Meta's WhatsApp says spyware company Paragon targeted users in two dozen countries

Reuters 31.01.25

First we had Pegasus, now we have Paragon. Privacy is totally obliterated if you’re a target:

‘An official with Meta Platforms’ popular WhatsApp chat service said Israeli spyware company Paragon Solutions had targeted scores of its users, including journalists and members of civil society. The official said on Friday that WhatsApp had sent Paragon a cease-and-desist letter following the hack. In a statement, WhatsApp said the company "will continue to protect people's ability to communicate privately.” Paragon declined to comment… Its website advertises "ethically based tools, teams, and insights to disrupt intractable threats," and media reports citing people familiar with the company say Paragon only sells to governments in stable democratic countries. Natalia Krapiva, senior tech-legal counsel at the advocacy group Access Now, said Paragon had the reputation of being a better spyware company, "but WhatsApp's recent revelations suggest otherwise.” "This is not just a question of some bad apples — these types of abuses (are) a feature of the commercial spyware industry.”

Apple accused of silencing workers, spying on personal devices

Reuters 02.12.24

For a company whose motto starts with Privacy First, this is not a good look:

'Apple (AAPL.O) has been accused in a new lawsuit of illegally monitoring its workers' personal devices and iCloud accounts while also barring them from discussing their pay and working conditions. The complaint filed in California state court on Sunday by Amar Bhakta, who works in digital advertising for Apple, claims the company requires employees to install software on personal devices that they use for work allowing Apple to access their email, photo libraries, health and "smart home" data and other personal information. At the same time, the lawsuit alleges, Apple imposes confidentiality policies that prohibit employees from discussing working conditions, including with the media, and engaging in legally-protected whistleblowing.’

Meet the Spyware Companies Preparing to Unleash Their Tech During Trump's 2nd Term

TLAV 30.11.24

Forget about Trump, these deals have been present in the US since the ‘war on terror’ act:

‘A small but growing number of private companies selling digital tools to hack smartphones and messaging apps, like WhatsApp and Signal, are likely to benefit financially from the incoming Trump administration. In late September, the US Immigration and Customs Enforcement signed a $2 million one-year contract with controversial Israeli spyware vendor Paragon Solutions. The contract involved Paragon's US subsidiary based in Chantilly, Virginia and ICE’s Homeland Security Investigations Division 3. Paragon claims its tools can help law enforcement and governments remotely crack encrypted messaging platforms like WhatsApp, Telegram, Signal, and Facebook Messenger… The letter notes that the contract with Paragon relates to Homeland Security Investigations (HSI) within ICE, "suggesting that HSI is the primary intended user of Graphite". Graphite is Trojan horse software developed by Paragon that can extract data from encrypted messaging apps like WhatsApp, Facebook Messenger, Signal, and Telegram. "Publicly available information has not indicated that HSI has robust oversight to ensure that it does not use spyware in a way which infringes the rights of people in America," the letter reads. "Even if Homeland Security Investigations uses Graphite solely to support investigations into serious crimes, the agency does not enjoy blanket discretion to deploy spyware.” The New York Times reported in December 2022 that the US Drug Enforcement Administration (DEA) had already made use of Graphite.’

NSO – not government clients – operates its spyware, legal documents reveal

The Guardian 15.11.24

The infiltration by this Israeli tech firm seems to know no bound. After the terrorist pager attack in Lebanon this year, it’s hard to believe that a backdoor isn’t open to the Israeli government for snooping purposes:

‘WhatsApp filed suit in California in 2019 after it revealed that it had discovered that 1,400 of its users – including journalists and human rights activists – had been targeted by the spyware over a two-week period. At the heart of the legal fight was an allegation by WhatsApp that NSO had long denied: that it was the Israeli company itself, and not its government clients around the world, who were operating the spyware. NSO has always said that its product is meant to be used to prevent serious crime and terrorism, and that clients are obligated not to abuse the spyware. It has also insisted that it does not know who its clients are targeting.’

Terrifying Smart Glasses Hack Can Pull Up Personal Info of Nearby Strangers in Seconds

Futurism 03.10.24

Spooks’ work just got easier:

‘Harvard students AnhPhu Nguyen and Caine Ardayfi successfully implanted advanced facial recognition software into a pair of Meta's Ray Ban smart glasses, allowing users to quickly and easily look up the personal details of random passersby. The glasses can run other faces it sees through its built-in camera through the controversial facial recognition service PimEyes. Once it comes up with a name, a large language model (LLM) then automatically sources identifying information, which can range from social media accounts, and career details, to addresses and phone numbers.'

Social media and online video firms are conducting ‘vast surveillance’ on users, FTC finds

The Guardian 19.09.24

If you think that anything you post, share, or like on social media is not shared by government agencies and retailers, you live in a very innocent world:

‘The FTC report published on Thursday looked at the data-gathering practices of Facebook, WhatsApp, YouTube, Discord, Reddit, Amazon, Snap, TikTok and Twitter/X between January 2019 and 31 December 2020. The majority of the companies’ business models incentivized tracking how people engaged with their platforms, collecting their personal data and using it to determine what content and ads users see on their feeds, the report states. The FTC’s findings validate years of reporting on the depth and breadth of these companies’ tracking practices and call out the tech firms for “vast surveillance of users”. The agency is recommending Congress pass federal privacy regulations based on what it has documented. In particular, the agency is urging lawmakers to recognize that the business models of many of these companies do little to incentivize effective self-regulation or protection of user data. “Recognizing this basic fact is important for enforcers and policymakers alike because any efforts to limit or regulate how these firms harvest troves of people’s personal data will conflict with their primary business incentives,” FTC chair Lina Khan said in a statement. “To craft effective rules or remedies limiting this data collection, policymakers will need to ensure that violating the law is not more lucrative than abiding by it.”’

US wants EU members to give access to travelers’ biometric data by 2027

Biometric Update 04.10.24

The US already holds the ‘fingerprints’ to your online activity but wants to get your biometrics as well:

‘The U.S. wants all countries participating in the U.S. Visa Waiver Programme (VWP) to sign the Enhanced Border Security Partnership (EBSP) agreement by 2027, according to a document circulated by the Belgian Council Presidency in June and published by the non-governmental organization Statewatch last week. Alongside the International Biometric Information Sharing Program (IBIS), EBSP is designed to gain access to national biometric databases to authenticate travelers’ identities. The EBSP would require direct connections between the biometric databases of participating states and the U.S.’ IDENT/HART system. Almost all EU member states are covered by the U.S. Visa Waiver Programme. The proposed transfer of biometric data, however, is not covered by any existing EU-U.S. agreement.’

Spain bans Worldcoin’s eyeball scanning crypto machines

The Independent 06.03.24

How can this tech have gone on so far?

‘The European country’s privacy watchdog has ordered for Worldcoin, the company created by OpenAI CEO Sam Altman that scans eyeballs to make digital IDs in exchange for crypto, to cease its operations in the country for three months amid concerns over what it is doing with users’ personal information… While Worldcoin argues that the data is used to create a unique, secure form of identification, privacy experts have concerns that the company may use the information in other ways, like personalized marketing. That has led other countries to investigate Worldcoin’s operations, including France and Germany. The Kenyan government has likewise suspended new sign-ups for Worldcoin as it investigates whether people’s information is being properly protected.'

New Group Attacking iPhone Encryption Backed by U.S. Political Dark-Money Network

Reuters 01.10.23

More backdoors equals more cybercrime:

‘When Apple launched its new iPhone this September, the Heat Initiative seized on the occasion, taking out a full-page New York Times ad, using digital billboard trucks, and even hiring a plane to fly over Apple headquarters with a banner message. The message on the banner appeared simple: “Dear Apple, Detect Child Sexual Abuse in iCloud” — Apple’s cloud storage system, which today employs a range of powerful encryption technologies aimed at preventing hackers, spies, and Tim Cook from knowing anything about your private files. Something the Heat Initiative has not placed on giant airborne banners is who’s behind it: a controversial billionaire philanthropy network whose influence and tactics have drawn unfavorable comparisons to the right-wing Koch network. Though it does not publicize this fact, the Heat Initiative is a project of the Hopewell Fund, an organization that helps privately and often secretly direct the largesse — and political will — of billionaires. Hopewell is part of a giant, tightly connected web of largely anonymous, Democratic Party-aligned dark-money groups, in an ironic turn, campaigning to undermine the privacy of ordinary people.’

UK spy agencies want to relax ‘burdensome’ laws on AI data use

The Guardian 01.08.23

Voracious appetite from the intelligence agencies may get restrained:

‘The UK intelligence agencies are lobbying the government to weaken surveillance laws they argue place a “burdensome” limit on their ability to train artificial intelligence models with large amounts of personal data. The proposals would make it easier for GCHQ, MI6 and MI5 to use certain types of data, by relaxing safeguards designed to protect people’s privacy and prevent the misuse of sensitive information.’

