|
|
NLPWESSEX, natural law publishing |
nlpwessex.org |
| "I don't think in the last two or three hundred years we've faced
such a concatenation of problems all at the same time.... If we are to solve the issues that are ahead of us, we are going to need to think in completely different ways." Paddy Ashdown, High Representative for Bosnia and Herzegovina 2002 -2006 BBC Radio 4, 'Start The Week', 30 April 2007 |
|
| SURVEILLANCE SOCIETY NEWS www.nlpwessex.org/docs/surveillancesocietynews.htm |
|||
| To Go Direct To Current Surveillance Society News Reports - Click Here | |||
Surveillance Society News Reports |
Introduction 'Surveillance & The Corrosion Of Democracy'
"Fears that the
United States, Britain and other English-speaking countries are using a
cold-war eavesdropping network to
gain a commercial edge roused passions across Europe today, even after
Washington and London roundly
denied the notion. The subject kept the European
Parliament in Brussels entranced
for hours and drew banner headlines
across the continent. One political
cartoon showed Britain in bed with
the United States, despite Britain's
membership in the European Union. The hubbub grew from a report
prepared for the European Parliament that found that communications
intercepted by a network called
Echelon twice helped American
companies gain an advantage over
Europeans. " "Everywhere
in the world, every day, people's phone calls, emails and
faxes are monitored by Echelon, a secret government surveillance
network. No, it's not fiction straight out of George Orwell's 1984.
It's reality, says former spy Mike Frost in an interview broadcast on 60
Minutes on Sunday, Feb. 27. 'It's not the world of fiction. That's the
way it works. I've been there,' Frost tells CBS News 60 Minutes
Correspondent Steve Kroft. 'I was trained by you guys,' says the former Canadian intelligence
agent, referring to the United States' National Security Agency.
The
NSA runs Echelon with Canada, Britain, Australia and New Zealand as a
series of listening posts around the world that eavesdrop on terrorists,
drug lords and hostile foreign governments. But to find out what
the bad guys are up to, all electronic communications, including those
of the good guys, must be captured and analyzed for key words by super
computers. That is a fact that makes Frost uncomfortable, even
though he believes the world needs intelligence gathering capabilities
like Echelon. 'My concern is no accountability and nothing, no safety
net in place for the innocent people who fall through the cracks,' he
tells Kroft... Democracies usually have laws against spying on citizens.
But Frost says
Echelon members could ask another member to spy for them in an end run
around those laws. For example, Frost tells Kroft that his
Canadian
intelligence boss spied on British government officials for Prime
Minister Margaret Thatcher. '(Thatcher) had two ministers that she said,
quote, 'they weren't on side,' unquote...So my boss...went to McDonald
House in London and did intercept traffic from these two ministers,'
claims Frost. 'The British Parliament now have total deniability. They
didn't do anything. We did it for them.' America politicians
may
also have been eavesdropped on, says Margaret Newsham, a woman who
worked at Menwith Hill in England, the NSA's largest spy station. She
says she was shocked to hear the voice of U.S. Sen. Strom Thurmond
(R.-S.C.) on a surveillance headset about 20 years ago. 'To my
knowledge, all (the intercepted voices)...would be...Russian, Chinese...
foreign,' she tells Kroft. The exposing of such possible abuses
of Echelon will surely add to the growing firestorm in Europe over the
system. On
Feb. 23, the European Parliament issued a report accusing the U.S. of
using Echelon for commercial spying on two separate occasions, to help
American companies win lucrative contracts over European competitors.
The U.S. State Department denies such spying took place and will not
even acknowledge the existence of the top secret Echelon project. Rep.
Porter Goss (R.-Fla), chairman of the House Intelligence Committee,
which has oversight of the NSA, does acknowledge that the U.S. has the
capability to pick up any phone call, and that even his own
conversations could have been monitored."
"There is a huge difference between
legal programs, legitimate spying, legitimate law enforcement - where individuals are
targeted based on a reasonable, individualized suspicion - and these programs of dragnet
mass surveillance that put entire populations under an all-seeing eye and save copies
forever. These programs were never about terrorism: they’re about economic spying,
social control, and diplomatic manipulation. They’re about power." "The head of MI6 has said the
information revolution represents both an "existential threat and a golden
opportunity". In rare public comments Alex
Younger, who took over as Chief of the Secret Intelligence Service in 2014, said it
had fundamentally changed the operating environment for the intelligence community.... Intelligence officials also warned the "internet of things" would
bring new threats. Chris Inglis, former deputy director of the US National Security
Agency, said people should "just say no" to having household appliances hooked
up to the internet." "The
majority of the UK cabinet were never told the security services had been secretly
harvesting data from the phone calls, texts and emails of a huge number of British
citizens since 2005, Nick Clegg has disclosed. Clegg
says he was informed of the practice by a senior Whitehall official soon after becoming
David Cameron’s deputy in 2010, but that“only a tiny handful” of cabinet
ministers were also told – likely to include the home secretary, the foreign
secretary and chancellor. He said he was astonished to learn of the capability and asked
for its necessity to be reviewed. The
former deputy prime minister’s revelation in the Guardian again raises concerns
about the extent to which the security services felt they were entitled to use broadly
drawn legislative powers to carry out intrusive surveillance and keep this information
from democratically elected politicians. The government finally admitted on Wednesday that the mass surveillance
of British citizens began in 2001 after 9/11 and was stepped up in 2005, using powers
under national security directions largely hidden in the 1984 Telecommunications Act. It is not known if government law officers sanctioned the use of the act
in this way, but it appears the intelligence and security committee responsible for
parliamentary oversight was not informed, adding to the impression of a so-called deep
state operating outside the scrutiny of parliament." "British spooks intercepted emails from US and UK media organisations and
rated ‘investigative journalists’ alongside terrorists and hackers as potential security threats, secret
documents reveal. Internal advice circulated by intelligence chiefs at the Government spy
centre GCHQ claims ‘journalists and reporters representing all types of news media
represent a potential threat to security’. Intelligence
documents leaked by the fugitive US whistleblower Edward Snowden also show that British
security officers scooped up 70,000 emails in just 10 minutes during one interception
exercise in 2008. " "Given
that spies can routinely break through just about any security software, virtually all
Internet users are at risk of a data attack.... Intelligence agencies have adopted 'plausible deniability' as their
guiding principle for Internet operations. To ensure their ability to do so, they seek to
make it impossible to trace the author of the attack. It's a stunning approach with which
the digital spies deliberately undermine the very foundations
of the rule of law around the globe. This approach threatens
to transform the Internet into a lawless zone in which superpowers and their secret services operate according to their
own whims with very few ways to hold them accountable for their actions." "Even
if you power off your cell phone, the U.S. government can turn it back on. That's what
ex-spy Edward Snowden revealed in last
week's interview with NBC's Brian Williams. " "The head of the FBI says he understands why people worry about the scope
of the government's powers, and in fact, he agrees with them. 'I
believe people should be suspicious of government power. I am,' Director James Comey told the Senate Judiciary Committee on Wednesday
morning. 'I think this country was founded by people who were worried about government
power so they divided it among three branches,' he added. ...Comey assumed his top post shortly after the Snowden revelations came
to light last summer. " "When it comes to communication
[former US President Jimmy] Carter is evidently a man of his generation, shunning
electronic devices for snail mail. He told [satirist Stephen] Colbert that he had recently
written a letter to Pope Francis.... and steers clear of e-mail for fear of being
monitored by the National Security Agency. The suggestion caused something of a stir in
America and prompted a swift denial from the intelligence agency's director. Carter is yet
to be convinced, noting that regulations controlling the Government's scope to spy on
private communications had been significantly relaxed since he passed them. 'They are not monitoring me now but they
record every message that you transmit in America - and
probably in Great Britain as well - and later if they want to monitor that message they
can do so,' he says." ".... in reality NSA has been collecting word for word 'content' of the
American citizens. So that is something the NSA is lying about. And they've lied about the abuses in the past. NSA has targeted congress, they've targeted the Supreme Court. They've targeted top level generals and admirals. They've
targeted the press and the media. And a whole bunch of other folks: lawyers and law firms. This was between 2002 and 2005 which I was witness to when I
held that sort of information in my hand. NSA is not talking about that either.... The meat of the issue is the network to do this is still intact. So
the capability exists. Even if you believe this President is the most benevolent in the
world, what about the next President, and the one after that and the one after that, and
the potential for abuse with future Presidents? When
this system, this monster that we've set up, still exists, anyone down the line can use
that monster to basically turn our country into a totalitarian police state. I mean 'all
the way' police state. So in my opinion we have to kill this baby in the cradle right now. That means unplug all these nodes around the country and say we will not
go after domestic communications, except when we have a warrant ... [against an]
individual because we have 'probable cause' they've committed a crime.... Like Ben
Franklin [one of the 'founding fathers' of the United States] said, if you're going to
give up your freedom and liberty for security you deserve neither .... When I made my oath
[of office] it was to make sure I protected the constitution of the United States 'against
enemies both foreign and domestic'.... The agency I
worked for [the NSA] is now an domestic enemy of our constitution. And it's just a
horrific thing that's happened. It has to stop." "A
US official has acknowledged that the NSA likely scoops up data on congressional telephone
communications but stopped short of saying whether
such action extended to calls made by President Barack Obama. The tense exchange occurred
on Tuesday during a hearing on the status of the administration's reforms of the bulk data
collection programme exposed last year by former National Security Agency contractor
Edward Snowden. " "MacAskill asked Snowden, almost as an
afterthought, whether there was a UK role in this mass data collection. It didn't seem
likely to him. MacAskill knew that GCHQ had a longstanding intelligence-sharing
relationship with the US, but he was taken aback by Snowden's vehement response. 'GCHQ is worse than the NSA,' Snowden said. 'It's even more
intrusive.'.'" "The power to secretly create
government propaganda is among the many hacking tools revealed in the latest batch of
Edward Snowden documents. British spies can
manipulate online polls -- or trick the world into thinking a video or web page is going
viral. A collection of hacking tools -- some
of which are specifically suited to spreading disinformation -- were exposed in a leaked
2012 document provided by Snowden to The Intercept. " "GCHQ, Britain’s electronic spying agency, intercepted and stored images
of 1.8m Yahoo users taken from their personal webcams even though most of them were not
suspected of wrongdoing, documents leaked by the whistleblower Edward Snowden show. A
secret programme called 'Optic Nerve', run in conjunction with the US National Security Agency, recorded
millions of webcam images from ordinary internet users as many as one in 10 of them
sexually explicit 'in bulk', the UK’s Guardian
newspaper reported on Thursday. 'Optic Nerve' tapped into Yahoo users’ accounts and took still images from their
computer webcams every five minutes. Yahoo reacted
angrily to the revelations, denying all knowledge. A spokesperson for the company said the
covert surveillance programme represented 'a whole new level of violation of our
users’ privacy'. " 'The Death Pangs Of Democracy' "Former
U.S. president Jimmy Carter is so concerned about the NSA
spying scandal that he thinks it has essentially resulted in
a suspension of American democracy. 'America does not at the moment have a functioning democracy,' he said at an event
in Atlanta on Tuesday sponsored by the Atlantik
Bruecke, a private nonprofit association working to further the German-U.S.
relationship. The association's name is German for
'Atlantic bridge.' Carter’s remarks didn't appear in the American mainstream press
but were reported from Atlanta by the German newsmagazine Der
Spiegel, whose Washington correspondent Gregor Peter Schmitz said on Twitter he was present at
the event. The story doesn't appear in the English-language section of the Spiegel website
and is only available in German." "Brazil's president, Dilma Rousseff,
has launched a blistering attack on US espionage at the UN general assembly.....She was imprisoned and tortured for her role in a guerilla movement
opposed to Brazil's military dictatorship in the 1970s. 'In
the absence of the right to privacy, there can be no true freedom of expression and
opinion, and therefore no effective democracy. In the absence of the respect for sovereignty, there is no basis for the
relationship among nations.'" In The Pre-Digital Age "MI5
used hidden electronic surveillance equipment to secretly monitor 10 Downing Street, the Cabinet and at least five Prime Ministers... The
extraordinary disclosure comes despite a succession of parliamentary statements that no
such bugging ever took place. And it follows a behind-the-scenes row in which senior
Whitehall civil servants – backed by Prime Minister Gordon Brown – attempted to
suppress the revelation..... top-secret files held by the Security Service show it
installed electronic listening devices in three highly sensitive areas of No10 – the Cabinet Room, the
Waiting Room and the Prime Minister’s study. It
means that for nearly 15 years, all Cabinet meetings, the offices of senior officials and
all visitors to the Prime Minister – including foreign leaders – were being
bugged. The disclosure is highly shocking in its own
right but it will also bring genuine concerns as to why the Cabinet Office still wants to
suppress it. Comments from MI5 chief Jonathan Evans suggest that the attempted block was
not done on grounds of national security but for wider public interest reasons.This must raise the possibility that the bugging was carried out for
political purposes and officials do not want to admit it went on in the past because
similar operations are continuing today.... the eavesdropping devices that were first installed in Downing Street
in July 1963 at the request of the then Prime Minister, Harold Macmillan. It is unclear
why Macmillan made the extraordinary request... In all, the equipment monitored the
most sensitive areas of Downing Street for around 15 years. It was finally removed on the
orders of James Callaghan in about 1977, the year after he took office. The files do not make it clear whether Prime Ministers Heath and
Wilson knew there were surveillance devices in No10....
After Wilson stepped down, he co-operated with a book suggesting there had been a plot by
Right-wing intelligence officers to undermine him. The claim was later supported by former
senior MI5 officer Peter Wright in his banned Spycatcher memoir. It also prompted
Callaghan, Wilson’s successor, to launch an investigation into the allegations. The
MI5 files indicate that it was Callaghan who finally ordered the surveillance devices to be
removed from Downing Street. Despite this, Callaghan made a statement to the House of
Commons denying that No10 had ever been bugged." "When Harold Macmillan called in MI5
in 1963 and
asked it to bug his office, he thought the whole world was coming apart.... Macmillan felt
he could not trust anybody – but turned for counsel to Dick White, director-general of foreign intelligence service MI6. It is possible that White
suggested installing the listening devices in No10 as some kind of insurance policy.....
The level of official paranoia at the time cannot be underestimated. But it is the
revelation that the bugs were still in place in
Downing Street during Harold Wilson’s two administrations, between 1964 and 1970 and
1974 to 1976, which is the most startling. Wilson believed that elements of the Establishment and members of MI5 and
MI6 were plotting against him.... Now, despite countless official denials, it appears that
Wilson – whose claims that he was under surveillance are often dismissed as the ramblings of an ill and paranoid man –
was right." "Paul
Scott, the late syndicated columnist, was so paranoid about the CIA wiretapping his Prince
George’s County home in the 1960s that he’d make important calls from his
neighbor’s house. His teenage son Jim Scott
figured his dad was either a shrewd reporter or totally nuts. Not until nearly 45 years
later did the son learn that his father’s worries were justified. The insight came in
2007 when the CIA declassified a trove of documents popularly called 'the family jewels.' The papers detailed the
agency’s unlawful activities from long ago, including wiretapping the Scott home in District Heights. The operation even had a code name: 'Project Mockingbird.' Jim was floored: The CIA really did eavesdrop
on Dad. Now Jim, 64, a retired Navy public relations officer who lives in Anne Arundel
County, is waging an operation of his own against the agency. For the past five years, he has sought to declassify and make public any documents Langley
might still have on his father and why he was wiretapped..... Between
March 12, 1963, and June 15, 1963, phone bugs were installed at the Allen and Scott homes
and their Capitol Hill office. But this was no rogue operation: CIA Director John McCone
approved the operation 'under pressure,' the
documents said, from Attorney General Robert F. Kennedy. And Kennedy planned it with Robert McNamara, the defense secretary and Vietnam War architect.
The wiretap identified many of the reporting team’s sources: a dozen senators; six
congressmen; 11 congressional staffers; 16 'government employees,' including a staff
member at the White House and some at the vice president’s office; and 'other
well-placed individuals,' the documents said. " So What's It Like Now? "The House of Commons office of Damian
Green, the Tories' immigration spokesman, is routinely swept for electronic bugging
devices, along with other offices belonging to senior Conservatives, amid fears of covert monitoring, The Independent
on Sunday has discovered. Anger surrounding the
shadow immigration minister's arrest last week escalated dramatically last night over
suspicions of a major bugging scandal inside the Palace of
Westminster. The IoS
understands that even before his surprise arrest on Thursday Mr
Green was aware that his Commons office, phone calls and emails could be under
surveillance because of the sensitive nature of his job. The fresh revelations rocked the Commons just days before the high point
of the parliamentary calendar, the Queen's Speech, which takes place on Wednesday. Tory
leader David Cameron last night said the Prime Minister must denounce the arrest of Mr
Green or risk charges of hypocrisy because he 'made his career' from Whitehall leaks.
Writing in the News of the World, Mr Cameron added: 'If this approach had been in place in
the 1990s, then Gordon Brown would have spent most of his time under arrest.' Several offices within the Commons and Portcullis House belonging to
senior Tory MPs and officials are checked regularly by security experts for listening devices and other surveillance equipment. The IoS has learnt that there are
'major concerns' at the highest levels of the Tory party over suspected monitoring by the authorities.
