Another day, another Sony-related web site gets hacked, according to the BBC. Hackers have managed to breach the security of Sony Ericsson Canada's online store, reportedly stealing users' personal data such as e-mails, passwords and telephone numbers. Sony has confirmed that this information has been stolen, but no credit card information was compromised.

Sony-related sites around the world have become the preferred target of hackers this this week; yesterday the website of the company's Greek music division was hacked and the personal information of about 8,500 customers was stolen. A company spokesman told the BBC earlier this week that Sony's Music Entertainment website in Indonesia and Sony's Thailand website were also hacked, though no data had been stolen in those cases.

No hacking groups have claimed responsibility for compromising these four sites.

Nintendo's Club Nintendo has revised its privacy policy related to online access via its new 3DS hand-held. Nintendo is asking users via an email circulated today to accept a brand new privacy policy that lets it share personal member information with Nintendo Japan. Members must accept the new terms by May 31 or face losing their accounts. There is apparently no way to opt out of these new terms. From the web site:

"The amendment of the Club Nintendo privacy policy was necessary due to the launch of the new Nintendo 3DS system which offers a broad variety of network services. As you can link your Club Nintendo account to your Nintendo 3DS system, we adjusted the existing privacy policy to reflect and explain this.

Was the PlayStation Network hacked? Sony says that an external force brought the network down somehow but has yet to elaborate on exactly what happened. But the one thing it has not talked about is what personal data might have been stolen by those that infiltrated the system last week.

Satoshi Fukuoka, a spokesman for Sony Computer Entertainment in Tokyo, told PC World that it has not determined if "personal information or credit card numbers of users" has been stolen.

Sony Computer Entertainment of America spokesman Patrick Seybold echoed Fukuoka's statement, confirming that its parent company is looking into whether personal data was stolen during the "external intrusion."

Senators John Kerry (D-Mass.) and John McCain (R-Ariz.) this week introduced the "Commercial Privacy Bill of Rights Act of 2011," which they claim will establish a "baseline code of conduct" for how personal information is used, stored and distributed online.

"Americans have a right to decide how their information is collected, used, and distributed and businesses deserve the certainty that comes with clear guidelines," said Sen. Kerry in a statement about the new bill. "Our bill makes fair information practices the rules of the road, gives Americans the assurance that their personal information is secure, and allows our information driven economy to continue to thrive in today's global market."

The bill gives consumers notice of data collection and opt-out capabilities, while requiring companies collecting the information to provide adequate security and set limits on distribution.

U.S. retailer GameStop has been targeted by a class action lawsuit alleging it obtained and recorded personal information about its customers without their express consent. The main plaintiff in the case is Melissa Arechiga of Alameda County California. Her attorneys allege that GameStop illegally recorded her name, credit card number, and personal identification information (PII) following a shop purchase. The thrust of the lawsuit is that GameSpot regularly uses PII from customers to derive additional personal information, including residential addresses.

"Such conduct is performed intentionally and without the knowledge or consent of the cardholder, and is of potentially great benefit to [GameStop]," reads the suit.

According to a C|Net report, the Obama administration has drafted a new set of proposals to deal with intellectual property infringement online that it plans to send to the U.S. Congress very soon. The administration is also applauding  the Anti-Counterfeiting Trade Agreement (ACTA), which it says will "aid right-holders and the U.S. government to combat infringement" once it enters into effect.

As the C|Net report notes, the 92-page report penned by intellectual property enforcement coordinator Victoria Espinel reads as if it was ghost-written by lobbyists groups. There is some interesting data in there like the fact that the number of FBI and Homeland Security infringement investigations jumped 40 percent from 2009 to 2010, praise for ACTA, and details on various law enforcement operations.

Correction: The U.S. Commerce Department contacted us to let us know that the national I.D. program is completely voluntary. In our earlier report we erroneously reported that it was not a voluntary program. Our original wording was "The Internet I.D. would give every American a unique online identity overseen by the Commerce Department."

According to the public affairs officer for the Commerce Department, "Every American will not need an ID and private organizations or others that conduct online transactions would opt in to a system that is led by private industry in partnership with federal agencies like DOC."

Details on what the program consist of can be found at www.nist.gov/nstic.

An analysis by the Wall Street Journal of the stolen user data from Gawker media proves that many users don't take password security very seriously. At all. That data was swiped over the weekend by a hacking group called "Gnosis," who managed to gain access to e-mail addresses and passwords of more than a million Gawker users.

