Feeds

Secret printer ID codes may breach EU privacy laws

Commissioner has a mull

The Power of One eBook: Top reasons to choose HP BladeSystem

A little-noticed system that allows printed documents to be tracked by government agents has gotten the attention of the EU Commissioner for Justice Freedom and Security, who says the technology may violate EU human rights guarantees.

The technology is baked in to many popular color laser printers and photocopiers, including those made by Brother, Canon, Xerox and HP, according to this list compiled by the Electronic Frontier Foundation. It embeds almost invisible tracking dots onto documents that uniquely identify the machine that printed them.

The enables the tracking of currency counterfeiters, but the EFF has been warning for years there's nothing that prevents government spooks from using them for broader types of surveillance. Those concerns have at last found a home with Commissioner Franco Frattini.

"To the extent that individuals may be identified through material printed or copied using certain equipment, such processing may give rise to the violation of fundamental human rights, namely the right to privacy and private life," he wrote (Microsoft Word document here) last month in response to a question about the legality of the system. "It also might violate the right to protection of personal data."

Applicable EU documents include Article 8 of the Convention of Human Rights, which provides for the protection of personal data, and Article 7 of the Fundamental Freedoms and the Charter of Fundamental Rights of the European Union, which ensures the protection of private and family life, home and communication, he said. Directive 95/46/EC of Parliament and of the Council of 24 October 1995 also apply.

Frattini stopped short of saying the practice violates any laws at either a national or Community level. That's because the inquiry, which was filed by EU Member for Finland Satu Hassi, didn't include information showing the tracking dots were being used to identify individuals.

Frattini's answer appears to bolster the EFF opinion that the technology unnecessarily opens the door to human rights abuses, throughout the world.

"If you widen this out to authoritarian regimes, this becomes a far more pernicious threat," said Danny O'Brien, the international O\outreach co-ordinator at the EFF, who worries that Chinese authorities might use it to crack down on dissidents. "If you're running off some leaflets that the Chinese government doesn't like the look of, the fact that they can trace you to a particular suburb or printer shop is a far more damaging result."

It's unclear what practical effect Frattini's words may have. While O'Brien says the EU has the power to control imports, he doesn't see much chance of a ban on printers that use the tracking technology. Nonetheless, he says the opinion could provide leverage for European officials trying to end the practice. According to the EFF, printer manufacturers added the technology at the direction of the US government, most likely the Secret Service.

"This becomes a diplomatic issue more that anything else," he said. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.