Sun4.jpg (8555 bytes)

NLPWESSEX, natural law publishing

nlpwessex.org

"I don't think in the last two or three hundred years we've faced such a concatenation
of  problems all at the same time.... If we are to solve the issues that are ahead of us,

we are going to need to think in completely different ways."

 Paddy Ashdown, High Representative for Bosnia and Herzegovina 2002 - 2006

BBC Radio 4, 'Start The Week', 30 April 2007
SURVEILLANCE SOCIETY NEWS ARCHIVE 2018

Resources

News - News - News
**
To Go Direct To Current Surveillance Society News Reports - Click Here **
** To Go Direct To 2018 Surveillance Society News Reports - Click Here **

Home

Surveillance Society News Reports

Current

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008 & Earlier

Some Highlights From 2018

"With indecent speed, and after the barest nod to debate, the Australian Parliament has now passed the Assistance and Access Act, unopposed and unamended. The bill is a cousin to the United Kingdom’s Investigatory Powers Act, passed in 2016. The two laws vary in their details, but both now deliver a panoptic new power to their nation’s governments. Both countries now claim the right to secretly compel tech companies and individual technologists, including network administrators, sysadmins, and open source developers – to re-engineer software and hardware under their control, so that it can be used to spy on their users. Engineers can be penalized for refusing to comply with fines and prison; in Australia, even counseling a technologist to oppose these orders is a crime.We don’t know – because it is a state secret – whether the UK has already taken advantage of its powers, but this month we had some strong statements from GCHQ about what they plan to do with them. ..... Levy explained that GCHQ wants secure messaging services, like WhatsApp, Signal, Wire, and iMessage, to create deceitful user interfaces that hide who private messages are being sent to. In the case of Apple’s iMessage, Apple would be compelled to silently add new devices to the list apps think you own: when someone sends you a message, it will no longer just go to, say, your iPhone, your iPad, and your MacBook – it will go to those devices, and a new addition, a spying device owned by the government. ."
In the New Fight for Online Privacy and Security, Australia Falls: What Happens Next?
Electronic Frontier Foundation, 6 December 2018

"China’s plan to judge each of its 1.3 billion people based on their social behavior is moving a step closer to reality, with Beijing set to adopt a lifelong points program by 2021 that assigns personalized ratings for each resident. The capital city will pool data from several departments to reward and punish some 22 million citizens based on their actions and reputations by the end of 2020, according to a plan posted on the Beijing municipal government’s website on Monday. Those with better so-called social credit will get “green channel” benefits while those who violate laws will find life more difficult. The Beijing project will improve blacklist systems so that those deemed untrustworthy will be “unable to move even a single step,” according to the government’s plan."
Beijing to Judge Every Resident Based on Behavior by End of 2020
Bloomberg, 21 November 2018

"Vehicles are increasingly coming connected with Wi-Fi and may know more about you than you think – where you've been, what you're listening to and what kind of coffee you like. All information that privacy advocates are warning may end up in the hands of advertisers or even your insurance company, reports CBS News correspondent Kris Van Cleave.   ...... Privacy advocates point out that it's on us to start thinking about cars for what they've become: data-generating devices."
Carmakers are collecting data and cashing in – and most drivers have no clue
CBS News, 13 November 2018

"Microsoft's president Brad Smith said facial recognition technology needs to be regulated so the world doesn't turn into a Nineteen Eighty-Four scenario with everyone's actions tracked and scrutinised. He told attendees at WebSummit in Lisbon, Portugal that the way in which facial recognition technology is developing and being used by more businesses could be detrimental to the average person's privacy.. "For the first time, the world is on the threshold of technology that would give a government the ability to follow anyone anywhere, and everyone everywhere. It could know exactly where you are going, where you have been and where you were yesterday as well," Smith said. "And this has profound potential ramifications for even just the fundamental civil liberties on which democratic societies rely. Before we wake up and find that the year 2024 looks like the book '1984', let’s figure out what kind of world we want to create, and what are the safeguards and what are the limitations of both companies and governments for the use of this technology."
Microsoft's president says we need to regulate facial recognition to avoid a 'Nineteen Eighty-Four' scenario
IT Pro, 9 November 2018

"The U.K.’s domestic security service MI5 looked at private data about a group that campaigns against mass surveillance, a London judge has found. The agency held and “accessed or examined” data about the campaign group Privacy International, judge Michael Burton said in court Tuesday. He didn’t say what the data was or why the security service viewed it. London-based Privacy International campaigns against what it calls “overreaching state and corporate surveillance.” Tuesday’s case showed the group had been “caught up in the surveillance dragnet,” Caroline Wilson Palow, the organization’s general counsel, said in a statement..... In a separate ruling this month, the European Court of Human Rights found some U.K. surveillance programs, including the bulk interception of communications exposed by whistle-blower Edward Snowden, violate rules that protect privacy and family life."
U.K.'s MI5 Spied on Privacy Campaigners, Judge Says
Bloomberg, 25 September 2018

"The West Midlands is to become the first UK urban 5G testbed area at a cost of up to £50m – with one use for the new tech being China-style AI-powered CCTV cameras with automated facial recognition, according to the government....AI-powered CCTV for automated facial recognition and population monitoring is widely used in China, with English-language propaganda from the Communist country being carefully sanitised to make it appear that the tech is only used to catch criminals and boost public safety. In reality the system is used by the State to hunt down and capture those who might embarrass officials, among others."
5G can help us spy on West Midlands with AI CCTV, giggles UK.gov
The Register, 4 September 2018

"The system that allowed spy agency GCHQ access to vast amounts of personal data from telecoms companies was unlawful for more than a decade, a surveillance watchdog has ruled. The Investigatory Powers Tribunal said that successive foreign secretaries had delegated powers without oversight.....  Under security rules introduced after the attacks on 11 September 2001, the UK's foreign secretary had the power to direct GCHQ to obtain data from telecoms companies, with little oversight of what they were subsequently asking for."
UK snooping 'unlawful for more than decade'
BBC, 24 July 2018

"Campaign group Big Brother Watch has accused HMRC of creating ID cards by stealth after it was revealed the UK taxman has amassed a database of 5.1 million people's voiceprints.The department introduced its Voice ID system in January 2017. This requires taxpayers calling HMRC to record a key phrase, which is used to create a digital signature that the system uses to unlock the right account when they phone back. According to a Freedom of Information request, submitted by Big Brother Watch and published today, the department now has more than 5.1 million people's voiceprints on record. However, the group argued that users haven't been given enough information on the scheme, how to opt in or out, or details on how their data would be deleted. "
UK taxman has amassed voice profiles of 5.1 million taxpayers
The Register, 25 June 2018

"The American Civil Liberties Union and other privacy activists are asking Amazon to stop marketing a powerful facial recognition tool to police, saying law enforcement agencies could use the technology to "easily build a system to automate the identification and tracking of anyone."...privacy advocates have been concerned about expanding the use of facial recognition to body cameras worn by officers or safety and traffic cameras that monitor public areas, allowing police to identify and track people in real time.The tech giant's entry into the market could vastly accelerate such developments, the privacy advocates fear, with potentially dire consequences for minorities who are already arrested at disproportionate rates, immigrants who may be in the country illegally or political protesters."People should be free to walk down the street without being watched by the government," the groups wrote in a letter to Amazon on Tuesday. "Facial recognition in American communities threatens this freedom."."
ACLU asks Amazon to stop marketing face-recognition technology to police
Associated Press, 22 May 2018

"Large public places, such as airports or shopping malls, have already been turned into surveillance free-for-alls, where people’s every move is catalogued for the sake of profit. Now, one prominent company is ready to help governments spread that same surveillance technology over entire cities. Israeli company Jenovice Cyber Labs is poised to launch new products that monitor everything from prisons to heavily populated areas, depending on what exactly customers want, CyberScoop has learned. It’s a particularly provocative product coming in the wake of DHS detecting Stingray cellphone spying devices across Washington, D.C., but all too easy to fathom based on the way companies make millions off the collection of location-based data. Jenovice’s Metropolink, which is only available for law enforcement and intelligence agencies, is sold as an “autonomous” surveillance system meant to monitor entire metropolitan areas. The capabilities list reads like hacker tech from a Jason Bourne movie: It’s advertised as being able to locate, list, map, track, analyze and visualize all Wi-Fi networks and identities across whatever environment a customer chooses.  The product works thanks to a network of sensors placed around a large populated area that track devices by identifiers including, but not limited to, MAC address and geolocation. Targets are usually phones that are broadcasting and collecting Wi-Fi information by default. Product advertising lists the technology as “passive,” an important distinction that’s subject to less regulatory oversight than active attacks and exploits found in other products. Similarly, in many countries, Metropolink doesn’t require a warrant, the company says."
Meet the Israeli company ready to sell citywide surveillance
Cyberscoop, 21 May 2018

"South Wales Police has been testing an automated facial recognition system since June 2017 and has used it in the real-world at more than ten events. In the majority of cases, the system has made more incorrect matches than the times it has been able to correctly identify a potential suspect or offender. ..... Automatic systems that scan people's faces in public and try to make matches are at an early stage in the UK. In China, systems are more advanced with a BBC News reporter being located, during a stunt, within just seven minutes...... South Wales Police, in its privacy assessment of the technology, says it is a "significant advantage" that no "co-operation" is required from a person. ...... In the future, the police force says, it may be possible to integrate the facial recognition technology with databases from other sources. It says the Police National Database (which has more than 19 million images), the Automatic Number Plate Recognition database, passport or driving licence could be added to its system..... In 2012, the High Court ruled it was unlawful for millions of photos of innocent people to be kept on police databases. At present, these can only be removed if a person makes a complaint to police."
Facial recognition tech used by UK police is making a ton of mistakes
Wired, 4 May 2018

"Seeking to build an identification system of unprecedented scope, India is scanning the fingerprints, eyes and faces of its 1.3 billion residents and connecting the data to everything from welfare benefits to mobile phones. Civil libertarians are horrified, viewing the program, called Aadhaar, as Orwell’s Big Brother brought to life. To the government, it’s more like “big brother,” a term of endearment used by many Indians to address a stranger when asking for help. For other countries, the technology could provide a model for how to track their residents. And for India’s top court, the ID system presents unique legal issues that will define what the constitutional right to privacy means in the digital age. .... Technology has given governments around the world new tools to monitor their citizens. In China, the government is rolling out ways to use facial recognition and big data to track people, aiming to inject itself further into everyday life. Many countries, including Britain, deploy closed-circuit cameras to monitor their populations....The potential uses — from surveillance to managing government benefit programs — have drawn interest elsewhere. Sri Lanka is planning a similar system, and Britain, Russia and the Philippines are studying it, according to the Indian government...."
‘Big Brother’ in India Requires Fingerprint Scans for Food, Phones and Finances
New York Times, 7 April 2018

"...declassified documents provided by former NSA contractor Edward Snowden reveal that the NSA has developed technology not just to record and transcribe private conversations but to automatically identify the speakers. Americans most regularly encounter this technology, known as speaker recognition, or speaker identification, when they wake up Amazon’s Alexa or call their bank.... Civil liberties experts are worried that these and other expanding uses of speaker recognition imperil the right to privacy. “This creates a new intelligence capability and a new capability for abuse,” explained Timothy Edgar, a former White House adviser to the Director of National Intelligence. A major concern of civil libertarians is the potential to chill speech. Trevor Timm, executive director of the Freedom of the Press Foundation, noted how the NSA’s speaker recognition technology could hypothetically be used to track journalists, unmask sources, and discourage anonymous tips. While people handling sensitive materials know they should encrypt their phone calls, Timm pointed to the many avenues — from televisions to headphones to internet-enabled devices — through which voices might be surreptitiously recorded. “There are microphones all around us all the time. We all carry around a microphone 24 hours a day, in the form of our cellphones,” Timm said. “And we know that there are ways for the government to hack into phones and computers to turn those devices on.”.... “Despite the many [legislative] changes that have happened since the Snowden revelations,” he continued, “the American people only have a partial understanding of the tools the government can use to conduct surveillance on millions of people worldwide. It’s important that this type of information be debated in the public sphere.” But debate is difficult, he noted, if the public lacks a meaningful sense of the technology’s uses — let alone its existence....
Finding Your Voice
The Intercept, 19 January 2018



Need A New Way Of Thinking' - Consciousness-Based Education



Latest Developments In 'Turnkey Totalitarianism'
KEEP UP TO DATE WITH SURVEILLANCE SOCIETY NEWS MEDIA REPORTS

Current - 2018 - 2017 - 2016 - 2015 - 2014 - 2013 - 2012 - 2011 - 2010 - 2009 - 2008 & Earlier



2018

"Increasing numbers of women are being secretly filmed on spy cameras as covert recording technology becomes cheaper and more readily available, experts have warned. Peeping toms are installing clandestine cameras in rental and student properties or public spaces including toilets, swimming pool cubicles, changing rooms and tanning salons, in an attempt to capture explicit photos of women without their consent....experts say the hidden nature of the crime means most women will never be aware they have been captured on camera – and also makes it very difficult to accurately predict the scale of the problem.... Advanced Sweeping, a company that detects spycams and bugs, said such incidents had risen due to the gadgets becoming less expensive and more technologically advanced. Keith Roberts, who runs the company, said his cases ranged from detecting spy cameras placed in homes by partners or exes, to instances of people using the equipment to snoop on strangers. “It has grown exponentially in the last five to seven years,” he said. “Our caseload is going up, which comes from these things being readily easy to buy. They used to have to go to spy shops but now it’s all on eBay and Amazon. It is shocking. Tech can lead people down some dark roads. It is terrifying. You have got to be very vigilant these days. We check businesses, residential homes, boats, vehicles.”... “People put [spy cams] in because they want to be nosy and then they turn into a voyeur. It is the leaking of information which makes people realise they are being spied on, but lots are spied on and never know.”  He said advances in technology meant some camera devices were very difficult to detect because they only send imagery or audio from the particular room to the voyeur at certain times of day such as 3am – meaning the wifi will not be transmitting when firms do a “sweep”, and therefore will be more difficult to detect. However, he said his company was able to get round this by using highly sensitive scientific equipment. A search for spy cameras on Amazon shows everything from watches to water battles, alarm clock radios, glasses and pens, priced anywhere from £7 to £70, which contain hidden spy cameras. ...  Alisdair A Gillespie, an academic who specialises in cybercrime and sexual offences, said it was tremendously difficult for the police to catch voyeurs, and even when footage was discovered it was difficult to work out who the people in the videos were as you may not be able to see their faces.  “The problem with voyeurism is, because it is secret, you only ever stumble across it. It will only be if you happen to find someone installing the camera or you discover the footage,” he said. “If footage is from a changing room in a shop or leisure centre, all you might see is the genitalia.”... Samantha Pegg, a senior lecturer at Nottingham Law School who specialises in sexual offences and pornography, said voyeurs tend to be given sexual harm prevention orders that stop offenders buying electronic equipment that can be used as a camera. She said she always checked for secret cameras in hotels, adding that she looked at smoke alarms to work out if they look “suspicious” and switched the lights off to see if anything can be seen.  “I do make an effort to check but maybe I am giving myself a false sense of security,” she said."
From changing rooms to public toilets: The dark trend of hidden spy cameras filming women
Independent, 28 December 2018

"Beijing is speeding up the adoption of facial recognition-enabled smart locks in its public housing programmes as part of efforts to clamp down on tenancy abuse, such as illegal subletting. The face-scanning system is expected to cover all of Beijing’s public housing projects, involving a total of 120,000 tenants, by the end of June 2019, according toThe Beijing News. By combining facial recognition with smart locks, the Beijing authorities hope to not only improve the security of public housing communities but also prevent illegal subletting, to make sure the limited housing resources are only allocated to those in genuine need. The move is the latest example of the use of facial recognition technology by the Chinese authorities to keep an eye on its citizens. Many Chinese cities are already relying on facial recognition cameras to catch jaywalkers. One Beijing park even installed toilet paper dispensers equipped with facial recognition functions to discourage visitors from taking too much loo roll. The face-scanning system has already been installed in 47 public housing projects across Beijing. As many as 100,000 facial scans comprising tenants and their family members have been collected."
Beijing turns to facial recognition to combat public housing abuses
South China Morning Post, 28 December 2018