Any such monitoring may not be illegal but would be hugely controversial. Last night, a Conservative MP wrote to Gordon Brown demanding an
urgent review of the Wilson doctrine, the convention that protects MPs from phonetapping
but does not cover other surveillance techniques. It
is not known whether a covert device has ever been found during searches. But if the
suspicions are proved right, it would have major implications for the protection of
parliamentary privilege. Ben Wallace, the Conservative MP for Lancaster & Wyre, said
the Wilson doctrine, which dates back to 1966, needed to be changed to cover all forms of surveillance,
not just intercepting of calls. He said: 'It is
disturbing that the authorities
may have exploited the difference between surveillance and intercept in order to pursue
Members of Parliament over the past 10 years.'" The Arrival Of 'Turnkey Totalitarianism' "People think, well, yeah, I use Facebook, and maybe
the FBI if they made a request, could come and get it, and everyone is much more aware of
that because of [former CIA Director] Petraeus. But that’s not the problem. The problem is that all the time nearly everything people do on the
internet is permanently recorded, every web search. Do you know what you were thinking one
year, two days, three months ago? No, you don’t know, but Google knows, it
remembers.... You know, the Stasi had a 10 per cent
penetration of East German society, with up to 1 in 10 people
being informants at some time in their life. Now in countries that have the highest
internet penetration, like Iceland, more than 80 per cent of people are on Facebook,
informing about their friends. That information doesn’t
[simply] go nowhere. It’s not kept in Iceland, it’s sent back into the US where
it IS accessed by US intelligence and where it is given out to any friends or cronies of
US intelligence – hundreds of national security letters every day publicly declared
and being issued by the US government.... We have this position where as we know knowledge is power, and
there’s a mass transfer as a result of literally billions of interceptions per day
going from everyone, the average person, into the data vaults of state spying agencies for
the big countries, and their cronies – the corporations that help build them that
infrastructure. Those groups are already powerful, that’s why they are able to build
this infrastructure to intercept on everyone. So they are growing more powerful,
concentrating the power in the hands of smaller and smaller groups of people at once,
which isn’t necessarily bad, but it’s extremely
dangerous once there is any sort of corruption occurring in the power. Because absolute power corrupts, and when it becomes corrupt, it can
affect a lot of people very quickly. Bill Binney, National Security Agency whistleblower, who was the research head of the
National Security Agency’s Signals Intelligence Division, describes this as a ‘turnkey totalitarianism’, that all
the infrastructure has been built for absolute totalitarianism. It’s just the matter of turning the key..... in general I think the
prognosis is very grim. .... What's necessary is
that the critical accountability components of society that stop it from going down the
tubes entirely, that those people are protected. Those include corruption investigators, journalists, activists, and political
parties. These have got to be protected. If they are
not protected, then it's all lost.... if we are not
able to protect a significant number of people from mass state spying, then the basic
democratic and civilian institutions that we are used to – not in the West, I am no
glorifier of the West, but in all societies – are going to crumble away. They will crumble away, and they will do so all at once. And that's an
extremely dangerous phenomenon. " "James Bamford
has a way of digging up the facts that lend credence to America’s worst privacy fears
about its own government. Now the author and
investigative reporter who wrote the definitive portraits of the National Security Agency
in his books The
Puzzle Palace, Body
of Secrets and The
Shadow Factory has drawn a picture of ubiquitous surveillance that seems mind-boggling
even by NSA standards. In his just-published cover story for
Wired, Bamford lays out the NSA’s plans for
a vast new facility in Bluffdale, Utah that aims to become a storage and analysis hub for the record-breakingly
massive collections of Internet traffic data that the NSA
hopes to gather in coming years not from just foreign networks, but domestic ones as well.
The story adds confirmation to what the New York Times revealed in 2005: that the NSA has
engaged in widespread wiretapping of Americans with the consent of firms like AT&T and
Verizon. But more interestingly–and more troubling in
the eyes of many who value their privacy–it details the Agency’s plans to crack
AES encryption, the cryptographic standard certified by the NSA itself in 2009 for
military and government use and until now considered uncrackable in any amount of time
relevant to mortals. ..... The NSA project now aims
to break the 'exaflop barrier' by building a supercomputer a hundred times faster than the
fastest existing today, the Japanese 'K Computer.' That code-breaking system is projected
to use 200 megawatts of power, about as much as would power 200,000 homes." Each Year It Gets Worse 2017 "Mobile phone data could be used in
place of census questions in the future, a report from the Office for
National Statistics (ONS) suggests. The information would allow the ONS
to track where people live and work. The ONS tested the idea as part of a
government-backed project looking at other data sources for the census. The report said it used commuter flow data from Vodafone users,
collected over four weeks in March and April 2016, in three London
boroughs.... Commuter flows starting or ending in the south London
boroughs of
Southwark, Croydon and Lambeth were analysed and compared to data from
the last census in 2011. An individual's home location was based
on where the phone was located during the night or when switched on in
the morning, while a work location was set to where a phone was found
between standard working hours, Monday to Friday."
2016 "Most
of the world’s international phone calls, internet traffic, emails, and other
communications are sent over a network of undersea cables that connect countries like
giant arteries. At spy outposts across the world, the NSA and its partners tap into these
cables to monitor the data flowing through them. But Menwith Hill is focused on a
different kind of surveillance: eavesdropping on communications as they are being
transmitted through the air. According to top-secret documents obtained by The Intercept
from NSA whistleblower Edward Snowden, Menwith Hill has two main spying capabilities. The
first is called FORNSAT, which uses powerful antennae contained within the golf ball-like
domes to eavesdrop on communications as they are being beamed between foreign satellites.
The second is called OVERHEAD, which uses U.S. government satellites orbiting above
targeted countries to locate and monitor wireless communications on the ground below
— such as cellphone calls and even WiFi traffic....
As of 2009, Menwith Hill’s foreign satellite surveillance mission, code-named
MOONPENNY, was monitoring 163 different satellite data links. The
intercepted communications were funneled into a variety of different
repositories storing phone calls, text messages, emails, internet browsing histories,
and other data. It is not clear precisely how many communications Menwith Hill is capable
of tapping into at any one time, but the NSA’s documents
indicate the number is extremely large. In a single 12-hour period in May 2011, for
instance, its surveillance systems logged more than 335 million metadata records, which
reveal information such as the sender and recipient of an email, or the phone numbers
someone called and at what time. To keep information about Menwith Hill’s
surveillance role secret, the U.S. and U.K. governments have actively misled the public
for years through a “cover story” portraying the base as a facility used to
provide “rapid radio relay and conduct communications research.” A classified U.S. document, dated
from 2005, cautioned
spy agency employees against revealing the truth. “It is important to know the
established cover story for MHS [Menwith Hill Station] and to protect the fact that MHS is
an intelligence collection facility,” the document stated. “Any reference to
satellites being operated or any connection to intelligence gathering is strictly
prohibited.”... roughly 600 of the personnel at
the facility are from U.K. agencies, including employees of the NSA’s British
counterpart Government Communications Headquarters, or GCHQ.... a new “collection posture” was introduced at the
base, the aim being to “collect it all, process it all, exploit it all.” In
other words, it would vacuum up as many communications within its reach as technologically
possible.... Fabian Hamilton, a member of Parliament
based in the nearby city of Leeds.......told The Intercept that he found the
secrecy shrouding Menwith Hill to be “offensive.” The revelations about the role
it has played in U.S. killing and capture operations, he said, showed there needed to be a
full review of its operations. “Any nation-state that uses military means to attack
any target, whether it is a terrorist, whether it is legitimate or not, has to be
accountable to its electorate for what it does,” Hamilton said. “That’s the basis of our Parliament, it’s the basis
of our whole democratic system. How can we say that Menwith can carry out operations of
which there is absolutely no accountability to the public? I don’t buy this idea that
you say the word ‘security’ and nobody can know anything. We need to know what
is being done in our name.”" Police anti-extremism unit monitoring senior Green party figures Guardian, 28 April 2016 "The
UK's security services, including GCHQ, MI5 and MI6, have been unlawfully collecting and
using mass datasets of personal information for more than 10 years. The Investigatory
Powers Tribunal has ruled in a judgement published online that the
bodies had been collecting data without safeguards or supervision. The setups of 'Bulk
Communications Data' (BCD) and 'Bulk Personal Datasets' by the agencies did not comply
with the right to privacy (Article
8) in the European Convention on Human Rights..... Both types of datasets have
been used as part of criminal investigations, but have been criticised by privacy advocates for being overly
intrusive. The tribunal added that the massive
datasets (BPD) "include considerable volumes of data about biographical details,
commercial and financial activities, communications and travel"........ The court's ruling comes as the government's Investigatory Powers Bill (IP Bill)
is in the final stages of becoming
law – it is currently passed through the House of Commons and is being
debated by the House of Lords. The Bill has been heavily criticised
by numerous
committees and officials. Powers included in the IP Bill include bulk collection of data,
the ability to remotely hack mobile phones and computers, and the storing of website
history. The law is the first time these powers have been specifically written into
law." 2015 "The
British government quietly changed anti-hacking laws to exempt GCHQ and other law
enforcement agencies from criminal prosecution, it has been claimed. Details of the change
were revealed at the Investigatory Powers Tribunal which is hearing a challenge to the
legality of computer hacking by UK law enforcement and intelligence agencies. The Government amended the Computer Misuse Act (CMA) two months ago." 2014 "Britain's
signals intelligence division is stealing screenshots from hundreds of thousands of
innocent Yahoo users' webcam videos, according to the Guardian newspaper, which also
reported that the years-long operation has swept up a huge haul of intimate photographs.
The newspaper said GCHQ has been scooping up the sensitive images by intercepting video
chats such as the kind offered by Yahoo Messenger, an effort codenamed OPTIC NERVE. ........The Guardian said that OPTIC
NERVE was intended at least in part to identify
targets using automatic facial recognition software as they stared into their computer's
webcams. But the stockpiling of sexually explicit images of ordinary people had
uncomfortable echoes of George Orwell's 'Nineteen
Eighty-Four,' where the authorities — operating
under the aegis of 'Big Brother' — fit homes with cameras to monitor the intimate
details of people's personal lives. 'At least Big Brother had the decency to install his
own cameras,' British media lawyer David Banksy said in a message posted to Twitter after
the revelations broke. 'We've had to buy them ourselves.' The
collection of nude photographs also raises questions about potential for blackmail. America's National Security Agency has already acknowledged that some
analysts have been caught trawling databases for inappropriate material on partners or
love interests. Other leaked documents have revealed
how U.S. and British intelligence discussed leaking embarrassing material online to
blacken the reputations of their targets. GCHQ
refused to answer a series of questions about OTPIC
NERVE, instead returning the same boilerplate answer
it has given to reporters for months." 2013 “There are a lot
more stories to come, a
lot more documents that will be covered. It’s
important that we understand what it is we’re publishing, so what we say about them
is accurate.... It is literally true, without
hyperbole, that the goal of the NSA and its partners in the English-speaking world is to
eliminate privacy globally. They want to make sure
there is no communication that evades their net.” "Edward Snowden
is to deliver this year’s Channel 4 Alternative Christmas Message, the broadcaster
has confirmed. The whistleblower, who revealed the
mass surveillance programmes organised by the US and other governments, will broadcast his
message at 4.15pm on Christmas Day. In his first TV interview since [fleeing] to Russia in
May, Snowden lays out his vision for why privacy matters and why he believes mass
indiscriminate surveillance by governments of their people is wrong.... During his
address, Snowden says: 'Great Britain’s George
Orwell warned us of the danger of this kind of information. The types of collection in the
book – microphones and video cameras, TVs that watch us are nothing compared to what
we have available today. We have sensors in our pockets that track us everywhere we go.
Think about what this means for the privacy of the average person. A child born today will
grow up with no conception of privacy at all. They’ll never know what it means to
have a private moment to themselves an unrecorded, unanalysed thought. And that’s a
problem because privacy matters, privacy is what allows us to determine who we are and who
we want to be.'...The Alternative Christmas Message
will broadcast on Channel 4 at 4.15pm on Christmas Day. It will be available to view on
4oD later today." "James
Goodale has a message for journalists: Wake up. In his new book, Fighting for the Press
(CUNY Journalism Press, 2013), Goodale, chief counsel to The New York Times when its
editors published the Pentagon Papers in 1971, argues that President
Obama is worse for press freedom than former President Richard Nixon was. The Obama administration has prosecuted more alleged leakers of national
security information under the 1917 Espionage Act than all previous administrations
combined, a course critics say is overly aggressive. Former
New York Times executive editor Bill Keller wrote in a March op-ed that the administration
'has a particular, chilling intolerance' for those who leak. If the Obama administration
indicts WikiLeaks founder Julian Assange for conspiracy to violate the Espionage Act,
Goodale argues, the president will have succeeded where Nixon failed by using the act to
'end-run' the First Amendment.'" "Europeans,
take note: The U.S. government has
granted itself authority to secretly snoop on you. That’s according to a new report
produced for the European Parliament, which has warned that a U.S. spy law renewed late
last year authorizes 'purely political
surveillance on foreigners' data' if it is
stored using U.S. cloud services like those provided by Google, Microsoft and Facebook....
According to [Caspar] Bowden, the 2008 FISA
amendment created a power of 'mass surveillance'
specifically targeted at the data of non-U.S. persons located outside America, which applies to cloud computing. This means that U.S.
companies with a presence in the EU can be compelled under a secret surveillance order,
issued by a secret
court, to hand over data on Europeans. Because non-American citizens outside the
United States have been deemed by the
court not to fall under the search and seizure protections of the Fourth Amendment, it
opens the door to an unprecedented kind of
snooping. 'It's like putting a mind control
drug in the water supply, which only affects non-Americans,' says Bowden... Most
countries’ spy agencies routinely monitor real-time communications like emails and
phone calls of groups under suspicion on national security grounds. However, what makes FISA different is that it explicitly
authorizes the targeting of real-time communications and dormant cloud data
linked to 'foreign-based political organizations'—not just suspected terrorists or foreign government agents. Bowden says
FISA is effectively 'a carte blanche for anything that furthers U.S. foreign policy
interests' and legalizes the monitoring of
European journalists, activists, and politicians who are engaged in any issue in which the United States has a stake. FISA,
according to Bowden, expressly makes it lawful for the United States to do 'continuous mass-surveillance of ordinary lawful
democratic political activities,' and could
even go as far as to force U.S. cloud providers like Google to provide a live 'wiretap' of
European users’ data." 2012 "[British] Home Secretary Theresa May said the proposed surveillance law would 'save lives' ....
But the committee's MPs and peers are likely to encourage the police
and law enforcement agencies to work out a much simpler scheme that the public can trust.