Amazon's Ring used to spy on customers, FTC says in privacy settlement

Reuters 01.06.23

If you keep dumping money at settlements. you can get away with anything:

‘A former employee of Amazon.com's Ring doorbell camera unit spied for months on female customers in 2017 with cameras placed in bedrooms and bathrooms, the Federal Trade Commission said in a court filing on Wednesday when it announced a $5.8 million settlement with the company over privacy violations. Amazon also agreed to pay $25 million to settle allegations it violated children's privacy rights when it failed to delete Alexa recordings at the request of parents and kept them longer than necessary, according to a court filing in federal court in Seattle that outlined a separate settlement. The FTC settlements are the agency's latest effort to hold Big Tech accountable for policies critics say place profits from data collection ahead of privacy. The FTC is also probing Amazon.com's $1.7 billion deal to buy iRobot Corp (IRBT.O), which was announced in August 2022 in Amazon's latest push into smart home devices, and has a separate antitrust probe underway into Amazon. Amazon, which purchased Ring in April 2018, pledged to make some changes in its practices. "While we disagree with the FTC's claims regarding both Alexa and Ring, and deny violating the law, these settlements put these matters behind us," Amazon.com said in a statement.’

Special Report: Tesla workers shared sensitive images recorded by customer cars

Reuters 06.04.23

With over seven cameras, two sensors and one radar mounted on a Tesla vehicle, no wonder it sees and records everything:

'Tesla Inc assures its millions of electric car owners that their privacy “is and will always be enormously important to us.” The cameras it builds into vehicles to assist driving, it notes on its website, are “designed from the ground up to protect your privacy.” But between 2019 and 2022, groups of Tesla employees privately shared via an internal messaging system sometimes highly invasive videos and images recorded by customers’ car cameras, according to interviews by Reuters with nine former employees… One ex-employee also said that some recordings appeared to have been made when cars were parked and turned off. Several years ago, Tesla would receive video recordings from its vehicles even when they were off, if owners gave consent. It has since stopped doing so. “We could see inside people's garages and their private properties,” said another former employee. “Let's say that a Tesla customer had something in their garage that was distinctive, you know, people would post those kinds of things.”… The sharing of sensitive videos illustrates one of the less-noted features of artificial intelligence systems: They often require armies of human beings to help train machines to learn automated tasks such as driving…. One former employee saw nothing wrong with sharing images, but described a function that allowed data labelers to view the location of recordings on Google Maps as a “massive invasion of privacy.” David Choffnes, executive director of the Cybersecurity and Privacy Institute at Northeastern University in Boston, called sharing of sensitive videos and images by Tesla employees “morally reprehensible.”’

White Castle could face multibillion-dollar judgment in Illinois privacy lawsuit

Reuters 17.02.23

It would be good to put the brake on the illegal biometric infringement of privacy:

‘The Illinois Supreme Court in a 4-3 decision said fast food chain White Castle System Inc must face claims that it repeatedly scanned fingerprints of nearly 9,500 employees without their consent, which the company says could cost it more than $17 billion.  The Illinois Biometric Information Privacy Act (BIPA) imposes penalties of $1,000 per violation and $5,000 for reckless or intentional violations. The law requires companies to obtain permission before collecting fingerprints, retinal scans and other biometric information from workers and consumers.’

ChatGPT is a data privacy nightmare. If you’ve ever posted online, you ought to be concerned

The Conversation 08.02.23

The erosion of privacy was always flimsy at best when anything we write on a digital format could be utilised.  In fact, any content which can be viewed digitally is likely to be pirated:

‘A much less discussed implication is the privacy risks ChatGPT poses to each and every one of us. Just yesterday, Google unveiled its own conversational AI called Bard, and others will surely follow. Technology companies working on AI have well and truly entered an arms race.  The problem is it’s fuelled by our personal data…  OpenAI, the company behind ChatGPT, fed the tool some 300 billion words systematically scraped from the internet: books, articles, websites and posts – including personal information obtained without consent.  If you’ve ever written a blog post or product review, or commented on an article online, there’s a good chance this information was consumed by ChatGPT… 

First, none of us were asked whether OpenAI could use our data. This is a clear violation of privacy, especially when data are sensitive and can be used to identify us, our family members, or our location.  Even when data are publicly available their use can breach what we call textual integrity. This is a fundamental principle in legal discussions of privacy. It requires that individuals’ information is not revealed outside of the context in which it was originally produced.  Also, OpenAI offers no procedures for individuals to check whether the company stores their personal information, or to request it be deleted. This is a guaranteed right in accordance with the European General Data Protection Regulation (GDPR) – although it’s still under debate whether ChatGPT is compliant with GDPR requirements.  This “right to be forgotten” is particularly important in cases where the information is inaccurate or misleading, which seems to be a regular occurrence with ChatGPT…  Finally, OpenAI did not pay for the data it scraped from the internet. The individuals, website owners and companies that produced it were not compensated. This is particularly noteworthy considering OpenAI was recently valued at US$29 billion, more than double its value in 2021...  Beyond this, OpenAI gathers a broad scope of other user information. According to the company’s privacy policy, it collects users’ IP address, browser type and settings, and data on users’ interactions with the site – including the type of content users engage with, features they use and actions they take.  It also collects information about users’ browsing activities over time and across websites. Alarmingly, OpenAI states it may share users’ personal information with unspecified third parties, without informing them, to meet their business objectives.’

Senator calls for probe of mass surveillance tool used by U.S. law enforcement

Reuters 18.01.23

The scope of under-the-radar surveillance in the US is massive:

‘U.S. Senator Ron Wyden on Wednesday called for the Justice Department inspector general to investigate federal, state and local law enforcement access to a database of more than 150 million money transfers, citing concerns it disproportionately affects minorities and low-income individuals…  The Democratic senator's office has been investigating the mass surveillance program for a year and has found that hundreds of law enforcement agencies have access to the money transfer database, which is housed inside an Arizona nonprofit known as the Transaction Record Analysis Center (TRAC)…  The U.S. Drug Enforcement Administration, DHS and Arizona attorney general's office have all asked for data from money transfer companies and directed them to send data to TRAC, Wyden said.  Western Union, MoneyGram International (MGI.O), Viamericas Corp, and Euronet Worldwide (EEFT.O) are among the companies that have shared customer data with TRAC in bulk, he added…  It listed 22 countries and one U.S. territory involved in the relevant transfers, including Columbia, Bolivia, Ukraine, Hong Kong, Costa Rica and Venezuela.’

Anomaly Six

The Greyzone 06.12.22

A proliferation of surveillance companies are to be expected after NSO’s disgrace; GDPR rules be damned:

‘Leaked documents reviewed by The Grayzone reveal how a smartphone tracking technology tramples over fundamental data protection tenets and international law, while violating the privacy of citizens across the world without their knowledge or consent. The clandestine tool can transform anyone into a potential person of interest to Western intelligence agencies, and thus a target for recruitment, surveillance, harassment, or worse.  It is likely most readers will be unfamiliar with Anomaly 6. Its spartan, single-page website is home to the company’s name, a generic email address, and general location – Fairfax, Virginia, not far from CIA headquarters –  but nothing about its services, personnel, or otherwise. By carving through layers of “anonymized” data, this little-known company unearths reams of sensitive information about any individual it chooses anywhere on Earth.’

Remote employee monitoring tech is surging

Emerging Tech Brew 23.11.22

Disgusting, yet to be expected:

‘The sector’s growth in usage and funding comes alongside the rise of fully or semi-remote work, which could make employers more nervous about workforce productivity. It also comes despite misgivings from some privacy experts and from workers themselves…  ActivTrak, a workforce analytics software company with more than $77 million in funding, recently ranked on Deloitte Technology’s list of fastest-growing companies in North America for the third consecutive year. The company has achieved “485% growth over the last three years,” according to a press release.  Prodoscore, another productivity monitoring company, has had 300% YoY revenue growth for the past 3 years, CEO Sam Naficy told us—and the same growth rate for the number of employees on the platform, which is currently at about 20,000.  The company uses machine learning and natural language processing to offer clients “visibility into employee productivity in the form of one simple score,” according to its Google Workspace listing.’

India proposes easier cross-border data transfers under new privacy law

Reuters 18.11.22

After standing up for privacy laws, India tramples on its public’s privacy rights, all in the name of ‘national security’:

‘India on Friday proposed a new data privacy law that will allow companies to transfer some users' data abroad, while giving the federal government powers to exempt state agencies from the law in the interests of national security.  The proposed law would be the latest regulation that could impact how tech giants such as Facebook and Google process and transfer data in India's fast-growing digital market. It comes after India in August withdrew a 2019 privacy bill that had alarmed companies by proposing stringent restrictions on cross-border data flows…  The federal government would have powers to exempt state agencies from provisions of the bill "in the interests of sovereignty and integrity of India" and to maintain public order, said the draft proposal, which is open for public consultation until Dec. 17.  Indian privacy advocates had said such provisions could allow the government to abuse access. In its statement on Friday, the government said it acknowledged that "national and public interest is at times greater than the interest of an individual”…  A version of the previous bill had also introduced a provision empowering the government to ask a company to provide anonymised personal data and non-personal data to help target the delivery of government services or formulate policies.  That provision does not exist in the new bill, which Salman Waris, a managing partner at law firm TechLegis said "will be a relief to companies and the wider technology industry that had pushed back against the provision”.'