"How can Facebook monitor billions of posts per day in over 100 languages, all without disturbing the endless expansion that is core to its business? The company’s solution: a network of workers using a maze of PowerPoint slides spelling out what’s forbidden. Every other Tuesday morning, several dozen Facebook employees gather over breakfast to come up with the rules, hashing out what the site’s two billion users should be allowed to say. The guidelines that emerge from these meetings are sent out to 7,500-plus moderators around the world. (After publication of this article, Facebook said it had increased that number to around 15,000.) The closely held rules are extensive, and they make the company a far more powerful arbiter of global speech than has been publicly recognized or acknowledged by the company itself, The New York Times has found.  The Times was provided with more than 1,400 pages from the rulebooks by an employee who said he feared that the company was exercising too much power, with too little oversight — and making too many mistakes. An examination of the files revealed numerous gaps, biases and outright errors. As Facebook employees grope for the right answers, they have allowed extremist language to flourish in some countries while censoring mainstream speech in others."
Inside Facebook’s Secret Rulebook for Global Political Speech
New York Times, 27 December 2018

"Schools in China are promoting "intelligent uniforms" to better monitor students' attendance and whereabouts. More than 10 schools in Southwest China's Guizhou Province and Guangxi Zhuang Autonomous Region have adopted the uniforms. If students wear the uniforms, the school authorities receive recorded accurate timing of their entry and exit and automatically send the data to parents and teachers, said Lin Zongwu, principal of No. 11 School of Renhuai in Guizhou Province. More than 800 students in his school have been wearing the intelligent uniforms since the fall of 2016.  According to Guizhou Guanyu Technology Company that provides the technology behind the "intelligent uniforms," an automatic voice alarm activates if students wearing intelligent uniforms walk out of school without permission.  Through the help of the facial recognition equipment installed on the doors of schools, if students swap their uniforms, the alarm also rings.  Two chips are inserted in the shoulders of uniforms and can endure up to 150 C and 500 washes, Yuan Bichang, the company's project manager, told the Global Times.  But the uniforms might provoke privacy concerns as the system can locate students even in non-school hours.  "We choose not to check the accurate location of students after school, but when the student is missing and skipping classes, the uniforms help locate them," Lin said. He noted that the attendance rate has largely increased since the application of intelligent uniforms."
Chinese schools monitor students activities, targeting truancy with 'intelligent uniforms'
Global Times, 20 December 2018

"...surveillance images are typically obtained by officers and detectives knocking on doors, asking business owners and homeowners if a surveillance camera might have captured a particular incident. Now, the locations of homes and businesses that register with the Camera Registration Program appear as blue dots on a satellite map of Renton. Mathews said other police agencies have databases of available cameras on printed pages, but not on a computer-generated map. She believes Renton PD’s is the first. The Camera Registration Program is volunteer-only and does not allow police officers to see images in real time. It simply lets investigators know a camera is in the area and that its owner is willing to cooperate with police officers. Those officers can then “log in from their cars and see there are three houses in this area, and the suspect fled this way, so maybe these three cameras will show something,” Mathews explained. Wes Henry is Pastor at City View Church, which has a very clear, brand-new digital surveillance system. On Thursday morning, he signed up to partner with the Renton PD should anything suspicious happen within sight of his cameras. Henry told KIRO 7 he has no concerns about the program invading his or his congregation members’ privacy. “They are putting us on the map,” Henry explained about his willingness to partner with Renton police. Officers “don’t have access to our cameras. They’re not coming to tap in. They don’t actually have any way to get the feed unless I give it to them.”
Renton Police recruiting private surveillance for crime-fighting partnership

MyNorthWest, 14 December 2018

"... as smartphones have become ubiquitous and technology more accurate, an industry of snooping on people’s daily habits has spread and grown more intrusive. At least 75 companies receive anonymous, precise location data from apps whose users enable location services to get local news and weather or other information, The Times found. Several of those businesses claim to track up to 200 million mobile devices in the United States — about half those in use last year. The database reviewed by The Times — a sample of information gathered in 2017 and held by one company — reveals people’s travels in startling detail, accurate to within a few yards and in some cases updated more than 14,000 times a day. These companies sell, use or analyze the data to cater to advertisers, retail outlets and even hedge funds seeking insights into consumer behavior. It’s a hot market, with sales of location-targeted advertising reaching an estimated $21 billion this year. IBM has gotten into the industry, with its purchase of the Weather Channel’s apps. The social network Foursquare remade itself as a location marketing company. Prominent investors in location start-ups include Goldman Sachs and Peter Thiel, the PayPal co-founder. Businesses say their interest is in the patterns, not the identities, that the data reveals about consumers. They note that the information apps collect is tied not to someone’s name or phone number but to a unique ID. But those with access to the raw data — including employees or clients — could still identify a person without consent. They could follow someone they knew, by pinpointing a phone that regularly spent time at that person’s home address. Or, working in reverse, they could attach a name to an anonymous dot, by seeing where the device spent nights and using public records to figure out who lived there. Many location companies say that when phone users enable location services, their data is fair game. But, The Times found, the explanations people see when prompted to give permission are often incomplete or misleading. An app may tell users that granting access to their location will help them get traffic information, but not mention that the data will be shared and sold. That disclosure is often buried in a vague privacy policy."
Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret
New York Times, 10 December 2018

"With indecent speed, and after the barest nod to debate, the Australian Parliament has now passed the Assistance and Access Act, unopposed and unamended. The bill is a cousin to the United Kingdom’s Investigatory Powers Act, passed in 2016. The two laws vary in their details, but both now deliver a panoptic new power to their nation’s governments. Both countries now claim the right to secretly compel tech companies and individual technologists, including network administrators, sysadmins, and open source developers – to re-engineer software and hardware under their control, so that it can be used to spy on their users. Engineers can be penalized for refusing to comply with fines and prison; in Australia, even counseling a technologist to oppose these orders is a crime.We don’t know – because it is a state secret – whether the UK has already taken advantage of its powers, but this month we had some strong statements from GCHQ about what they plan to do with them. And because the “Five Eyes” coalition of intelligence-gathering countries have been coordinating this move for some time, we can expect Australia to shortly make the same demands.Ian Levy, GCHQ’s Technical Director, recently posted on the Lawfare blog what GCHQ wants tech companies to do. Buried in a post full of justifications (do a search for “crocodile clips” to find the meat of the proposal, or read EFF’s Cindy Cohn’s analysis), Levy explained that GCHQ wants secure messaging services, like WhatsApp, Signal, Wire, and iMessage, to create deceitful user interfaces that hide who private messages are being sent to. In the case of Apple’s iMessage, Apple would be compelled to silently add new devices to the list apps think you own: when someone sends you a message, it will no longer just go to, say, your iPhone, your iPad, and your MacBook – it will go to those devices, and a new addition, a spying device owned by the government. With messaging systems like WhatsApp, the approach will be slightly different: your user interface will claim you’re in a one-on-one conversation, but behind the scenes, the company will be required to silently switch you into a group chat. Two of the people in the group chat will be you and your friend. The other will be invisible, and will be operated by the government. The intelligence services call it “the ghost"; a stalking ghost that requires the most secure tech products available today to lie to their users, via secret orders that their designers cannot refuse without risking prosecution. So this is the first step, after this Australian bill becomes law. We can imagine Facebook and Apple and other messaging services fighting these orders as best as they can. Big tech companies are already struggling with a profound collapse in trust among their customers; the knowledge that they may be compelled to lie to those users will only add to their problems."
In the New Fight for Online Privacy and Security, Australia Falls: What Happens Next?
Electronic Frontier Foundation, 6 December 2018

"UK spies are planning to increase their use of bulk equipment interference, as the range of encrypted hardware and software applications they can't tap into increases. Equipment interference (EI) – formerly known as computer network exploitation – is the phrase used for spies poking around in devices, like phones or computers, and media like USB sticks. It allows them to gather up info they claim would otherwise be "lost" as it can't be obtained other ways – crucially, it means they can access encrypted data they cannot grab via the more traditional route of interception. At the time the Investigatory Powers Bill was passing through Parliament – it was signed into law in 2016 – EI hadn't been used, but it was already seen an alternative to bulk interception. However, it was expected to be authorised through targeted or targeted thematic warrants; as then-independent reviewer of terrorism David Anderson wrote at the time, "bulk EI is likely to be only sparingly used". Since then, though, GCHQ's use of these bulk powers has "evolved", according to a letter (PDF) to members of parliament’s Intelligence and Security Committee, by security minister Ben Wallace. During the passage of the Investigatory Powers legislation, he said, the government anticipated bulk EI warrants would be "the exception", and "be limited to overseas 'discovery' based EI operations". But with encryption increasingly commonplace, the spies want the exception to edge towards becoming the rule. "Since the passage of the Bill, the communications environment has continued to evolve, particularly in terms of the range of hardware devices and software applications which need to be targeted," Wallace said. "In addition, the deployment of less traditional devices, and usage of these technologies by individuals of interest has advanced significantly." Wallace said GCHQ had reviewed "current operational and technical realities" and "revisited" its previous position. "It will be necessary to conduct a higher proportion of ongoing overseas focused operational activity using the bulk EI regime than was originally envisaged," he said. This was predicted by David Anderson, QC in his 2016 report (PDF), as he acknowledged that the logic of bulk interception could apply to bulk EI. "There will be foreign-focused cases where there is significant value to be gained, operationally, from it - but in which it won’t be possible to make a sufficiently precise assessment to proceed on the basis of the thematic EU power," he said. Anderson added that bulk EU would require "particularly rigorous and technically-informed oversight" from both the secretary of state and the judicial commissioners who form the other part of the recently introduced "double lock" mechanism."
UK spies: You know how we said bulk device hacking would be used sparingly? Well, things have 'evolved'
The Register, 6 December 2018

"[In Australia] Businesses using fingerprint scanners to monitor their workforce can legally sack employees who refuse to hand over biometric information on privacy grounds, the Fair Work Commission has ruled. The ruling, which will be appealed, was made in the case of Jeremy Lee, a Queensland sawmill worker who refused to comply with a new fingerprint scanning policy introduced at his work in Imbil, north of the Sunshine Coast, late last year. Fingerprint scanning was used to monitor the clock-on and clock-off times of about 150 sawmill workers at two sites and was preferred to swipe cards because it prevented workers from fraudulently signing in on behalf of their colleagues to mask absences. The company, Superior Woods, had no privacy policy covering workers and failed to comply with a requirement to properly notify individuals about how and why their data was being collected and used. The biometric data was stored on servers located off-site, in space leased from a third party. Lee argued the business had never sought its workers’ consent to use fingerprint scanning, and feared his biometric data would be accessed by unknown groups and individuals. “I am unwilling to consent to have my fingerprints scanned because I regard my biometric data as personal and private,” Lee wrote to his employer last November. “Information technology companies gather as much information/data on people as they can. “Whether they admit to it or not. (See Edward Snowden) Such information is used as currency between corporations.” Lee was neither antagonistic or belligerent in his refusals, according to evidence before the commission. He simply declined to have his fingerprints scanned and continued using a physical sign-in booklet to record his attendance. He had not missed a shift in more than three years. The employer warned him about his stance repeatedly, and claimed the fingerprint scanner did not actually record a fingerprint, but rather “a set of data measurements which is processed via an algorithm”. The employer told Lee there was no way the data could be “converted or used as a finger print”, and would only be used to link to his payroll number to his clock-on and clock-off time. It said the fingerprint scanners were also needed for workplace safety, to accurately identify which workers were on site in the event of an accident.... Lee was sacked in February, and lodged an unfair dismissal claim in the Fair Work Commission. He argued he was sacked for failing to comply with an unreasonable direction, because the fingerprint scanning was in breach of Australian privacy laws. His biometric information was sent to a separate corporate entity that was not his employer, Lee argued..... Lee told Guardian Australia he planned to appeal. He said the ruling implied that Australians only owned their biometric data until an employer demanded it, at which point they could be sacked if they refused to consent.“My biometric data is inherently mine and inseparable from me,” Lee said. “My employer can’t demand it or sack me for refusing to give it.”"
Companies 'can sack workers for refusing to use fingerprint scanners'
Guardian, 27 November 2018

"China’s plan to judge each of its 1.3 billion people based on their social behavior is moving a step closer to reality, with Beijing set to adopt a lifelong points program by 2021 that assigns personalized ratings for each resident. The capital city will pool data from several departments to reward and punish some 22 million citizens based on their actions and reputations by the end of 2020, according to a plan posted on the Beijing municipal government’s website on Monday. Those with better so-called social credit will get “green channel” benefits while those who violate laws will find life more difficult. The Beijing project will improve blacklist systems so that those deemed untrustworthy will be “unable to move even a single step,” according to the government’s plan. Xinhua reported on the proposal Tuesday, while the report posted on the municipal government’s website is dated July 18.China has long experimented with systems that grade its citizens, rewarding good behavior with streamlined services while punishing bad actions with restrictions and penalties. Critics say such moves are fraught with risks and could lead to systems that reduce humans to little more than a report card....According to the Beijing government’s plan, different agencies will link databases to get a more detailed picture of every resident’s interactions across a swathe of services. The proposal calls for agencies including tourism bodies, business regulators and transit authorities to work together....The tracking of individual behavior in China has become easier as economic life moves online, with apps such as Tencent’s WeChat and Ant Financial’s Alipay a central node for making payments, getting loans and organizing transport. Accounts are generally linked to mobile phone numbers, which in turn require government IDs."
Beijing to Judge Every Resident Based on Behavior by End of 2020
Bloomberg, 21 November 2018

"Vehicles are increasingly coming connected with Wi-Fi and may know more about you than you think – where you've been, what you're listening to and what kind of coffee you like. All information that privacy advocates are warning may end up in the hands of advertisers or even your insurance company, reports CBS News correspondent Kris Van Cleave.   Under the hood of one car, Ford's former head of tech John Ellis found four computers. Inside the car, he hooked up his smart phone to show the data streaming in real time. "With enough data, I can discern patterns that seem to be almost non-existent to the human eye," Ellis said.  From the brakes to the windshield wipers, with as many as 100 points that generate data, today's cars pack the power of 20 personal computers and can process up to 25 gigs of data every hour – some of it beamed back. Now, carmakers are rushing to turn your car's data into a revenue stream, reselling blocks of location information and, one day, information from cars' on-board cameras and sensors could be bought by mapping companies or apps that monitor traffic conditions. Seventy-two percent of car owners said they had no idea was happening.  "We know how tired you are because we have cameras inside of the car looking at the driver to look for eyelid movement," Ellis said. "Some of the cars have an ability to detect alcohol…are you weaving? Are you moving? Are you harsh-braking?"   Good drivers who agree to share their data can also get a better deal. Soon, a car's data may be worth more than the vehicle itself, according to one car data company. Driver data could add up to three-quarters of a trillion dollars industry-wide by 2030. GM uses that data – with drivers' consent – to put popular brands at their fingertips. GM calls it marketplace, an attempt to cash in on the 46 minutes per day the average American spends in a car. "Your driving behavior, the person in the car. We do have that data," said Rick Ruskin of GM Marketplace. "You've created this connection with merchants and brands. They know your data. We're bringing that onto the dashboard of the car." Low on gas? It'll point you to the closest gas station and let you pay from the dash where you can also, order food or make reservations on the go, all based on what's close to the car's current location." Ruskin said drivers are asked to opt in to the program the very first time they tap the screen on the dashboard.   "You'd accept other terms and conditions. And we'd let you know….that we may be using the location of your car to serve you," Ruskin said. Privacy advocates point out that it's on us to start thinking about cars for what they've become: data-generating devices."
Carmakers are collecting data and cashing in – and most drivers have no clue
CBS News, 13 November 2018