The message is likely to be 'go back to the drawing board and come and talk to us when you
have something fresh'. As regular Register readers
will know, the surveillance plans now being re-examined have been touted to successive
governments by the intelligence services for years with little change to any details other
than the name. The MPs are likely to offer fierce opposition to the proposals, which would
allow the Home Office to wire network traffic probes into the public internet anywhere it
chose, for this or any successor government to use for any purpose it chose....The report will be another setback for the Home Secretary: in 2010 the
former Director of Public Prosecutions Lord Macdonald was asked to review her plan to
monitor citizens online. He previously
called the project to mine the UK internet: A paranoid
fantasy which would destroy everything that makes living worthwhile. This database would be an unimaginable hellhouse of personal private
information. It would be a complete readout of every citizen's life in the most intimate
and demeaning detail.... The two panels' highly
critical reports will be an expected disappointment for the Home Office. They are the latest in a series of spectacular disasters for career spy Charles Farr, who three years ago had hoped
to land the top job at the Secret Intelligence Service (MI6) and become 'C'." "The cable boxes
of the future could be able to detect when viewers are cuddling on the sofa and
automatically serve adverts for contraceptives. U.S. cable provider Verizon has applied to
patent a set-top box technology that can observe what's going on in the room and show
viewers adverts based on what it detects. In U.S. Patent Application 20120304206 the company
suggests it could detect when people are 'cuddling' then show 'a commercial for a romantic
getaway vacation, a commercial for a contraceptive, a commercial for flowers [...] etc.'. The technology would integrate a range of sensors into their products,
including thermal imaging cameras, microphones and motion sensors, to detect the mood
their audience and tailor media content to suit. Privacy
campaigners called the new technology a 'privacy nightmare waiting around the corner' and
called for it to be reined in 'before consumers lose control for good'. It has disturbing
echoes of George Orwell's dystopia 1984, where the population were constantly watched by
authorities through cameras integrated in their television screens.... This needs to be reined in
before consumers lose control for good.'" "Everything we
do on the Internet leaves a trail back to us. Search engine entries, shopping lists,
e-mail addresses and so much more which is ripe for the taking. Now governments and their
intelligence agencies want a piece of that action and they have new tools to ascertain our
intentions and possible future actions.... There
have been a series of related and interesting developments in the field of global
intelligence gathering. The NSA is building a brand new data center in Utah in order to
connect with some new intelligence sharing systems such as the Defense Intelligence
Enterprise and the Global Information Grid.... most
people would not appreciate their private conversations end
up on foreign military or intelligence networks.... It goes on all the time, you could look at Project Echelon, Project
Groundbreaker, Project Trailblazer and many others. Why do you think that the head of the
CIA is gloating about being about to glean intelligence through your devices and
net-centric applications. It is a gold mine for them and they have reaped a bonanza from
it. CIA director David Petraeus put his cards on the
table because he hinted about the next target, it
will be all of data from the smart meters that have been put in place in the past few years. It
wouldn’t be hard to tell how many people are living in a certain home from
electricity records or which appliances are used the most. Will we be deemed terrorists
from some poorly programmed profiling software based on our paper and data trail? Mistakes
happen all the time, from faulty no-fly lists to swat team wrong door raids." "When people download a film from Netflix to a
flatscreen, or turn on web radio, they could be alerting unwanted watchers to exactly what
they are doing and where they are. Spies will no
longer have to plant bugs in your home - the rise of
'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus. The CIA claims it will be able to
'read' these devices via the internet - and perhaps even via radio waves from outside the
home. Everything from remote controls to clock radios can now be controlled via apps - and
chip company ARM recently unveiled low-powered, cheaper chips which will be used in
everything from fridges and ovens to doorbells. The
resultant chorus of 'connected' gadgets will be able to be read like a book - and even
remote-controlled, according to CIA Director David Petraeus, according to a recent report by Wired's 'Danger Room' blog. Petraeus says that web-connected gadgets will 'transform' the art of
spying - allowing spies to monitor people automatically
without planting bugs, breaking and entering or even donning a tuxedo to infiltrate a
dinner party. ' 'Transformational’ is an overused word, but I do believe it
properly applies to these technologies,' said Petraeus. 'Particularly to their effect on clandestine tradecraft. Items of interest
will be located, identified, monitored, and remotely controlled through technologies such
as radio-frequency identification, sensor networks, tiny embedded servers, and energy
harvesters - all connected to the next-generation internet using abundant, low-cost, and
high-power computing.' Petraeus was speaking to a
venture capital firm about new technologies which aim to add processors and web
connections to previously 'dumb' home appliances such as fridges, ovens and lighting
systems. This week, one of the world's biggest chip
companies, ARM, has unveiled a new processor built to work inside 'connected' white
goods." 2011 "Sir Richard
Dearlove, Britain’s former chief spymaster has said the country should start spying
on its Eurozone neighbours to protect the economy as the common currency is wracked by
national defaults. Sir Richard Dearlove, who served
as head of MI6 until 2004, said that Britain must not be 'squeamish' about using the
intelligence services to defend its economic interests. The former C said central banks
like the Bank of England maintained extensive networks of contacts to secure information
on future developments. But specialist intelligence agencies should also undertake the
task of financial security. 'I am addressing the future of the euro and how defaults
affect us economically,' he told the Global Strategy Forum. 'Efficient central bankers
should be able to handle themselves but I am indicating they could and might need help
from time to time on the currency issue.' Sir Richard added that 2008 financial crisis had
changed his views on the role of intelligence agencies in protecting the economy. Britain
needed to be 'forewarned and forearmed’ in anticipation of a future crisis. He said:
'I don’t think we should be squeamish about using all means to protect ourselves
financially.'.... As one of the highest regarded global spy agencies, the Secret
Intelligence Service, or MI6, has deep ties with its intelligence counterparts across
Europe. Sir Richard acknowledged that MI6 was a leader in efforts to integrate
Europe’s intelligence agencies. By ordering the
foreign intelligence agency to actively spy on its partners, the government would risk a
backlash from the country’s closest neighbours and allies. Countries vulnerable to
quitting the euro would be sure to view the move as an act of selfishness at a time of
national weakness.... Sir Richard noted that the Bank of England had effectively intelligence
capabilities – though it did not classify these
activities as spying. As such MI6 would play a subordinate
role to the Bank. Sir
Richard was appointed head of MI6 in 1999 and was head of the organisation during the
September 11 attacks on the US by al Qaeda. When he retired in 2004, the final year of his
career had been overshadowed by controversy over the dossier used by the government to
accuse Iraq of pursuing a secret Weapons of Mass Destruction programme.' 2010 "The
top-secret world the government created in response to the terrorist attacks of Sept. 11,
2001, has become so large, so unwieldy and so secretive that no one knows how much money
it costs, how many people it employs, how many programs exist within it or exactly how
many agencies do the same work.... In Washington and
the surrounding area, 33 building complexes for top-secret intelligence work are under
construction or have been built since September 2001. Together they occupy the equivalent
of almost three Pentagons or 22 U.S. Capitol buildings - about 17 million square feet of
space." "Fraudulent bankers are more of a
danger to society than terrorists and the failure to reassure people that their money is
safe is an 'absolute failure of public policy', a former Director of Public Prosecutions
says today. Writing in The Times, Sir
Ken Macdonald says that the systems for regulating markets and for prosecuting market
crime have completely broken down...In his article, Sir Ken lambasts the 'liberty-sapping addictions' of the Home Office and the
'paranoiac paraphernalia of national databases and ID cards'. He also attacks the rush to 'bring in lots of terror law, the tougher the
better'. Rather than ensuring that people's money and financial security 'will not be
stolen from them', legislators wanted 'criminal justice to be an auction of fake
toughness', he says. Sir Ken has previously criticised government plans to extend the time
that terrorism suspects could be held without charge beyond 28 days; and, recently, plans for increased surveillance and data retention." 2009 "A
former head of MI5 has accused the government of exploiting the fear of terrorism and trying to bring in laws that restrict civil liberties. In an
interview in a Spanish newspaper, published in the Daily Telegraph, Dame Stella Rimington,
73, also accuses the US of 'tortures'....Dame Stella, who stood down as the director
general of the security service in 1996, has previously been critical of the government's
policies, including its attempts to extend pre-charge detention for terror suspects to 42
days and the controversial plan to introduce ID cards. 'It would be better that the government recognised that there are risks,
rather than frightening people in order to be able to pass laws
which restrict civil liberties, precisely one of the
objects of terrorism - that we live in fear and under a
police state,' she told the Spanish newspaper La
Vanguardia...." "With Google’s Latitude, parents
will be able to swoop down like helicopters on their children, whirr around their heads
and chase them away from the games arcade and back to do their French verbs....However
Orwellian it sounds, don’t worry. The police and
security services can already track you down from your phone without any help from Google..." "Over the past few days, at trade
fairs from Las Vegas to Seoul, a constant theme has been the unstoppable advance of 'FRT',
the benign abbreviation favoured by industry insiders. We learnt that Apple's iPhoto
update will automatically scan your photos to detect people's faces and group them
accordingly, and that Lenovo's new PC will log on users by monitoring their facial
patterns....So let's understand this: governments and
police are planning to implement increasingly accurate surveillance technologies that are
unnoticeable, cheap, pervasive, ubiquitous, and searchable in real time. And private businesses, from bars to workplaces, will also operate such
systems, whose data trail may well be sold on or leaked to third parties - let's say,
insurance companies that have an interest in knowing about your unhealthy lifestyle, or
your ex-spouse who wants evidence that you can afford higher maintenance payments. Rather
than jump up and down with rage - you never know who is watching through the window - you have a duty now, as a citizen, to question this stealthy rush towards permanent
individual surveillance. A Government already
obsessed with pursuing an unworkable and unnecessary identity-card database must be held
to account." 2008 "Our
privacy is being invaded by the world's security services in every second of every day, as a
routine matter. Vast quantities of information are
collected by commercial enterprises such as Google or Tesco. Against these invasions of our privacy we have little or no
protection." 'Stalin's Delight' "The
FBI appears to have begun using a novel form of electronic surveillance in criminal
investigations: remotely activating a mobile phone's
microphone and using it to eavesdrop on nearby conversations. ......Kaplan's opinion said
that the eavesdropping technique 'functioned whether the
phone was powered on or off.' Some handsets can't be fully
powered down without removing the battery.....Security-conscious
corporate executives routinely remove the batteries from their cell phones, he added....A BBC article from 2004
reported that intelligence agencies routinely employ the remote-activiation method. 'A
mobile sitting on the desk of a politician or businessman can act as a powerful,
undetectable bug,' the article said, 'enabling them to be activated at a later date to
pick up sounds even when the receiver is down.'........
A 2003 lawsuit revealed that
the FBI was able to surreptitiously turn on the built-in microphones in automotive systems
like General Motors' OnStar to snoop on passengers' conversations. When FBI agents
remotely activated the system and were listening in, passengers in the vehicle could not
tell that their conversations were being monitored. Malicious hackers have followed suit.
A report
last year said Spanish authorities had detained a man who write a Trojan horse that
secretly activated a computer's video camera and forwarded him the recordings." "Cellphone users
say they want more privacy, and app makers are listening. No, they're not listening to
user requests. They're literally listening to the sounds in
your office, kitchen, living room and bedroom. A new class of smartphone app has emerged
that uses the microphone built into your phone as a covert listening device -- a 'bug,' in
common parlance. But according to app makers, it's not a bug.
It's a feature! The apps use ambient sounds to figure out what you're paying attention to.
It's the next best thing to reading your mind. The issue was brought to the world's
attention recently on a podcast called This Week
in Tech. Host Leo Laporte and his panel shocked listeners by unmasking three popular apps that activate your phone's microphone to collect sound patterns from inside your home, meeting, office or
wherever you are. The apps are Color, Shopkick and IntoNow, all of which activate the
microphones in users' iPhone
or Android
devices in order to gather contextual information that provides some benefit to the user.
Color
uses your iPhone's or Android phone's microphone to detect when people are in the same
room. The data on ambient noise is combined with color and lighting information from the
camera to figure out who's inside, who's outside, who's in one room, and who's in another,
so the app can auto-generate spontaneous temporary social networks of people who are
sharing the same experience. ... So, what's possible
with current technology? By listening in on your phone, capturing 'patterns,' then sending
that data back to servers, marketers can determine the following: * Your gender, and the
gender of people you talk to. * Your approximate age, and the ages of the people you talk
to. * What time you go to bed, and what time you wake up. * What you watch on TV and
listen to on the radio. * How much of your time you spend alone, and how much with others.
* Whether you live in a big city or a small town. *What form of transportation you use to
get to work." "Security
researchers have discovered that Apple's iPhone keeps track of where you go
– and saves every detail of it to a secret file on the device which is then copied to
the owner's computer when the two are synchronised. The file contains the latitude and
longitude of the phone's recorded coordinates along with a timestamp, meaning that anyone
who stole the phone or the computer could discover details about the owner's movements
using a simple program. For some phones, there could be almost a year's worth of data
stored, as the recording of data seems to have started with Apple's iOS 4 update to the
phone's operating system, released in June 2010. 'Apple has made it possible for almost
anybody – a jealous spouse, a private detective – with access to your phone or
computer to get detailed information about where you've been,' said Pete Warden, one of
the researchers. Only the iPhone records the user's
location in this way, say Warden and Alasdair Allan, the data scientists who discovered
the file and are presenting their findings at the Where 2.0 conference in San Francisco on
Wednesday. 'Alasdair has looked for similar tracking code in [Google's] Android phones and
couldn't find any,' said Warden." |
||
'We Need A New Way Of Thinking' - Consciousness-Based Education |
|||
Latest Developments In 'Turnkey Totalitarianism' |
|||
|
Current - 2017 - 2016 - 2015 - 2014 - 2013 - 2012 - 2011 - 2010 - 2009 - 2008 & Earlier |
|||
| 2018 |
|
"[In Australia] Businesses using fingerprint scanners to monitor their workforce can
legally sack employees who refuse to hand over biometric information on
privacy grounds, the Fair Work Commission has ruled. The ruling, which will be appealed, was made in the case
of Jeremy Lee, a Queensland sawmill worker who refused to comply with a
new fingerprint scanning policy introduced at his work in Imbil, north
of the Sunshine Coast, late last year. Fingerprint scanning was used to monitor the clock-on and clock-off
times of about 150 sawmill workers at two sites and was preferred to
swipe cards because it prevented workers from fraudulently signing in on
behalf of their colleagues to mask absences. The company, Superior Woods, had no privacy policy covering workers and failed to comply with a requirement
to properly notify individuals about how and why their data was being
collected and used. The biometric data was stored on servers located
off-site, in space leased from a third party. Lee argued the business
had never sought its workers’ consent to use
fingerprint scanning, and feared his biometric data would be accessed by
unknown groups and individuals. “I am unwilling to consent to have my
fingerprints scanned because I
regard my biometric data as personal and private,” Lee wrote to his
employer last November. “Information technology companies gather as much
information/data on people as they can. “Whether they admit to it or
not. (See Edward Snowden) Such information is used as currency between
corporations.” Lee was neither antagonistic or belligerent in his
refusals,
according to evidence before the commission. He simply declined to have
his fingerprints scanned and continued using a physical sign-in booklet
to record his attendance. He had not missed a shift in more than three
years. The employer warned him about his stance repeatedly, and claimed
the
fingerprint scanner did not actually record a fingerprint, but rather “a
set of data measurements which is processed via an algorithm”. The
employer told Lee there was no way the data could be “converted or used
as a finger print”, and would only be used to link to his payroll number
to his clock-on and clock-off time. It said the fingerprint scanners
were also needed for workplace safety, to accurately identify which
workers were on site in the event of an accident.... Lee was sacked in
February, and lodged an unfair dismissal claim in the Fair Work
Commission.
He argued he was sacked for failing to comply with an unreasonable
direction, because the fingerprint scanning was in breach of Australian
privacy laws. His biometric information was sent to a separate corporate
entity that was not his employer, Lee argued..... Lee told Guardian
Australia he planned to appeal. He said the ruling
implied that Australians only owned their biometric data until an
employer demanded it, at which point they could be sacked if they
refused to consent.“My biometric data is inherently mine and inseparable
from me,” Lee
said. “My employer can’t demand it or sack me for refusing to give it.”"
"China’s plan to judge each of its 1.3 billion people based on their
social behavior is moving a step closer to reality, with Beijing set to
adopt a lifelong points program by 2021 that assigns personalized
ratings for each resident. The
capital city will pool data from several departments to reward and
punish some 22 million citizens based on their actions and reputations
by the end of 2020, according to a plan
posted on the Beijing municipal government’s website on Monday. Those
with better so-called social credit will get “green channel” benefits
while those who violate laws will find life more difficult. The
Beijing project will improve blacklist systems so that those deemed
untrustworthy will be “unable to move even a single step,” according to
the government’s plan. Xinhua reported on the proposal Tuesday, while
the report posted on the municipal government’s website is dated July
18.China has long experimented with systems that grade its citizens,
rewarding good behavior with streamlined services while punishing bad
actions with restrictions and penalties. Critics say such moves are
fraught with risks and could lead to systems that reduce humans to
little more than a report card....According to the Beijing government’s plan, different agencies will link
databases to get a more detailed picture of every resident’s
interactions across a swathe of services. The proposal calls for
agencies including tourism bodies, business regulators and transit
authorities to work together....The tracking of individual behavior in China has become easier as
economic life moves online, with apps such as Tencent’s WeChat and Ant
Financial’s Alipay a central node for making payments, getting loans and
organizing transport. Accounts are generally linked to mobile phone
numbers, which in turn require government IDs." "Vehicles are increasingly coming connected
with Wi-Fi and may know
more about you than you think – where you've been, what you're listening
to and what kind of coffee you like. All information that privacy
advocates are warning may end up in the hands of advertisers or even
your insurance company, reports CBS News correspondent Kris Van
Cleave. Under the hood of one car, Ford's former head of
tech John Ellis found
four computers. Inside the car, he hooked up his smart phone to show the
data streaming in real time. "With enough data, I can discern patterns
that seem to be almost non-existent to the human eye," Ellis said.
From the brakes to the windshield wipers, with as many as 100 points
that generate data, today's cars pack the power of 20 personal computers
and can process up to 25 gigs of data every hour – some of it beamed
back. Now, carmakers are rushing to turn your car's data into a
revenue stream, reselling blocks of location information and, one day,
information from cars' on-board cameras and sensors could be bought by
mapping companies or apps that monitor traffic conditions. Seventy-two
percent of car owners said they had no idea was happening. "We
know how tired you are because we have cameras inside of the car
looking at the driver to look for eyelid movement," Ellis said. "Some of
the cars have an ability to detect alcohol…are you weaving? Are you
moving? Are you harsh-braking?" Good drivers who agree to
share their data can also get a better deal. Soon, a car's data may be
worth more than the vehicle itself, according to one car data company.
Driver data could add up to three-quarters of a trillion dollars
industry-wide by 2030. GM uses that data – with drivers' consent –
to put popular brands at their fingertips. GM calls it marketplace, an
attempt to cash in on the 46 minutes per day the average American spends
in a car. "Your driving behavior, the person in the car. We do
have that data," said Rick Ruskin of GM Marketplace. "You've created
this connection with merchants and brands. They know your data. We're
bringing that onto the dashboard of the car." Low on gas? It'll
point you to the closest gas station and let you pay from the dash where
you can also, order food or make reservations on the go, all based on
what's close to the car's current location." Ruskin said drivers are
asked to opt in to the program the very first time they tap the screen
on the dashboard. "You'd accept other terms and conditions.
And we'd let you know….that
we may be using the location of your car to serve you," Ruskin said.
Privacy advocates point out that it's on us to start thinking about cars
for what they've become: data-generating devices." "Britain’s biggest employer organisation and main trade union
body
have sounded the alarm over the prospect of British companies implanting
staff with microchips to improve security. UK firm BioTeq, which offers
the implants to businesses and individuals, has already fitted 150
implants in the UK. The tiny chips, implanted in the flesh between the
thumb and
forefinger, are similar to those for pets. They enable people to open
their front door, access their office or start their car with a wave of
their hand, and can also store medical data. Another company, Biohax of
Sweden, also provides human chip implants the size of a grain of rice.
It told the Sunday Telegraph
(£) that it is in discussions with several British legal and financial
firms about fitting their employees with microchips, including one major
company with hundreds of thousands of employees. The CBI, which
represents 190,000 UK businesses, voiced concerns about the prospect. A
CBI spokesperson said: “While technology is changing the way we
work, this makes for distinctly uncomfortable reading. Firms should be
concentrating on rather more immediate priorities and focusing on
engaging their employees.” The TUC is worried that staff could be
coerced into being microchipped. Its general secretary Frances O’Grady said:
“We know workers are already concerned that some employers are using
tech to control and micromanage, whittling away their staff’s right to
privacy. “Microchipping would give bosses even more power and control over
their workers. There are obvious risks involved, and employers must not
brush them aside, or pressure staff into being chipped.”" "The US Drug Enforcement Administration (DEA)
and Immigration and Customs Enforcement (ICE) have hidden an undisclosed
number of covert surveillance cameras inside streetlights around the
country, federal contracting documents reveal. According to government procurement data,
the DEA has paid a Houston, Texas company called Cowboy Streetlight
Concealments LLC roughly $22,000 since June 2018 for “video recording
and reproducing equipment.” ICE paid out about $28,000 to Cowboy
Streetlight Concealments over the same period of time. It’s
unclear where the DEA and ICE streetlight cameras have been installed,
or where the next deployments will take place. ICE offices in Dallas,
Houston, and San Antonio have provided funding for recent acquisitions
from Cowboy Streetlight Concealments; the DEA’s most recent purchases
were funded by the agency’s Office of Investigative Technology, which is
located in Lorton, Virginia."