Apple Is Tracking You Even When Its Own Privacy Settings Say It’s Not, New Research Says

Gizmodo 08.11.22

Walk your talk, Apple:

‘Privacy is one of the main issues that Apple uses to set its products apart from competitors. It emblazoned 40-foot billboards of the iPhone with the simple slogan “Privacy. That’s iPhone.” and ran the ads across the world for months. But the company is slowly introducing many of the internet’s privacy issues into the once sacrosanct Apple ecosystem. Apple is working hard to build an advertising empire. Apple’s ad network runs on your personal information just like the ones Google and Meta operate, albeit in a more reserved way…  If only one company—Apple—is collecting the data, then by Apple’s definition, it’s not tracking. Of course, that’s different from the definition of tracking that everyone else seems to use.  It’s no surprise that Apple is collecting analytics information, the practice is laid out in the privacy policy, and almost every app and device you use probably uses your data for analytics. But Mysk said he’s stunned at the level of detail. “I expected from a company like Apple, that believes that privacy is a fundamental human right, to collect more generic analytics,” Mysk said.  What happens on your iPhone stays on your iPhone, unless you count the mountains of information your iPhone sends to Apple.’

Companies in the UK Are Mining Users’ Personal Data to Place Billboard Ads

Vice 13.10.22

Data brokers invade our public space and expect their clients to reap profits and intelligence through such violations:

‘“We’ve uncovered new ways in which millions of people’s movements and behaviors are tracked to target us with ads on the streets, resulting in some of the most intrusive advertising surveillance we’ve ever seen in the UK,” Jake Hurfurt, head of research and investigations at Big Brother Watch, said in a press release about the analysis.   The report identifies several companies who were the first to introduce facial-detecting advertising technology to different cities across the country. Unlike traditional paper billboards whose advertisements are printed on vinyl, digital billboards can be programmed to offer more than one message. Many of them also have high-definition cameras to peer down onto the unsuspecting public. Algorithms then attempt to detect a person’s face, physical characteristics, and even what they might be wearing to tailor advertisements to people walking in the street, in malls, and even on tablets in the backs of cars…  The report specifically calls out Adsquare, a German advertising tech company that has “pioneered” this phone-to-billboard strategy, as 1 in 10 mobile devices in the UK contains trackers that send personal data back to them. That means there are at least 8 million phones that could be sending location and behavioral data to Adsquare at any one time.   But these scarily efficient advances are only confined to the UK; proof of this ongoing practice has already been witnessed both in the U.S and in other places around the world. For instance, though Adsquare claims to comply with privacy laws regarding the use of these tracking tools, one of their data brokers includes the controversial company X-Mode, now known as Outlogic, which was banned by Apple and Google’s app stores in 2020 for selling data to the US military.’ 

Meta injecting code into websites to track its users, research says

The Guardian 11.08.22

Hasn’t Facebook been doing that for many years already?  Just because it changed its name doesn’t mean it went clean:

‘Meta, the owner of Facebook and Instagram, has been rewriting websites its users visit, letting the company follow them across the web after they click links in its apps, according to new research from an ex-Google engineer.  The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an “in-app browser”, controlled by Facebook or Instagram, rather than sent to the user’s web browser of choice, such as Safari or Firefox.  “The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers,” says Felix Krause, a privacy researcher who founded an app development tool acquired by Google in 2017.’

All the Data Amazon’s Ring Cameras Collect About You

Wired 05.08.22

Amazon has truly become a data behemoth:

‘Ring’s privacy policy and terms of service allow it to use all this information it collects in multiple ways. It lists 14 ways the company can use your data—from improving the service Ring provides and protecting against fraud to conducting consumer research and complying with legal requirements. Its privacy policy includes the ambiguous statement: “We also may use the personal information we collect about you in other ways for which we provide specific notice at the time of collection and obtain your consent if required by applicable law.” Ring spokesperson Sarah Rall says this could apply if the company added features or use cases that are not already covered by its privacy policy. “We would provide additional notice or get permission as needed,” Rall says…  Ultimately, you agree to give Ring permission to control the “content” you share—including audio and video—while you own the intellectual property to it. The company’s terms of service say you give it an “unlimited, irrevocable, fee free and royalty-free, perpetual, worldwide right” to store, use, copy, or modify content you share through Neighbors or elsewhere online.’

‘Asleep at the wheel’: Canada police’s spyware admission raises alarm

The Guardian 07.07.22

Surveillance is so pervasive that the sector is becoming hugely profitable:

‘Ron Deibert, a political science professor at the university of Toronto and head of Citizen Lab, said the spyware, which gives police an “extraordinary window into every aspect of someone’s personal life” is akin to “nuclear-level technology” – but has little government oversight…  Deibert, one the world’s leading experts on the surveillance techniques used by authoritarian regimes, said he and others have long suspected police and government agencies in Canada were using the technology. But absent from the disclosure was any indication of who the government is purchasing the software from.  “That’s my biggest unanswered question,” he said. “Because we know there are some companies that are horrible when it comes to due diligence and routinely sell to governments that use it for grotesque human rights violations.”…  

The latest revelations about police surveillance power once again highlight the need for a debate over the “crisis of accountability” in law enforcement, said McPhail.  “We need to be having a conversation about what kinds of surveillance technologies – invasive tools being used without any evidence of due process or due consideration of the rights and freedoms of people – are acceptable in a democracy and under what conditions. And we need to determine what sort of safeguards there need to be as well.”  Plans to modernize the Privacy Act in the coming months give lawmakers a window of opportunity to adopt the right legislative framework to ensure police have access to tools they need for investigative work, said McPhail, and not broad powers “shrouded by secrecy” and without public accountability.’

The Federal Bureau of Tweets: Twitter Is Hiring an Alarming Number of FBI Agents

Mint Press News 21.06.22

Your social media accounts get scrutinised by ex-FBI agents and ‘watchdog NGOs’:

‘Twitter has been on a recruitment drive of late, hiring a host of former feds and spies. Studying a number of employment and recruitment websites, MintPress has ascertained that the social media giant has, in recent years, recruited dozens of individuals from the national security state to work in the fields of security, trust, safety and content.  Chief amongst these is the Federal Bureau of Investigations. The FBI is generally known as a domestic security and intelligence force. However, it has recently expanded its remit into cyberspace. “The FBI’s investigative authority is the broadest of all federal law enforcement agencies,” the “About” section of its website informs readers. “The FBI has divided its investigations into a number of programs, such as domestic and international terrorism, foreign counterintelligence [and] cyber crime,” it adds…  While some might be alarmed that Twitter is cultivating such an intimate relationship with the FBI and other groups belonging to the secret state, it is perhaps unfair to single it out, as many social media platforms are doing the same. Facebook, for example, has entered into a formal partnership with the Atlantic Council’s Digital Forensics Research Lab, whereby the latter holds significant influence over 2.9 billion users’ news feeds, helping to decide what content to promote and what content to suppress. The NATO cutout organization now serves as Facebook’s “eyes and ears,” according to a Facebook press release. Anti-war and anti-establishment voices across the world have reported massive drops in traffic on the platform.’

Met police profiling children ‘on a large scale’, documents show

The Guardian 03.06.22

Profiling youngsters, or any age group, is wrong.  It seems the UK met is going for ‘preventative crime’:

‘Metropolitan police documents say the force has been collecting “children’s personal data” from social media sites as part of a project to carry out “profiling on a large scale”…  Stafford Scott, a veteran community campaigner, said he feared the project was part of a continued assault on young black people. “Young people use social media to magnify their lived experience. It is a tool for projection, you can’t rely on it for detection,” he said. “It is racially motivated, racially driven and involves racial stereotypes.”…  The document says the scheme has been designed to “combine, compare, or match data from multiple sources” and uses new technologies or the “novel use of existing technologies”.’

Kitchen Appliance Maker Wants to Revolutionize Video Surveillance

The Intercept 11.02.22

Worldwide regulations are being overtaken by an insatiable snooping addiction:

“The reason why we should be concerned with a platform like this is because it is accelerating and promoting the uptake of harmful AI systems, accelerating the sale and use of pseudo-scientific, discriminatory surveillance systems, and finding ways to get these systems to market in more and more efficient ways.”  “It’s surveillance capitalism on steroids,” she added.  Echoing this concern, Jay Stanley, a senior policy analyst at the American Civil Liberties Union, said that the technology is not yet able to live up to its claims. Emotion detection technology is like selling “snake oil.” But the implications are still concerning. “Things like emotion detection are an easy sell for many people,” Stanley said. “You have all these cameras around your building and [developers] think, for example, who wouldn’t want to get a notification if there was an extremely angry person in the area?”  But Stanley is just as worried about the rapid expansion of simple applications of video analytics. “There’s a real concern here that even on the most effective end of the spectrum, where a video analytics system is trying to detect just the raw physical motion or attributes or objects,” he said, “every time you hand a backpack to a friend or something like that, an alarm gets set off and you get approached.”  “That’s going to have a real chilling effect. We’re going to come to feel like we’re being watched 24/7, and every time we engage in anything that is at all out of the ordinary, we’re going to wonder whether it’ll trip some alarm,” Stanley said.  “That’s no way to live. And yet, it’s right around the corner.”’