"Britain’s biggest employer organisation and main trade union body have sounded the alarm over the prospect of British companies implanting staff with microchips to improve security. UK firm BioTeq, which offers the implants to businesses and individuals, has already fitted 150 implants in the UK. The tiny chips, implanted in the flesh between the thumb and forefinger, are similar to those for pets. They enable people to open their front door, access their office or start their car with a wave of their hand, and can also store medical data. Another company, Biohax of Sweden, also provides human chip implants the size of a grain of rice. It told the Sunday Telegraph (£) that it is in discussions with several British legal and financial firms about fitting their employees with microchips, including one major company with hundreds of thousands of employees. The CBI, which represents 190,000 UK businesses, voiced concerns about the prospect. A CBI spokesperson said: “While technology is changing the way we work, this makes for distinctly uncomfortable reading. Firms should be concentrating on rather more immediate priorities and focusing on engaging their employees.” The TUC is worried that staff could be coerced into being microchipped. Its general secretary Frances O’Grady said: “We know workers are already concerned that some employers are using tech to control and micromanage, whittling away their staff’s right to privacy. “Microchipping would give bosses even more power and control over their workers. There are obvious risks involved, and employers must not brush them aside, or pressure staff into being chipped.”"
Alarm over talks to implant UK employees with microchips
Guardian, 11 November 2018

"The US Drug Enforcement Administration (DEA) and Immigration and Customs Enforcement (ICE) have hidden an undisclosed number of covert surveillance cameras inside streetlights around the country, federal contracting documents reveal. According to government procurement data, the DEA has paid a Houston, Texas company called Cowboy Streetlight Concealments LLC roughly $22,000 since June 2018 for “video recording and reproducing equipment.” ICE paid out about $28,000 to Cowboy Streetlight Concealments over the same period of time. It’s unclear where the DEA and ICE streetlight cameras have been installed, or where the next deployments will take place. ICE offices in Dallas, Houston, and San Antonio have provided funding for recent acquisitions from Cowboy Streetlight Concealments; the DEA’s most recent purchases were funded by the agency’s Office of Investigative Technology, which is located in Lorton, Virginia."
The DEA and ICE are hiding surveillance cameras in streetlights
Quartz, 9 November 2018

"Microsoft's president Brad Smith said facial recognition technology needs to be regulated so the world doesn't turn into a Nineteen Eighty-Four scenario with everyone's actions tracked and scrutinised. He told attendees at WebSummit in Lisbon, Portugal that the way in which facial recognition technology is developing and being used by more businesses could be detrimental to the average person's privacy. “It potentially means every time you walk into a store, a retailer knows when you were in there last, what good you picked out, what you purchased,” he said, reported Recode. “I think even that frankly pales in comparison to what it could do to relationships between individuals and the state.”  Although Microsoft has built its own facial recognition technology, Brad recognises that regulating the industry is the most effective way to make sure it doesn't get out of hands and businesses start misusing their powers. Of course, he accepts that in some cases, such as finding criminals and monitoring illegal activities, it's an effective technology, but warned those applications mustn't get out of hand. "For the first time, the world is on the threshold of technology that would give a government the ability to follow anyone anywhere, and everyone everywhere. It could know exactly where you are going, where you have been and where you were yesterday as well," Smith said. "And this has profound potential ramifications for even just the fundamental civil liberties on which democratic societies rely. Before we wake up and find that the year 2024 looks like the book '1984', let’s figure out what kind of world we want to create, and what are the safeguards and what are the limitations of both companies and governments for the use of this technology."
Microsoft's president says we need to regulate facial recognition to avoid a 'Nineteen Eighty-Four' scenario
IT Pro, 9 November 2018

"[Edward Snowden has suggested] a link between the murder of Saudi journalist Jamal Khashoggi and Saudi use of NSO Group’s Pegasus software... The NSO Group has been the subject of much controversy in recent years, with Canadian internet watchdog Citizen Lab claiming that the Pegasus software marketed by the company is being used by a number of countries 'with dubious human rights records and histories of abusive behavior by state security services.' Pegasus infects individuals’ phones by sending them text messages that tempt them to click an attached link. If the target clicks on the link, the company gains full control over the phone, including its contents and history, and the ability to activate its microphone and camera at will.....  'In today’s world, [NSO Group] are the worst of the worst in selling these burglary tools that are being actively currently used to violate the human rights of dissidents, opposition figure and activists, to some pretty bad players,' he said. Snowden described NSO Group’s activity as a 'kind of predation.'... Snowden told the audience that there was reason to believe the NSO Group’s Pegasus software is connected to the murder of Jamal Khashoggi in Saudi Arabia’s consulate in Istanbul, Turkey.... He also told the audience that it is an open secret that Israel spies on the US. 'Israel has a real leg up in technology, in particular in these kinds of offensive operations. Even the NSA realizes that we get hacked by the Israelis. When we file our counterintelligence priorities matrix, it’s always the same four — China, Russia, Israel and France,' he said. 'If I were going to put them in a ranking I would put Israel above France.'
Israeli tech helped Saudis kill journalist, Snowden tells Tel Aviv confab
Times of Israel, 7 November 2018

"Data from the vast majority of apps is harvested and shared with Google, a comprehensive study of the Android ecosystem has revealed. Researchers from Oxford university analysed 959,000 apps from the UK and US Google Play stores, finding that almost 90 per cent of Android apps share data with Google. The study also revealed that around half of the apps transfer data to at least 10 third parties, such as Facebook and Twitter. The study's authors attribute the mass-data harvesting to the rise of "freemium" apps that rely on advertising and data sharing for revenue. Information collected and shared by the apps can include a user's age, gender and location, with the practice particularly prevalent with apps aimed at children....The researchers describe the mass data collection and tracking as a "highly important phenomenon" that presents significant challenges for both regulators aiming to enforce the law, and for the companies who must comply with it. Industry figures described the study as "unsurprising", given the data-based business models that technology companies adopt. The implications of this, especially concerning communication apps, could be severe for businesses."
Almost all Android apps send personal data to other companies like Facebook, Google and Amazon, study reveals
Independent, 25 October 2018

"Facial recognition software is to be used in UK supermarkets for the first time to verify the age of people buying alcohol and cigarettes, the Telegraph has learned. The pilot scheme is set to be rolled out at self-service checkouts by the end of the year and could be applied more widely in 2019. NCR, a US company which makes self check-out machines for Asda, Tesco and other UK’s supermarkets, will integrate a camera that will estimate the age of shoppers when they are buying age restricted items.  The camera will reduce the need for staff to approve purchases by using AI to scan a person’s face to determine their age and either accept or deny the sale of the item."
Facial recognition system to approve alcohol and cigarettes sales to be trialled by first British supermarket
Telegraph, 16 October 2018

"There are two ways for spies to alter the guts of computer equipment. One, known as interdiction, consists of manipulating devices as they’re in transit from manufacturer to customer. This approach is favored by U.S. spy agencies, according to documents leaked by former National Security Agency contractor Edward Snowden. The other method involves seeding changes from the very beginning. One country in particular has an advantage executing this kind of attack: China, which by some estimates makes 75 percent of the world’s mobile phones and 90 percent of its PCs. Still, to actually accomplish a seeding attack would mean developing a deep understanding of a product’s design, manipulating components at the factory, and ensuring that the doctored devices made it through the global logistics chain to the desired location—a feat akin to throwing a stick in the Yangtze River upstream from Shanghai and ensuring that it washes ashore in Seattle. “Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow,” says Joe Grand, a hardware hacker and the founder of Grand Idea Studio Inc. “Hardware is just so far off the radar, it’s almost treated like black magic.” But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.One official says investigators found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world’s most valuable company, Apple Inc. Apple was an important Supermicro customer and had planned to order more than 30,000 of its servers in two years for a new global network of data centers. Three senior insiders at Apple say that in the summer of 2015, it, too, found malicious chips on Supermicro motherboards. Apple severed ties with Supermicro the following year, for what it described as unrelated reasons.... One government official says China’s goal was long-term access to high-value corporate secrets and sensitive government networks. No consumer data is known to have been stolen."
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
Bloomberg, 4 October 2018

"One aspect of 5G that has not received much attention is how it will be seized upon by the murkier side of the global population. Cyber-crime is a raging battle front and perhaps, before 5G becomes widely available, governments and regulators should consider how criminals may utilise the technology. The European Union Agency for Law Enforcement Cooperation, better known as Europol, has highlighted that the new technology will threaten existing techniques for tracking criminals. Europol’s 2018 Internet Organised Crime Threat Assessment (IOCTA) has followed on from research begun by the EU’s Public Private Partnership on 5G and noted that new security concerns will come from issues related to locating users and GDPR. Firstly, the underlying virtualisation technology needed to deal with the complexity and bandwidth of 5G makes it much harder to identify and locate individual users. 4G technology gives each user a unique identifier. 5G technology only allocates temporary identifiers. Artificial intelligence offers a potential way for the police and security services to overcome this challenge. However, the GDPR laws designed to protect individual privacy mean that the data bases required may themselves be illegal.On the plus side, there will be a direct security benefits from 5G. Companies and public sector bodies will have more options for encrypting data, making any potential breaches less likely and less damaging. The IoT technologies that use 5G will also support improvements to other aspects of security such as CCTV and object tracking (e.g., stolen phones/laptops). New technologies always bring new challenges and the battle against cyber-crime and organised crime creates dilemmas for governments and populations. In the UK, the proposed ‘Snoopers Charter’ (the Draft Communications Data Bill) drew much public criticism and was dropped. The Investigatory Powers Act that subsequently passed through the UK Parliament only gained the backing of a majority of British MPs after concessions to privacy were made. But too much data protection also has its consequences. It may be that the EU (and, after Brexit, the UK) will need to consider revisions to GDPR once 5G goes live across Europe."
What does 5G mean for crime and security?
The Verdict, 28 September 2018

"The U.K.’s domestic security service MI5 looked at private data about a group that campaigns against mass surveillance, a London judge has found. The agency held and “accessed or examined” data about the campaign group Privacy International, judge Michael Burton said in court Tuesday. He didn’t say what the data was or why the security service viewed it. London-based Privacy International campaigns against what it calls “overreaching state and corporate surveillance.” Tuesday’s case showed the group had been “caught up in the surveillance dragnet,” Caroline Wilson Palow, the organization’s general counsel, said in a statement. “Should a domestic intelligence agency charged with protecting national security be spying on a human rights organization based in London? Shouldn’t such spying, if permitted at all, be subject to the strictest of safeguards?” she said.... Privacy International said it wrote to Home Secretary Sajid Javid Tuesday, asking him to make changes to the country’s laws that cover internet security, and asking for an explanation of why MI5 wanted the data it collected. The data that MI5 looked at was categorized as “bulk personal datasets” and “bulk communications data,” the judge said. Bulk personal datasets can include the electoral roll, telephone directories and travel-related data, according to MI5’s website. Bulk communications data “is the who, where, when, how and with whom of communications, but not what was written or said,” the website says, and includes information such as itemized bills. In a separate ruling this month, the European Court of Human Rights found some U.K. surveillance programs, including the bulk interception of communications exposed by whistle-blower Edward Snowden, violate rules that protect privacy and family life."
U.K.'s MI5 Spied on Privacy Campaigners, Judge Says
Bloomberg, 25 September 2018

"British spies are likely to have hacked into Belgium’s biggest telecommunications operator for at least a two-year period on the instruction of UK ministers, a confidential report submitted by Belgian prosecutors is said to have concluded. The finding would support an allegation made by the whistleblower Edward Snowden five years ago when he leaked 20 slides exposing the targets of hacking by the British intelligence service GCHQ. According to unconfirmed reports in the Belgian media, the federal prosecutors’ report suggests the hackers closed their operation within a matter of minutes of being exposed in August 2013. It is believed the interception of Belgacom, now Proximus, had been ongoing since at least 2011. The justice minister, Koen Geens, has confirmed he has received the report and that it will be discussed within the national security council, led by the prime minister, Charles Michel.... The British spies are said to have targeted the computers of Belgacom employees working in security and maintenance with faked LinkedIn messages. There was a particular focus on the Belgian company’s subsidiary unit, Belgacom International Carrier Services, which handles phone and data traffic in Africa and the Middle East. It is reported that the espionage – given the the codename Operation Socialist – was also seeking to target communications made between roaming smartphones. The interception would have provided access to communications at Nato headquarters in Brussels and at key European institutions including the European commission, European parliament, and the European Council. The operation was the first documented example of an EU member state covertly hacking into the critical infrastructure of another. The unpublished prosecutors’ report is said to indicate that the spying operation must have been authorised at the highest levels of the British government. In 2011 William Hague was Britain’s foreign secretary.... The slides leaked five years ago by Snowden, a former contractor for the US National Security Agency, came from the Network Analysis Centre, a department of GCHQ."
British spies 'hacked into Belgian telecoms firm on ministers' orders'
Guardian, 21 September 2018

"Some of the world’s most sophisticated Android and iPhone spyware has been found floating around America for the first time. It's one of as many as 45 countries in which NSO Group malware was uncovered. And together they may represent breaches of American and other nations' computer crime laws against cross-border hacking, not to mention a severe concern for citizens’ privacy, according to the researchers who uncovered the professional spy software. The malware of concern, dubbed Pegasus, is the creation of NSO Group, an Israeli company valued at close to $1 billion. It can hide on Apple or Google devices, spying via the camera, listening in on conversations through the microphone, stealing documents and siphoning off once-private messages, amongst other surreptitious activities. NSO has always protested that its tools are designed to be used to track the most heinous criminals, from terrorists to drug cartels. But the company has been caught up in spying scandals in Mexico and the United Arab Emirates. In both cases, civil rights organizations were up in arms that the iPhone malware had targeted activists, journalists and lawyers, among others who appeared entirely innocent of any crimes. Just last month, Forbes reported that an Amnesty researcher focusing on issues in the UAE had been targeted by NSO spyware. And most recently, leaked emails included in lawsuits in Israel and Cyprus against NSO Group appeared to show the company had hacked the phone of a journalist working at an Arab newspaper."
America 'One Of 45 Countries' Infected By Uber-Powerful Israeli Smartphone Spyware
Forbes, 18 September 2018

"The U.S. government can monitor journalists under a foreign intelligence law that allows invasive spying and operates outside the traditional court system, according to newly released documents. Targeting members of the press under the law, known as the Foreign Intelligence Surveillance Act, requires approval from the Justice Department’s highest-ranking officials, the documents show. In two 2015 memos for the FBI, the attorney general spells out “procedures for processing Foreign Intelligence Surveillance Act applications targeting known media entities or known members of the media.” The guidelines say the attorney general, the deputy attorney general, or their delegate must sign off before the bureau can bring an application to the secretive panel of judges that approves monitoring under the 1978 act, which governs intelligence-related wiretapping and other surveillance carried out domestically and against U.S. persons abroad. The high level of supervision points to the controversy around targeting members of the media at all. Prior to the release of these documents, little was known about the use of FISA court orders against journalists. Previous attention had been focused on the use of National Security Letters against members of the press; the letters are administrative orders with which the FBI can obtain certain phone and financial records without a judge’s oversight. FISA court orders can authorize much more invasive searches and collection, including the content of communications, and do so through hearings conducted in secret and outside the sort of adversarial judicial process that allows journalists and other targets of regular criminal warrants to eventually challenge their validity. “This is a huge surprise,” said Victoria Baranetsky, general counsel with the Center for Investigative Reporting, previously of Reporters Committee for the Freedom of the Press. “It makes me wonder, what other rules are out there, and how have these rules been applied? The next step is figuring out how this has been used.”"
Government Can Spy on Journalists in the U.S. Using Invasive Foreign Intelligence Process
Intercept, 17 September 2018