"Microsoft's president Brad Smith said facial recognition technology needs to be regulated so the world doesn't turn into a Nineteen Eighty-Four
scenario with everyone's actions tracked and scrutinised. He told
attendees at WebSummit in Lisbon, Portugal that the way in
which facial recognition technology is developing and being used by more
businesses could be detrimental to the average person's privacy. “It
potentially means every time you walk into a store, a retailer knows
when you were in there last, what good you picked out, what you
purchased,” he said, reported Recode.
“I think even that frankly pales in comparison to what it could do to
relationships between individuals and the state.” Although
Microsoft has built its own facial recognition technology,
Brad recognises that regulating the industry is the most effective way
to make sure it doesn't get out of hands and businesses start misusing
their powers. Of course, he accepts that in some cases, such as finding
criminals and monitoring illegal activities, it's an effective
technology, but warned those applications mustn't get out of hand. "For
the first time, the world is on the threshold of technology that
would give a government the ability to follow anyone anywhere, and
everyone everywhere. It could know exactly where you are going, where
you have been and where you were yesterday as well," Smith said. "And
this has profound potential ramifications for even just the
fundamental civil liberties on which democratic societies rely. Before
we wake up and find that the year 2024 looks like the book '1984',
let’s figure out what kind of world we want to create, and what are the
safeguards and what are the limitations of both companies and
governments for the use of this technology." "[Edward Snowden has suggested] a link between the murder of Saudi journalist Jamal Khashoggi and Saudi use of NSO Group’s Pegasus software... The NSO Group has been the subject of much controversy in recent years, with Canadian internet watchdog Citizen Lab claiming that the Pegasus software marketed by the company is being used by a number of countries 'with dubious human rights records and histories of abusive behavior by state security services.' Pegasus infects individuals’ phones by sending them text messages that tempt them to click an attached link. If the target clicks on the link, the company gains full control over the phone, including its contents and history, and the ability to activate its microphone and camera at will..... 'In today’s world, [NSO Group] are the worst of the worst in selling these burglary tools that are being actively currently used to violate the human rights of dissidents, opposition figure and activists, to some pretty bad players,' he said. Snowden described NSO Group’s activity as a 'kind of predation.'... Snowden told the audience that there was reason to believe the NSO Group’s Pegasus software is connected to the murder of Jamal Khashoggi in Saudi Arabia’s consulate in Istanbul, Turkey.... He also told the audience that it is an open secret that Israel spies on the US. 'Israel has a real leg up in technology, in particular in these kinds of offensive operations. Even the NSA realizes that we get hacked by the Israelis. When we file our counterintelligence priorities matrix, it’s always the same four — China, Russia, Israel and France,' he said. 'If I were going to put them in a ranking I would put Israel above France.'” Israeli tech helped Saudis kill journalist, Snowden tells Tel Aviv confab Times of Israel, 7 November 2018 "Data from the vast majority of apps is harvested and shared with Google, a comprehensive study of the Android ecosystem has revealed. Researchers from Oxford university analysed 959,000 apps from the
UK and US Google Play stores, finding that almost 90 per cent of Android apps share
data with Google. The study also revealed that around half of the apps
transfer data to at least 10 third parties, such as Facebook and
Twitter. The study's authors attribute the mass-data harvesting to the
rise of "freemium" apps that rely on advertising and data sharing for
revenue. Information collected and shared by the apps can include a user's age,
gender and location, with the practice particularly prevalent with apps
aimed at children....The researchers describe the mass data collection and tracking as a
"highly important phenomenon" that presents significant challenges for
both regulators aiming to enforce the law, and for the companies who
must comply with it. Industry figures described the study as "unsurprising", given the
data-based business models that technology companies adopt. The
implications of this, especially concerning communication apps, could be
severe for businesses." "Facial recognition software is to be used in UK supermarkets for the
first time to verify the age of people buying alcohol and cigarettes,
the Telegraph has learned. The pilot scheme is set to be
rolled out at self-service checkouts by
the end of the year and could be applied more widely in 2019. NCR, a US
company which makes self check-out machines for Asda, Tesco
and other UK’s supermarkets, will integrate a camera that will estimate
the age of shoppers when they are buying age restricted items.
The camera will reduce the need for staff to approve purchases by
using AI to scan a person’s face to determine their age and either
accept or deny the sale of the item." "There are two ways for spies to alter the guts of computer equipment.
One, known as interdiction, consists of manipulating devices as they’re
in transit from manufacturer to customer. This approach is favored by
U.S. spy agencies, according to documents leaked by former National
Security Agency contractor Edward Snowden. The other method involves
seeding changes from the very beginning. One country in particular
has an advantage executing this kind of attack: China, which by some
estimates makes 75 percent of the world’s mobile phones and 90 percent
of its PCs. Still, to actually accomplish a seeding attack would mean
developing a deep understanding of a product’s design, manipulating
components at the factory, and ensuring that the doctored devices made
it through the global logistics chain to the desired location—a feat
akin to throwing a stick in the Yangtze River upstream from Shanghai and
ensuring that it washes ashore in Seattle. “Having a well-done,
nation-state-level hardware implant surface would be like witnessing a
unicorn jumping over a rainbow,” says Joe Grand, a hardware hacker and
the founder of Grand Idea Studio Inc. “Hardware is just so far off the radar, it’s almost treated like black magic.” But
that’s just what U.S. investigators found: The chips had been inserted
during the manufacturing process, two officials say, by operatives from a
unit of the People’s Liberation Army. In Supermicro, China’s spies
appear to have found a perfect conduit for what U.S. officials now
describe as the most significant supply chain attack known to have been
carried out against American companies.One official says
investigators found that it eventually affected almost 30 companies,
including a major bank, government contractors, and the world’s most
valuable company, Apple Inc.
Apple was an important Supermicro customer and had planned to order
more than 30,000 of its servers in two years for a new global network of
data centers. Three senior insiders at Apple say that in the summer of
2015, it, too, found malicious chips on Supermicro motherboards. Apple
severed ties with Supermicro the following year, for what it described
as unrelated reasons.... One government official says China’s goal was long-term access to
high-value corporate secrets and sensitive government networks. No
consumer data is known to have been stolen." "One aspect of 5G that has not received much attention is how it will
be seized upon by the murkier side of the global population. Cyber-crime
is a raging battle front and perhaps, before 5G becomes widely
available, governments and regulators should consider how criminals may
utilise the technology. The European Union Agency for Law Enforcement
Cooperation, better
known as Europol, has highlighted that the new technology will threaten
existing techniques for tracking criminals. Europol’s 2018 Internet
Organised Crime Threat Assessment (IOCTA)
has followed on from research begun by the EU’s Public Private
Partnership on 5G and noted that new security concerns will come from
issues related to locating users and GDPR. Firstly, the underlying
virtualisation technology needed to deal
with the complexity and bandwidth of 5G makes it much harder to identify
and locate individual users. 4G technology gives each user a unique
identifier. 5G technology only allocates temporary identifiers.
Artificial intelligence offers a potential way for the police and
security services to overcome this challenge. However, the GDPR laws
designed to protect individual privacy mean that the data bases required
may themselves be illegal.On the plus side, there will be a direct
security benefits from 5G.
Companies and public sector bodies will have more options for encrypting
data, making any potential breaches less likely and less damaging. The
IoT technologies that use 5G will also support improvements to other
aspects of security such as CCTV and object tracking (e.g., stolen
phones/laptops). New technologies always bring new challenges and the
battle
against cyber-crime and organised crime creates dilemmas for governments
and populations. In the UK, the proposed ‘Snoopers Charter’ (the Draft
Communications Data Bill) drew much public criticism and was dropped.
The Investigatory Powers Act that subsequently passed through the UK
Parliament only gained the backing of a majority of British MPs after
concessions to privacy were made. But too much data protection also has
its consequences. It may be
that the EU (and, after Brexit, the UK) will need to consider revisions
to GDPR once 5G goes live across Europe."
What does 5G mean for crime and security? The Verdict, 28 September 2018
"The U.K.’s domestic security service MI5 looked at private data about
a group that campaigns against mass surveillance, a London judge has
found. The agency held and “accessed or examined” data about the campaign group Privacy International,
judge Michael Burton said in court Tuesday. He didn’t say what the data
was or why the security service viewed it. London-based Privacy
International campaigns against what it
calls “overreaching state and corporate surveillance.” Tuesday’s case
showed the group had been “caught up in the surveillance dragnet,”
Caroline Wilson Palow, the organization’s general counsel, said in a
statement. “Should a domestic intelligence agency charged with
protecting national security be spying on a human rights organization
based in London? Shouldn’t such spying, if permitted at all, be subject
to the strictest of safeguards?” she said.... Privacy International said
it wrote to Home Secretary Sajid Javid
Tuesday, asking him to make changes to the country’s laws that cover
internet security, and asking for an explanation of why MI5 wanted the
data it collected. The data that MI5 looked at was categorized as “bulk
personal datasets” and “bulk communications data,” the judge said. Bulk
personal datasets can include the electoral roll, telephone directories
and travel-related data, according to MI5’s website.
Bulk communications data “is the who, where, when, how and with whom of
communications, but not what was written or said,” the website says,
and includes information such as itemized bills. In a separate ruling this month, the European Court of Human
Rights found some U.K. surveillance programs, including the bulk
interception of communications exposed by whistle-blower Edward Snowden,
violate rules that protect privacy and family life." "British spies are likely to have hacked into Belgium’s biggest
telecommunications operator for at least a two-year period on the
instruction of UK ministers, a confidential report submitted by Belgian
prosecutors is said to have concluded. The finding would support an allegation made by the whistleblower Edward Snowden five years ago when he leaked 20 slides exposing the targets of hacking by the British intelligence service GCHQ. According to unconfirmed reports in the Belgian media, the federal
prosecutors’ report suggests the hackers closed their operation within a
matter of minutes of being exposed in August 2013. It is believed the
interception of Belgacom, now Proximus, had been ongoing since at least
2011. The justice minister, Koen Geens, has confirmed he has received the
report and that it will be discussed within the national security
council, led by the prime minister, Charles Michel.... The British spies are said to have targeted the computers of Belgacom
employees working in security and maintenance with faked LinkedIn
messages. There was a particular focus on the Belgian company’s
subsidiary unit, Belgacom International Carrier Services, which handles
phone and data traffic in Africa and the Middle East. It is reported that the espionage – given the the codename Operation
Socialist – was also seeking to target communications made between
roaming smartphones. The interception would
have provided access to communications at Nato
headquarters in Brussels and at key European institutions including the
European commission, European parliament, and the European Council. The
operation was the first documented example of an EU member state
covertly hacking into the critical infrastructure of another. The unpublished prosecutors’ report is said to indicate that the
spying operation must have been authorised at the highest levels of the
British government. In 2011 William Hague was Britain’s foreign
secretary.... The slides leaked five years ago by Snowden, a former contractor for the
US National Security Agency, came from the Network Analysis Centre, a
department of GCHQ."
"Some of the world’s most
sophisticated Android and iPhone spyware has been found floating around
America for the first time. It's one of as many as 45 countries in which
NSO Group malware was uncovered. And together they may represent
breaches of American and other nations' computer crime laws against
cross-border hacking, not to mention a severe concern for citizens’
privacy, according to the researchers who uncovered the professional spy
software. The malware of concern, dubbed Pegasus, is the creation of
NSO Group, an Israeli company valued at close to $1 billion. It can hide
on Apple or Google devices, spying via the camera, listening in on
conversations through the microphone, stealing documents and siphoning
off once-private messages, amongst other surreptitious activities. NSO
has always protested that its tools are designed to be used to track the
most heinous criminals, from terrorists to drug cartels. But the
company has been caught up in spying scandals in Mexico and the United
Arab Emirates. In both cases, civil rights organizations were up in arms
that the iPhone malware had targeted activists, journalists and
lawyers, among others who appeared entirely innocent of any crimes. Just
last month, Forbes reported that an Amnesty researcher focusing on
issues in the UAE had been targeted by NSO spyware. And most recently,
leaked emails included in lawsuits in Israel and Cyprus against NSO
Group appeared to show the company had hacked the phone of a journalist
working at an Arab newspaper."
"The U.S. government can monitor journalists under a foreign
intelligence law that allows invasive spying and operates outside the
traditional court system, according to newly released documents.
Targeting members of the press under the law, known as the Foreign
Intelligence Surveillance Act, requires approval from the Justice
Department’s highest-ranking officials, the documents show. In two 2015 memos for the FBI,
the attorney general spells out “procedures for processing Foreign
Intelligence Surveillance Act applications targeting known media
entities or known members of the media.” The guidelines say the attorney
general, the deputy attorney general, or their delegate must sign off
before the bureau can bring an application to the secretive panel of
judges that approves monitoring under the 1978 act, which governs
intelligence-related wiretapping and other surveillance carried out
domestically and against U.S. persons abroad. The high level of supervision points to the controversy around
targeting members of the media at all. Prior to the release of these
documents, little was known about the use of FISA court orders against
journalists. Previous attention had been focused on the use of National
Security Letters against members of the press; the letters are
administrative orders with which the FBI can obtain certain phone and
financial records without a judge’s oversight. FISA court orders can
authorize much more invasive searches and collection, including the
content of communications, and do so through hearings conducted in
secret and outside the sort of adversarial judicial process that allows
journalists and other targets of regular criminal warrants to eventually
challenge their validity. “This is a huge surprise,” said Victoria Baranetsky, general counsel
with the Center for Investigative Reporting, previously of Reporters
Committee for the Freedom of the Press. “It makes me wonder, what other
rules are out there, and how have these rules been applied? The next
step is figuring out how this has been used.”"
Government Can Spy on Journalists in the U.S. Using Invasive Foreign Intelligence Process Intercept, 17 September 2018
"GCHQ’s methods for bulk interception of online communications
violated privacy and failed to provide sufficient surveillance
safeguards, the European court of human rights has ruled. But the ECHR found that GCHQ’s regime for sharing sensitive digital
intelligence with foreign governments was not illegal, and it explicitly
confirmed that bulk interception with tighter safeguards was
permissible. The ruling, which follows Edward Snowden’s whistleblowing revelations,
is a comprehensive assessment by the ECHR of interception operations
carried out until recently by UK intelligence agencies. The legal
claims, which had already been heard by the UK’s
investigatory powers tribunal, were brought by a coalition of 14 human
rights groups and privacy organisations including Amnesty International,
Liberty, Privacy International and Big Brother Watch, as well as journalists. The case concerned the interception regime previously operated by GCHQ. Updated regulations are coming into force under the Investigatory Powers Act 2016."
"The West Midlands is to become the first UK urban 5G testbed area at a
cost of up to £50m – with one use for the new tech being China-style
AI-powered CCTV cameras with automated facial recognition, according to
the government....AI-powered CCTV for automated facial recognition and population
monitoring is widely used in China, with English-language propaganda
from the Communist country being carefully sanitised
to make it appear that the tech is only used to catch criminals and
boost public safety. In reality the system is used by the State to hunt down and capture those who might embarrass officials, among others."
"Facebook has begun to assign its
users a reputation score, predicting their trustworthiness on a scale
from zero to 1. The previously unreported ratings system, which Facebook
has developed over the past year, shows that the fight against the
gaming of tech systems has evolved to include measuring the credibility
of users to help identify malicious actors. Facebook developed its
reputation assessments as part of its effort against fake news, Tessa
Lyons, the product manager who is in charge of fighting misinformation,
said in an interview. ...It is unclear what other criteria Facebook
measures to determine a user’s score, whether all users have a score and
in what ways the scores are used....“Not knowing how [Facebook is]
judging us is what makes us uncomfortable,” said Claire Wardle, director
of First Draft, a research lab within the Harvard Kennedy School that
focuses on the impact of misinformation and that is a fact-checking
partner of Facebook. “But the irony is that they can’t tell us how they
are judging us — because if they do, the algorithms that they built will
be gamed.” "Millions of us have welcomed Alexa into our homes by
purchasing one of Amazon’s Echo smart speakers. The handy gadgets can be
used for playing music, shopping and – on some models – even watching
video clips. But they can also be turned against you if a hacker is
sufficiently
motivated to crack through Amazon’s security and access the device’s
microphone and recording ability. A team of expert hackers from the
Tencent corporation in China have
demonstrated a worrying technique for turning Amazon’s Echo into a
snooping device. ‘After several months of research, we successfully
break the Amazon
Echo by using multiple vulnerabilities in the Amazon Echo system, and
[achieve] remote eavesdropping,’ a spokesperson for the company told Wired. They revealed the fruits of their labour at the DefCon security
conference on Sunday. But before you start panicking and scrambling to
unplug your Echo, the team had already disclosed what they’d found to
Amazon who pushed out security fixes last month." "Google wants to know where you go so badly that it records
your movements even when you explicitly tell it not to. An Associated
Press investigation found
that many Google services on Android devices and iPhones store your
location data even if you've used privacy settings that say they will
prevent it from doing so. Computer-science researchers at Princeton
confirmed these findings at the AP's request. For the most part, Google
is upfront about asking permission to use your location information. An
app like Google Maps will remind you to allow access to location if you
use it for navigating. If you agree to let it record your location over
time, Google Maps will display that history for you in a "timeline"
that maps out your daily movements. Storing your minute-by-minute
travels carries privacy risks and has been used by police to determine
the location of suspects — such as a warrant that police in Raleigh,
North Carolina, served on Google last year to find devices near a murder
scene. So the company will let you "pause" a setting called Location
History. Google says that will
prevent the company from remembering where you've been. Google's support
page on the subject states: "You can turn off Location History at any
time. With Location History off, the places you go are no longer
stored." That isn't true. Even
with Location History paused, some Google apps automatically store
time-stamped location data without asking. For example, Google
stores a snapshot of where you are when you merely open its Maps app.