U.S. senators say CIA data collection has been hidden from public, lawmakers

Reuters 11.02.22

First the NSA then the international arm of a US agency..  If they’re doing it domestically, we can be sure they’ve developed it internationally:

‘The letter to Director of National Intelligence Avril Haines and CIA Director William Burns was partially redacted and lacked several key details, notably the nature of the CIA program and the kind of data it collected. It referred instead to a cache of newly declassified documents from the U.S. intelligence watchdog known as the Privacy and Civil Liberties Oversight Board.  When contacted for comment, a Wyden staffer referred Reuters to a joint statement released by the senators saying the recently declassified documents "reveal serious problems associated with warrantless backdoor searches of Americans.”'

Cookies: I looked at 50 well-known websites and most are gathering our data illegally

The Conversation 07.02.22

When GDPR falls flat on its face:

‘Cookies gather so much information that it is usually more than enough to identify the person behind the device. Besides visits to particular web pages, they can also record a person’s search queries, goods or services purchased, IP address and exact location.  From this, it is possible to infer a person’s name, nationality, language, religion, sexual orientation and other intimate details – most of which are special categories of personal data that cannot be processed without the explicit consent of the individual under EU ePrivacy Directive and the EU and UK’s General Data Protection Regulation (GDPR).  The GDPR requires such consent to be specific, informed, unambiguous and given freely – requiring affirmative action by the user. Unfortunately, this is not giving us a great deal of protection…  The fact that big tech companies are not complying with cookies laws suggests that millions of citizens are likely having their personal data gathered unlawfully. It is hard not to wonder if some companies are knowingly breaching the rules because they generate so much revenue from their cookies that it’s worth risking a sanction for a privacy breach…  If the UK and EU are serious about protecting citizens’ privacy, they need to amend the rules to be more specific about what a consent window should look like, and run information campaigns to make it clear to citizens that withholding consent cannot in any way limit their browsing experience. They should also allocate the required resources to enforce the rules. Only then will the laws around these little-understood tools for harvesting our data be fit for purpose.’

Vaccine Passports Are Here to Stay. Why Worry?

The Intercept 01.01.22

I shall repeat this again: biometric data is and will be used to stalk you.  This article discusses ways that the tech could become decentralised and transparent; it’s highly optimistic:

‘When biometric data — bodily attributes digitized — are married to surveillance technology, both the potential for profit and the ambitions of the techno-futurists inflate without limit. One industry analyst predicts the global biometrics market will grow 15 percent annually, reaching nearly $105 billion by 2028. The British tech firm Onfido envisions a seamless EU-wide identify verification, or IDV, system for online gambling, telemedicine, car rentals, electronic voting, “and more.” Scientists in academe and industry are working on a global biodata repository. It would be naïve to assume these networks would not be linked… The vaccine passport embodies the contradictions of the pandemic that birthed it. It guards borders, divides us from them. It also facilitates travel, and travel is an antidote to tribalism. In either case, it is not going away. Therefore, if it is indeed the prototype linchpin of a future global, digital hyper-surveillance apparatus, we must demand that it be universally accessible, publicly owned and regulated, its workings transparent, and its uses stringently defined.’

Swiss tech company boss accused of selling mobile network access for spying

The Bureau of Investigative Journalism 06.12.21

Nothing is private anymore:

‘The co-founder of a company trusted by Google and Twitter to text security codes to millions of users also ran a service that helped governments secretly surveil and track mobile phones, according to former employees and clients… Marietje Schaake, international policy director at Stanford University’s Cyber Policy Center, said the revelations were “troubling” and highlighted a “huge problem.” “The biggest technology companies that provide critical services are blindly trusting players in this ecosystem who cannot be trusted,” Schaake said, after being told about the Bureau and Bloomberg’s reporting. “It’s dangerous for human rights. It’s dangerous for trust in an information society. And it’s dangerous for trust in companies.”’

Police caught using online spy tool to plot “pre-crimes”

Reclaim The Net 19.11.21

This is what a nightmarish scenario looks like:

‘Non-profit organization Brennan Center obtained documents through freedom of information requests that revealed the strategies Voyager uses violate the first amendment protections. For instance, the software uses posts about Islam and social media usernames indicating Arab pride as signs of potential inclination towards extremism. But they can also be used to target any group. Additionally, according to the documents, obtained by The Guardian, the company uses questionable processes to access data on social media, and even enables law enforcement officers to infiltrate groups and private accounts using fake personas… “The software visualizes how a person’s direct connections are connected to each other, where all of those connections work, and any “indirect connections” (people with at least four mutual friends). Voyager also detects any indirect connections between a subject and other people the customer has previously searched for.” New York University’s data journalism professor and author of “Artificial Intelligence: How Computers Misunderstand the World” Meredith Broussard likened Voyager’s systems to the systems used for online ad targeting. Online ad targeting systems group people into “affinity groups” based on shared interests. “So instead of grouping people into buckets like ‘pet owners’, what Voyager seems to be doing is putting people into ‘buckets’ of likely criminals,” Broussard explained.’

Amazon asks Ring owners to respect privacy after court rules usage broke law

The Guardian 14.10.21

The all-seeing/hearing Ring doorbells and associated tech gets a hearing in UK court session:

‘ProPrivacy, the digital rights group, said the ruling did not create a legal precedent in the UK but should prompt people to consider “whether we’re comfortable decorating our neighbourhoods with powerful CCTV gadgets”.  “The fact remains that anyone with a Ring Doorbell can turn their area of the neighbourhood into a surveilled space due to its video recording functionality and audio processors which are able to pick up sound 40 metres away,” said Hannah Hart, a digital privacy expert at ProPrivacy.  “This means a small number of residents can effectively transform public spaces into surveillance hotbeds, and even share their recordings with police.”’

We need to talk about how Apple is normalising surveillance

Wired 11.10.21

When you tout privacy at the forefront of your marketing campaign, it would be good to actually practice it:

‘When it comes to privacy, iOS arguably has a better reputation among consumers than Android, as does Siri vs Alexa, and Safari vs Chrome. But that doesn’t give Apple permission to track our lived experience at all times with its microphones, cameras and sensors. Apple’s groundbreaking devices are pushing the limits of what technology companies can track, and that is not good news for privacy. Thanks to Apple, physical shops can track us through our phones, hackers can potentially access our most sensitive health and biometric details, and now it has developed a technology that can scan content that was supposed to be encrypted. Apple has been playing two games at once – protecting privacy and developing surveillance tools – while only acknowledging the former.  All tech giants share a desire to digitise the world. What is left unsaid by Apple and others is that digitising the world entails surveilling it: recording everything, making it taggable, trackable, searchable – and hackable. Of course, asking tech companies not to digitise the world is like asking builders not to pave over natural areas. Unless society sets limits, that is not going to happen. That’s why governments create protected areas when it comes to building.’

Government Secretly Orders Google To Identify Anyone Who Searched A Sexual Assault Victim’s Name, Address And Telephone Number

Forbes 04.10.21

‘In The Name Of Safety’, all rights to privacy will soon be trodden upon:

‘While Google deals with thousands of such orders every year, the keyword warrant is one of the more contentious. In many cases, the government will already have a specific Google account that they want information on and have proof it’s linked to a crime. But search term orders are effectively fishing expeditions, hoping to ensnare possible suspects whose identities the government does not know. It’s not dissimilar to so-called geofence warrants, where investigators ask Google to provide information on anyone within the location of a crime scene at a given time…  The latest case shows Google is continuing to comply with such controversial requests, despite concerns over their legality and the potential to implicate innocent people who happened to search for the relevant terms. From the government’s perspective in Wisconsin, the scope of the warrant should have been limited enough to avoid the latter: the number of people searching for the specific names, address and phone number in the given time frame was likely to be low. But privacy experts are concerned about the precedent set by such warrants and the potential for any such order to be a breach of Fourth Amendment protections from unreasonable searches. There are also concerns about First Amendment freedom of speech issues, given the potential to cause anxiety amongst Google users that their identities could be handed to the government because of what they searched for.’