"GCHQ’s methods for bulk interception of online communications violated privacy and failed to provide sufficient surveillance safeguards, the European court of human rights has ruled. But the ECHR found that GCHQ’s regime for sharing sensitive digital intelligence with foreign governments was not illegal, and it explicitly confirmed that bulk interception with tighter safeguards was permissible. The ruling, which follows Edward Snowden’s whistleblowing revelations, is a comprehensive assessment by the ECHR of interception operations carried out until recently by UK intelligence agencies. The legal claims, which had already been heard by the UK’s investigatory powers tribunal, were brought by a coalition of 14 human rights groups and privacy organisations including Amnesty International, Liberty, Privacy International and Big Brother Watch, as well as journalists. The case concerned the interception regime previously operated by GCHQ. Updated regulations are coming into force under the Investigatory Powers Act 2016."
GCHQ data collection regime violated human rights, court rules
Guardian, 13 September 2018

"The West Midlands is to become the first UK urban 5G testbed area at a cost of up to £50m – with one use for the new tech being China-style AI-powered CCTV cameras with automated facial recognition, according to the government....AI-powered CCTV for automated facial recognition and population monitoring is widely used in China, with English-language propaganda from the Communist country being carefully sanitised to make it appear that the tech is only used to catch criminals and boost public safety. In reality the system is used by the State to hunt down and capture those who might embarrass officials, among others."
5G can help us spy on West Midlands with AI CCTV, giggles UK.gov
The Register, 4 September 2018

"Facebook has begun to assign its users a reputation score, predicting their trustworthiness on a scale from zero to 1. The previously unreported ratings system, which Facebook has developed over the past year, shows that the fight against the gaming of tech systems has evolved to include measuring the credibility of users to help identify malicious actors. Facebook developed its reputation assessments as part of its effort against fake news, Tessa Lyons, the product manager who is in charge of fighting misinformation, said in an interview. ...It is unclear what other criteria Facebook measures to determine a user’s score, whether all users have a score and in what ways the scores are used....“Not knowing how [Facebook is] judging us is what makes us uncomfortable,” said Claire Wardle, director of First Draft, a research lab within the Harvard Kennedy School that focuses on the impact of misinformation and that is a fact-checking partner of Facebook. “But the irony is that they can’t tell us how they are judging us — because if they do, the algorithms that they built will be gamed.”
Facebook is rating the trustworthiness of its users on a scale from zero to 1
Washington Post, 21 August 2018

"Millions of us have welcomed Alexa into our homes by purchasing one of Amazon’s Echo smart speakers. The handy gadgets can be used for playing music, shopping and – on some models – even watching video clips. But they can also be turned against you if a hacker is sufficiently motivated to crack through Amazon’s security and access the device’s microphone and recording ability. A team of expert hackers from the Tencent corporation in China have demonstrated a worrying technique for turning Amazon’s Echo into a snooping device. ‘After several months of research, we successfully break the Amazon Echo by using multiple vulnerabilities in the Amazon Echo system, and [achieve] remote eavesdropping,’ a spokesperson for the company told Wired. They revealed the fruits of their labour at the DefCon security conference on Sunday. But before you start panicking and scrambling to unplug your Echo, the team had already disclosed what they’d found to Amazon who pushed out security fixes last month."
Amazon Echo speakers turned into listening devices by expert Chinese hackers
Metro, 13 August 2018

"Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to. An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you've used privacy settings that say they will prevent it from doing so. Computer-science researchers at Princeton confirmed these findings at the AP's request. For the most part, Google is upfront about asking permission to use your location information. An app like Google Maps will remind you to allow access to location if you use it for navigating. If you agree to let it record your location over time, Google Maps will display that history for you in a "timeline" that maps out your daily movements. Storing your minute-by-minute travels carries privacy risks and has been used by police to determine the location of suspects — such as a warrant that police in Raleigh, North Carolina, served on Google last year to find devices near a murder scene. So the company will let you "pause" a setting called Location History. Google says that will prevent the company from remembering where you've been. Google's support page on the subject states: "You can turn off Location History at any time. With Location History off, the places you go are no longer stored." That isn't true. Even with Location History paused, some Google apps automatically store time-stamped location data without asking. For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are. And some searches that have nothing to do with location, like "chocolate chip cookies," or "kids science kits," pinpoint your precise latitude and longitude — accurate to the square foot — and save it to your Google account. The privacy issue affects some two billion users of devices that run Google's Android operating software and hundreds of millions of worldwide iPhone users who rely on Google for maps or search.... To stop Google from saving these location markers, the company says, users can turn off another setting, one that does not specifically reference location information. Called "Web and App Activity" and enabled by default, that setting stores a variety of information from Google apps and websites to your Google account. When paused, it will prevent activity on any device from being saved to your account. But leaving "Web & App Activity" on and turning "Location History" off only prevents Google from adding your movements to the "timeline," its visualization of your daily travels. It does not stop Google's collection of other location markers. You can delete these location markers by hand, but it's a painstaking process since you have to select them individually, unless you want to delete all of your stored activity. You can see the stored location markers on a page in your Google account at myactivity.google.com, although they're typically scattered under several different headers, many of which are unrelated to location. To demonstrate how powerful these other markers can be, the AP created a visual map of the movements of Princeton postdoctoral researcher Gunes Acar, who carried an Android phone with Location history off, and shared a record of his Google account. The map includes Acar's train commute on two trips to New York and visits to The High Line park, Chelsea Market, Hell's Kitchen, Central Park and Harlem. To protect his privacy, The AP didn't plot the most telling and frequent marker — his home address. Huge tech companies are under increasing scrutiny over their data practices, following a series of privacy scandals at Facebook and new data-privacy rules recently adopted by the European Union. Last year, the business news site Quartz found that Google was tracking Android users by collecting the addresses of nearby cellphone towers even if all location services were off. Google changed the practice and insisted it never recorded the data anyway. Critics say Google's insistence on tracking its users' locations stems from its drive to boost advertising revenue."
Google tracks your movements, like it or not
Associated Press, 13 August 2018

"U.S. lawmakers and the Trump administration have pressured U.S. companies to not sell Huawei or ZTE (000063.SZ) products, saying they potentially could be used to spy on Americans. Earlier this year they pushed AT&T (T.N) to drop a deal with Huawei to sell its smartphones in the United States. The source said Bob Lord, the DNC’s chief security officer, said in a email that it was important for party and campaign workers to be vigilant about the warnings. “Please make sure that you are not using or purchasing ZTE or Huawei devices anywhere within your staff - for personal or work-related use,” Lord said. Federal Communications Commission Chairman Ajit Pai told Congress in March he shared the concerns of U.S. lawmakers about espionage threats from Huawei. “Hidden ‘back doors’ to our networks in routers, switches - and virtually any other type of telecommunications equipment - can provide an avenue for hostile governments to inject viruses, launch denial-of-service attacks, steal data, and more,” Pai said at the time. The U.S. Department of Defense has already stopped selling mobile phones and modems made by Huawei and ZTE in stores on its military bases, citing potential security risks."
Democratic candidates told not to use ZTE, Huawei devices: source
Reuters, 4 August 2018

"Google is planning to launch a censored version of its search engine in China that will blacklist websites and search terms about human rights, democracy, religion, and peaceful protest, The Intercept can reveal. The project – code-named Dragonfly – has been underway since spring of last year, and accelerated following a December 2017 meeting between Google’s CEO Sundar Pichai and a top Chinese government official, according to internal Google documents and people familiar with the plans. Teams of programmers and engineers at Google have created a custom Android app, different versions of which have been named “Maotai” and “Longfei.” The app has already been demonstrated to the Chinese government; the finalized version could be launched in the next six to nine months, pending approval from Chinese officials.... Google’s search service cannot currently be accessed by most internet users in China because it is blocked by the country’s so-called Great Firewall. The app Google is building for China will comply with the country’s strict censorship laws, restricting access to content that Xi Jinping’s Communist Party regime deems unfavorable....The Chinese government blocks information on the internet about political opponents, free speech, sex, news, and academic studies. It bans websites about the 1989 Tiananmen Square massacre, for instance, and references to “anticommunism” and “dissidents.” Mentions of books that negatively portray authoritarian governments, like George Orwell’s 1984 and Animal Farm, have been prohibited on Weibo, a Chinese social media website...... Documents seen by The Intercept, marked “Google confidential,” say that Google’s Chinese search app will automatically identify and filter websites blocked by the Great Firewall. When a person carries out a search, banned websites will be removed from the first page of results, and a disclaimer will be displayed stating that “some results may have been removed due to statutory requirements.” Examples cited in the documents of websites that will be subject to the censorship include those of British news broadcaster BBC and the online encyclopedia Wikipedia. The search app will also “blacklist sensitive queries” so that “no results will be shown” at all when people enter certain words or phrases, the documents state. The censorship will apply across the platform: Google’s image search, automatic spell check and suggested search features will incorporate the blacklists, meaning that they will not recommend people information or photographs the government has banned..... Patrick Poon, a Hong Kong-based researcher with human rights group Amnesty International, told The Intercept that Google’s decision to comply with the censorship would be “a big disaster for the information age.” “This has very serious implications not just for China, but for all of us, for freedom of information and internet freedom,” said Poon. “It will set a terrible precedent for many other companies who are still trying to do business in China while maintaining the principles of not succumbing to China’s censorship. The biggest search engine in the world obeying the censorship in China is a victory for the Chinese government – it sends a signal that nobody will bother to challenge the censorship any more.”"
Google Plans to Launch Censored Search Engine in China, Leaked Documents Reveal
Intercept, 1 August 2018

"The world's most powerful governments are today accused of bankrolling surveillance kit and training for smaller and dubious nations – and the tech industry stands to benefit. In a dossier published on Tuesday, civil-rights warriors Privacy International said that top governments – from the US, UK and China to France, Germany, and the European Union – are financing, training and equipping countries, including authoritarian regimes, with surveillance capabilities. By doing so, the countries with the most extensive security and military agencies are “transferring their electronic surveillance capabilities, practices, and legislation around the world,” the report said. It said that some of the funds for such programmes were being badged as development. The US spent more than $20bn in security aid in 2017, with recipients of training and kit over the years including African nations and Afghanistan. Privacy International said that despite such efforts boosting recipients’ security capacities, it can also play “a defining role in maintaining the ability of recipient governments to exercise functions of the state and political control.”"
Revealed in detail: World powers stuff spyware kit, how-to guides in dodgy nations' pockets
The Register, 16 July 2018

"The system that allowed spy agency GCHQ access to vast amounts of personal data from telecoms companies was unlawful for more than a decade, a surveillance watchdog has ruled. The Investigatory Powers Tribunal said that successive foreign secretaries had delegated powers without oversight. But it added there was no evidence GCHQ had misused the system. Privacy International criticised the "cavalier manner" in which personal data was shared. The group brought the legal challenge and solicitor Millie Graham Wood said it was "proof positive" that the system set up to protect personal data was flawed. "The foreign secretary was supposed to protect access to our data by personally authorising what is necessary and proportionate for telecommunications companies to provide to the agencies. "The way that these directions were drafted risked nullifying that safeguard by delegating that power to GCHQ - a violation that went undetected by the system of commissioners for years and was seemingly consented to by all of the telecommunications companies affected." Under security rules introduced after the attacks on 11 September 2001, the UK's foreign secretary had the power to direct GCHQ to obtain data from telecoms companies, with little oversight of what they were subsequently asking for."
UK snooping 'unlawful for more than decade'
BBC, 24 July 2018

"Earlier this month it came out that among Facebook’s myriad algorithmically induced advertising categories was an entry for users whom the platform’s data mining systems believed might be interested in treason against their government. The label had been applied to more than 65,000 Russian citizens, placing them at grave risk should their government discover the label. Similarly, the platform’s algorithms silently observe its two billion users’ actions and words, estimating which users it believes may be homosexual and quietly placing a label on their account recording that estimate. What happens when governments begin using these labels to surveil, harass, detain and even execute their citizens based on the labels produced by an American company’s black box algorithms? One of the challenges with the vast automated machine that is Facebook’s advertising engine is that its sheer scale and scope means it could never possibly be completely subject to human oversight. Instead, it hums along in silence, quietly watching the platform’s two billion users as Big Brother, silently assigning labels to them indicating its estimates of everything from their routine commercial interests to the most sensitive and intimate elements of their personality, beliefs and medical conditions that could be used by their governments to manipulate, arrest or execute them. Such concerns are unfortunately far from hypothetical. .... many governments across the world that very much aware of the potential of Facebook’s advertising tools for surveillance and indeed use them actively to track specific demographics and interests, using the company’s built-in reporting tools to identify geographic areas and demographics to target for further surveillance.... The public availability of Facebook’s targeting tools means intelligence agencies need no court orders to leverage them, foreign intelligence services can use them to track and surveil on foreign soil and even local law enforcement agencies can use them with few restrictions.... Facebook is increasingly playing as a tool for law enforcement, intelligence agencies and repressive regimes to crack down on legitimate dissent or internationally recognized human rights. It also raises important questions about the company’s legal exposure if it knowingly assists a repressive regime track down and execute citizens based on internationally protected statuses.... its international reach, massive centralized data warehouse and algorithms that can divine the most sensitive and intimate elements of our lives are likely to increasingly become a go-to one-stop shop for the world’s intelligence agencies to spy on and influence the world while governments themselves increasingly leverage their legal powers to force Facebook to help them hunt down dissent and those different from themselves. Welcome to a world even Orwell could not have imagined."
Facebook As The Ultimate Government Surveillance Tool?
Forbes, 20 July 2018


"With millions of cameras and billions of lines of code, China is building a high-tech authoritarian future. Beijing is embracing technologies like facial recognition and artificial intelligence to identify and track 1.4 billion people. It wants to assemble a vast and unprecedented national surveillance system, with crucial help from its thriving technology industry.....China is reversing the commonly held vision of technology as a great democratizer, bringing people more freedom and connecting them to the world. In China, it has brought control..... Billboard-size displays show the faces of jaywalkers and list the names of people who don’t pay their debts. Facial recognition scanners guard the entrances to housing complexes. Already, China has an estimated 200 million surveillance cameras — four times as many as the United States. Such efforts supplement other systems that track internet use and communications, hotel stays, train and plane trips and even car travel in some places.... In China, even the perception of surveillance can keep the public in line. Some places are further along than others. Invasive mass-surveillance software has been set up in the west to track members of the Uighur Muslim minority and map their relations with friends and family, according to software viewed by The New York Times. “This is potentially a totally new way for the government to manage the economy and society,” said Martin Chorzempa, a fellow at the Peterson Institute for International Economics. “The goal is algorithmic governance,” he added.... China has become the world’s biggest market for security and surveillance technology, with analysts estimating the country will have almost 300 million cameras installed by 2020. Chinese buyers will snap up more than three-quarters of all servers designed to scan video footage for faces, predicts IHS Markit, a research firm.... China’s surveillance companies are also looking to test the appetite for high-tech surveillance abroad. Yitu says it has been expanding overseas, with plans to increase business in regions like Southeast Asia and the Middle East.... “The whole point is that people don’t know if they’re being monitored, and that uncertainty makes people more obedient,” said Mr. Chorzempa, the Peterson Institute fellow.""
Inside China’s Dystopian Dreams: A.I., Shame and Lots of Cameras
New York Times, 8 July 2018