Automatic daily weather updates on Android phones pinpoint roughly where
you are. And some searches that have nothing to do with location, like
"chocolate chip cookies," or "kids science kits," pinpoint your precise
latitude and longitude — accurate to the square foot — and save it to
your Google account. The privacy issue affects
some two billion users of devices that run Google's Android operating
software and hundreds of millions of worldwide iPhone users who rely on
Google for maps or search.... To stop Google from saving these location markers, the company says,
users can turn off another setting, one that does not specifically
reference location information. Called "Web and App Activity" and
enabled by default, that setting stores a variety of information from
Google apps and websites to your Google account. When paused, it will prevent activity on any device from being saved to
your account. But leaving "Web & App Activity" on and turning
"Location History" off only prevents Google from adding your movements
to the "timeline," its visualization of your daily travels. It does not
stop Google's collection of other location markers. You can delete these location markers by hand, but it's a painstaking
process since you have to select them individually, unless you want to
delete all of your stored activity. You can see the stored location markers on a page in your Google account at myactivity.google.com,
although they're typically scattered under several different headers,
many of which are unrelated to location. To demonstrate how powerful
these other markers can be, the AP
created a visual map of the movements of Princeton postdoctoral
researcher Gunes Acar, who carried an Android phone with Location
history off, and shared a record of his Google account. The map includes
Acar's
train commute on two trips to New York and visits to The High Line park,
Chelsea Market, Hell's Kitchen, Central Park and Harlem. To protect his
privacy, The AP didn't plot the most telling and frequent marker — his
home address. Huge tech companies are
under increasing scrutiny over their data practices, following a series
of privacy scandals at Facebook and new data-privacy rules recently
adopted by the European Union. Last year, the business news site Quartz
found that Google was tracking Android users by collecting the addresses
of nearby cellphone towers even if all location services were off.
Google changed the practice and insisted it never recorded the data
anyway. Critics say Google's insistence on tracking its users' locations stems from its drive to boost advertising revenue." "U.S. lawmakers and the Trump administration have pressured U.S. companies to not sell Huawei or ZTE (000063.SZ) products, saying they potentially could be used to spy on Americans. Earlier this year they pushed AT&T (T.N)
to drop a deal with Huawei to sell its smartphones in the
United States. The source said Bob Lord, the DNC’s chief security
officer, said in a
email that it was important for party and campaign workers to be
vigilant about the warnings. “Please make sure that
you are not using or purchasing ZTE or Huawei devices anywhere within
your staff - for personal or work-related use,” Lord said. Federal
Communications Commission Chairman Ajit Pai told Congress in March he
shared the concerns of U.S. lawmakers about espionage threats
from Huawei. “Hidden ‘back doors’ to our networks in routers,
switches - and virtually any other type of telecommunications equipment -
can provide an avenue for hostile governments to inject viruses, launch
denial-of-service attacks, steal data, and more,” Pai said at the time.
The U.S. Department of Defense has already stopped selling
mobile phones and modems made by Huawei and ZTE in stores
on its
military bases, citing potential security risks." "Google is planning to launch a censored version of its search
engine in China that will blacklist websites and search terms about
human rights, democracy, religion, and peaceful protest, The Intercept
can reveal. The project – code-named Dragonfly – has been underway since spring
of last year, and accelerated following a December 2017 meeting between
Google’s CEO Sundar Pichai and a top Chinese government official,
according to internal Google documents and people familiar with the
plans. Teams of programmers and engineers at Google have created a custom
Android app, different versions of which have been named “Maotai” and
“Longfei.” The app has already been demonstrated to the Chinese
government; the finalized version could be launched in the next six to
nine months, pending approval from Chinese officials.... Google’s search service cannot currently be accessed by most internet
users in China because it is blocked by the country’s so-called Great
Firewall. The app Google is building for China will comply with the
country’s strict censorship laws, restricting access to content that Xi
Jinping’s Communist Party regime deems unfavorable....The Chinese government blocks information on the internet about
political opponents, free speech, sex, news, and academic studies. It
bans websites about the 1989 Tiananmen Square massacre, for instance,
and references to “anticommunism” and “dissidents.” Mentions of books
that negatively portray authoritarian governments, like George Orwell’s
1984 and Animal Farm, have been prohibited on Weibo, a Chinese social media website...... Documents seen by The Intercept, marked “Google confidential,” say
that Google’s Chinese search app will automatically identify and filter
websites blocked by the Great Firewall. When a person carries out a
search, banned websites will be removed from the first page of results,
and a disclaimer will be displayed stating that “some results may have
been removed due to statutory requirements.” Examples cited in the
documents of websites that will be subject to the censorship include
those of British news broadcaster BBC and the online encyclopedia
Wikipedia. The search app will also “blacklist sensitive queries” so that “no
results will be shown” at all when people enter certain words or
phrases, the documents state. The censorship will apply across the
platform: Google’s image search, automatic spell check and suggested
search features will incorporate the blacklists, meaning that they will
not recommend people information or photographs the government has
banned..... Patrick Poon, a Hong Kong-based researcher with human rights group
Amnesty International, told The Intercept that Google’s decision to
comply with the censorship would be “a big disaster for the information
age.” “This has very serious implications not just for China, but for all
of us, for freedom of information and internet freedom,” said Poon. “It
will set a terrible precedent for many other companies who are still
trying to do business in China while maintaining the principles of not
succumbing to China’s censorship. The biggest search engine in the world
obeying the censorship in China is a victory for the Chinese government
– it sends a signal that nobody will bother to challenge the censorship
any more.”"
"The world's most powerful governments are today accused of
bankrolling surveillance kit and training for smaller and dubious
nations – and the tech industry stands to benefit. In a dossier published on Tuesday,
civil-rights warriors Privacy International said that top governments –
from the US, UK and China to France, Germany, and the European Union –
are financing, training and equipping
countries, including authoritarian regimes, with surveillance
capabilities. By doing so, the countries with the most extensive
security and military agencies are “transferring their electronic
surveillance capabilities, practices, and legislation around the world,”
the report said. It said that some of the funds for such programmes
were being badged as development. The US spent more than $20bn in
security aid in 2017, with recipients of training and kit over the years
including African nations and Afghanistan. Privacy International said that despite such efforts
boosting recipients’ security capacities, it can also play “a defining
role in maintaining the ability of recipient governments to exercise
functions of the state and political control.”" "The system that allowed spy agency
GCHQ access to vast amounts of personal data from telecoms companies was
unlawful for more than a decade, a surveillance watchdog has ruled. The
Investigatory Powers Tribunal said that successive foreign secretaries
had delegated powers without oversight. But it added there was no
evidence GCHQ had misused the system. Privacy International criticised
the "cavalier manner" in which personal data was shared. The
group brought the legal challenge and solicitor Millie Graham Wood said
it was "proof positive" that the system set up to protect personal data
was flawed. "The foreign secretary was supposed to protect access
to our data by personally authorising what is necessary and
proportionate for telecommunications companies to provide to the
agencies. "The way that these directions were drafted risked
nullifying that safeguard by delegating that power to GCHQ - a violation
that went undetected by the system of commissioners for years and was
seemingly consented to by all of the telecommunications companies
affected." Under security rules introduced after the attacks on 11
September 2001, the UK's foreign secretary had the power to direct GCHQ
to obtain data from telecoms companies, with little oversight of what
they were subsequently asking for." "Earlier this month it came out that among Facebook’s myriad
algorithmically induced advertising categories was an entry for users
whom the platform’s data mining systems believed might be interested in
treason against their government. The label had been applied to more
than 65,000 Russian citizens, placing them at grave risk should their
government discover the label. Similarly, the platform’s algorithms
silently observe its two billion users’ actions and words, estimating
which users it believes may be homosexual and quietly placing a label on
their account recording that estimate. What happens when governments
begin using these labels to surveil, harass, detain and even execute
their citizens based on the labels produced by an American company’s
black box algorithms? One of the challenges with the vast automated
machine that is Facebook’s advertising engine is that its sheer scale
and scope means it could never possibly be completely subject to human
oversight. Instead, it hums along in silence, quietly watching the
platform’s two billion users as Big Brother, silently assigning labels
to them indicating its estimates of everything from their routine
commercial interests to the most sensitive and intimate elements of
their personality, beliefs and medical conditions that could be used by
their governments to manipulate, arrest or execute them. Such concerns
are unfortunately far from hypothetical. .... many governments across the world that very much aware of the
potential of Facebook’s advertising tools for surveillance and indeed
use them actively to track specific demographics and interests, using
the company’s built-in reporting tools to identify geographic areas and
demographics to target for further surveillance.... The public
availability of Facebook’s targeting tools means intelligence agencies
need no court orders to leverage them, foreign intelligence services can
use them to track and surveil on foreign soil and even local law
enforcement agencies can use them with few restrictions....
Facebook is increasingly playing as a tool for law enforcement,
intelligence agencies and repressive regimes to crack down on legitimate
dissent or internationally recognized human rights. It also raises
important questions about the company’s legal exposure if it knowingly
assists a repressive regime track down and execute citizens based on
internationally protected statuses.... its international reach, massive
centralized data warehouse and algorithms that can divine the most
sensitive and intimate elements of our lives are likely to increasingly
become a go-to one-stop shop for the world’s intelligence agencies to
spy on and influence the world while governments themselves increasingly
leverage their legal powers to force Facebook to help them hunt down
dissent and those different from themselves. Welcome to a world even
Orwell could not have imagined."
"A group of researchers and students at MIT have developed an
intelligent radar-like technology that makes it possible to see through
walls to track people as they move around, a development that could
prove useful for monitoring the elderly or sick as well as for other
applications — but that also raises privacy concerns. Tests show
that the technology, known as RF-Pose, can reveal whether someone is
walking, sitting, standing or even waving — and can identify individuals
from a known group with a success rate of 83 percent. Its developers
say it could prove useful for law enforcement, search and rescue, and —
perhaps most important — health care....Ginés Hidalgo, a research
associate at the Robotics Institute of
Carnegie Mellon University in Pittsburgh, told NBC News MACH in an email
that it was of limited use at this point because the radio signals it
uses are unable to pass through thick walls. "It could become a
breakthrough" if that limitation can be addressed, said Hidalgo, who was
not involved in the project. But
Hidalgo said the technology also raises privacy concerns. "If a normal
camera is recording me, it means I am able to see the camera, too," he
said in the email. "If this camera can be hidden behind or even inside
any object, I would never be able to know when I am being monitored."" "It’s the smartphone conspiracy theory that just won’t go away: Many, many people are convinced that their phones are listening to their conversations to target them with ads. Vice recently fueled the paranoia with an article that declared “Your phone is listening and it’s not paranoia,”
a conclusion the author reached based on a 5-day experiment where he
talked about “going back to uni” and “needing cheap shirts” in front of
his phone and then saw ads for shirts and university classes on
Facebook....They found no evidence of an app unexpectedly activating the
microphone or sending audio out when not prompted to do so. Like good
scientists, they refuse to say that their study definitively proves that
your phone isn’t secretly listening to you, but they didn’t find a
single instance of it happening. Instead, they discovered a different disturbing practice: apps recording a phone’s screen and sending that information out to third parties.Of
the 17,260 apps the researchers looked at, over 9,000 had permission to
access the camera and microphone and thus the potential to overhear the
phone’s owner talking about their need for cat litter or about how much
they love a certain brand of gelato. Using 10 Android phones, the
researchers used an automated program to interact with each of those
apps and then analyzed the traffic generated.The strange practice they started to see was that screenshots and
video recordings of what people were doing in apps were being sent to
third party domains. For example, when one of the phones used an app
from GoPuff,
a delivery start-up for people who have sudden cravings for junk food,
the interaction with the app was recorded and sent to a domain
affiliated with Appsee, a mobile analytics company. The video included a
screen where you could enter personal information—in this case, their
zip code. This wasn’t a total surprise: Appsee proudly touts its ability
to record what users are doing in an app on its website. What bothered
the researchers was that it wasn’t evident to the user that their
behavior was being recorded, something which wasn’t disclosed in
GoPuff’s privacy policy. After the researchers contacted GoPuff, it
added a disclosure to the policy acknowledging that “ApSee” might receive users PII.
“As an added precaution, we also pulled Appsee SDK from the latest
Android and iOS builds,” said the start-up’s spokesperson by email....
In other words, until smartphone makers notify you when your screen is
being recorded or give you the power to turn that ability off, you have a
new thing to be paranoid about. The researchers will be presenting their work at the Privacy Enhancing Technology Symposium Conference in Barcelona next month... The researchers weren’t comfortable saying for sure that your phone
isn’t secretly listening to you in part because there are some scenarios
not covered by their study." "Officials with Customs and Border Protection’s Entry/Exit
have a way to shorten the long lines at airline gates while improving
security and meeting an almost 15-year-old mandate from Congress.
Officials announced June 21 that Orlando International would be the
first airport in the country to screen every international passenger
using facial recognition technology. CBP has been running biometric pilots—including
facial recognition—at 13 airports across the country but Orlando will
be the first to use the system on all travelers. In 2004, Congress charged the CBP with
finding a way to apply biometric screening at all border
crossings—including land, air and sea. The agency has struggled to
comply, citing difficulties in finding the right technology to improve
security without adding significant travel delays. “We are at a critical turning point in the implementation of a
biometric entry-exit system, and we’ve found a path forward that
transforms travel for all travelers,” CBP
Commissioner Kevin McAleenan said at a June 21 press conference. “The
valuable collaboration with stakeholder partners like [the Greater
Orlando Aviation Authority] has resulted in real momentum and it has
brought us to where we are today, the first fully biometric entry-exit
deployment at an airport.”"
"The secrets are hidden behind fortified walls in
cities across the United States, inside towering, windowless
skyscrapers and fortress-like concrete structures that were built to
withstand earthquakes and even nuclear attack. Thousands of people pass
by the buildings each day and rarely give them a second glance, because
their function is not publicly known. They are an integral part of one
of the world’s largest telecommunications networks – and they are also
linked to a controversial National Security Agency surveillance program.
Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco,
Seattle, and Washington, D.C. In each of these cities, The Intercept has
identified an AT&T facility containing networking equipment that
transports large quantities of internet traffic across the United States
and the world. A body of evidence – including classified NSA documents,
public records, and interviews with several former AT&T employees –
indicates that the buildings are central to an NSA spying initiative
that has for years monitored billions of emails, phone calls, and online
chats passing across U.S. territory.... According to the NSA’s documents,
it values AT&T not only because it “has access to information that
transits the nation,” but also because it maintains unique relationships
with other phone and internet providers. The NSA exploits these
relationships for surveillance purposes, commandeering AT&T’s
massive infrastructure and using it as a platform to covertly tap into
communications processed by other companies. Much has previously been reported about the NSA’s surveillance programs.
But few details have been disclosed about the physical infrastructure
that enables the spying. Last year, The Intercept highlighted
a likely NSA facility in New York City’s Lower Manhattan. Now, we are
revealing for the first time a series of other buildings across the U.S.
that appear to serve a similar function, as critical parts of one of
the world’s most powerful electronic eavesdropping systems, hidden in
plain sight."
"Campaign group Big Brother Watch has accused HMRC of creating ID
cards by stealth after it was revealed the UK taxman has amassed a
database of 5.1 million people's voiceprints.The department introduced its Voice ID system in
January 2017. This requires taxpayers calling HMRC to record a key
phrase, which is used to create a digital signature that the system uses
to unlock the right account when they phone back. According to a Freedom of Information request,
submitted by Big Brother Watch and published today, the department now
has more than 5.1 million people's voiceprints on record. However, the group argued that users haven't been
given enough information on the scheme, how to opt in or out, or details
on how their data would be deleted. The FoI revealed that no customers
have opted out in the 30 days to 13 March, but the department refused to
respond to set out exactly how the erasure process would work. Director Silkie Carlo said that taxpayers have been
"railroaded into a mass ID scheme" and that the government was "imposing
biometric ID cards on the public by the back door". The FoI response also raises questions about the
lawfulness of the collection and storage of the data, and whether it is
in line with the General Data Protection Regulation that came into force
on 25 May. Under the GDPR,
a system that allows people to be identified by their voice would
likely meet the definition of processing of biometric data. This places
certain demands on the organisation beyond those made for other forms of
personal data. "Where [biometric processing] takes place, GDPR says
that the person must give 'explicit consent'. 'Consent' also means a
'freely given, specific, informed and unambiguous' indication of the
person's wishes, and it must be a 'clear, affirmative action'," said Jon
Baines, a data protection advisor at law firm Mischon de Reya.... HMRC
also refused to divulge information on who else has access to Voice ID in its FoI response (PDF), saying it risked prejudicing the prevention or detection of crime. Big Brother Watch also slammed Whitehall's decision
to create another database of sensitive biometric material, describing
it as another step towards the "database state". The FoI response from
HMRC also shows that the department did not consult the biometrics
commissioner on its Voice ID plans. The government is already under pressure over its custody image database
– which contains around 21 million shots of faces and identifying
features – because the pictures are stored even if the subject is not
charged. This is despite a 2012 High Court judgment that said
keeping images of presumed innocent people on file was unlawful. The
Home Office has blamed outdated and clunky IT systems for the prolonged
retention but hasn't committed to specifically address this issue."