ShadowDragon: Inside the Social Media Surveillance Software That Can Watch Your Every Move

The Intercept 21.09.21

Seriously creepy:

‘With Kaseware and ShadowDragon, we live in a world where the public’s online behavior can be monitored across the internet and accessed at the click of a button to determine who we are, who we know, what our “lifestyle” is like, where we are located, and more.  These capabilities fundamentally change police powers, said Eric Williams, managing attorney at the Detroit Justice Center’s Economic Equity Practice: “It is qualitatively different when you go from the police being able to check information” a little at a time “to artificial intelligence being able to analyze everything that you’ve done online.”..  In the U.S., as many as 70 percent of police forces use social media to gather intelligence and monitor the public. Yet the law does little to constrain these kinds of tools and practices. “There’s not a lot of regulations on this,” Williams said, “and we can’t begin to have a discussion on how it should be regulated if we’re not aware that it’s happening.” He added that he favors a ban on the technology, given its opaque deployment and intrusive nature.  Dragnet social media surveillance needs to be urgently addressed by lawmakers, who should step in and ban this attack on civil rights and liberties immediately.’

The spy tech that followed kids home for remote learning—and won’t leave

Fast Company 20.09.21

Young people’s data is proving too much of a lure for creepy snooping ‘education’ tech:

‘In fact, subjecting students to surveillance could push them further into isolation, and condition them to lie when officials reach out to inquire about their digital communications, argued Vance of the Future of Privacy Forum.  “Effective interventions are rarely going to be built on that, you know, ‘I saw what you were typing into a Google search last night’ or ‘writing a journal entry for your English class,'” Vance said. “That doesn’t feel like it builds a trusting relationship. It feels creepy.”’

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

ProPublica 07.09.21

Facebook will do what it does best.  Suck your data and spy on you:

'Deploying an army of content reviewers is just one of the ways that Facebook Inc. has compromised the privacy of WhatsApp users. Together, the company’s actions have left WhatsApp — the largest messaging app in the world, with two billion users — far less private than its users likely understand or expect. A ProPublica investigation, drawing on data, documents and dozens of interviews with current and former employees and contractors, reveals how, since purchasing WhatsApp in 2014, Facebook has quietly undermined its sweeping security assurances in multiple ways. (Two articles this summer noted the existence of WhatsApp’s moderators but focused on their working conditions and pay rather than their effect on users’ privacy. This article is the first to reveal the details and extent of the company’s ability to scrutinize messages and user data — and to examine what the company does with that information.)…  

Many of the assertions by content moderators working for WhatsApp are echoed by a confidential whistleblower complaint filed last year with the U.S. Securities and Exchange Commission. The complaint, which ProPublica obtained, details WhatsApp’s extensive use of outside contractors, artificial intelligence systems and account information to examine user messages, images and videos. It alleges that the company’s claims of protecting users’ privacy are false. “We haven’t seen this complaint,” the company spokesperson said. The SEC has taken no public action on it; an agency spokesperson declined to comment.  Facebook Inc. has also downplayed how much data it collects from WhatsApp users, what it does with it and how much it shares with law enforcement authorities. For example, WhatsApp shares metadata, unencrypted records that can reveal a lot about a user’s activity, with law enforcement agencies such as the Department of Justice. Some rivals, such as Signal, intentionally gather much less metadata to avoid incursions on its users’ privacy, and thus share far less with law enforcement. (“WhatsApp responds to valid legal requests,” the company spokesperson said, “including orders that require us to provide on a real-time going forward basis who a specific person is messaging.”)’

The Other Sara Morrisons are ruining my inbox

Recode 07.09.21

If not gmail, then what?  Protonmail isn’t immune to privacy invasion either:

‘Gmail showed up in 2004. Like its competitors, it was free and ad-supported. Unlike them, it scanned users’ emails to better target ads to them, a practice it only stopped in 2017. By 2012, Gmail was the most popular email service out there. Google wouldn’t give me any user numbers (nor would it comment for this story), but it tweeted in 2018 that it had 1.5 billion of them.  All of this means that what has become a hugely important part of our lives is built on a decentralized system of suggested standards and protocols that is owned by no one but is largely operated by a few of the biggest companies in the world. Email is also a major vector for cyberattacks (even presidential campaigns are not immune). If people and companies don’t take the right precautions, their security can be compromised by clicking on the wrong link or making a simple typo. “We have to face the fact that this is a problem that’s been brewing for decades,” Marc Rogers, executive director of cybersecurity at Okta, an identity authentication technology company, told me. “Email was not designed to be a secure medium.”  And while Rogers says that some of the blame for this rests on the people who don’t type their email addresses carefully, the bulk of the responsibility is on companies that send those emails.  “They need to realize that email should not be used for sensitive activity unless they’ve taken steps to prove they know who’s ‘residing’ there,” he said. “You have to prove who controls that email.”

‘Panic made us vulnerable’: how 9/11 made the US surveillance state – and the Americans who fought back

The Guardian 04.09.21

After 9/11 no one is safe from the US government:

‘The Guardian asked surveillance experts what, in the present moment, keeps them up at night. What dastardly new tricks from the spymasters do they fear most?  Wyden pointed to legal loopholes that allow shady private data brokers to sell Americans’ personal information to government agencies without any court oversight. “I continue to be very worried about that,” he said.  Snowden raised a similar shift, where mass surveillance is now predominantly performed by “amoral telecommunications and surveillance-masquerading-as-advertising companies. They exploit weaknesses in our laws, devices and networks to pad out their dossiers, and then sell them to governments.”  Cohn talked about how surveillance cameras were being weaponized with the addition of facial recognition technology that could have especially dire consequences for people of colour.  Wizner said he sweated over the rise of robotic surveillance and AI. “More and more we will see critical decisions affecting liberty being made inside black boxes,” he said.’

The All-Seeing "i": Apple Just Declared War on Your Privacy

Edward Snowden 26.08.21

Apple’s reputation re privacy is in tatters and their spurious excuses will be used by other Big Tech data guzzlers:

‘So what happens when, in a few years at the latest, a politician points that out, and—in order to protect the children—bills are passed in the legislature to prohibit this "Disable" bypass, effectively compelling Apple to scan photos that aren’t backed up to iCloud? What happens when a party in India demands they start scanning for memes associated with a separatist movement? What happens when the UK demands they scan for a library of terrorist imagery? How long do we have left before the iPhone in your pocket begins quietly filing reports about encountering “extremist” political material, or about your presence at a "civil disturbance"? Or simply about your iPhone's possession of a video clip that contains, or maybe-or-maybe-not contains, a blurry image of a passer-by who resembles, according to an algorithm, "a person of interest”?  If Apple demonstrates the capability and willingness to continuously, remotely search every phone for evidence of one particular type of crime, these are questions for which they will have no answer. And yet an answer will come—and it will come from the worst lawmakers of the worst governments.   This is not a slippery slope. It’s a cliff…  

I can’t think of any other company that has so proudly, and so publicly, distributed spyware to its own devices—and I can’t think of a threat more dangerous to a product’s security than the mischief of its own maker. There is no fundamental technological limit to how far the precedent Apple is establishing can be pushed, meaning the only restraint is Apple’s all-too-flexible company policy, something governments understand all too well…  We are bearing witness to the construction of an all-seeing-i—an Eye of Improvidence—under whose aegis every iPhone will search itself for whatever Apple wants, or for whatever Apple is directed to want. They are inventing a world in which every product you purchase owes its highest loyalty to someone other than its owner.’

China passes new personal data privacy law, to take effect Nov. 1

Reuters 20.08.21

A good move to protect privacy which should be emulated across the world:

‘China has instructed its tech giants to ensure better secure storage of user data, amid public complaints about mismanagement and misuse which have resulted in user privacy violations.  The law states that handling of personal information must have clear and reasonable purpose and shall be limited to the "minimum scope necessary to achieve the goals of handling" data.  It also lays out conditions for which companies can collect personal data, including obtaining an individual's consent, as well as laying out guidelines for ensuring data protection when data is transferred outside the country.’

Policy groups ask Apple to drop plans to inspect iMessages, scan for abuse images

Reuters 19.08.21

Apple gets the heat with regards to its proposed insane policies:

‘The largest campaign to date over an encryption issue at a single company was organized by the U.S.-based nonprofit Center for Democracy & Technology (CDT).  Some overseas signatories in particular are worried about the impact of the changes in nations with different legal systems, including some already hosting heated fights over encryption and privacy.  "It's so disappointing and upsetting that Apple is doing this, because they have been a staunch ally in defending encryption in the past," said Sharon Bradford Franklin, co-director of CDT's Security & Surveillance Project…  "Once this backdoor feature is built in, governments could compel Apple to extend notification to other accounts, and to detect images that are objectionable for reasons other than being sexually explicit," the letter says.  Other groups that signed include the American Civil Liberties Union, Electronic Frontier Foundation, Access Now, Privacy International, and the Tor Project.’