"A group of researchers and students at MIT have developed an intelligent radar-like technology that makes it possible to see through walls to track people as they move around, a development that could prove useful for monitoring the elderly or sick as well as for other applications — but that also raises privacy concerns. Tests show that the technology, known as RF-Pose, can reveal whether someone is walking, sitting, standing or even waving — and can identify individuals from a known group with a success rate of 83 percent. Its developers say it could prove useful for law enforcement, search and rescue, and — perhaps most important — health care....Ginés Hidalgo, a research associate at the Robotics Institute of Carnegie Mellon University in Pittsburgh, told NBC News MACH in an email that it was of limited use at this point because the radio signals it uses are unable to pass through thick walls. "It could become a breakthrough" if that limitation can be addressed, said Hidalgo, who was not involved in the project. But Hidalgo said the technology also raises privacy concerns. "If a normal camera is recording me, it means I am able to see the camera, too," he said in the email. "If this camera can be hidden behind or even inside any object, I would never be able to know when I am being monitored.""
Smart technology sees through walls to track and identify people
NBC News, 8 July 2018

"It’s the smartphone conspiracy theory that just won’t go away: Many, many people are convinced that their phones are listening to their conversations to target them with ads. Vice recently fueled the paranoia with an article that declared “Your phone is listening and it’s not paranoia,” a conclusion the author reached based on a 5-day experiment where he talked about “going back to uni” and “needing cheap shirts” in front of his phone and then saw ads for shirts and university classes on Facebook....They found no evidence of an app unexpectedly activating the microphone or sending audio out when not prompted to do so. Like good scientists, they refuse to say that their study definitively proves that your phone isn’t secretly listening to you, but they didn’t find a single instance of it happening. Instead, they discovered a different disturbing practice: apps recording a phone’s screen and sending that information out to third parties.Of the 17,260 apps the researchers looked at, over 9,000 had permission to access the camera and microphone and thus the potential to overhear the phone’s owner talking about their need for cat litter or about how much they love a certain brand of gelato. Using 10 Android phones, the researchers used an automated program to interact with each of those apps and then analyzed the traffic generated.The strange practice they started to see was that screenshots and video recordings of what people were doing in apps were being sent to third party domains. For example, when one of the phones used an app from GoPuff, a delivery start-up for people who have sudden cravings for junk food, the interaction with the app was recorded and sent to a domain affiliated with Appsee, a mobile analytics company. The video included a screen where you could enter personal information—in this case, their zip code. This wasn’t a total surprise: Appsee proudly touts its ability to record what users are doing in an app on its website. What bothered the researchers was that it wasn’t evident to the user that their behavior was being recorded, something which wasn’t disclosed in GoPuff’s privacy policy. After the researchers contacted GoPuff, it added a disclosure to the policy acknowledging that “ApSee” might receive users PII. “As an added precaution, we also pulled Appsee SDK from the latest Android and iOS builds,” said the start-up’s spokesperson by email.... In other words, until smartphone makers notify you when your screen is being recorded or give you the power to turn that ability off, you have a new thing to be paranoid about. The researchers will be presenting their work at the Privacy Enhancing Technology Symposium Conference in Barcelona next month... The researchers weren’t comfortable saying for sure that your phone isn’t secretly listening to you in part because there are some scenarios not covered by their study."
These Academics Spent the Last Year Testing Whether Your Phone Is Secretly Listening to You
Gizmodo, 3 July 2018

"Officials with Customs and Border Protection’s Entry/Exit have a way to shorten the long lines at airline gates while improving security and meeting an almost 15-year-old mandate from Congress. Officials announced June 21 that Orlando International would be the first airport in the country to screen every international passenger using facial recognition technology. CBP has been running biometric pilots—including facial recognition—at 13 airports across the country but Orlando will be the first to use the system on all travelers. In 2004, Congress charged the CBP with finding a way to apply biometric screening at all border crossings—including land, air and sea. The agency has struggled to comply, citing difficulties in finding the right technology to improve security without adding significant travel delays. “We are at a critical turning point in the implementation of a biometric entry-exit system, and we’ve found a path forward that transforms travel for all travelers,” CBP Commissioner Kevin McAleenan said at a June 21 press conference. “The valuable collaboration with stakeholder partners like [the Greater Orlando Aviation Authority] has resulted in real momentum and it has brought us to where we are today, the first fully biometric entry-exit deployment at an airport.”"
Florida Airport Will Be the First to Scan Every International Traveler’s Face
Defense One, 26 June 2018

"The secrets are hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program. Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C. In each of these cities, The Intercept has identified an AT&T facility containing networking equipment that transports large quantities of internet traffic across the United States and the world. A body of evidence – including classified NSA documents, public records, and interviews with several former AT&T employees – indicates that the buildings are central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.... According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies. Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight."
The Wiretap Rooms
Intercept, 25 June 2018

"Campaign group Big Brother Watch has accused HMRC of creating ID cards by stealth after it was revealed the UK taxman has amassed a database of 5.1 million people's voiceprints.The department introduced its Voice ID system in January 2017. This requires taxpayers calling HMRC to record a key phrase, which is used to create a digital signature that the system uses to unlock the right account when they phone back. According to a Freedom of Information request, submitted by Big Brother Watch and published today, the department now has more than 5.1 million people's voiceprints on record. However, the group argued that users haven't been given enough information on the scheme, how to opt in or out, or details on how their data would be deleted. The FoI revealed that no customers have opted out in the 30 days to 13 March, but the department refused to respond to set out exactly how the erasure process would work. Director Silkie Carlo said that taxpayers have been "railroaded into a mass ID scheme" and that the government was "imposing biometric ID cards on the public by the back door". The FoI response also raises questions about the lawfulness of the collection and storage of the data, and whether it is in line with the General Data Protection Regulation that came into force on 25 May. Under the GDPR, a system that allows people to be identified by their voice would likely meet the definition of processing of biometric data. This places certain demands on the organisation beyond those made for other forms of personal data. "Where [biometric processing] takes place, GDPR says that the person must give 'explicit consent'. 'Consent' also means a 'freely given, specific, informed and unambiguous' indication of the person's wishes, and it must be a 'clear, affirmative action'," said Jon Baines, a data protection advisor at law firm Mischon de Reya.... HMRC also refused to divulge information on who else has access to Voice ID in its FoI response (PDF), saying it risked prejudicing the prevention or detection of crime. Big Brother Watch also slammed Whitehall's decision to create another database of sensitive biometric material, describing it as another step towards the "database state". The FoI response from HMRC also shows that the department did not consult the biometrics commissioner on its Voice ID plans. The government is already under pressure over its custody image database – which contains around 21 million shots of faces and identifying features – because the pictures are stored even if the subject is not charged. This is despite a 2012 High Court judgment that said keeping images of presumed innocent people on file was unlawful. The Home Office has blamed outdated and clunky IT systems for the prolonged retention but hasn't committed to specifically address this issue."
UK taxman has amassed voice profiles of 5.1 million taxpayers
The Register, 25 June 2018

"Facebook is working on controversial software which lets it secretly order users’ smartphones to start recording audio whenever they hear inaudible messages hidden in television adverts.The social network has always denied rumours that it listens into people’s private conversations and analyses what they talk about so it can show advertising that interests them. But in a patent application published on June 14 this year, Big Zucker’s research division revealed a system which lets it quietly tell people’s mobile phones to capture ‘ambient audio’. It allows Facebook to conceal ‘a non-human hearable digital sound’ in the audio of a TV ad or other content. Although people won’t be able to hear this sound, it contains a ‘machine recognizable’ set of Morse code-style sounds which let it tap out a message to your smartphone and order it to begin recording. The secret sound could be a very high-pitched voice, Facebook wrote, pitched just above the limit of human hearing. When it hears this signal, a phone will then start capturing ambient audio, which Facebook describes as the ‘distinct and subtle sounds of a particular location created by the environment of the location, such as machinery noise, the sound of distant human movement and speech, creaks from thermal contraction, and air conditioning and plumbing noises in a household’. Now, you might think this sounds like an Orwellian nightmare technology which will let Big Zucker intrude upon our lives in unprecedentedly terrifying ways. But Facebook designed it with a specific purpose in mind. The tech is built to monitor what people watch on their ‘broadcasting device’ so that the adverts they are shown on Facebook are likely to appeal to them."
Facebook wants to hide secret inaudible messages in TV ads that can force your phone to record audio
Metro, 22 June 2018

"The Supreme Court on Friday said the government generally needs a warrant if it wants to track an individual's location through cell phone records over an extended period of time. In a highly anticipated decision released Friday, the US Supreme Court updated Fourth Amendment protections for the digital era. In a 5-4 ruling, the court decided in Carpenter v. United States that the government generally needs a warrant in order to access cell site location information, which is automatically generated whenever a mobile phone connects to a cell tower and is stored by wireless carriers for years. The ruling does leave the door open for law enforcement to obtain such information without a warrant in some instances. Still, the court recognizes that cell phones are not voluntary but necessary for modern life, and that their technology poses some unique circumstances for the law. “We decline to grant the state unrestricted access to a wireless carrier’s database of physical location information,” Chief Justice John Roberts wrote in the majority opinion. “In light of the deeply revealing nature of CSLI, its depth, breadth, and comprehensive reach, and the inescapable and automatic nature of its collection, the fact that such information is gathered by a third party does not make it any less deserving of Fourth Amendment protection.” Roberts was joined by Justices Ruth Bader Ginsburg, Stephen Breyer, Sonia Sotomayor, and Elena Kagan. Justices Anthony Kennedy, Clarence Thomas, Samuel Alito, and Neil Gorsuch dissented. The court’s ruling represents a win for digital privacy advocates, and, while narrow, it may have implications for all sorts of information held by third parties, including browsing data, text messages, emails, and bank records. Three years later, in 1979, the court ruled in Smith v. Maryland that the third-party doctrine also extends to call records collected by phone companies. But on Friday, the Supreme Court said that cell site location information is a “qualitatively different category” of information. CSLI allows law enforcement to paint a nearly complete picture of Americans' movements. Last year, AT&T and Verizon jointly received nearly 125,000 requests from law enforcement for CSLI data, according to their transparency reports. Law enforcement officials will now only be able to make such requests after obtaining a warrant, which will require them to demonstrate probable cause. The court has expressed uneasiness about the collection of vast amounts of digital data before. In the 2014 case Riley v. California, it ruled that police generally need a warrant to search the cell phone of a person under arrest. And in 2012, in United States v. Jones, the court said that it does violate a person's Fourth Amendment rights for the government to place a GPS tracker on their car without a warrant.In Carpenter, Roberts left the door open for courts to obtain location information without a warrant in two circumstances. The court declined to decide on whether law enforcement seeking a smaller window of records—fewer than seven days, which is what the government requested from Sprint in the case—constitutes a Fourth Amendment search. The opinion also allows for exceptions for emergencies, like “bomb threats, active shootings, and child abductions....  Fourteen of the largest US tech companies—including Google, Apple, Facebook, and Microsoft—filed a brief in support of updating the Fourth Amendment for the digital era. It was technically not filed in support of either party, but largely backed Carpenter's position. The cohort even included Verizon, which cooperated with the National Security Agency as part of its broad bulk surveillance programs for years. Verizon's stance is particularly notable because the company holds the specific kind of location records that were at issue in the case. Cyrus Farivar, a reporter at Ars Technica and the author of Habeas Data, a new book about privacy laws and the rise of surveillance technology, says the ruling shows that the court views cell phones differently. “They’re an entirely separate class of devices that provide a very intimate look into the most detailed elements of our life, not only where we go generally, but where we go extremely specifically,” he says. He also notes that the court was split and that it took a long time for it to come to its decision, which was unusually released on a Friday. “That suggests that this is an issue that the court came to with a great deal of thought, discussion, and deliberation. This is not an easy decision to reach.” We don’t yet know how the ruling might impact other forms of government surveillance. Justice Roberts was careful to note that the ruling is intended to be narrow in its scope, writing that the court does not “call into question conventional surveillance techniques and tools, such as security cameras. Nor do we address other business records that might incidentally reveal location information. Further, our opinion does not consider other collection techniques involving foreign affairs or national security.” “The government can no longer claim that the mere act of using technology eliminates the Fourth Amendment’s protections. Today’s decision rightly recognizes the need to protect the highly sensitive location data from our cell phones, but it also provides a path forward for safeguarding other sensitive digital information in future cases—from our emails, smart-home appliances, and technology that is yet to be invented,” ACLU attorney Nathan Freed Wessler, who argued the case before the court, said in a statement. At issue was an antiquated legal principle called the third-party doctrine, which holds that information customers voluntarily provide to a third party—such as a telecom company or a bank—is outside the bounds of Fourth Amendment protections. The doctrine comes from United States v. Miller, a 1976 case in which the court ruled that law enforcement doesn't need a warrant in order to access bank records because "the Fourth Amendment does not prohibit the obtaining of information revealed to a third party.”"
The Supreme Court Just Greatly Strengthened Digital Privacy
Wired, 22 June 2018

"The government is obsessed with your face. Do not be flattered. This is more of a creepy stalker fixation. From the federal Department of Homeland Security down to local police departments, governmental use of biometric facial recognition software has gained a startling amount of traction in recent years. And these agencies are getting help from big business, to boot.For example, DHS is reportedly developing a massive new biometric and biographic database with extensive data on citizens and foreigners alike. The Homeland Advanced Recognition Technology (HART) database will reportedly include at least seven biometric identifiers, including face and voice data, tattoos, DNA, scars, and other "physical descriptors" on as many as 500 million people. The agency has been remarkably hush-hush on how HART will be utilized — but the possibilities are frightening.DHS expects to launch the new database next fiscal year, according to internal documents. By the following year, they anticipate having iris and facial matching capabilities, and by fiscal year 2021, the database is expected to be functioning in its full capacity. This massive and intrusive initiative will grant a whole host of federal, state, and local agencies access to intimate details about hundreds of millions of Americans and foreigners....While HART will be the most expansive biometric database to date, DHS isn't the first federal entity to take an interest in using facial identification. As of 2015, the FBI's Next Generation Identification (NGI) database held records on nearly one-third of the American population, including 52 million mugshots. Half of the states in the country are either actively using NGI or have expressed interest in using it, according to the Electronic Frontier Foundation.The fetishizing of facial recognition as a must-have for law enforcement doesn't stop at the federal level. Last month, Amazon announced it is selling its facial recognition software, known as Rekognition, to local police departments all over the country. This would allow law enforcement to cross reference surveillance camera footage from a crime scene with Amazon's collection of "tens of millions" of faces.... This all amounts to a gross violation of Americans' privacy and civil liberties.....This sort of biometric intrusion goes far beyond the legitimate purview of our government. Our faces are our own."
The government's creepy obsession with your face
The Week, 18 June 2018

"China is establishing an electronic identification system to track cars nationwide, according to records and people briefed on the matter, adding to a growing array of surveillance tools the government uses to monitor its citizens. Under the plan being rolled out July 1, a radio-frequency identification chip for vehicle tracking will be installed on cars when they are registered. Compliance will be voluntary this year but will be made mandatory for new vehicles at the start of 2019, the people said.Authorities have described the plan as a means to improve public security and to help ease worsening traffic congestion, documents show, a major concern in many Chinese cities partly because clogged roads contribute to air pollution. But such a system, implemented in the world’s biggest automotive market, with sales of nearly 30 million vehicles a year, will also vastly expand China’s surveillance network, experts say. That network already includes widespread use of security cameras, facial recognition technology and internet monitoring."
A Chip in the Windshield: China’s Surveillance State Will Soon Track Cars
Wall St Journal, 13 June 2018

