 24 October 1995 also apply.

Frattini stopped short of saying the practice violates any laws at either a national or Community level. That's because the inquiry, which was filed by EU Member for Finland Satu Hassi, didn't include information showing the tracking dots were being used to identify individuals.

Frattini's answer appears to bolster the EFF opinion that the technology unnecessarily opens the door to human rights abuses, throughout the world.

"If you widen this out to authoritarian regimes, this becomes a far more pernicious threat," said Danny O'Brien, the international O\outreach co-ordinator at the EFF, who worries that Chinese authorities might use it to crack down on dissidents. "If you're running off some leaflets that the Chinese government doesn't like the look of, the fact that they can trace you to a particular suburb or printer shop is a far more damaging result."

It's unclear what practical effect Frattini's words may have. While O'Brien says the EU has the power to control imports, he doesn't see much chance of a ban on printers that use the tracking technology. Nonetheless, he says the opinion could provide leverage for European officials trying to end the practice. According to the EFF, printer manufacturers added the technology at the direction of the US government, most likely the Secret Service.

"This becomes a diplomatic issue more that anything else," he said. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.