Apple to check iCloud photo uploads for child abuse images

Reuters 06.08.21

For a company that swears by privacy, this is a brainless move:

‘Apple's new system seeks to address requests from law enforcement to help stem child sexual abuse while also respecting privacy and security practices that are a core tenet of the company's brand. But some privacy advocates said the system could open the door to monitoring of political speech or other content on iPhones.  Most other major technology providers - including Alphabet Inc's (GOOGL.O) Google, Facebook Inc (FB.O) and Microsoft Corp (MSFT.O) - are already checking images against a database of known child sexual abuse imagery…  Law enforcement officials maintain a database of known child sexual abuse images and translate those images into "hashes" - numerical codes that positively identify the image but cannot be used to reconstruct them.  Apple has implemented that database using a technology called "NeuralHash", designed to also catch edited images similar to the originals. That database will be stored on iPhones.  When a user uploads an image to Apple's iCloud storage service, the iPhone will create a hash of the image to be uploaded and compare it against the database…  

On Twitter, some privacy and security experts expressed concerns the system could eventually be expanded to scan phones more generally for prohibited content or political speech.  Apple has "sent a very clear signal. In their (very influential) opinion, it is safe to build systems that scan users’ phones for prohibited content," Matthew Green, a security researcher at Johns Hopkins University, warned.  "This will break the dam — governments will demand it from everyone.”  Other privacy researchers such as India McKinney and Erica Portnoy of the Electronic Frontier Foundation wrote in a blog post that it may be impossible for outside researchers to double check whether Apple keeps its promises to check only a small set of on-device content.’

Amazon hit with $886m fine for alleged data law breach

BBC 31.07.21

The EU hits out at Amazon for privacy breach:

‘Amazon has been hit with an $886.6m (£636m) fine for allegedly breaking European Union data protection laws.  The fine was issued by Luxembourg's National Commission for Data Protection, which claimed the tech giant's processing of personal data did not comply with EU law…  Previously, the EU's concerns were believed to centre around the data that Amazon has access to and how it uses it, such as sensitive commercial information on third-party products like volume and price.   In November, the European Commission charged Amazon with abusing its dominant position in online retail to gain an unfair advantage over competitors.  Meanwhile, in May, Amazon won a court battle over €250m (£215m) in taxes it had been ordered to pay Luxembourg.  The European Commission had ordered the tech giant to repay the funds as back taxes, alleging that Amazon had been given unfair special treatment, but a court overturned the order.’

Bureau challenges UK government to ensure its spying regime is lawful

The Bureau 29.07.21

Trampling journalists’ sources and snooping into citizens’ affairs is a dark direction for UK politics:

‘The Bureau of Investigative Journalism has written to the UK government asking for adequate safeguards to be put in place to ensure its spying regime is lawful.   The letter sent by our lawyers follows a landmark judgment earlier this year by the European Court of Human Rights, which ruled that the UK government’s mass surveillance of citizens through the collection of communications data was unlawful and violated our right to privacy. The judgment was in response to an eight-year legal challenge brought by the Bureau and a number of human rights organisations including Amnesty International.   The ruling significantly strengthened press freedoms and the right of journalists to protect their work and sources.   The surveillance methods used by GCHQ, the government’s spy agency, were revealed by NSA whistleblower Edward Snowden in 2013. The disclosures showed how the US and UK governments intercept, store and analyse huge amounts of information from our mobile phones: our locations, our contacts and details about who we have been communicating with… 

The vulnerability of journalists and citizens to government spying was brought into sharp focus last week by Amnesty's revelation that software provided by the Israeli company NSO Group was seemingly being used by authoritarian regimes to track and spy on thousands of citizens around the world.  Political opponents and critics of despotic regimes were among the many people identified as being on lists of candidates for the surveillance, alongside activists, lawyers and journalists. The fiancée of brutally murdered Saudi journalist Jamal Khashoggi appeared on the list, as did Roula Khalaf, editor of the Financial Times…  Erin Alcock, of the law firm Leigh Day, said: “The conclusions of the grand chamber were very clear – the UK’s current regime for bulk surveillance is incompatible with the European convention on human rights. Our client is asking the government to specify the changes they plan to implement to remedy this unlawfulness in the regime, and to ensure proper protection of confidential journalistic material such as sources.”’

How much does your car know about you — and who else can get their hands on your data?

Coda 06.07.21

In the age of the fourth industrial revolution, privacy takes flight:

‘If you take your phone and sync it over Bluetooth — say you need to do a hands-free call, which is a legal requirement in a lot of locations; if you plug your phone into the USB port because you want to listen to your tunes, or because you want to use Apple CarPlay or AndroidAuto; if you connect to the vehicle’s Wi-Fi or, simply, if you drive a car that has a GPS system — if you do any of those things, your personal data will be captured by the vehicle…  The electronic data recorder, what people call the black box, is the only box in the car that collects personal information that actually has some good, real, clear protections under the law. Everything else does not. The average car today has about 100 computers. One has good legal protection, the other 99 do not, which poses questions about who can get access to it. And the answer is just about anybody…  don’t think we should be trading off privacy for safety at any point. The burden really should not be on consumers, it should be on the industry, on how we can deliver these services in a way that does not dramatically affect the privacy of people. And I think it’s about how transparent you can be about letting people know what data you’re collecting, how you’re planning to use it and how much granular control you can give to people to decide what they actually want to do.’

I spy: are smart doorbells creating a global surveillance network?

The Guardian 26.06.21

Ring’s doorbells have become the modern ‘curtain twitcher spies’ and should have limits on the radius they can capture through the cameras or have sensors to trigger cameras (not videos) only when the doorbell is pressed:

‘Ring gave Suffolk constabulary a number of doorbells to hand out in areas of higher crime. Smith says they have seen tangible results, and the scheme has been useful in tackling not just burglary, but also domestic violence, antisocial behaviour, car crime. He describes it as “a massive benefit in terms of fighting crime. I would encourage any member of the public to think about this or similar technology.” Ring have since handed out free or discounted doorbells to several other police forces, including Leicestershire, Humberside and Hertfordshire. In Wiltshire, residents with video doorbells are being asked to register on a police database…  It is turning us all into spies, then. Carlo [Silkie] thinks so. “New technology lends itself to that. If you think, even 10 years ago, the lengths someone would have to go to, to get this kind of covert CCTV, with motion sensors, in the home. Now it’s the default, in a way.”  She thinks it is selling fear, because fear is almost as profitable as data – and that there are further dangers, even within the domestic environment. “You are recording the details of your life, and you can see how, when there is conflict, that could easily become part of the picture. Imagine what that would mean in the context of an abusive or controlling relationship: ‘You say you got back at 12 last night, but actually it was 12.30, or 1am.’ Or, ‘Why were you with that person?’”’

‘Draconian' moves to control internet heighten surveillance fears in Asia

News Trust 26.05.21

Nothing new for these Asian regions, though the West follows a different approach for the internet’s freedom of speech, that of silencing opposite opinions that do not follow prescribed ‘truths’:

'From Cambodia to India and the Philippines, countries in Asia have introduced a slew of internet and data use legislation in recent months, with human rights group warning the measures raise the risk of mass surveillance and free speech violations. More than six nations have launched contact tracing systems during the pandemic - mostly without adequately safeguarding data privacy and security, campaigners say, and there have been numerous internet shutdowns and content blocks on social media and websites,  including of criticism on government handling of the pandemic. "Human rights violations in the region have moved into the digital space," said Sutawan Chanprasert, founder of DigitalReach, a digital rights organisation in Bangkok. "The trend of governments adopting laws to increase surveillance and curtail digital freedom will likely continue, threatening freedom of expression and information, threatening privacy, and putting digital security at risk," she said.'

Tesla cars barred from some China government compounds

REUTERS 21.05.21

Who needs Google’s StreetView cars when Tesla accommodates?:

‘Automakers like Tesla have been equipping more vehicles with cameras and sensors that capture images of a car's surroundings. Control of how those images are used and where they are sent and stored is a fast-emerging challenge for the industry and regulators around the world. Tesla cars have several external cameras to assist drivers with parking, changing lanes and other features. Chief Executive Elon Musk has commented frequently on the value of the data that Tesla vehicles capture which can be used to develop autonomous driving.’

CIA spying scandal in Switzerland shows the best way for intelligence services to read your messages is to OWN the platform

RT 15.05.21

Privacy is a fallacy:

'This is especially relevant when one considers that two of the world’s premier ‘anonymizing’ platforms, internet browser Tor and encrypted messaging app Signal, have received extensive funding, support, and promotion from the US government. The former was first developed by US Naval Research Laboratory employees in the mid-1990s, and quickly caught the attention of the Defense and Research Projects Agency (DARPA). Ever since, Tor has almost entirely bankrolled by assorted state agencies, including the Pentagon, to the tune of tens of millions. The browser’s original purpose was to shield spies in the field from detection, by insulating them from the open web. However, Tor’s backers well understood that if only US agents used the system, their activities would be all too easily tracked if a hostile foreign intelligence service managed to tap into it – hence, the browser was “democratized” to allow average citizens access. Tor is supported by the Open Technology Fund (OTF), launched in 2012 by Radio Free Asia, an asset of the US Agency for Global Media (USAGM), which receives $637 million annually from Congress. In August 2018, USAGM’s then-CEO acknowledged the outlet’s priorities “reflect US national security interests.” OTF also provided $2,955,000 to Signal between 2013 and 2016, in order to ensure access to the app “at no cost around the globe.” Strikingly, documents leaked by Edward Snowden in 2013 revealed that the NSA and GCHQ devote considerable time and resources to identifying ways of de-anonymizing Tor users, while also going to great pains to ensure people aren’t discouraged from using the browser. One leaked file – titled ‘Tor: Overview of Existing Techniques’ – reveals that the agencies attempt to direct traffic toward NSA-operated servers, attack other software used by Tor users, and even undertake efforts to influence Tor’s future development.'