"The creepy ways Facebook spies on its users have been detailed in a bumper document presented to Congress. They include tracking mouse movements, logging battery levels and monitoring devices close to a user that are on the same network. The 454-page report was created in response to questions Mark Zuckerberg was asked during his appearance before Congress in April. Lawmakers gave Zuckerberg a public grilling over the Cambridge Analytica scandal, but he failed to answer many of their queries.  The new report is Facebook's attempt to address their questions, although it sheds little new light on the Cambridge Analytica scandal. However, it does contain multiple disclosures about the way Facebook collects data....Facebook tracks what device you are using to access the network. To do this, it will log the hardware manufacturer of your smartphone, connected television, tablet, computer, or other internet-connected devices. Facebook also tracks the operating system, software versions and web browser.  If you're using a smartphone, it will keep a record of the mobile carrier, while internet service providers (ISPs) will be stored for users using a Wi-Fi or Ethernet connection to access Facebook. In some cases, it will monitor devices that are using the same network as you. 'Facebook’s services inherently operate on a cross-device basis: understanding when people use our services across multiple devices helps us provide the same personalized experience wherever people use Facebook,' the firm wrote in the lengthy document. According to Facebook, this is done, for example, 'to ensure that a person’s News Feed or profile contains the same content whether they access our services on their mobile phone or in a desktop computer’s web browser.' Facebook also says this information is used to curate more personalized ads."
The 18 things you may not realise Facebook knows about you: Firm reveals the extent of its spying in a 454-page document to Congress
Mail, 12 June 2018

"Google will not allow its artificial intelligence software to be used in weapons or 'unreasonable surveillance' efforts. Following a major backlash from employees, the Alphabet unit has laid out new rules for its AI software.  The new restrictions could help Google management defuse months of protest by thousands of employees against the company's work with the U.S. military to identify objects in drone video. Google will pursue other government contracts including around cybersecurity, military recruitment and search and rescue, Chief Executive Sundar Pichai said in a blog post Thursday. 'We recognize that such powerful technology raises equally powerful questions about its use.  'How AI is developed and used will have a significant impact on society for many years to come. ... Google and its big technology rivals have become leading sellers of AI tools, which enable computers to review large datasets to make predictions and identify patterns and anomalies faster than humans could. But the potential of AI systems to pinpoint drone strikes better than military specialists or identify dissidents through mass collection of online communications has sparked concerns among academic ethicists and Google employees....The U.S. military has been looking to incorporate elements of artificial intelligence and machine learning into its drone program....The Pentagon is trying to develop algorithms that would sort through the material and alert analysts to important finds, according to Air Force Lieutenant General John N.T. 'Jack' Shanahan, director for defense intelligence for warfighting support.... Shanahan said his team is currently trying to teach the system to recognize objects such as trucks and buildings, identify people and, eventually, detect changes in patterns of daily life that could signal significant developments... Similar image recognition technology is being developed commercially by firms in Silicon Valley, which could be adapted by adversaries for military reasons."
Google bans the uses of its AI tech in weapons and 'unreasonable surveillance systems' - but says it will continue to work with the military on other projects
Reuters, 7 June 2018

"A federal study found signs that surveillance devices for intercepting cellphone calls and texts were operating near the White House and other sensitive locations in the Washington area last year. A Department of Homeland Security program discovered evidence of the surveillance devices, called IMSI catchers, as part of federal testing last year, according to a letter from DHS to Sen. Ron Wyden (D-Ore.) on May 22. The letter didn't specify what entity operated the devices and left open the possibility that there could be alternative explanations for the suspicious cellular signals collected by the federal testing program last year. The discovery bolsters years of independent research suggesting that foreign intelligence agencies use sophisticated interception technology to spy on officials working within the hub of federal power in the nation’s capital. Experts in surveillance technology say that IMSI catchers — sometimes known by one popular brand name, StingRay — are a standard part of the tool kit for many foreign intelligence services, including for such geopolitical rivals as Russia and China....The devices work by simulating cell towers to trick nearby phones into connecting, allowing the IMSI catchers to collect calls, texts and data streams. Unlike some other forms of cellphone interception, IMSI catchers must be near targeted devices to work.When they are in range, IMSI catchers also can deliver malicious software to targeted devices for the purpose of stealing information stored on them or conducting longer-term monitoring of communications. The same May 22 letter revealed that DHS was aware of reports that a global cellular network messaging system, called SS7, was being used to spy on Americans through their cellphones. Such surveillance, which can intercept calls and locate cellphones from anywhere in the world, is sometimes used in conjunction with IMSI catchers.... Civil liberties groups have long warned that IMSI catchers are used with few limits by U.S. authorities, who collect calls, texts and other data from innocent bystanders as they conduct surveillance on criminal suspects or other legitimate targets. Increasingly, though, critics have sought to portray the technology as posing threats to national security because foreign intelligence services use them on Americans, both while in the United States and abroad.... The surveillance devices are hard to counteract, although encrypted calling and messaging apps — such as Signal, WhatsApp or Apple's FaceTime — provide protection against IMSI catchers. Some experts advocate wider deployment of such encrypted communication tools within the U.S. government, along with a move away from traditional cellular calling and texting."
Signs of sophisticated cellphone spying found near White House, U.S. officials say
Washington Post, 1 June 2018

"... a couple’s private conversation was recorded by Alexa and then sent to a random number in their address book. The conversation was about hardwood floors, apparently, which is not a topic with the potential to make one blush with shame when recollecting it; but that’s not really the point. The point is that the private was made public, because a machine – according to Amazon – malfunctioned. This kind of thing is going to start happening more, and not because the machine is malfunctioning; it’s going to happen because the machine is doing its job properly: its job being to snoop. The mystery is that people are assenting to this, or considering it as progress.... Never mind, though, about the possibility of being hacked and/or spied on. Actually, we should mind very much about that, and it’s a probability more than a possibility, but there are other problems that perhaps aren’t being considered often or openly enough. These revolve around the very purpose of the huge companies who are now running our lives: simply, to make money out of us, to turn us into nothing more than the aggregate of our material desires, and to crunch those desires into data, which can then be sold to whoever wants it; and we now know that some of these buyers have very sinister agendas indeed. Until technology like Alexa came along, though, we did at least have to go to the trouble of actively keying in information. Now, though, anything we say could be picked up and used in ways we can hardly imagine. We like to think we are in control of our technology, and this has more or less always been the case; but very soon, our technology is going to be in control of us, if it isn’t already."
Alexa, what does the future hold? A dystopia where gadgets spy on us
Guardian, 28 May 2018

"A couple in Portland, Oregon joked that their Amazon Alexa might be listening in to their private conversations. The joke came to an abrupt end when they discovered a conversation was indeed recorded by Alexa - and then sent to an apparently random person in their contact list. "Unplug your Alexa devices right now!" warned the puzzled recipient, according to ABC affiliate station KIRO7, which first reported the story.""
Amazon Alexa 'heard and sent private chat'
BBC, 24 May 2018

"In late 2016, Amazon introduced a new online service that could help identify faces and other objects in images, offering it to anyone at a low cost through its giant cloud computing division, Amazon Web Services. Not long after, it began pitching the technology to law enforcement agencies, saying the program could aid criminal investigations by recognizing suspects in photos and videos. It used a couple of early customers, like the Orlando Police Department in Florida and the Washington County Sheriff’s Office in Oregon, to encourage other officials to sign up. But now that aggressive push is putting the giant tech company at the center of an increasingly heated debate around the role of facial recognition in law enforcement. Fans of the technology see a powerful new tool for catching criminals, but detractors see an instrument of mass surveillance. On Tuesday, the American Civil Liberties Union led a group of more than two dozen civil rights organizations that asked Amazon to stop selling its image recognition system, called Rekognition, to law enforcement. The group says that the police could use it to track protesters or others whom authorities deem suspicious, rather than limiting it to people committing crimes."
Amazon Pushes Facial Recognition to Police. Critics See Surveillance Risk
New York Times, 22 May 2018

"The American Civil Liberties Union and other privacy activists are asking Amazon to stop marketing a powerful facial recognition tool to police, saying law enforcement agencies could use the technology to "easily build a system to automate the identification and tracking of anyone."...privacy advocates have been concerned about expanding the use of facial recognition to body cameras worn by officers or safety and traffic cameras that monitor public areas, allowing police to identify and track people in real time.The tech giant's entry into the market could vastly accelerate such developments, the privacy advocates fear, with potentially dire consequences for minorities who are already arrested at disproportionate rates, immigrants who may be in the country illegally or political protesters."People should be free to walk down the street without being watched by the government," the groups wrote in a letter to Amazon on Tuesday. "Facial recognition in American communities threatens this freedom."..... Clare Garvie, an associate at the Center on Privacy and Technology at Georgetown University Law Center, said part of the problem with real-time face recognition is its potential impact on free-speech rights.While police might be able to videotape public demonstrations, face recognition is not merely an extension of photography, but also a biometric measurement — more akin to police walking through a demonstration and demanding identification from everyone there."
ACLU asks Amazon to stop marketing face-recognition technology to police
Associated Press, 22 May 2018

"Large public places, such as airports or shopping malls, have already been turned into surveillance free-for-alls, where people’s every move is catalogued for the sake of profit. Now, one prominent company is ready to help governments spread that same surveillance technology over entire cities. Israeli company Jenovice Cyber Labs is poised to launch new products that monitor everything from prisons to heavily populated areas, depending on what exactly customers want, CyberScoop has learned. It’s a particularly provocative product coming in the wake of DHS detecting Stingray cellphone spying devices across Washington, D.C., but all too easy to fathom based on the way companies make millions off the collection of location-based data. Jenovice’s Metropolink, which is only available for law enforcement and intelligence agencies, is sold as an “autonomous” surveillance system meant to monitor entire metropolitan areas. The capabilities list reads like hacker tech from a Jason Bourne movie: It’s advertised as being able to locate, list, map, track, analyze and visualize all Wi-Fi networks and identities across whatever environment a customer chooses.  The product works thanks to a network of sensors placed around a large populated area that track devices by identifiers including, but not limited to, MAC address and geolocation. Targets are usually phones that are broadcasting and collecting Wi-Fi information by default. Product advertising lists the technology as “passive,” an important distinction that’s subject to less regulatory oversight than active attacks and exploits found in other products. Similarly, in many countries, Metropolink doesn’t require a warrant, the company says. Metropolink sensors possess a default collection range of about 500 meters, which can be enhanced depending on the hardware. The sensors then pass the data to a command center where its visualized for easy consumption. The company also promises that the devices can detect and track targets moving at high speeds in cars or motorcycles. Another product Jenovice will launch is Prisonlink, a surveillance kit designed for the smaller and more specialized environment of prisons. The product materialized after correctional officers in multiple countries told Jenovice that prisoners use Wi-Fi connectivity to communicate with the outside world, which is often against prison rules. In addition to tracking unauthorized phones and Wi-Fi networks, Prisonlink can gather information on devices and disconnect a target device from their Wi-Fi access point. The last entry in Jenovice’s new product line is perhaps the most opaque. Achilles Cloud Interception boasts the ability to “use and connect keys to extract cloud account information” from iCloud and Google accounts remotely “in a fully automated and silent process.” The company says the product steals authentication tokens, granting full access to a targeted account. Credential extraction requires physical proximity to a system like Metropolink. When asked, Jenovice declined to further explain how the product works. Token-based authentication is ubiquitous on the modern web; it’s how you stay signed in to virtually everything. If Achilles works as advertised, it’d be a major weapon in a customer’s arsenal. CyberScoop hasn’t seen or heard of Achilles being successfully demonstrated in a meaningful way. The new product announcements will be made at the upcoming June 2018 ISS World conference in Prague, a global conference for the surveillance and hacking industries. On the second day of the conference, Jenovice’s vice president for research and development Tal cis giving a talk on “tactical Wi-Fi interception” focusing on “identifying targets, acquiring them and manipulating Wi-Fi enabled devices to extract intelligence.” Gleichger said the company hasn’t received any outside funding and is already selling its products “all over the world.” Much of Metropolink echoes the tech from Snoopy, a 2012 research project from Glenn Wilkinson and Daniel Cuthbert focused on stealing data from mobile devices by imitating Wi-Fi networks and intercepting data traffic. That research proved the idea was possible by snooping on traffic in subway stations across London. A similar surveillance research project is CreepyDOL by Brendan O’Connor. CreepyDOL tracks Wi-Fi signals as a way to follow smartphones across a targeted area. Snoopy surveils and identifies targets by tracking the radio signals — not just Wi-Fi — that virtually all devices emit."
Meet the Israeli company ready to sell citywide surveillance
Cyberscoop, 21 May 2018

"Many people have grown accustomed to talking to their smart devices, asking them to read a text, play a song or set an alarm. But someone else might be secretly talking to them, too.Over the last two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside university labs, the researchers have been able to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites. In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio. A group of students from University of California, Berkeley, and Georgetown University showed in 2016 that they could hide commands in white noise played over loudspeakers and through YouTube videos to get smart devices to turn on airplane mode or open a website. This month, some of those Berkeley researchers published a research paper that went further, saying they could embed commands directly into recordings of music or spoken text. So while a human listener hears someone talking or an orchestra playing, Amazon’s Echo speaker might hear an instruction to add something to your shopping list."
Alexa and Siri Can Hear This Hidden Command. You Can’t.
New York Times, 10 May 2018

"Thousands of jails and prisons across the United States use a company called Securus Technologies to provide and monitor calls to inmates. But the former sheriff of Mississippi County, Mo., used a lesser-known Securus service to track people’s cellphones, including those of other officers, without court orders, according to charges filed against him in state and federal court. The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show. Between 2014 and 2017, the sheriff, Cory Hutcheson, used the service at least 11 times, prosecutors said. His alleged targets included a judge and members of the State Highway Patrol. Mr. Hutcheson, who was dismissed last year in an unrelated matter, has pleaded not guilty in the surveillance cases. As location tracking has become more accurate, and as more people carry their phones at every waking moment, the ability of law enforcement officers and companies like Securus to get that data has become an ever greater privacy concern."
Service Meant to Monitor Inmates’ Calls Could Track You, Too
New York Times, 10 May 2018

"South Wales Police has been testing an automated facial recognition system since June 2017 and has used it in the real-world at more than ten events. In the majority of cases, the system has made more incorrect matches than the times it has been able to correctly identify a potential suspect or offender. ..... Automatic systems that scan people's faces in public and try to make matches are at an early stage in the UK. In China, systems are more advanced with a BBC News reporter being located, during a stunt, within just seven minutes...... South Wales Police, in its privacy assessment of the technology, says it is a "significant advantage" that no "co-operation" is required from a person. Its system is comprised of two CCTV cameras that are connected to a laptop or server. The CCTV feed is recorded and faces are pulled from the footage, which is compared automatically against a watch list. This list, formed of a database, can be comprised of thousands of facial images... In the future, the police force says, it may be possible to integrate the facial recognition technology with databases from other sources. It says the Police National Database (which has more than 19 million images), the Automatic Number Plate Recognition database, passport or driving licence could be added to its system..... But the use of the system raises privacy considerations. "It is accepted that civil rights [sic] may start to voice concerns over the invasion of privacy by this technology," the Welsh police force's privacy assessment of its own system says.... South Wales Police isn't the only UK constabulary that has been testing facial recognition systems in public places.... The automated facial recognition systems being used at public events are separate to police uses of face matching technology that uses other images: such as social media photos, or pre-recorded CCTV footage. In 2012, the High Court ruled it was unlawful for millions of photos of innocent people to be kept on police databases. At present, these can only be removed if a person makes a complaint to police."
Facial recognition tech used by UK police is making a ton of mistakes
Wired, 4 May 2018