The Federal Trade Commission says that it wants Internet companies such as Facebook and Google to craft their own solutions to privacy problems, but if they are not capable the agency is ready to do it for them, says its chairman. FTC Chairman Jon Leibowitz applauded Microsoft for exploring ways to incorporate the agency's recent suggestion for a "Do Not Track" function allowing consumers to opt out of Web tracking.

However, Leibowitz also said that the FTC is not afraid to use its voice and power to publicly shame companies that do not want to allow this functionality to their users.

"The other part of the bully pulpit is — and the commission is not in this position yet — is we can go and call for legislation. And I think many of the companies who want to do the right thing ... would prefer to do it voluntarily," Leibowitz said to POLITICO during a taping of C-SPAN’s "The Communicators."

According to Boing Boing, 115 leaked diplomatic cables from the latest Wikileaks document dump were related to the upcoming intellectual property law in Spain.

El Pais, a Spanish newspaper that has all of the 115 documents from the US Embassy in Madrid, has released 35 of them. The first batch of documents confirms what has been widely believed to be true: that the U.S. trade representative (working in conjunction with U.S. trade groups) wrote the country's upcoming copyright/Internet law.

Spain's new copyright law is being put to a vote this month. Boing Boing has some text in Spanish released from El Pais. Admittedly, trying to translate it via various online services (I’m looking at you Google), doesn't do the text justice.

Ars Technica reports that the Federal Trade Commission has released a report (PDF) that urges social networks to offer an "opt out" on behaviorial advertising. The "Opt Out" would serve users much like the "Do Not Call" list aids telephone customers.. at least in theory. The difference between the "Do Not Call" list and an Opt Out option on social networks is that the social network owners would have to provide the option on-site. This proposed list, according to Ars Technica, would be maintained via cookies. A sliver of the report:

Facebook is not the only social network having trouble balancing privacy with advertising efforts. According to a Wall Street Journal report, MySpace and some of its popular applications have been transmitting data to outside advertising companies that could be used to identify users.

A WSJ investigation found that information was being transmitted by MySpace when users clicked on ads. The website had pledged in the past to end the practice of sending personal data when users click on ads after a previous WSJ report in May. A MySpace spokesman told the paper that the data identifies the user profile being viewed but not necessarily the person who clicked on the ad.

The WSJ investigation also found that some MySpace applications were transmitting user IDs. Those apps included BitRhymes' TagMe, WonderHill's GreenSpot - a gardening game with 1.8 million users; and RockYou's RockYou Pets, a game with 6.1 million users.

We already know that some Facebook apps may have been giving user data to advertisers, but a report in the UK-based Daily Mail suggests that the world's largest social networking site might be outing its gay members through advertiser actions.

A team of researchers from Microsoft and Germany's Max Planck Institute ran a Facebook experiment by creating six fake profiles: two straight men, two straight women, a gay man, and a lesbian. The goal was to see if Facebook targeted ads based on sexuality. Besides the sexual orientation angle, the profiles were completely the same. The team monitored the accounts for a week.

Surprise, surprise. Zynga, makers of the popular Mafia Wars and Farmville Facebook games, is the target of a new class action lawsuit filed in a San Francisco federal court this week. The principal plaintiff, Nancy Graf of St. Paul, Minn., alleges in the lawsuit (filed with the help of law firm Edelson McGuire LLC) that Zynga shared the private data of its 218 million users with advertisers. The lawsuit seeks monetary relief for those whose data was shared, and "injunctive relief to prevent continued privacy abuses."

An article in the Wall Street Journal earlier in the week claimed that multiple Facebook applications were sharing user data with third-party companies including advertisers and marketers.

For its part, Zynga says that the lawsuit is "without merit" and plans to defend itself vigorously in court. The law firm representing the class group said that this case is just another example of an online company failing to protect user data.

A “game” that consists of the general public using the Internet to monitor closed circuit TV feeds for criminal activity has launched in the UK.

It was just about a year ago that we first reported on the venture, named Internet Eyes, which will charge store owners £20 per week, or £1,000 a year to connect their CCTV feeds to the website. The Internet Eyes user who “has made the best contribution to the prevention or detection of a crime,” will receive a monthly award of £1000.

The Daily Mail provided a little further detail on how Internet Eyes works: users will have access to four screens at a time. When they view what may be a crime taking place, they hit the website’s “alert” button and a text and photo are dispatched to the manager or owner of the store suspected of being robbed or victimized.

UK service provider British Telecom and anti-piracy law firm ACS:Law may find themselves in some serious trouble. The BBC reports that BT and the law firm may have breached the Data Protection Act. The law requires that data holders keep personal user information secure at "all times."