"Facebook is working on controversial software which
lets it secretly
order users’ smartphones to start recording audio whenever they hear
inaudible messages hidden in television adverts.The social network has
always denied rumours that it listens into
people’s private conversations and analyses what they talk about so it
can show advertising that interests them. But in a patent application
published on June 14 this year, Big
Zucker’s research division revealed a system which lets it quietly tell
people’s mobile phones to capture ‘ambient audio’. It allows Facebook to
conceal ‘a non-human hearable digital sound’ in the audio of a TV ad or
other content. Although people won’t be able to hear this sound, it
contains a
‘machine recognizable’ set of Morse code-style sounds which let it tap
out a message to your smartphone and order it to begin recording. The
secret sound could be a very high-pitched voice, Facebook wrote, pitched
just above the limit of human hearing. When it hears this signal, a
phone will then start capturing ambient
audio, which Facebook describes as the ‘distinct and subtle sounds of a
particular location created by the environment of the location, such as
machinery noise, the sound of distant human movement and speech, creaks
from thermal contraction, and air conditioning and plumbing noises in a
household’. Now, you might think this sounds like an Orwellian nightmare
technology
which will let Big Zucker intrude upon our lives in unprecedentedly
terrifying ways. But Facebook designed it with a specific purpose in
mind. The tech is built to monitor what people watch on their
‘broadcasting
device’ so that the adverts they are shown on Facebook are likely to
appeal to them." Facebook wants to hide secret inaudible messages in TV ads that can force your phone to record audio Metro, 22 June 2018
"The
Supreme Court on Friday said the government generally needs a
warrant if it wants to track an individual's location through cell phone
records over an extended period of time. In a highly anticipated
decision released Friday, the US Supreme Court updated Fourth Amendment
protections for the digital era. In a 5-4 ruling, the court decided in Carpenter v. United States
that the government generally needs a warrant in order to access cell
site location information, which is automatically generated whenever a
mobile phone connects to a cell tower and is stored by wireless carriers
for years. The ruling does leave the door open for law enforcement to
obtain such information without a warrant in some instances.
Still, the court recognizes that cell phones are not voluntary but
necessary for modern life, and that their technology poses some unique
circumstances for the law. “We decline to grant the state
unrestricted access to a wireless carrier’s database of physical
location information,” Chief Justice John Roberts wrote in the majority
opinion. “In light of the deeply revealing nature of CSLI, its depth,
breadth, and comprehensive reach, and the inescapable and automatic
nature of its collection, the fact that such information is gathered by a
third party does not make it any less deserving of Fourth Amendment
protection.” Roberts was joined by Justices Ruth
Bader Ginsburg, Stephen Breyer, Sonia Sotomayor, and Elena Kagan.
Justices Anthony Kennedy, Clarence Thomas, Samuel Alito, and Neil
Gorsuch dissented. The court’s ruling represents a win for digital privacy
advocates, and, while narrow, it may have implications for all sorts of
information held by third parties, including browsing data, text
messages, emails, and bank records. Three years later, in 1979, the court ruled in Smith v. Maryland that the third-party doctrine also extends to call records collected by phone companies. But
on Friday, the Supreme Court said that cell site location information
is a “qualitatively different category” of information. CSLI allows law
enforcement to paint a nearly complete picture of Americans' movements.
Last year, AT&T and Verizon jointly received nearly 125,000 requests
from law enforcement for CSLI data, according to their transparency reports.
Law enforcement officials will now only be able to make such requests
after obtaining a warrant, which will require them to demonstrate
probable cause. The court has expressed uneasiness about the collection
of vast amounts of digital data before. In the 2014 case Riley v.
California, it ruled that police generally need a warrant to search the
cell phone of a person under arrest. And in 2012, in United States v.
Jones, the court said that it does violate a person's Fourth Amendment rights for the government to place a GPS tracker on their car without a warrant.In Carpenter,
Roberts left the door open for courts to obtain
location information without a warrant in two circumstances. The court
declined to decide on whether law enforcement seeking a smaller window
of records—fewer than seven days, which is what the government requested
from Sprint in the case—constitutes a Fourth Amendment search. The
opinion also allows for exceptions for emergencies, like “bomb threats,
active shootings, and child abductions.... Fourteen of the
largest US tech companies—including Google, Apple, Facebook, and
Microsoft—filed a brief
in support of updating the Fourth Amendment for the digital era. It was
technically not filed in support of either party, but largely backed
Carpenter's position. The cohort even included Verizon,
which cooperated with the National Security Agency as part of its broad
bulk surveillance programs for years. Verizon's stance is particularly
notable because the company holds the specific kind of location records
that were at issue in the case. Cyrus Farivar, a reporter at Ars Technica and the author of Habeas Data,
a new book about privacy laws and the rise of surveillance technology,
says the ruling shows that the court views cell phones differently. “They’re
an entirely separate class of devices that provide a very intimate look
into the most detailed elements of our life, not only where we go
generally, but where we go extremely specifically,” he says. He
also notes that the court was split and that it took a long time for it
to come to its decision, which was unusually released on a Friday.
“That suggests that this is an issue that the court came to with a great
deal of thought, discussion, and deliberation. This is not an easy
decision to reach.” We
don’t yet know how the ruling might impact other forms of government
surveillance. Justice Roberts was careful to note that the ruling is
intended to be narrow in its scope, writing that the court does not
“call into question conventional surveillance techniques and tools, such
as security cameras. Nor do we address other business records that
might incidentally reveal location information. Further, our opinion
does not consider other collection techniques involving foreign affairs
or national security.” “The
government can no longer claim that the mere act of using technology
eliminates the Fourth Amendment’s protections. Today’s decision rightly
recognizes the need to protect the highly sensitive location data from
our cell phones, but it also provides a path forward for safeguarding
other sensitive digital information in future cases—from our emails,
smart-home appliances, and technology that is yet to be invented,” ACLU
attorney Nathan Freed Wessler, who argued the case before the court,
said in a statement. At
issue was an antiquated legal principle called the third-party
doctrine, which holds that information customers voluntarily provide to a
third party—such as a telecom company or a bank—is outside the bounds
of Fourth Amendment protections. The doctrine comes from United States v. Miller, a 1976 case
in which the court ruled that law enforcement doesn't need a warrant in
order to access bank records because "the Fourth Amendment does not
prohibit the obtaining of information revealed to a third party.”" "The creepy ways Facebook
spies on its users have been detailed in a bumper document presented to
Congress. They
include tracking mouse movements, logging battery levels and monitoring
devices close to a user that are on the same network. The
454-page report was created in response to questions Mark Zuckerberg
was asked during his appearance before Congress in April. Lawmakers
gave Zuckerberg a public grilling over the Cambridge Analytica scandal,
but he failed to answer many of their queries. The
new report is Facebook's attempt to address their questions, although
it sheds little new light on the Cambridge Analytica scandal.
However, it does contain multiple disclosures about the way Facebook
collects data....Facebook tracks what device you are using to access the
network. To
do this, it will log the hardware manufacturer of your smartphone,
connected television, tablet, computer, or other internet-connected
devices. Facebook also tracks the operating system, software versions
and web browser. If
you're using a smartphone, it will keep a record of the mobile carrier,
while internet service providers (ISPs) will be stored for users using a
Wi-Fi or Ethernet connection to access Facebook. In some cases, it will
monitor devices that are using the same network as you. 'Facebook’s
services inherently operate on a cross-device basis: understanding when
people use our services across multiple devices helps us provide the
same personalized experience wherever people use Facebook,' the firm
wrote in the lengthy document. According
to Facebook, this is done, for example, 'to ensure that a person’s News
Feed or profile contains the same content whether they access our
services on their mobile phone or in a desktop computer’s web browser.'
Facebook also says this information is used to curate more personalized
ads." "Google will
not allow its artificial intelligence software to be used in weapons or
'unreasonable surveillance' efforts. Following a major backlash from
employees, the Alphabet unit has laid out new rules for its AI
software. The
new restrictions could help Google management defuse months of protest
by thousands of employees against the company's work with the U.S.
military to identify objects in drone video. Google will pursue other
government
contracts including around cybersecurity, military recruitment and
search and rescue, Chief Executive Sundar Pichai said in a blog post
Thursday. 'We recognize that such powerful technology raises equally
powerful questions about its use. 'How AI is developed and used
will have a significant impact on society for many years to come. ...
Google and its big technology rivals have
become leading sellers of AI tools, which enable computers to review
large datasets to make predictions and identify patterns and anomalies
faster than humans could. But the
potential of AI systems to pinpoint drone strikes better than military
specialists or identify dissidents through mass collection of online
communications has sparked concerns among academic ethicists and Google
employees....The U.S. military has been looking to incorporate elements
of artificial
intelligence and machine learning into its drone program....The
Pentagon is trying to develop algorithms that would sort through the
material and alert analysts to important finds, according to Air Force
Lieutenant General John N.T. 'Jack' Shanahan, director for defense
intelligence for warfighting support.... Shanahan said his team is
currently trying to teach the system to
recognize objects such as trucks and buildings, identify people and,
eventually, detect changes in patterns of daily life that could signal
significant developments... Similar image recognition technology is being
developed commercially by
firms in Silicon Valley, which could be adapted by adversaries for
military reasons." "A
federal study found signs that surveillance devices for intercepting
cellphone calls and texts were operating near the White House and other
sensitive locations in the Washington area last year. A Department of
Homeland Security program discovered evidence of the surveillance
devices, called IMSI catchers, as part of federal testing last year,
according to a letter from DHS to Sen. Ron Wyden (D-Ore.) on May 22. The
letter didn't specify what entity operated the devices and left open
the possibility that there could be alternative explanations for the
suspicious cellular signals collected by the federal testing program
last year. The discovery bolsters years of independent research
suggesting that foreign intelligence agencies use sophisticated
interception technology to spy on officials working within the hub of
federal power in the nation’s capital. Experts in surveillance
technology say that IMSI catchers — sometimes known by one popular brand
name, StingRay — are a standard part of the tool kit for many foreign
intelligence services, including for such geopolitical rivals as Russia
and China....The devices work by simulating cell towers to trick nearby
phones into connecting, allowing the IMSI catchers to collect calls,
texts and data streams. Unlike some other forms of cellphone
interception, IMSI catchers must be near targeted devices to work.When
they are in range, IMSI catchers also can deliver malicious software to
targeted devices for the purpose of stealing information stored on them
or conducting longer-term monitoring of communications. The same May 22
letter revealed that DHS was aware of reports that a global cellular
network messaging system, called SS7, was being used to spy on Americans
through their cellphones. Such surveillance, which can intercept calls
and locate cellphones from anywhere in the world, is sometimes used in
conjunction with IMSI catchers.... Civil liberties groups have long
warned that IMSI catchers are used with few limits by U.S. authorities,
who collect calls, texts and other data from innocent bystanders as they
conduct surveillance on criminal suspects or other legitimate targets.
Increasingly, though, critics have sought to portray the technology as
posing threats to national security because foreign intelligence
services use them on Americans, both while in the United States and
abroad.... The surveillance devices are hard to counteract, although
encrypted calling and messaging apps — such as Signal, WhatsApp or
Apple's FaceTime — provide protection against IMSI catchers. Some
experts advocate wider deployment of such encrypted communication tools
within the U.S. government, along with a move away from traditional
cellular calling and texting."
"... a couple’s private conversation was recorded by Alexa and then sent
to a random number in their address book. The conversation was about
hardwood floors, apparently, which is not a topic with the potential to
make one blush with shame when recollecting it; but that’s not really
the point. The point is that the private was made public, because a
machine – according to Amazon – malfunctioned. This kind of thing is
going to start happening more, and not because the
machine is malfunctioning; it’s going to happen because the machine is
doing its job properly: its job being to snoop. The mystery is that
people are assenting to this, or considering it as progress.... Never
mind, though, about the possibility of being hacked and/or
spied on. Actually, we should mind very much about that, and it’s a
probability more than a possibility, but there are other problems that
perhaps aren’t being considered often or openly enough. These revolve
around the very purpose of the huge companies who are now running our
lives: simply, to make money out of us, to turn us into nothing more
than the aggregate of our material desires, and to crunch those desires
into data, which can then be sold to whoever wants it; and we now know
that some of these buyers have very sinister agendas indeed. Until
technology like Alexa came along, though, we did at least have
to go to the trouble of actively keying in information. Now, though,
anything we say could be picked up and used in ways we can hardly
imagine. We like to think we are in control of our technology, and this
has more or less always been the case; but very soon, our technology is
going to be in control of us, if it isn’t already." "A couple in Portland, Oregon joked that their
Amazon Alexa might be listening in to their private conversations. The
joke came to an abrupt end when they discovered a conversation was
indeed recorded by Alexa - and then sent to an apparently random person
in their contact list. "Unplug your Alexa devices right now!" warned the
puzzled recipient, according to ABC affiliate station KIRO7, which first reported the story.""
"In late 2016, Amazon introduced
a new online service that could help identify faces and other objects
in images, offering it to anyone at a low cost through its giant cloud
computing division, Amazon Web Services. Not
long after, it began pitching the technology to law enforcement
agencies, saying the program could aid criminal investigations by
recognizing suspects in photos and videos. It used a couple of early
customers, like the Orlando Police Department in Florida and the
Washington County Sheriff’s Office in Oregon, to encourage other
officials to sign up. But now that
aggressive push is putting the giant tech company at the center of an
increasingly heated debate around the role of facial recognition in law
enforcement. Fans of the technology see a powerful new tool for catching
criminals, but detractors see an instrument of mass surveillance. On
Tuesday, the American Civil Liberties Union led a group of more than
two dozen civil rights organizations that asked Amazon to stop selling
its image recognition system, called Rekognition, to law enforcement.
The group says that the police could use it to track protesters or
others whom authorities deem suspicious, rather than limiting it to
people committing crimes." "The
American Civil Liberties Union and other privacy activists are asking
Amazon to stop marketing a powerful facial recognition tool to police,
saying law enforcement agencies could use the technology to "easily
build a system to automate the identification and tracking of anyone."...privacy
advocates have been concerned about expanding the use of facial
recognition to body cameras worn by officers or safety and traffic
cameras that monitor public areas, allowing police to identify and track
people in real time.The
tech giant's entry into the market could vastly accelerate such
developments, the privacy advocates fear, with potentially dire
consequences for minorities who are already arrested at disproportionate
rates, immigrants who may be in the country illegally or political
protesters."People
should be free to walk down the street without being watched by the
government," the groups wrote in a letter to Amazon on Tuesday. "Facial
recognition in American communities threatens this freedom."..... Clare
Garvie, an associate at the Center on Privacy and Technology at
Georgetown University Law Center, said part of the problem with
real-time face recognition is its potential impact on free-speech
rights.While
police might be able to videotape public demonstrations, face
recognition is not merely an extension of photography, but also a
biometric measurement — more akin to police walking through a
demonstration and demanding identification from everyone there." "Large public places, such as airports or shopping malls, have already
been turned into surveillance free-for-alls, where people’s every move
is catalogued for the sake of profit. Now, one prominent company is
ready to help governments spread that same surveillance technology over
entire cities. Israeli company Jenovice Cyber Labs is poised to launch new products
that monitor everything from prisons to heavily populated areas,
depending on what exactly customers want, CyberScoop has learned. It’s a
particularly provocative product coming in the wake of DHS detecting Stingray cellphone spying devices across Washington, D.C., but all too easy to fathom based on the way companies make millions off
the collection of location-based data. Jenovice’s Metropolink, which is
only available for law enforcement and intelligence agencies, is sold
as an “autonomous”
surveillance system meant to monitor entire metropolitan areas. The
capabilities list reads like hacker tech from a Jason Bourne movie: It’s
advertised as being able to locate, list, map, track, analyze and
visualize all Wi-Fi networks and identities across whatever environment a
customer chooses. The product works thanks to a network of
sensors placed around a
large populated area that track devices by
identifiers including, but
not limited to, MAC address
and geolocation. Targets are usually phones that are broadcasting and
collecting Wi-Fi information by default. Product advertising lists the
technology as “passive,” an important
distinction that’s subject to less regulatory oversight than active
attacks and exploits found in other products. Similarly, in many
countries, Metropolink doesn’t require a warrant, the company says.
Metropolink sensors possess a default collection range of about 500
meters, which can be enhanced depending on the hardware. The sensors
then pass the data to a command center where its visualized for easy
consumption. The company also promises that the devices can detect and
track targets moving at high speeds in cars or motorcycles. Another
product Jenovice will launch is Prisonlink, a surveillance
kit designed for the smaller and more specialized environment of
prisons. The product materialized after correctional officers in
multiple countries told Jenovice that prisoners use Wi-Fi connectivity
to communicate with the outside world, which is often against prison
rules. In addition to tracking unauthorized phones and Wi-Fi networks,
Prisonlink can gather information on devices and disconnect a target
device from their Wi-Fi access point. The last entry in Jenovice’s new
product line is perhaps the most
opaque. Achilles Cloud Interception boasts the ability to “use and
connect keys to extract cloud account information” from iCloud and
Google accounts remotely “in a fully automated and silent process.” The
company says the product steals authentication tokens, granting full
access to a targeted account. Credential extraction requires physical
proximity to a system like Metropolink. When asked, Jenovice declined to
further explain how the product
works. Token-based authentication is ubiquitous on the modern web; it’s
how you stay signed in to virtually everything. If Achilles works
as advertised, it’d be a major weapon in a customer’s arsenal.