Pentagon Surveilling Americans Without a Warrant, Senator Reveal

VICE 13.05.21

Access to American citizens’ location and website browsing is the army’s prerogative:

‘The Pentagon is carrying out warrantless surveillance of Americans, according to a new letter written by Senator Ron Wyden and obtained by Motherboard. Senator Wyden's office asked the Department of Defense (DoD), which includes various military and intelligence agencies such as the National Security Agency (NSA) and the Defense Intelligence Agency (DIA), for detailed information about its data purchasing practices after Motherboard revealed special forces were buying location data. The responses also touched on military or intelligence use of internet browsing and other types of data, and prompted Wyden to demand more answers specifically about warrantless spying on American citizens.’

How private is your Gmail, and should you switch?

The Guardian 09.05.21

It’s about time the light was shone over email-tracking companies:

‘Much of the information collected by Gmail and shared with advertisers is metadata – data about data. But if you carry cookies from other Google services, your activity can be correlated or “fingerprinted” from associated products such as Google Maps and YouTube. “Gmail becomes a window into your entire online life because of how wide and deep their surveillance architecture goes,” Fielding says. “Practically everything you do online will feed back to Google”… Part of the problem is a lack of regulatory enforcement around email data collection and tracking. Most people are becoming aware of tracking as they visit websites due to regulation such as the EU’s ePrivacy Directive and the General Data Protection Regulation (GDPR). “People are aware of cookies because of privacy and data protection law – which states that planting trackers on your device requires your consent, and you have the right to be told about what is happening to your data,” says Fielding. “In Europe, those protections cover email tracking as well, but there hasn’t been much enforcement in this area.”’

60% of School Apps Are Sharing Your Kids' Data With Third Parties

Gizmodo 04.05.21

Creepy yet so predictable:

‘A new report published Tuesday by the tech-focused nonprofit Me2B Alliance found the majority of school utility apps were sharing some amount of student data with third-party marketing companies. The Me2B team surveyed a few dozen so-called “utility” apps for school districts—the kind that students and parents download to, say, review their school’s calendar or bussing schedules—and found roughly 60% of them sharing everything from a student’s location to their entire contact list, to their phone’s mobile ad identifiers, all with companies these students and their parents likely never heard of… But the data sharing didn’t stop there. As the report points out, these lesser-known SDKs would often share the data pulled from these student apps with dozens—if not hundreds—of other little-known third parties. What’s interesting here is that these SDKs, in particular, were found abundantly in Android apps, but way fewer iOS apps ended up bringing these pieces of tech onboard (91% versus 26%, respectively).’

Spotify urged to rule out 'invasive' voice recognition tech

News Trust 04.05.21

Spotify wanted to get into the wealthy sector of data gatherers:

‘A coalition of musicians and human rights groups urged music streaming company Spotify on Tuesday to rule out possible use of a speech recognition tool it recently developed to suggest songs - describing the technology as "creepy" and “invasive". In January, Sweden-based Spotify patented a technology that analyses users' speech and background noise to suggest tracks based on their mood, gender, age, accent or surroundings.’

What do Apple’s new privacy settings mean for you?

Al Jazeera 26.04.21

Apple’s new tracking app regulations will upset Facebook:

‘Apple is requiring app developers who want to collect a digital advertising identifier from iPhone users to show a pop-up saying that the app “would like permission to track you across apps and websites owned by other companies”, along with an explanation from the app developer about why permission is being sought. Some mobile advertising analysts believe that fewer than one in three users are likely to grant permission. Owners of iPhones also have a “tracking” menu in their phone’s privacy settings where they can opt out of tracking from all apps on their phone with a single switch, or pick and choose among apps to grant permission to.’

Call centre staff to be monitored via webcam for home-working ‘infractions’ 

The Guardian 26.03.21

An international call centre snoops on its employees in a disgracefully intrusive manner:

‘In a sign of potential battles ahead over the surveillance of remote staff after the pandemic, Teleperformance – which employs about 380,000 people in 34 countries and counts dozens of major UK companies and government departments among its clients – has told some staff that specialist webcams will be fitted to check for home-working “infractions”.’

Can privacy coexist with technology that reads and changes brain activity?

Science News 11.02.21

The last bastion of private space, your brain, must be defended against.  Regulatory measures should be introduced as of yesterday:

‘As neurotechnology marches ahead, scientists, ethicists, companies and governments are looking for answers on how, or even whether, to regulate brain technology. For now, those answers depend entirely on who is asked. And they come against a backdrop of increasingly invasive technology that we’ve become surprisingly comfortable with…  At the other end of the spectrum, some researchers, including Yuste, have proposed strict regulations around privacy that would treat a person’s neural data like their organs. Much like a liver can’t be taken out of a body without approval for medical purposes, neural data shouldn’t be removed either. That viewpoint has found purchase in Chile, which is now considering whether to classify neural data with new protections that would not allow companies to get at it.  Other experts fall somewhere in the middle. Ienca, for example, doesn’t want to see restrictions on personal freedom. People ought to have the choice to sell or give away their brain data for a product they like, or even for straight up cash. “The human brain is becoming a new asset,” Ienca says, something that can generate profit for companies eager to mine the data. He calls it “neurocapitalism.”’

Drones used by police to monitor political protests in England

The Guardian 14.02.21

Private and pubic companies will be given free rein to use drone tech under new regulations:

‘The use of drones in the UK is set to expand, and not just by the police. Companies such as Amazon also plan to use them more.  Cole said: “This is just the tip of the iceberg. Despite serious public concern, the government is planning to liberalise airspace regulations to enable a whole raft of public agencies and private companies to operate drones freely in our airspace. Before that happens, it’s vital that there is a proper public debate about the limits of drone use and comprehensive privacy controls are put in place… “  Rosalind Comyn, the policy and campaigns manager at Liberty, said drone use was part of an alleged general assault on the right to protest. “Protest is a key way we can all fight for a better society and stand up for what we believe in.  “Recent years have seen a concerted attack on the right to protest from police and government, which particularly threatens people who are already marginalised and cut off from having their voices heard.  “Increased mass surveillance, whether through drones or other developing tools like facial recognition, is designed to intimidate and control, and ultimately silence dissent.”’

Singapore plan to use monitoring app on students' computers sparks privacy fears

REUTERS 08.02.21

Singapore government enjoying greater surveillance tactics:

'A Singapore government scheme to ensure children have access to computers for home learning has raised privacy concerns over monitoring software installed on the devices…  The government said in December that the computers must be fitted with device management applications, while students using their own computers will also need to have these installed onto their devices.  The software allows teachers to view and control students’ screens remotely, the vendor has said, sparking an online petition against the plan and criticism from international NGO, Human Rights Watch.’

Silicon Valley Investment Firm Profits From Surveillance States

Bloomberg 26.01.21

A lengthy exposé about global surveillance and the wealth they generate for tech companies:

‘Such concerns didn’t appear to take priority after Francisco Partners Management LLC, a private equity firm in San Francisco that primarily invests in technology companies, bought Sandvine in 2017. Francisco Partners replaced Sandvine’s entire executive team, including Bowman, and Sandvine then began selling to governments with troubling records on human rights, according to interviews with more than a dozen people familiar with the matter and documents reviewed by Bloomberg News…  But according to documents reviewed by Bloomberg, from 2018 to 2020 the company agreed to deals worth more than $100 million with governments in countries including Algeria, Belarus, Djibouti, Egypt, Eritrea, Iraq, Kenya, Kuwait, Pakistan, the Philippines, Qatar, Singapore, Turkey, the United Arab Emirates, and Uzbekistan. In its rankings of political freedom, the human-rights group Freedom House classified all these countries as either partially free or not free…  The market for government surveillance technology is about $12 billion annually, according to Moody’s, and the estimates for the deep packet inspection market peg it at about one-quarter that size.‘

How Amazon’s Ring, the privacy-busting doorbell surveillance tool, is extending its influence with police across the US

RT 01.02.21

Amazon Ring’s doorbell cameras has been in bed with law enforcement early on.  Is the company positioning itself to be a number one privacy-busting authority? 