Un-encrypted Excel documents were sent in August by BT lawyer Prakash Mistry to Andrew Crossley of ACS:Law. The document was sent in compliance with a court order to turn over names of suspected file-sharers. While BT requested that the personal information be kept securely by ACS:Law, the company sent two un-encrypted documents via email. One document contained information on 413 users suspected of sharing the song "Evacuate the Dance Floor" and the other document contained 130 users who were suspected of sharing pornography - obviously of a commercial nature.

Just days after it was revealed that the Transportation Security Administration planned to block employee access to web sites with "controversial opinions," the federal agency rescinded the new policy. The ban on "controversial opinion" sites, issued late last week was part of a more general TSA Internet-usage policy blocking employee access to gambling (they called them "gaming" sites) and chat sites, as well as sites that dealt with extreme violence or criminal activity.

But as bloggers - including many conservative blogs that picked up the story from Drudge Report - a small handful or privacy advocates and the American Civil Liberties Union questioned the loose language of the policy, the TSA reconsidered its messaging and withdrew.

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

Illegal downloaders of a recently released Japanese erotic game are running into malware that gathers their personal information and uploads it to a website.

A pirated version of the game Cross Days is causing the mayhem, according to a story on Torrent Freak. Those downloading a certain illegal version of the game run a program that appears to be an installer, but turns out to be a Trojan, which grabs the user’s IP address. The virus then presents some kind of survey, which further mines more personal information from the user. All the data, along with a screenshot of the pirate’s desktop, is then uploaded to a website.

Those who had their information uploaded can have it removed from the site it has been posted to, states the site Japanator, but users must admit that they tried to steal the game (by clicking a button).

Ubisoft’s DRM scheme may have angered the wrong group of people, as the software publisher’s servers were attacked again last night.

The company, who also experienced attacks on their servers over the weekend, took to their Twitter account “about 19 hours ago” (in Twitter time) to announce, “Our servers are under attack again. Some gamers are experiencing trouble signing in. We're working on it and will keep you posted.”

About five hours ago the company reported that, “Login servers were partially reestablished at 10pm CET and fully restored at 1am CET. The attack affected only those trying to login.”

Big brother may or may not be watching, but a new form of interactive entertainment will allow participants to leverage Britain’s 4.0 million plus closed circuit cameras in a bid to catch criminals and win money.

According to the Daily Mail, Internet Eyes is scheduled to launch next month and has already drawn the ire of civil rights groups, who worry the activity could lead to civil rights abuses.  One member of the opposition, Charles Farrior, labeled it “an appalling idea,” and worried it would create a “snooper’s paradise.”

Those watching cameras—in real-time—will be able to click a button every time they witness something they deem suspicious. Then, a message will be relayed to a camera operator, along with a still image from the camera. The operator will decide whether or not to take action and will notify the “player” if a crime has taken place or not.

Those participating will be blocked out after three incorrect alerts in a month, though additional alert opportunities can be purchased. As a further safeguard, actual locations of the cameras will not be known to those watching at home.

The article notes that Britain has 4.2 million CCTV cameras—one for every 14 inhabitants.

If you want to trade in your used games in Broward County, Florida, prepare to give up your thumbprint.

The Broward-Palm Beach New Times reports that the local sheriff's office began requiring game traders to submit to thumbprinting in October, 2008:

Broward County Sheriff's Office spokeswoman Kayla Concepcion said the new requirement comes straight from the Florida Legislature, which enacted a law... that treated video games like second-hand goods sold at pawn shops. Now any store buying used video games has to collect the thumb prints, along with a bunch of other personal info about the seller.

The Labour Goverment of Prime Minister Gordon Brown is pushing ahead with plans to monitor all Internet usage in the U.K.

Britain's Conservative Party is against to the plan and that opposition is the basis for t-enterprise's latest online political parody, Hands Off Our Data!

In the game players assume the role of Conservative leader David Cameron. Wielding an old school raygun, players must blast data mining spiders bearing the likenesses of Gordon Brown and Home Secretary Jacqui Smith while allowing e-mail packets and search engine traffic to pass by.

Last year's angry consumer backlash over Spore's intrusive DRM apparently convinced the suits at Electronic Arts that they had made a mess of things.

Edge Online reports that the publisher is now offering a software tool which can be used by PC gamers to remove authorization limits. This will allow computer games to be re-installed or moved to other PCs without limitation.

In addition to the bad press, the Spore DRM situation spawned at least one class action lawsuit against EA.

Download EA's De-authorization Management Tool (DMT) here.

Irreverent video game site Destructoid is cleaning up a bit of a mess this morning.