CyberScoop hasn’t seen or heard of Achilles being successfully
demonstrated in a meaningful way. The new product announcements will be
made at the upcoming June 2018 ISS World conference in Prague, a global conference for
the surveillance and hacking industries. On the second day of the
conference, Jenovice’s vice president for research and development Tal
cis giving a talk on “tactical Wi-Fi interception” focusing
on “identifying targets, acquiring them and manipulating Wi-Fi enabled
devices to extract intelligence.” Gleichger said the company
hasn’t received any outside funding and is already selling its products
“all over the world.” Much of Metropolink echoes the tech from Snoopy,
a 2012 research project from Glenn Wilkinson and Daniel Cuthbert
focused on stealing data from mobile devices by imitating Wi-Fi networks
and intercepting data traffic. That research proved the idea was
possible by snooping on traffic in subway stations across London. A similar surveillance research project is CreepyDOL by
Brendan O’Connor. CreepyDOL tracks Wi-Fi signals as a way to follow
smartphones across a targeted area. Snoopy surveils and identifies
targets by tracking the radio signals — not just Wi-Fi — that virtually
all devices emit."
"Many people have grown accustomed to
talking to their smart devices, asking them to read a text, play a song
or set an alarm. But someone else might be secretly talking to them,
too.Over the last two years,
researchers in China and the United States have begun demonstrating that
they can send hidden commands that are undetectable to the human ear to
Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside university
labs, the researchers have been able to secretly activate the artificial
intelligence systems on smartphones and smart speakers, making them
dial phone numbers or open websites. In the wrong hands, the technology
could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio. A
group of students from University of California, Berkeley, and
Georgetown University showed in 2016 that they could hide commands in
white noise played over loudspeakers and through YouTube videos to get
smart devices to turn on airplane mode or open a website. This
month, some of those Berkeley researchers published a research paper
that went further, saying they could embed commands directly into
recordings of music or spoken text. So while a human listener hears
someone talking or an orchestra playing, Amazon’s Echo speaker might
hear an instruction to add something to your shopping list." "Thousands of jails and prisons across the United States use a company called Securus Technologies to provide and monitor calls
to inmates. But the former sheriff of Mississippi County, Mo., used a
lesser-known Securus service to track people’s cellphones, including
those of other officers, without court orders, according to charges
filed against him in state and federal court. The
service can find the whereabouts of almost any cellphone in the country
within seconds. It does this by going through a system typically used
by marketers and other companies to get location data from major
cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon,
documents show. Between 2014 and
2017, the sheriff, Cory Hutcheson, used the service at least 11 times,
prosecutors said. His alleged targets included a judge and members of
the State Highway Patrol. Mr. Hutcheson, who was dismissed last year in
an unrelated matter, has pleaded not guilty in the surveillance cases.
As location tracking has become more accurate, and as more people carry
their phones at every waking moment, the ability of law enforcement officers and companies like Securus to get that data has become an ever greater privacy concern." "South Wales Police has been testing an automated facial recognition
system since June 2017 and has used it in the real-world at more than
ten events. In the majority of cases, the system has made more incorrect
matches than the times it has been able to correctly identify a
potential suspect or offender. ..... Automatic systems that scan people's faces in public and try to make
matches are at an early stage in the UK. In China, systems are more
advanced with a BBC News reporter being located, during a stunt, within just seven minutes...... South Wales Police, in its privacy assessment
of the technology, says it is a "significant advantage" that no
"co-operation" is required from a person. Its system is comprised of two
CCTV cameras that are connected to a laptop or server. The CCTV feed is
recorded and faces are pulled from the footage, which is compared
automatically against a watch list. This list, formed of a database, can
be comprised of thousands of facial images... In the future, the police force says, it may be possible to integrate
the facial recognition technology with databases from other sources. It
says the Police National Database (which has more than 19 million
images), the Automatic Number Plate Recognition database, passport or
driving licence could be added to its system..... But the use of the system raises privacy considerations. "It is accepted
that civil rights [sic] may start to voice concerns over the invasion
of privacy by this technology," the Welsh police force's privacy
assessment of its own system says.... South Wales Police isn't the only UK constabulary that has been testing
facial recognition systems in public places.... The automated facial recognition systems being used at public events are
separate to police uses of face matching technology that uses other
images: such as social media photos, or pre-recorded CCTV footage. In
2012, the High Court ruled it was unlawful for millions of photos of
innocent people to be kept on police databases. At present, these can
only be removed if a person makes a complaint to police." "For several months, [Orlando International] airport has worked with British Airways to
test facial-recognition, or biometric screening. Recently, the Greater
Orlando Aviation Authority moved to equip the airport as the first in
the nation to use the technology for all international flights inbound
and outbound. The experience of the novel technology in an
otherwise timeworn routine was remarked upon by an elderly British
Airways passenger, who clutched a burgundy passport splayed at its photo
page, where a boarding pass was tucked, both ready for the customary
presentation.... John Newsome, the airport’s chief information officer, said all of
the airport’s 25 carriers with foreign flights and the two border
checkpoints will be equipped for biometric screening through this
summer. The decision means spending $4 million on gates and high-definition cameras for departing and arriving international
flights.... In an era of online breaches of privacy, theft of financial
information
and fears of government surveillance, Orlando International and Customs
and Border Protection are readily equipped with talking points about
what happens with those high-definition snapshots taken for biometric
screening....Customs and Border Protection has a suggestion for
passengers with concerns about biometric screening: Request a manual
check. Within the past year, biometric screening also has been piloted
by
Delta at JFK and Atlanta international airports, Lufthansa at Los
Angeles International, and by JetBlue in Boston. Addressing the
accuracy of its facial-recognition technology, the agency has reported
that the “percent of successful matches is in the high 90s.” "The UK government's surveillance regime has been dealt another blow
as the High Court in England today ruled the Snooper's Charter unlawful –
and gave the government six months to fix it. Handing down the judgment, Lord Justice Rabinder Singh said that Part 4 of the Investigatory Powers Act
(IPA), which relates to retention of communications data, was
incompatible with EU law, and gave the government until 1 November 2018
to remedy it. The ruling is the latest instalment in a long-running and complex
legal battle between the government and various privacy campaign groups
over the state's extensive surveillance laws. In this case, brought by civil rights group Liberty,
the court considered the powers granted to the government to force
internet firms and telcos to store data on communications – like
location info and records of when and to whom calls or messages were
made – for up to a year. These powers came into force on 30 December
2016. Lord Justice Singh and Justice David Holgate ruled
that Part 4 was incompatible with the EU Charter of Fundamental Rights
for two reasons: ministers can issue data retention orders without
independent review, and this can be done for reasons other than serious
crime.... The government has refused to see the ruling as a defeat on the grounds that it has already conceded
the Act doesn't comply with European laws. Back in November, it
proposed a set of changes it thinks will bring the Act in line, for
instance by creating a new body, the Office for Communications Data
Authorisation, to review and approve notices. But it did lose its request, made during the February
hearing, that it be given until April 2019 to enact the changes. The
judges today ruled that they "see no reason why the legal framework
cannot be amended before April 2019", even if some practical
arrangements take longer.... Liberty, meanwhile, is already working up the next phase of its
challenges to the IPA – which refers to parts 5, 6 and 7, government
hacking, bulk warrants and bulk personal data set warrants – and has
today launched a crowdfunding campaign to pay for the battle." "Traffic police in the southern Chinese city of Shenzhen have always
had a reputation for strict enforcement of those flouting road rules in
the metropolis of 12 million people. Now with the help of artificial intelligence and facial recognition
technology, jaywalkers will not only be publicly named and shamed, they
will be notified of their wrongdoing via instant messaging – along with
the fine. Intellifusion, a Shenzhen-based AI firm that provides technology to
the city’s police to display the faces of jaywalkers on large LED
screens at intersections, is now talking with local mobile phone
carriers and social media platforms such as WeChat and Sina Weibo to
develop a system where offenders will receive personal text messages as
soon as they violate the rules, according to Wang Jun, the company’s
director of marketing solutions.... Facial recognition technology identifies the individual from a database
and displays a photo of the jaywalking offence, the family name of the
offender and part of their government identification number on large LED
screens above the pavement.... The system will also be able to register how many times a pedestrian has
violated traffic rules in the city and once this number reaches a
certain level, it will affect the offender’s social credit score which
in turn may limit their ability to take out loans from banks, Wang said."
"Across China, facial-recognition technology that can scan the
country’s entire population is being put to use. In some cases, the
technology can perform the task in just one second. Sixteen cities, municipalities, and provinces are using a
frighteningly fast surveillance system that has an accuracy rate of
99.8%, Global Times reported over the weekend. “The system is fast enough to scan China’s population in just one
second, and it takes two seconds to scan the world’s population,” the
Times reported, citing local Chinese newspaper Worker’s Daily. The system is part of Skynet, a nationwide monitoring program
launched in 2005 to increase the use and capabilities of surveillance
cameras. According to developers, this particular system works regardless of
angle or lighting condition and over the last two years has led to the
arrest of more than 2,000 people. The use of facial-recognition technology is soaring in China where it is being used to increase efficiencies and improve policing. Cameras are used to catch jaywalkers, find fugitives, track people’s regular hangouts, and even predict crime before it happens.
Currently, there are 170 million surveillance cameras in China and,
by 2020, the country hopes to have 570 million – that’s nearly one
camera for every two citizens. Facial recognition technology is just a
small part of the artificial intelligence industry that China wants to
pioneer. According to a report by CB Insights, five times as many AI patents were applied for in China than the US in 2017." "A couple of years after it
happened, Australian citizens are finally
being (indirectly) informed their government harvested cell site
location info to track their daily activities. This isn't the work of an
intelligence agency or a secretive law enforcement effort. Instead,
it's an (unannounced) partnership between the Australian Bureau of
Statistics (which handles the Australian Census) and a cellphone service
provider. The provider apparently willingly turned over cell site info
without a court demand, government mandate, or consultation with its
customers....Supposedly, the information has been anonymized. It
obviously hasn't been completely stripped of personal information. The slide deck
[PDF] detailing the effort notes the data can be broken down by age and
sex. The anonymization claim is made without any support from the ABS,
which still has yet to provide any further info -- much less a privacy
impact assessment -- via its website."
"While the Cambridge Analytica scandal rumbles on,
Facebook is quietly asking users in the EU and Canada to let it use its
facial recognition to scan their faces and suggest tags in photos. It
isn't the first time Mark Zuckerberg's firm has tried to get access to
millions of Europeans' facial data. Facebook tried
to bring facial recognition to people in the EU back in 2011, but it
stopped doing so a year later after privacy campaigners raised concerns
that the feature was not compatible with data protection laws. Now
Facebook is hoping it can bring facial recognition back to the EU, as
long as it secures explicit consent beforehand....But some have criticised Facebook
for making it too easy for users to accept the new requests without
really understanding how their data is being used – which sounds very
similar to how much of Cambridge Analytica scandal started.... Facebook users in the US have had their facial data
tracked since 2011 and if users want to opt out, they have to click
‘manage settings’ and go through another page before changing their
privacy settings. But also in the US, Facebook is being met with resistance over the use of facial recognition technology. The company is facing a class action lawsuit
alleging that it gathered biometric information without users explicit
consent. On April 16, 2018, District Judge James Donato in California
ruled that Facebook users in Illinois are allowed to bring forward a
case arguing that Facebook’s collection of face data violates Illinois’
Biometric Information Privacy Act. If it is found to be violating the
act, Facebook could be faced with a fine of billions of dollars.
Facebook’s facial recognition technology works by analysing images and
videos in which a particular person has been tagged, and then generating
a unique number called a ‘template’. This template is then compared
with other photos and videos on Facebook, and if the algorithm finds a
match then that user’s name may appear as a tag suggestion..... Despite
the backlash against its widespread data collection, Facebook is
also exploring other ways of other ways of using facial recognition
technology. In a patent published in November 2017, the company
described using facial recognition as way of verifying payments in
shops. Last year it also tested using facial recognition to allow people
to recover their account details just by using their face to verify
their identity." ".... over the last five years a secretive
surveillance company founded by a former Israeli intelligence officer
has been quietly building a massive facial recognition database
consisting of faces acquired from the giant social network, YouTube and
countless other websites. Privacy activists are suitably alarmed. That database forms the core of a facial recognition service
called Face-Int, now owned by Israeli vendor Verint after it snapped up
the product's creator, little-known surveillance company Terrogence, in
2017. Both Verint and Terrogence have long been vendors for the U.S.
government, providing bleeding-edge spy tech to the NSA, the U.S. Navy
and countless other intelligence and security agencies....Though
Terrogence is primarily focused on helping intelligence agencies and law
enforcement fight terrorism online, LinkedIn profiles of current and
former employees indicate it's also involved in other, more political
endeavours. One ex-staffer, in describing her role as a Terrogence
analyst, said she'd "conducted public perception management operations
on behalf of foreign and domestic governmental clients," and used "open
source intelligence practices and social media engineering methods to
investigate political and social groups." She was not reachable at the
time of publication. And now concerns have been raised over just how
Terrogence has grabbed all those faces from Facebook and other online
sources. What's apparent, though, is that Terrogence is yet another
company that's been able to clandestinely take advantage of Facebook's
openness, on top of Cambridge Analytica, which acquired information on
as many as 87 million users in 2014 from U.K.-based researcher Aleksandr
Kogan to help target individuals during its work for the Donald Trump
and Ted Cruz presidential campaigns. "It raises the stakes of face
recognition - it intensifies the potential negative consequences,"
warned Jay Stanley, senior policy analyst at the American Civil
Liberties Union (ACLU). "When you contemplate face recognition that's
everywhere, we have to think about what that’s going to mean for us. If
private companies are scraping photos and combining them with personal
info in order to make judgements about people - are you a terrorist, or
how If Terrogence isn't solely focused on terrorism, but has a political
side to its business too, its facial recognition work could sweep up a
vast number of people. That brings up another particularly worrying
aspect of the business in which Terrogence operates: the dawn of "the
privatisation of blacklisting," warned Stanley. "We've been fighting
with the government for years over due process on those lists... people
being put on them without being told why and not being sure how those
lists are being used," he told Forbes.likely are you to be a shoplifter
or anything in between - then it exposes everyone to the risk of being
misidentified, or correctly identified and being misjudged.""
These Ex-Spies Are Harvesting Facebook Photos For A Massive Facial Recognition Database Forbes, 16 April 2018 "Seeking
to build an identification system of unprecedented scope, India is
scanning the fingerprints, eyes and faces of its 1.3 billion residents
and connecting the data to everything from welfare benefits to mobile
phones. Civil
libertarians are horrified, viewing the program, called Aadhaar, as
Orwell’s Big Brother brought to life. To the government, it’s more like
“big brother,” a term of endearment used by many Indians to address a
stranger when asking for help. For
other countries, the technology could provide a model for how to track
their residents. And for India’s top court, the ID system presents
unique legal issues that will define what the constitutional right to
privacy means in the digital age. To Adita Jha, Aadhaar was simply a
hassle. The 30-year-old environmental
consultant in Delhi waited in line three times to sit in front of a
computer that photographed her face, captured her fingerprints and
snapped images of her irises. Three times, the data failed to upload.
The fourth attempt finally worked, and she has now been added to the 1.1
billion Indians already included in the program. Ms.
Jha had little choice but to keep at it. The government has made
registration mandatory for hundreds of public services and many private
ones, from taking school exams to opening bank accounts. “You almost
feel like life is going to stop without an Aadhaar,” Ms. Jha said.
Technology has given governments around the world new tools to monitor
their citizens. In China, the government is rolling out ways to use facial recognition and big data
to track people, aiming to inject itself further into everyday life.