"For several months, [Orlando International] airport has worked with British Airways to test facial-recognition, or biometric screening. Recently, the Greater Orlando Aviation Authority moved to equip the airport as the first in the nation to use the technology for all international flights inbound and outbound. The experience of the novel technology in an otherwise timeworn routine was remarked upon by an elderly British Airways passenger, who clutched a burgundy passport splayed at its photo page, where a boarding pass was tucked, both ready for the customary presentation.... John Newsome, the airport’s chief information officer, said all of the airport’s 25 carriers with foreign flights and the two border checkpoints will be equipped for biometric screening through this summer. The decision means spending $4 million on gates and high-definition cameras for departing and arriving international flights.... In an era of online breaches of privacy, theft of financial information and fears of government surveillance, Orlando International and Customs and Border Protection are readily equipped with talking points about what happens with those high-definition snapshots taken for biometric screening....Customs and Border Protection has a suggestion for passengers with concerns about biometric screening: Request a manual check. Within the past year, biometric screening also has been piloted by Delta at JFK and Atlanta international airports, Lufthansa at Los Angeles International, and by JetBlue in Boston. Addressing the accuracy of its facial-recognition technology, the agency has reported that the “percent of successful matches is in the high 90s.”
Orlando airport to be nation's first to facial ID all international fliers
Orlando Sentinel, 27 April 2018

"The UK government's surveillance regime has been dealt another blow as the High Court in England today ruled the Snooper's Charter unlawful – and gave the government six months to fix it. Handing down the judgment, Lord Justice Rabinder Singh said that Part 4 of the Investigatory Powers Act (IPA), which relates to retention of communications data, was incompatible with EU law, and gave the government until 1 November 2018 to remedy it. The ruling is the latest instalment in a long-running and complex legal battle between the government and various privacy campaign groups over the state's extensive surveillance laws. In this case, brought by civil rights group Liberty, the court considered the powers granted to the government to force internet firms and telcos to store data on communications – like location info and records of when and to whom calls or messages were made – for up to a year. These powers came into force on 30 December 2016. Lord Justice Singh and Justice David Holgate ruled that Part 4 was incompatible with the EU Charter of Fundamental Rights for two reasons: ministers can issue data retention orders without independent review, and this can be done for reasons other than serious crime.... The government has refused to see the ruling as a defeat on the grounds that it has already conceded the Act doesn't comply with European laws. Back in November, it proposed a set of changes it thinks will bring the Act in line, for instance by creating a new body, the Office for Communications Data Authorisation, to review and approve notices. But it did lose its request, made during the February hearing, that it be given until April 2019 to enact the changes. The judges today ruled that they "see no reason why the legal framework cannot be amended before April 2019", even if some practical arrangements take longer.... Liberty, meanwhile, is already working up the next phase of its challenges to the IPA – which refers to parts 5, 6 and 7, government hacking, bulk warrants and bulk personal data set warrants – and has today launched a crowdfunding campaign to pay for the battle."
High Court gives UK.gov six months to make the Snooper's Charter lawful
The Register, 27 April 2018

"Traffic police in the southern Chinese city of Shenzhen have always had a reputation for strict enforcement of those flouting road rules in the metropolis of 12 million people. Now with the help of artificial intelligence and facial recognition technology, jaywalkers will not only be publicly named and shamed, they will be notified of their wrongdoing via instant messaging – along with the fine. Intellifusion, a Shenzhen-based AI firm that provides technology to the city’s police to display the faces of jaywalkers on large LED screens at intersections, is now talking with local mobile phone carriers and social media platforms such as WeChat and Sina Weibo to develop a system where offenders will receive personal text messages as soon as they violate the rules, according to Wang Jun, the company’s director of marketing solutions.... Facial recognition technology identifies the individual from a database and displays a photo of the jaywalking offence, the family name of the offender and part of their government identification number on large LED screens above the pavement.... The system will also be able to register how many times a pedestrian has violated traffic rules in the city and once this number reaches a certain level, it will affect the offender’s social credit score which in turn may limit their ability to take out loans from banks, Wang said."
Jaywalkers under surveillance in Shenzhen soon to be punished via text messages
South China Morning Post, 27 March 2018

"Across China, facial-recognition technology that can scan the country’s entire population is being put to use. In some cases, the technology can perform the task in just one second. Sixteen cities, municipalities, and provinces are using a frighteningly fast surveillance system that has an accuracy rate of 99.8%, Global Times reported over the weekend. “The system is fast enough to scan China’s population in just one second, and it takes two seconds to scan the world’s population,” the Times reported, citing local Chinese newspaper Worker’s Daily. The system is part of Skynet, a nationwide monitoring program launched in 2005 to increase the use and capabilities of surveillance cameras. According to developers, this particular system works regardless of angle or lighting condition and over the last two years has led to the arrest of more than 2,000 people. The use of facial-recognition technology is soaring in China where it is being used to increase efficiencies and improve policing. Cameras are used to catch jaywalkers, find fugitives, track people’s regular hangouts, and even predict crime before it happens. Currently, there are 170 million surveillance cameras in China and, by 2020, the country hopes to have 570 million – that’s nearly one camera for every two citizens. Facial recognition technology is just a small part of the artificial intelligence industry that China wants to pioneer. According to a report by CB Insights, five times as many AI patents were applied for in China than the US in 2017."
16 parts of China are now using Skynet, the facial recognition tech that can scan the country's entire population in a second
Business Insider, 27 March 2018

"A couple of years after it happened, Australian citizens are finally being (indirectly) informed their government harvested cell site location info to track their daily activities. This isn't the work of an intelligence agency or a secretive law enforcement effort. Instead, it's an (unannounced) partnership between the Australian Bureau of Statistics (which handles the Australian Census) and a cellphone service provider. The provider apparently willingly turned over cell site info without a court demand, government mandate, or consultation with its customers....Supposedly, the information has been anonymized. It obviously hasn't been completely stripped of personal information. The slide deck [PDF] detailing the effort notes the data can be broken down by age and sex. The anonymization claim is made without any support from the ABS, which still has yet to provide any further info -- much less a privacy impact assessment -- via its website."
Australian Gov't Scooped Up Tons Of Cell Site Location Data To Track Citizens' Movements
TechDirt, 25 April 2018

"While the Cambridge Analytica scandal rumbles on, Facebook is quietly asking users in the EU and Canada to let it use its facial recognition to scan their faces and suggest tags in photos. It isn't the first time Mark Zuckerberg's firm has tried to get access to millions of Europeans' facial data. Facebook tried to bring facial recognition to people in the EU back in 2011, but it stopped doing so a year later after privacy campaigners raised concerns that the feature was not compatible with data protection laws. Now Facebook is hoping it can bring facial recognition back to the EU, as long as it secures explicit consent beforehand....But some have criticised Facebook for making it too easy for users to accept the new requests without really understanding how their data is being used – which sounds very similar to how much of Cambridge Analytica scandal started.... Facebook users in the US have had their facial data tracked since 2011 and if users want to opt out, they have to click ‘manage settings’ and go through another page before changing their privacy settings. But also in the US, Facebook is being met with resistance over the use of facial recognition technology. The company is facing a class action lawsuit alleging that it gathered biometric information without users explicit consent. On April 16, 2018, District Judge James Donato in California ruled that Facebook users in Illinois are allowed to bring forward a case arguing that Facebook’s collection of face data violates Illinois’ Biometric Information Privacy Act. If it is found to be violating the act, Facebook could be faced with a fine of billions of dollars. Facebook’s facial recognition technology works by analysing images and videos in which a particular person has been tagged, and then generating a unique number called a ‘template’. This template is then compared with other photos and videos on Facebook, and if the algorithm finds a match then that user’s name may appear as a tag suggestion..... Despite the backlash against its widespread data collection, Facebook is also exploring other ways of other ways of using facial recognition technology. In a patent published in November 2017, the company described using facial recognition as way of verifying payments in shops. Last year it also tested using facial recognition to allow people to recover their account details just by using their face to verify their identity."
Live in the EU? Facebook is after your face data (again)
Wired, 18 April 2018

".... over the last five years a secretive surveillance company founded by a former Israeli intelligence officer has been quietly building a massive facial recognition database consisting of faces acquired from the giant social network, YouTube and countless other websites. Privacy activists are suitably alarmed.  That database forms the core of a facial recognition service called Face-Int, now owned by Israeli vendor Verint after it snapped up the product's creator, little-known surveillance company Terrogence, in 2017. Both Verint and Terrogence have long been vendors for the U.S. government, providing bleeding-edge spy tech to the NSA, the U.S. Navy and countless other intelligence and security agencies....Though Terrogence is primarily focused on helping intelligence agencies and law enforcement fight terrorism online, LinkedIn profiles of current and former employees indicate it's also involved in other, more political endeavours. One ex-staffer, in describing her role as a Terrogence analyst, said she'd "conducted public perception management operations on behalf of foreign and domestic governmental clients," and used "open source intelligence practices and social media engineering methods to investigate political and social groups." She was not reachable at the time of publication. And now concerns have been raised over just how Terrogence has grabbed all those faces from Facebook and other online sources. What's apparent, though, is that Terrogence is yet another company that's been able to clandestinely take advantage of Facebook's openness, on top of Cambridge Analytica, which acquired information on as many as 87 million users in 2014 from U.K.-based researcher Aleksandr Kogan to help target individuals during its work for the Donald Trump and Ted Cruz presidential campaigns.  "It raises the stakes of face recognition - it intensifies the potential negative consequences," warned Jay Stanley, senior policy analyst at the American Civil Liberties Union (ACLU). "When you contemplate face recognition that's everywhere, we have to think about what that’s going to mean for us. If private companies are scraping photos and combining them with personal info in order to make judgements about people - are you a terrorist, or how If Terrogence isn't solely focused on terrorism, but has a political side to its business too, its facial recognition work could sweep up a vast number of people. That brings up another particularly worrying aspect of the business in which Terrogence operates: the dawn of "the privatisation of blacklisting," warned Stanley. "We've been fighting with the government for years over due process on those lists... people being put on them without being told why and not being sure how those lists are being used," he told Forbes.likely are you to be a shoplifter or anything in between - then it exposes everyone to the risk of being misidentified, or correctly identified and being misjudged.""
These Ex-Spies Are Harvesting Facebook Photos For A Massive Facial Recognition Database
Forbes, 16 April 2018

"Seeking to build an identification system of unprecedented scope, India is scanning the fingerprints, eyes and faces of its 1.3 billion residents and connecting the data to everything from welfare benefits to mobile phones. Civil libertarians are horrified, viewing the program, called Aadhaar, as Orwell’s Big Brother brought to life. To the government, it’s more like “big brother,” a term of endearment used by many Indians to address a stranger when asking for help. For other countries, the technology could provide a model for how to track their residents. And for India’s top court, the ID system presents unique legal issues that will define what the constitutional right to privacy means in the digital age. To Adita Jha, Aadhaar was simply a hassle. The 30-year-old environmental consultant in Delhi waited in line three times to sit in front of a computer that photographed her face, captured her fingerprints and snapped images of her irises. Three times, the data failed to upload. The fourth attempt finally worked, and she has now been added to the 1.1 billion Indians already included in the program. Ms. Jha had little choice but to keep at it. The government has made registration mandatory for hundreds of public services and many private ones, from taking school exams to opening bank accounts. “You almost feel like life is going to stop without an Aadhaar,” Ms. Jha said. Technology has given governments around the world new tools to monitor their citizens. In China, the government is rolling out ways to use facial recognition and big data to track people, aiming to inject itself further into everyday life. Many countries, including Britain, deploy closed-circuit cameras to monitor their populations....The potential uses — from surveillance to managing government benefit programs — have drawn interest elsewhere. Sri Lanka is planning a similar system, and Britain, Russia and the Philippines are studying it, according to the Indian government.... Opponents have filed at least 30 cases against the program in India’s Supreme Court. They argue that Aadhaar violates India’s Constitution — and, in particular, a unanimous court decision last year that declared for the first time that Indians had a fundamental right to privacy. Rahul Narayan, one of the lawyers challenging the system, said the government was essentially building one giant database on its citizens. “There has been a sort of mission creep to it all along,” he said."
‘Big Brother’ in India Requires Fingerprint Scans for Food, Phones and Finances
New York Times, 7 April 2018

"The Department of Homeland Security announced a public bid for third party companies to build a “media influence database” capable of tracking more than 290,000 news sources across the globe. First spotted by Bloomberg Law, the public bid would also track journalists and bloggers, compiling their personal information and the publications for which they write. Posted on April 3rd as a call for “Media Monitoring Services,” the database has a dual purpose: monitoring hundreds of thousands of news sources simultaneously worldwide as well as tracking and categorizing journalists and bloggers. The “Media Intelligence and Benchmarking Platform,” as the proposed database is called, would monitor more than 290,000 “online, print, broadcast, cable, radio, trade and industry” news sources worldwide. DHS wants the database to rank and categorize news sources according to a variety of factors, including content and topics covered, reach, circulation and location, and sentiment. Perhaps even more chilling given the current media climate, the platform would also feature a database filled with the personal and social media data of “journalists, editors, correspondents, social media influencers, [and] bloggers,” searchable by location, beat, publication, and ad-hoc keywords.It’s not at all unheard of for the PR wings of big companies to keep lists of journalists, both friendly and unfriendly, on hand—but not at this scale. Of course, the FBI has a long history of tracking journalists, but many questions remain: Will the journalists on the list be notified they’ve been added? Do they have any control over what data is added about them?"
Homeland Security Wants to Build an Online 'Media Influence Database' to Track Journalists
Gizmodo, 6 April 2018

"This is a wake-up call for a generation. The revelation of Cambridge Analytica’s manipulation of Facebook data to target American voters on behalf of Donald Trump in 2016 shines a torch on the jungle where we have become prey for the online carnivores to which we reveal our secrets. The chairman of the Commons culture committee yesterday called on Facebook’s warlord, 33-year-old multi-billionaire Mark Zuckerberg, to attend personally to give evidence about his company’s behaviour, though there seems more chance of an appearance by Vladimir Putin.....those of us who spurn social media are almost as vulnerable. Every day that we place things online, Amazon bombards us with come-ons that emphasise its omniscience about what we read, watch, spread on the garden, use in the house.... Cambridge Analytica’s gift to the Trump victory appears to have been to empower his campaign to target ‘persuadable voters’, sparing canvassers from wasting effort on irreconcilable Democrats. It has been said for centuries that knowledge is power, yet Hitler’s Gestapo and Stalin’s secret police knew far less about their fellow citizens than does Facebook, which doesn’t have to photograph them outside their home, tap their phones, or steal government files. Spies seem redundant in the net age. What matters for us now is to move beyond shock and disgust about the Cambridge Analytica-Facebook revelations, and consider what can be done to make such companies behave better. Investigating and, if appropriate, charging the bosses of Cambridge Analytica will be the easy part, because they are based in Britain..... Even if Cambridge Analytica, or Facebook, are damaged as much as they deserve to be by this scandal, there are countless other online data markets where they came from. If any of us wishes to conceal anything about ourselves, this can be achieved only by making sure that information does not appear on a computer. Yet every detail of our finances, health record, employment history is stored somewhere out there, and can never be totally secure."
The best way to fight back against greedy predators like Facebook? Stop laying bare our lives online
Mail, 20 March 2018

"Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitivite computer systems less secure. In an academic paper published on Friday through preprint service ArXiv, researchers from Israel's Ben-Gurion University of the Negev describe a novel data exfiltration technique that allows the transmission and reception of data – in the form of inaudible ultrasonic sound waves – between two computers in the same room without microphones. The paper, titled, "MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication," was written by Mordechai Guri, Yosef Solwicz, Andrey Daidakulov and Yuval Elovici, who have developed a number other notable side-channel attack techniques. These include: ODINI, a way to pass data between Faraday-caged computers using electrical fields; MAGNETO, a technique for passing data between air-gapped computers and smartphones via electrical fields; and FANSMITTER, a way to send acoustic data between air-gapped computers using fans. Secret data transmissions of this sort expand on prior work done by National Security Agency on TEMPEST attacks, which utilize electromagnetic, magnetic, acoustic, optical and thermal emanations from electronic devices to collect and transmit data. MOSQUITO, the researchers explain, demonstrates that speakers can covertly transmit data between unconnected machines at a distance of up to nine meters. What's more, the technique works between mic-less headphones – the researchers say their work is the first to explore headphone-to-headphone covert communication. Speakers, the paper explains, can be thought of as microphones working in reverse: Speakers turn electrical signals into acoustic signals while microphones turn acoustic signals into electrical ones. And each includes a diaphragm to assist with the conversion, which can help reverse the process. Modern audio chipsets, such as those from Realtek, include an option to alter the function of the audio port via software, the paper explains. This capability is referred to as "jack retasking." "The fact that loudspeakers, headphones, earphones, and earbuds are physically built like microphones, coupled with the fact that an audio port’s role in the PC can be altered programmatically, changing it from output to input, creates a vulnerability which can be abused by attackers," the paper explains. Malware, thus, may be able to reconfigure a speaker or headphone to act as a microphone, provided the device is passive and unpowered. That's a significant caveat since most modern PCs have active, powered speakers; headphones and earbuds generally have passive speakers, as do some older PCs. In an email to The Register, Mordechai Guri, one of the paper's authors, head of R&D at Ben-Gurion University of the Negev’s Cyber-Security Research Center, and chief scientific officer at Morphisec, said, "The main problem involves headphones, earphones and earbuds since they are reversible and can become good pair of microphones (even when they don't have an integrated mic at all)." Using frequencies ranging from 18kHz to 24kHz, the researchers were able to achieve a data transmission rate of 166 bit/sec with a 1 per cent error rate when transmitting a 1Kb binary file over a distance of three meters. At distances ranging from 4 to 9 meters, that same error rate could only be achieved with a 10 bit/sec transmission rate, largely as a consequence of interference from environmental noise. The paper discusses several mitigation techniques, all of which have limitations, including designing headphones and speakers with on-board amplifiers (which prevents use as a mic), using an ultrasonic jammer, scanning for ultrasonic transmissions, preventing jack retasking via software, and completely disabling audio hardware via the UEFI/BIOS. Disconnecting speakers, headphones and the like represents the most practical solution, Guri said, "but this is not always feasible." Monitoring the ultrasonic band is a good theoretical and academic solution, he added, but has potential problems. "In practice, it will raise many false alarms," he said. Guri said ultrasonic malware does not appear to be very common. "A few years ago, a security researcher claimed that he found ultrasonic malware in the wild. It was dubbed BadBios. But in any case, it was claimed to be able to communicate between two laptops with both speakers and microphones." Inaudible audio is more likely to be used for marketing, and has prompted the development of defensive code called Silverdog. It's an ultrasonic firewall in the Google Chrome browser that's designed to block ultrasonic beacons (uBeacons), employed for cross-device tracking."
Air gapping PCs won't stop data sharing thanks to sneaky speakers
The Register, 12 March 2018

"A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000. The three exploits are EternalChampion, EternalRomance, and EternalSynergy; all three leaked last April by a hacking group known as The Shadow Brokers who claimed to have stolen the code from the NSA. Now, RiskSense security researcher Sean Dillon (@zerosum0x0) has modified the source code for some of these lesser-known exploits so they would be able to work and run SYSTEM-level code on a wide variety of Windows OS versions."
NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000
Bleeping Computer, 5 February 2018

"Secure end-to-end encrypted comms is a desirable technology that governments should stop trying to break, especially as there's other information to slurp up on crims, UK politicians were told this week. Blighty's former independent reviewer of terrorism legislation, David Anderson, told the House of Commons Home Affairs Committee on Tuesday that there are plenty of sources of intelligence for law enforcement to get their hands on, rather than banging the drum for backdoors in communications. In what has now become a frustratingly standard question from politicians about tech companies' role in the war on terror, Anderson was asked if he thought the state would ever get access to encrypted messages for security purposes. "No," he replied. "Because end-to-end encryption is not only a fact of life, it is, on balance, a desirable fact of life. Any of us who do our banking online, for example, are very grateful for end-to-end encryption." The debate, Anderson continued, was sometimes wrongly "portrayed in very black and white terms, as if the world is going dark and because of end-to-end encryption we're all doomed". He argued that although the loss of information the state can gather from the content of someone's communications is "very significant", it is tempered by the mass of other data it can slurp from elsewhere. "I mean who would have thought 30 years ago you could track somebody's movements all around London by Oyster card? And you don't even need the Oyster anymore, because you can get the location data from the phone company. It's almost as good as having someone on their tail the whole time." "He said that the most striking of these measures are those contained in the controversial Investigatory Powers Act, which allow public authorities to gain access to 12 months' worth of a person's internet connection records from their provider. "The more people spend their lives online, the more revealing that behaviour becomes," Anderson said."
Terror law expert to UK.gov: Why backdoors when there's so much other data to slurp?
Register, 31 January 2018

"...declassified documents provided by former NSA contractor Edward Snowden reveal that the NSA has developed technology not just to record and transcribe private conversations but to automatically identify the speakers. Americans most regularly encounter this technology, known as speaker recognition, or speaker identification, when they wake up Amazon’s Alexa or call their bank.... Civil liberties experts are worried that these and other expanding uses of speaker recognition imperil the right to privacy. “This creates a new intelligence capability and a new capability for abuse,” explained Timothy Edgar, a former White House adviser to the Director of National Intelligence. “Our voice is traveling across all sorts of communication channels where we’re not there. In an age of mass surveillance, this kind of capability has profound implications for all of our privacy....Edgar and other experts pointed to the relatively stable nature of the human voice, which is far more difficult to change or disguise than a name, address, password, phone number, or PIN. This makes it “far easier” to track people, according to Jamie Williams, an attorney with the Electronic Frontier Foundation. “As soon as you can identify someone’s voice,” she said, “you can immediately find them whenever they’re having a conversation, assuming you are recording or listening to it.'.... A major concern of civil libertarians is the potential to chill speech. Trevor Timm, executive director of the Freedom of the Press Foundation, noted how the NSA’s speaker recognition technology could hypothetically be used to track journalists, unmask sources, and discourage anonymous tips. While people handling sensitive materials know they should encrypt their phone calls, Timm pointed to the many avenues — from televisions to headphones to internet-enabled devices — through which voices might be surreptitiously recorded. “There are microphones all around us all the time. We all carry around a microphone 24 hours a day, in the form of our cellphones,” Timm said. “And we know that there are ways for the government to hack into phones and computers to turn those devices on.”.... “Despite the many [legislative] changes that have happened since the Snowden revelations,” he continued, “the American people only have a partial understanding of the tools the government can use to conduct surveillance on millions of people worldwide. It’s important that this type of information be debated in the public sphere.” But debate is difficult, he noted, if the public lacks a meaningful sense of the technology’s uses — let alone its existence.... In October, Human Rights Watch reported that the Chinese government has been building a national database of voiceprints so that it could automatically identify people talking on the phone. The government is aiming to link the voice biometrics of tens of thousands of people to their identity number, ethnicity, and home address. According to HRW, the vendor that manufactures China’s voice software has even patented a system to pinpoint audio files for “monitoring public opinion.... The NSA memos provided by Snowden do not indicate how widely Voice RT was deployed at the time, but minutes from the GCHQ’s Voice/Fax User Group do.... When its Voice/Fax User Group met with NSA agents in the fall of 2007, members described seeing an active Voice RT system providing NSA’s linguists and analysts with speaker and language identification, speech-to-text transcription, and phonetic search abilities. “Essentially,” the minutes say of Voice RT, “it’s a one stop shop. … [A] massive effort has been extended to improve deployability of the system.” By 2010, the NSA’s Voice RT program could process recordings in more than 25 foreign languages..... The NSA soon realized that its ability to process voice recordings could be used to identify employees within the NSA itself. As the January 2006 memo that discussed Ronald Pelton’s audio explained, “Voice matching technologies are being applied to the emerging Insider Threat initiative, an attempt to catch the ‘spy among us.’” The Insider Threat initiative, which closely monitors the lives of government employees, was publicly launched by the Obama administration, following the leaks of U.S. Army whistleblower Chelsea Manning. But this document seems to indicate that the initiative was well under way before Obama’s 2011 executive order. It’s not surprising that the NSA might turn the same biometric technologies used to detect external threats onto dissenters within its ranks, according to Freedom of the Press Foundation’s Trevor Timm.” A former defense intelligence official, who spoke to The Intercept on the condition of anonymity because they were not authorized to discuss classified material, believes the technology’s low profile is not an accident.  “The government avoids discussing this technology because it raises serious questions they would prefer not to answer,” the official said. “This is a critical piece of what has happened to us and our rights since 9/11.” For the technology to work, the official noted, “you don’t need to do anything else but open your mouth.” These advocates fear that without any public discussion or oversight of the government’s secret collection of our speech patterns, we may be entering a world in which more and more voices fall silent.... Timm noted that in the last several years, whistleblowers, sources, and journalists have taken greater security precautions to avoid exposing themselves. But that “if reporters are using telephone numbers not associated with their identity, and the government is scanning their phone calls via a warrant or otherwise, the technology could also be used to potentially stifle journalism.'... Andrew Clement, a computer scientist and expert in surveillance studies, has been mapping the NSA’s warrantless wiretapping activities since before Snowden’s disclosures. He strongly believes the agency would not be restrained in their uses of speaker recognition on U.S. citizens. The agency has often chosen to classify all of the information collected up until the point that a human analyst listens to it or reads it as metadata, he explained. “That’s just a huge loophole,” he said. “It appears that anything they can derive algorithmically from content they would classify simply as metadata.”.... At a 2010 conference — described as an “unprecedented opportunity to understand how the NSA is bringing all its creative energies to bear on tracking an individual” — top directors spoke about how to take a “whole life” strategy to their targets. They described the need to integrate biometric data, like voiceprints, with biographic information, like social networks and personal history. In the agency’s own words, “It is all about locating, tracking, and maintaining continuity on individuals across space and time. It’s not just the traditional communications we’re after — It’s taking a ‘full arsenal’ approach.””
Finding Your Voice
The Intercept, 19 January 2018

"Mobile malware strain Skygofree may be the most advanced Android-infecting nasties ever, antivirus-flinger Kaspersky Lab has warned. Active since 2014, Skygofree, named after one of the domains used in the campaign, is spread through web pages mimicking leading mobile network operators and geared towards cyber-surveillance. Skygofree includes a number of advanced features not seen in the wild before, including:
* Location-based sound recording through the microphone of an infected device – recording starts when the device enters a specified location
* Abuse of Accessibility Services to steal WhatsApp messages
* Ability to connect an infected device to Wi-Fi networks controlled by the attackers
*...Skygofree is a strain of multi-stage spyware that gives attackers full remote control of an infected device.....
"The implant carries multiple exploits for root access and is also capable of taking pictures and videos, seizing call records, SMS, geolocation, calendar events and business-related information stored in the device's memory," the firm added. The malware is even programmed to add itself to the list of "protected apps" so that it is not switched off automatically when the screen is off, circumventing a battery-saving feature that might otherwise limit its effectiveness. The attackers also appear to have an interest in Windows users. Researchers found a number of recently developed modules targeting Microsoft's OS."

Android snoopwar Skygofree can pilfer WhatsApp messages
The Register, 16 January 2018

"Daniel Dunn was about to sign a lease for a Honda Fit last year when a detail buried in the lengthy agreement caught his eye. Honda wanted to track the location of his vehicle, the contract stated, according to Dunn — a stipulation that struck the 69-year-old Temecula, Calif., retiree as a bit odd. But Dunn was eager to drive away in his new car and, despite initial hesitation, he signed the document, a decision with which he has since made peace. “I don’t care if they know where I go,” said Dunn, who makes regular trips to the grocery store and a local yoga studio in his vehicle. “They’re probably thinking, ‘What a boring life this guy’s got.’  Dunn may consider his everyday driving habits mundane, but auto and privacy experts suspect that big automakers like Honda see them as anything but. By monitoring his everyday movements, an automaker can vacuum up a massive amount of personal information about someone like Dunn, everything from how fast he drives and how hard he brakes to how much fuel his car uses and the entertainment he prefers. The company can determine where he shops, the weather on his street, how often he wears his seat belt, what he was doing moments before a wreck — even where he likes to eat and how much he weighs.Though drivers may not realize it, tens of millions of American cars are being monitored like Dunn’s, experts say, and the number increases with nearly every new vehicle that is leased or sold. The result is that carmakers have turned on a powerful spigot of precious personal data, often without owners’ knowledge, transforming the automobile from a machine that helps us travel to a sophisticated computer on wheels that offers even more access to our personal habits and behaviors than smartphones do."
Big Brother on wheels: Why your car company may know more about you than your spouse.
Washington Post, 15 January 2018

"The House of Representatives voted on Thursday to extend the National Security Agency’s warrantless surveillance program for six years with minimal changes, rejecting a push by a bipartisan group of lawmakers to impose significant privacy limits when it sweeps up Americans’ emails and other personal communications. The vote, 256 to 164, centered on an expiring law that permits the government, without a warrant, to collect communications from United States companies like Google and AT&T of foreigners abroad — even when those targets are talking to Americans. Congress had enacted the law in 2008 to legalize a form of a once-secret warrantless surveillance program created after the terrorist attacks on Sept. 11, 2001."
House Extends Surveillance Law, Rejecting New Privacy Safeguards
New York Times, 11 January 2018

"British homes are vulnerable to “a staggering level of corporate surveillance” through common internet-enabled devices, an investigation has found. Researchers found that a range of connected appliances – increasingly popular features of the so-called smart home – send data to their manufacturers and third-party companies, in some cases failing to keep the information secure. One Samsung smart TV connected to more than 700 distinct internet addresses in 15 minutes. The investigation, by Which? magazine, found televisions selling viewing data to advertisers, toothbrushes with access to smartphone microphones, and security cameras that could be hacked to let others watch and listen to people in their homes. The findings have alarmed privacy campaigners, who warn that consumers are unknowingly building a “terrifying” world of corporate surveillance. “Smart devices are increasingly being exposed as soft surveillance devices that owners have too little control of,” said Silkie Carlo, the director of Big Brother Watch. “People are now being subjected to invasive and unnecessary corporate snooping on an unprecedented scale. “The very notion of a smart home is one of ambient surveillance and constant recording, which will without doubt lead people to modify their behaviour over time. If this current direction is continued, we will become a society of watched consumers subjected to the most granular, pervasive and inescapable surveillance. It is a terrifying thought.” Which? bought more than £3,000 worth of smart home equipment and set it up in a lab to monitor how much data was being collected and transferred. As well as the manufacturers, more than 20 other companies were on the receiving end of data transfers including social networks, third-party monitoring services, advertising and marketing data brokers. Just one device – a Samsung smart TV – connected to more than 700 distinct internet addresses after being used for 15 minutes. If the viewer accepts Samsung’s privacy policy, the company gains the right to monitor what is being watched and when."
UK homes vulnerable to 'staggering' level of corporate surveillance
Guardian, 1 January 2018








".... if you look around and see what the world is now facing I don't think  in the last two or three hundred years we've faced such a concatenation of  problems all at the same time..... if we are to solve the issues that are ahead of us, we are going to need to think in completely different ways. "
Paddy Ashdown, High Representative for Bosnia and Herzegovina 2002 -2006

BBC Radio 4, 'Start The Week', 30 April 2007

"Individual peace is the unit of world peace. By offering Consciousness-Based Education to the coming generation, we can promote a strong foundation for a healthy, harmonious, and peaceful world.... Consciousness-Based education is not a luxury. For our children who are growing up in a stressful, often frightening, crisis-ridden world, it is a necessity."
Academy Award Winning Film Producer David Lynch (Elephant Man, Blue Velvet, etc)
David Lynch Foundation





  

NLPWESSEX, natural law publishing
nlpwessex.org