According to an e-mail we received from Destructoid editor Niero, a hacker cracked the site's user database over the weekend:

This is the letter every web site operator hopes he never has to write: it seems a glitch in our web site allowed someone to exploit the database this weekend. We have confirmed that the intruder succesfully obtained everyone's username and password.

As soon as we were alerted we shut down all servers, changed all passwords, took our forums offline, and notified everyone via email... We're doing everything we can do prevent this from ever happening again and deeply apologize for this incovenience.

On the bright side, we intentionally store very little personally identifiable information. However, you may still be at risk: If you frequently use the same password for other web services... we strongly urge you to update your password ASAP...

Destructoid has reported the incident to IC3 (FBI's internet crime complaint
arm)... We are also offering a $1,000 award to anyone with information that leads us to prosecuting the intruder...

There will be no hiding behind a screen name for Chinese gamers, apparently.

According to brief report in People's Daily Online, China's notoriously Internet-repressive government will begin requiring online gamers to register using their real names.

A government official, Zhang Yijun, director of the General Administration of Press and Publication's Technology and Digital Publication Department, is cited as PDO's source.

Zhang also indicated that the operations of four online game companies have been suspended after Chinese government inspectors discovered that their software did not contain the required anti-addiction system.

UPDATE: IncGamers has more info:

...the real name registration system does not mean that gamers cannot use screen-names, but rather that their online gaming accounts must be linked to their real world identification number, which is issued by the government.

[A Chinese gamer] went on to explain that linking a gamer's online account to their ID number means the government can keep track of how long underage gamers are playing. Minors are limited to playing for three hours per day...

Following years of suing individuals for sharing music on peer-to-peer networks, the music industry has decided to try a new tactic.

They'll try to have your Internet service cut off, instead.

The Wall Street Journal reports that music biz trade group the RIAA will shift its anti-piracy strategy from individuals to ISPs:

The [RIAA] said it plans to try an approach that relies on the cooperation of Internet-service providers. The trade group said it has hashed out preliminary agreements with major ISPs under which it will send an email to the provider when it finds a provider's customers making music available online for others to take.

Depending on the agreement, the ISP will either forward the note to customers, or alert customers that they appear to be uploading music illegally, and ask them to stop. If the customers continue the file-sharing, they will get one or two more emails, perhaps accompanied by slower service from the provider. Finally, the ISP may cut off their access altogether.

According to the WSJ, the RIAA has filed some 35,000 lawsuits against private citizens since 2002. Despite the shift in strategy, the organization says it plans to continue with those suits already in progess.

CNet's Declan McCullough reports that Sen. Joe Biden (D-DE) has an anti-consumer track record when it comes to technology.

In the past the Democratic VP nominee-apparent has stood with the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) on copyright issues.

From the Cnet report:

[Biden] has spent most of his Senate career allied with the FBI and copyright holders... ranks toward the bottom of CNET's Technology Voters' Guide, [his] anti-privacy legislation was actually responsible for the creation of PGP [encryption]...

 

Biden became a staunch ally of Hollywood and the recording industry in their efforts to expand copyright law. He sponsored a bill in 2002 that would have make it a federal felony to trick certain types of devices into playing unauthorized music or executing unapproved computer programs...

 

A few months later, Biden signed a letter that urged the Justice Department "to prosecute individuals who intentionally allow mass copying from their computer over peer-to-peer networks." Critics of this approach said that the Motion Picture Association of America and the Recording Industry Association of America, and not taxpayers, should pay for their own lawsuits...

 

All of which meant that nobody in Washington was surprised when Biden was one of only four U.S. senators invited to a champagne reception in celebration of the Digital Millennium Copyright Act hosted by the MPAA's Jack Valenti, the RIAA, and the Business Software Alliance. (Photos are here.)

McCullough reports that Biden has "steadfastly refused" to answer Cnet's questions on his tech voting record.

GP: It's ironic that Biden has chosen to portray himself as an intellectual property rights champion. He has twice been outed for plagiarizing.

In 2005 the ESA announced that each of the three next-gen consoles would include ESRB rating-based parental controls. Nintendo, however, seems keen on taking the monitoring concept further.

According to the latest in a series of interviews with the Wii development team, the new system will have a "Play History" feature which tracks how long gamers play as well as what they are playing.

"Rather than the console turning itself off automatically to ensure it is not played for more than an hour a day, it seemed much better to allow parents to use the Play History to discuss with their children how much they are using the console," explained Tomoaki Kuroume, who oversees software user interfaces. "The decision to make it impossible to delete this data was a separate subject for debate."

"Even if a kid wakes up in the middle of the night and sneaks down to play games, that will show up on the Play History!" added Takashi Aoyama, manager of the development group behind Wii’s operating system.