Many countries, including Britain, deploy closed-circuit cameras to
monitor their populations....The potential uses — from surveillance to managing government benefit
programs — have drawn interest elsewhere. Sri Lanka is planning a
similar system, and Britain, Russia and the Philippines are studying it,
according to the Indian government.... Opponents
have filed at least 30 cases against the program in India’s Supreme
Court. They argue that Aadhaar violates India’s Constitution — and, in
particular, a unanimous court decision last year that declared for the
first time that Indians had a fundamental right to privacy. Rahul
Narayan, one of the lawyers challenging the system, said the government
was essentially building one giant database on its citizens. “There has
been a sort of mission creep to it all along,” he said." "The Department of Homeland Security announced a public bid
for third party companies to build a “media influence database” capable
of tracking more than 290,000 news sources across the globe. First spotted by Bloomberg Law,
the public bid would also track journalists and bloggers, compiling
their personal information and the publications for which they write. Posted on April 3rd
as a call for “Media Monitoring Services,” the database has a dual
purpose: monitoring hundreds of thousands of news sources simultaneously
worldwide as well as tracking and categorizing journalists and
bloggers. The “Media Intelligence and Benchmarking Platform,” as the
proposed database is called, would monitor more than 290,000 “online,
print, broadcast, cable, radio, trade and industry” news sources
worldwide. DHS wants the database to rank and categorize news sources
according to a variety of factors, including content and topics covered,
reach, circulation and location, and sentiment. Perhaps
even more chilling given the current media climate, the platform would
also feature a database filled with the personal and social media data
of “journalists, editors, correspondents, social media influencers,
[and] bloggers,” searchable by location, beat, publication, and ad-hoc keywords.It’s
not at all unheard of for the PR wings of big companies to keep lists
of journalists, both friendly and unfriendly, on hand—but not at this
scale. Of course, the FBI has a long history of tracking journalists,
but many questions remain: Will the journalists on the list be notified
they’ve been added? Do they have any control over what data is added
about them?" "This is a wake-up call for a generation. The revelation of Cambridge Analytica’s manipulation of Facebook data to target American voters on behalf of Donald Trump in 2016 shines a torch on the jungle where we have become prey for the online carnivores to which we reveal our secrets. The
chairman of the Commons culture committee yesterday called on
Facebook’s warlord, 33-year-old multi-billionaire Mark Zuckerberg, to
attend personally to give evidence about his company’s behaviour, though
there seems more chance of an appearance by Vladimir Putin.....those of us who spurn social media are almost as vulnerable. Every day
that we place things online, Amazon bombards us with come-ons that
emphasise its omniscience about what we read, watch, spread on the
garden, use in the house.... Cambridge Analytica’s gift to the Trump
victory appears to have been to empower his campaign to target
‘persuadable voters’, sparing canvassers from wasting effort on
irreconcilable Democrats. It has been
said for centuries that knowledge is power, yet Hitler’s Gestapo and
Stalin’s secret police knew far less about their fellow citizens than
does Facebook, which doesn’t have to photograph them outside their home,
tap their phones, or steal government files. Spies seem redundant in
the net age. What matters for us now is
to move beyond shock and disgust about the Cambridge Analytica-Facebook
revelations, and consider what can be done to make such companies
behave better. Investigating and, if appropriate, charging the bosses of Cambridge
Analytica will be the easy part, because they are based in Britain..... Even if Cambridge Analytica, or Facebook,
are damaged as much as they deserve to be by this scandal, there are
countless other online data markets where they came from. If
any of us wishes to conceal anything about ourselves, this can be
achieved only by making sure that information does not appear on a
computer. Yet every detail of our
finances, health record, employment history is stored somewhere out
there, and can never be totally secure." "Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitivite computer systems less secure. In an academic paper published on Friday through preprint service ArXiv, researchers from Israel's Ben-Gurion University of the Negev describe a novel data exfiltration technique that allows the transmission and reception of data – in the form of inaudible ultrasonic sound waves – between two computers in the same room without microphones. The paper, titled, "MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication," was written by Mordechai Guri, Yosef Solwicz, Andrey Daidakulov and Yuval Elovici, who have developed a number other notable side-channel attack techniques. These include: ODINI, a way to pass data between Faraday-caged computers using electrical fields; MAGNETO, a technique for passing data between air-gapped computers and smartphones via electrical fields; and FANSMITTER, a way to send acoustic data between air-gapped computers using fans. Secret data transmissions of this sort expand on prior work done by National Security Agency on TEMPEST attacks, which utilize electromagnetic, magnetic, acoustic, optical and thermal emanations from electronic devices to collect and transmit data. MOSQUITO, the researchers explain, demonstrates that speakers can covertly transmit data between unconnected machines at a distance of up to nine meters. What's more, the technique works between mic-less headphones – the researchers say their work is the first to explore headphone-to-headphone covert communication. Speakers, the paper explains, can be thought of as microphones working in reverse: Speakers turn electrical signals into acoustic signals while microphones turn acoustic signals into electrical ones. And each includes a diaphragm to assist with the conversion, which can help reverse the process. Modern audio chipsets, such as those from Realtek, include an option to alter the function of the audio port via software, the paper explains. This capability is referred to as "jack retasking." "The fact that loudspeakers, headphones, earphones, and earbuds are physically built like microphones, coupled with the fact that an audio port’s role in the PC can be altered programmatically, changing it from output to input, creates a vulnerability which can be abused by attackers," the paper explains. Malware, thus, may be able to reconfigure a speaker or headphone to act as a microphone, provided the device is passive and unpowered. That's a significant caveat since most modern PCs have active, powered speakers; headphones and earbuds generally have passive speakers, as do some older PCs. In an email to The Register, Mordechai Guri, one of the paper's authors, head of R&D at Ben-Gurion University of the Negev’s Cyber-Security Research Center, and chief scientific officer at Morphisec, said, "The main problem involves headphones, earphones and earbuds since they are reversible and can become good pair of microphones (even when they don't have an integrated mic at all)." Using frequencies ranging from 18kHz to 24kHz, the researchers were able to achieve a data transmission rate of 166 bit/sec with a 1 per cent error rate when transmitting a 1Kb binary file over a distance of three meters. At distances ranging from 4 to 9 meters, that same error rate could only be achieved with a 10 bit/sec transmission rate, largely as a consequence of interference from environmental noise. The paper discusses several mitigation techniques, all of which have limitations, including designing headphones and speakers with on-board amplifiers (which prevents use as a mic), using an ultrasonic jammer, scanning for ultrasonic transmissions, preventing jack retasking via software, and completely disabling audio hardware via the UEFI/BIOS. Disconnecting speakers, headphones and the like represents the most practical solution, Guri said, "but this is not always feasible." Monitoring the ultrasonic band is a good theoretical and academic solution, he added, but has potential problems. "In practice, it will raise many false alarms," he said. Guri said ultrasonic malware does not appear to be very common. "A few years ago, a security researcher claimed that he found ultrasonic malware in the wild. It was dubbed BadBios. But in any case, it was claimed to be able to communicate between two laptops with both speakers and microphones." Inaudible audio is more likely to be used for marketing, and has prompted the development of defensive code called Silverdog. It's an ultrasonic firewall in the Google Chrome browser that's designed to block ultrasonic beacons (uBeacons), employed for cross-device tracking." Air gapping PCs won't stop data sharing thanks to sneaky speakers The Register, 12 March 2018
"A security researcher has ported three leaked NSA exploits to work on
all Windows versions released in the past 18 years, starting with
Windows 2000. The three exploits are EternalChampion, EternalRomance, and
EternalSynergy; all three leaked last April by a hacking group known as
The Shadow Brokers who claimed to have stolen the code from the NSA. Now, RiskSense security researcher Sean Dillon (@zerosum0x0)
has modified the source code for some of these lesser-known exploits so
they would be able to work and run SYSTEM-level code on a wide variety
of Windows OS versions." "Secure end-to-end encrypted comms is a desirable technology
that
governments should stop trying to break, especially as there's other
information to slurp up on crims, UK politicians were told this week.
Blighty's former independent reviewer of terrorism legislation, David
Anderson, told the House of Commons Home Affairs Committee
on Tuesday that there are plenty of sources of intelligence for law
enforcement to get their hands on, rather than banging the drum for
backdoors in communications. In what has now become a frustratingly standard question
from politicians about tech companies' role in the war on terror,
Anderson was asked if he thought the state would ever get access to
encrypted messages for security purposes. "No," he replied. "Because end-to-end encryption is
not only a fact of life, it is, on balance, a desirable fact of life.
Any of us who do our banking online, for example, are very grateful for
end-to-end encryption." The debate, Anderson continued, was sometimes wrongly
"portrayed in very black and white terms, as if the world is going dark
and because of end-to-end encryption we're all doomed". He argued that although the loss of information the
state can gather from the content of someone's communications is "very
significant", it is tempered by the mass of other data it can slurp from
elsewhere. "I mean who would have thought 30 years ago you could
track somebody's movements all around London by Oyster card? And you
don't even need the Oyster anymore, because you can get the location
data from the phone company. It's almost as good as having someone on
their tail the whole time." "He said that the most striking of these measures are those contained in the controversial Investigatory Powers Act,
which allow public authorities to gain access to 12 months' worth of a
person's internet connection records from their provider. "The more
people spend their lives online, the more revealing that behaviour
becomes," Anderson said." "...declassified documents provided by former NSA contractor Edward
Snowden
reveal that the NSA has developed technology not just to record and
transcribe private conversations but to automatically identify the
speakers.
Americans most regularly encounter this technology, known as speaker
recognition, or speaker identification, when they wake up Amazon’s Alexa
or call their bank.... Civil liberties experts are worried that
these and other
expanding uses of speaker recognition imperil the right to privacy.
“This creates a new intelligence capability and a new capability for
abuse,” explained Timothy Edgar, a former White House adviser to the
Director of National Intelligence. “Our voice is traveling across all
sorts of communication channels where we’re not there. In an age of mass
surveillance, this kind of capability has profound implications for all
of our privacy....Edgar and other experts pointed to the relatively
stable nature of the
human voice, which is far more difficult to change or disguise than a
name, address, password, phone number, or PIN. This makes it “far
easier” to track people, according to Jamie Williams, an attorney with
the Electronic Frontier Foundation. “As soon as you can identify
someone’s voice,” she said, “you can immediately find them whenever
they’re having a conversation, assuming you are recording or listening
to it.'.... A major concern of civil libertarians is the potential to
chill speech.
Trevor Timm, executive director of the Freedom of the Press Foundation,
noted how the NSA’s speaker recognition technology could hypothetically
be used to track journalists, unmask sources, and discourage anonymous
tips. While people handling sensitive materials know they should encrypt
their phone calls, Timm pointed to the many avenues — from televisions
to headphones to internet-enabled devices — through which voices might
be surreptitiously recorded. “There are microphones all around us all
the time. We all carry around a microphone 24 hours a day, in the form
of our cellphones,” Timm said. “And we know that there are ways for the
government to hack into phones and computers to turn those devices
on.”.... “Despite the many [legislative] changes that have happened
since the
Snowden revelations,” he continued, “the American people only have a
partial understanding of the tools the government can use to conduct
surveillance on millions of people worldwide. It’s important that this
type of information be debated in the public sphere.” But debate is
difficult, he noted, if the public lacks a meaningful sense of the
technology’s uses — let alone its existence.... In October, Human Rights
Watch reported that the Chinese government
has been building a national database of voiceprints so that it could
automatically identify people talking on the phone. The government is
aiming to link the voice biometrics of tens of thousands of people to
their identity number, ethnicity, and home address. According to HRW,
the vendor that manufactures China’s voice software has even patented a
system to pinpoint audio files for “monitoring public opinion.... The
NSA memos provided by Snowden do not indicate how widely Voice RT
was deployed at the time, but minutes from the GCHQ’s Voice/Fax User
Group do.... When its Voice/Fax User Group met with NSA agents in the
fall of 2007, members described
seeing an active Voice RT system providing NSA’s linguists and analysts
with speaker and language identification, speech-to-text transcription,
and phonetic search abilities. “Essentially,” the minutes say of Voice
RT, “it’s a one stop shop. … [A] massive effort has been extended to
improve deployability of the system.” By 2010, the NSA’s Voice RT
program could process recordings in more than 25 foreign languages.....
The NSA soon realized that its ability to process voice
recordings could be used to identify employees within the NSA itself. As
the January 2006 memo that discussed Ronald Pelton’s audio explained,
“Voice matching technologies are being applied to the emerging Insider
Threat initiative, an attempt to catch the ‘spy among us.’” The Insider Threat initiative, which closely monitors the lives of
government employees, was publicly launched by the Obama administration,
following the leaks of U.S. Army whistleblower Chelsea Manning. But
this document seems to indicate that the initiative was well under way
before Obama’s 2011 executive order.
It’s not surprising that the NSA might turn the same biometric
technologies used to detect external threats onto dissenters within its
ranks, according to Freedom of the Press Foundation’s Trevor Timm.” A
former defense intelligence official, who spoke to The Intercept on
the condition of anonymity because they were not authorized to discuss
classified material, believes the technology’s low profile is not an
accident. “The government avoids discussing this technology
because it
raises serious questions they would prefer not to answer,” the official
said. “This is a critical piece of what has happened to us and our
rights since 9/11.” For the technology to work, the official noted,
“you
don’t need to do anything else but open your mouth.” These advocates
fear that without any public discussion or oversight
of the government’s secret collection of our speech patterns, we may be
entering a world in which more and more voices fall silent.... Timm
noted that in the last several years, whistleblowers, sources, and
journalists have taken greater security precautions to avoid exposing
themselves. But that “if reporters are using telephone numbers not
associated with their identity, and the government is scanning their
phone calls via a warrant or otherwise, the technology could also be
used to potentially stifle journalism.'... Andrew Clement, a computer
scientist and expert in surveillance studies, has been mapping the NSA’s
warrantless wiretapping activities
since before Snowden’s disclosures. He strongly believes the agency
would not be restrained in their uses of speaker recognition on U.S.
citizens. The agency has often chosen to classify all of the information
collected up until the point that a human analyst listens to it or
reads it as metadata, he explained. “That’s just a huge loophole,” he
said. “It appears that anything they can derive algorithmically from
content they would classify simply as metadata.”.... At a 2010 conference — described
as an “unprecedented opportunity to understand how the NSA is bringing
all its creative energies to bear on tracking an individual” — top
directors spoke about how to take a “whole life” strategy to their
targets. They described the need to integrate biometric data, like
voiceprints, with biographic information, like social networks and
personal history. In the agency’s own words, “It is all about locating,
tracking, and maintaining continuity on individuals across space and
time. It’s not just the traditional communications we’re after — It’s
taking a ‘full arsenal’ approach.”” * Location-based sound recording through the microphone of an infected device – recording starts when the device enters a specified location * Abuse of Accessibility Services to steal WhatsApp messages * Ability to connect an infected device to Wi-Fi networks controlled by the attackers *...Skygofree is a strain of multi-stage spyware that gives attackers full remote control of an infected device..... "The implant carries multiple exploits for root access and is also capable of taking pictures and videos, seizing call records, SMS, geolocation, calendar events and business-related information stored in the device's memory," the firm added. The malware is even programmed to add itself to the list of "protected apps" so that it is not switched off automatically when the screen is off, circumventing a battery-saving feature that might otherwise limit its effectiveness. The attackers also appear to have an interest in Windows users. Researchers found a number of recently developed modules targeting Microsoft's OS." Android snoopwar Skygofree can pilfer WhatsApp messages The Register, 16 January 2018 "Daniel
Dunn was about to sign a lease for a Honda Fit last year when a detail
buried in the lengthy agreement caught his eye. Honda
wanted to track the location of his vehicle, the contract stated,
according to Dunn — a stipulation that struck the 69-year-old Temecula,
Calif., retiree as a bit odd. But Dunn was eager to drive away in his
new car and, despite initial hesitation, he signed the document, a
decision with which he has since made peace. “I don’t care if
they know where I go,” said Dunn, who makes regular trips to the grocery
store and a local yoga studio in his vehicle. “They’re probably
thinking, ‘What a boring life this guy’s got.’ Dunn may
consider his everyday driving habits mundane, but auto and privacy
experts suspect that big automakers like Honda see them as anything but.
By monitoring his everyday movements, an automaker can vacuum up a
massive amount of personal information about someone like Dunn,
everything from how fast he drives and how hard he brakes to how much
fuel his car uses and the entertainment he prefers. The company can
determine where he shops, the weather on his street, how often he wears
his seat belt, what he was doing moments before a wreck — even where he
likes to eat and how much he weighs.Though drivers may not
realize it, tens of millions of American cars are being monitored like
Dunn’s, experts say, and the number increases with nearly every new
vehicle that is leased or sold. The result is that carmakers have
turned on a powerful spigot of precious personal data, often without
owners’ knowledge, transforming the automobile from a machine that helps
us travel to a sophisticated computer on wheels that offers even more
access to our personal habits and behaviors than smartphones do."
"The
House of Representatives voted on Thursday to extend the National
Security Agency’s warrantless surveillance program for six years with
minimal changes, rejecting a push by a bipartisan group of lawmakers to
impose significant privacy limits when it sweeps up Americans’ emails
and other personal communications. The
vote, 256 to 164, centered on an expiring law that permits the
government, without a warrant, to collect communications from United
States companies like Google and AT&T of foreigners abroad — even
when those targets are talking to Americans. Congress had enacted the
law in 2008 to legalize a form of a once-secret warrantless surveillance
program created after the terrorist attacks on Sept. 11, 2001." "British homes are vulnerable to “a staggering level of corporate
surveillance” through common internet-enabled devices, an investigation
has found. Researchers found that a range of connected appliances – increasingly
popular features of the so-called smart home – send data to their
manufacturers and third-party companies, in some cases failing to keep
the information secure. One Samsung
smart TV connected to more than 700 distinct internet addresses in 15
minutes. The investigation, by Which? magazine, found televisions
selling
viewing data to advertisers, toothbrushes with access to smartphone
microphones, and security cameras that could be hacked to let others
watch and listen to people in their homes. The findings have alarmed
privacy campaigners, who warn that
consumers are unknowingly building a “terrifying” world of corporate
surveillance. “Smart devices are increasingly being exposed as soft
surveillance
devices that owners have too little control of,” said Silkie Carlo, the
director of Big Brother Watch. “People are now being subjected to
invasive and unnecessary corporate snooping on an unprecedented scale.
“The very notion of a smart home is one of ambient surveillance and
constant recording, which will without doubt lead people to modify their
behaviour over time. If this current direction is continued, we will
become a society of watched consumers subjected to the most granular,
pervasive and inescapable surveillance. It is a terrifying thought.”
Which? bought more than £3,000 worth of smart home equipment and set
it up in a lab to monitor how much data was being collected and
transferred. As well as the manufacturers, more than 20 other companies
were on the receiving end of data transfers including social networks,
third-party monitoring services, advertising and marketing data brokers.
Just one device – a Samsung smart TV – connected to more than 700
distinct internet addresses after being used for 15 minutes. If the
viewer accepts Samsung’s privacy policy, the company gains the right to
monitor what is being watched and when."
|
".... if you look around and see what the world
is now facing I don't think in the last two or three hundred years we've faced such
a concatenation of problems all at the same time..... if we are to solve the issues
that are ahead of us, we are going to need to think
in completely different ways. " "Individual peace is the unit of world
peace. By offering Consciousness-Based
Education to the coming generation, we can promote a strong foundation for a
healthy, harmonious, and peaceful world.... Consciousness-Based education is not a luxury.
For our children who are growing up in a stressful, often frightening, crisis-ridden
world, it is a necessity." |
||
|
NLPWESSEX,
natural law publishing |