‘Newly released figures indicate that nearly 2,000 police departments across the US are partnered with Amazon’s Ring, in the process expanding the reach of the highly controversial civilian surveillance network yet further.  Ring, bought by the e-commerce giant in February 2018 for a fee that could be as much as US$1.8 billion, is best-known for producing a range of ‘smart’ doorbells, which house high-definition cameras, motion sensors, microphones, and speakers…  Not long after its purchase, the partnership program was launched – under its auspices, Ring offers authorities access to video footage recorded by the millions of internet-connected devices its customers have mounted to their homes…  

Digital rights group Electronic Frontier Foundation (EFF) has long been a fervent critic of the system, dubbing it “a perfect storm of privacy threats” and contending that Ring and comparable ‘home security’ providers serve to greatly inflate paranoia about crime, transforming every innocent delivery person, charity fundraiser, or election canvasser into a potential – if not likely – criminal with every motion sensor update beamed.  “By sending photos and alerts every time the camera detects motion or someone rings the doorbell, the app can create an illusion of a household under siege,” EFF argues. “It turns what seems like a perfectly safe neighborhood into a source of anxiety and fear. This raises the question: do you really need Ring, or have Amazon and the police misled you into thinking that you do?”’

Vaccine passports: what are they and do they pose a danger to privacy?

The Guardian 15.01.21

Just like the WEF’s proposed digital passport, governments and companies look set to be behind a health certificate enabling the ease of travel and work, despite the fact that the vaccine may not be effective in containing the virus.  The new Social Contract Credit blueprint from China is gaining popularity:

‘Vaccine passports, which would allow people with immunity to Covid to prove they were at low risk of spreading the disease, are being investigated by companies and countries around the world…  The UK companies are not the only ones working on a solution. A coalition of American organisations, including Microsoft, Oracle and the Mayo Clinic, has launched the Vaccination Credential Initiative, aiming to establish wider standards to prevent individuals falsely claiming they have been vaccinated…  Civil liberties organisations are alarmed about the project. “Vaccine passports would create the backbone of an oppressive digital ID system and could easily lead to a health apartheid that’s incompatible with a free and democratic country,” says Silkie Carlo, director of Big Brother Watch. “Digital IDs would lead to sensitive records spanning medical, work, travel, and biometric data about each and every one of us being held at the fingertips of authorities and state bureaucrats.’

He Created the Web. Now He’s Out to Remake the Digital World

NY Times 10.01.21

World Wide Web inventor seeks to give internet users control over their data:

‘“Pods,” personal online data stores, are a key technical ingredient to achieve that goal. The idea is that each person could control his or her own data — websites visited, credit card purchases, workout routines, music streamed — in an individual data safe, typically a sliver of server space.  Companies could gain access to a person’s data, with permission, through a secure link for a specific task like processing a loan application or delivering a personalized ad. They could link to and use personal information selectively, but not store it.’

Singapore reveals Covid privacy data available to police

BBC 05.01.21

How anyone could have expected a different outcome is beyond me:

‘To encourage people to enrol, Singaporean authorities promised the data would never be used for any other purpose, saying "the data will never be accessed, unless the user tests positive for Covid-19 and is contacted by the contact tracing team".  But Minister of State for Home Affairs Desmond Tan told parliament on Monday that it can in fact also be used "for the purpose of criminal investigation", adding that "otherwise, TraceTogether data is to be used only for contact tracing and for the purpose of fighting the Covid situation”…  However, the privacy statement on the TraceTogether site was then updated on the same day to state that "the Criminal Procedure Code applies to all data under Singapore's jurisdiction”.  "Also, we want to be transparent with you," the statement reads. "TraceTogether data may be used in circumstances where citizen safety and security is or has been affected.  "The Singapore Police Force is empowered under the Criminal Procedure Code (CPC) to obtain any data, including TraceTogether data, for criminal investigations”…  Australian privacy watchdog Digital Rights Watch, told the BBC they were "extremely concerned" about the news from Singapore.  "This is the worst case scenario that privacy advocates have warned about since the start of the pandemic," Programme Director Lucie Krahulcova told the BBC. "Such an approach will erode public trust in future health responses and therefore impede their efficacy.”'

Dozens sue Amazon's Ring after camera hack leads to threats and racial slurs

The Guardian 23.12.20

Let’s hope this drives down Ring’s popularity:

‘The suit against Ring builds on previous cases, joining together complaints filed by more than 30 people in 15 families who say their devices were hacked and used to harass them. In response to these attacks, Ring “blamed the victims, and offered inadequate responses and spurious explanations”, the suit alleges. The plaintiffs also claim the company has also failed to adequately update its security measures in the aftermath of such hacks.’

Co-op is using facial recognition tech to scan and track shoppers

WIRED 10.12.20

Way over the top and should be made illegal:

‘Branches of Co-op in the south of England have been using real-time facial recognition cameras to scan shoppers entering stores…  Southern Co-op is using facial recognition technology from Facewatch, a London-based startup. Every time someone enters one of the 18 shops using the tech cameras scan their faces. These CCTV images are converted to numerical data and compared against a watchlist of ‘suspects’ to see if there’s a match. If a match is made, staff within the store receive notifications on smartphones…  The Facewatch system doesn’t store or add everyone’s faces to a central database but instead amalgamates watchlists created by the companies it works with. Facewatch says 'subjects of interest’ can be individuals “reasonably suspected” of carrying out crimes, which have been witnessed by CCTV or staff members. A person does not have to be charged or convicted with a crime to be flagged and their data is kept for two years…  Facewatch refuses to say who all of its clients are, citing confidential reasons, but its website includes case studies from petrol stations and other shops in the UK. Last year, the Financial Times reported Humber prison is using its tech, as well as police and retailers in Brazil.’

A New Technology That Will Dangerously Expand Government Spying on Citizens

Counterpunch 02.12.20

Privacy will soon become a by-word for luxury:

‘The US Air Force’s Research Lab (yes, it has its own lab) has recently signed a contract to test new software of a company called SignalFrame, a Washington DC wireless tech company. The company’s new software is able to access smartphones, and from your phone jump off to access any other wireless or bluetooth device in the near vicinity. To quote from the article today in the Wall St. Journal, the smartphone is used “as a window onto usage of hundreds of millions of computers, routers, fitness trackers, modern automobiles and other networked devices, known collectively as the ‘Internet of Things’.”  Your smartphone in effect becomes a government listening device that detects and accesses all nearby wireless or bluetooth devices, or anything that has a MAC address for that matter.’

Covid-19: China pushes for QR code based global travel system

BBC 23.11.20

I wish China would just shut up about its methods of creepy surveillance - and its potential export to others - though I’m sure many dictatorships-in-the-making are salivating at the idea of more data.  Corona measures are a real Trojan horse:

‘Chinese President Xi Jinping has called for a "global mechanism" that would use QR codes to open up international travel.   "We need to further harmonise policies and standards and establish 'fast tracks' to facilitate the orderly flow of people," he said…  Mr Xi made the comments at the G20 summit, an online meeting of heads of state from the world's 20 largest economies, which was hosted by Saudi Arabia over the weekend.   He said the codes could be used to recognise "health certificates based on nucleic acid test results", according to a transcript published by Chinese state news agency Xinhua.   Mr Xi didn't go into further detail about how the travel scheme might work, or how closely it would be modelled on China's QR code apps, which have been used to help contain the virus on the mainland.   "We hope more countries will join this mechanism," he added.’ 

Privacy activist files complaints against Apple's tracking tool

REUTERS 16.11.20

The mask comes off the company which brands itself most concerned with privacy:

‘A group led by privacy activist Max Schrems on Monday filed complaints with German and Spanish data protection authorities over Apple's AAPL.O online tracking tool, alleging that it allows iPhones to store users' data without their consent in breach of European law…  The complaints by digital rights group Noyb were brought against Apple’s use of a tracking code that is automatically generated on every iPhone when it is set up, the so-called Identifier for Advertisers (IDFA).’

But it’s not just cookies that are being tracked.  It’s far worse, as explained in this blog (Sneak Berlin 12.11.20):

‘On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored… These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables. These requests go to a third-party CDN run by another company, Akamai.
Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.'

Mississippi program to use door cameras to fight crime

AP 06.11.20

Ring’s doorbell finally achieve what they were supposed to do - spy on everyone:

‘Mississippi’s capital city could begin using residents’ door security cameras in its effort to fight rising crime.  Recently, Jackson began a pilot program with two technology corporations to provide a platform for the police department to access private surveillance cameras such as Ring.’

Police are using fingerprint scanners to target Black Britons

WIRED 03.10.20

First FR, now print scanning.  How tech is used to discriminate against target groups:

‘Three quarters of police forces in England and Wales now have access to mobile fingerprint scanners issued by the Home Office, new data reveals. In total, 28 of 43 police forces have started using the Strategic Mobile solution technology since it was first trialled, with four conducting their own pilot tests and seven other forces in the process of rolling out the devices…  The police force with the highest number of scans is London’s Metropolitan Police Service, which employs its own mobile fingerprinting technology, INK Biometrics. Between November 2018 and July 2020, the Met conducted 51,048 scans, or on average 2,431 per month. The figures obtained show the Met conducts more scans each and every month than most police forces have in over two years.  While fewer people have been on Britain’s streets during lockdown, Home Office data shows a dramatic increase in fingerprint scans. Between March and May 2020, scans across all police forces that have access to mobile fingerprinting technology increased by 44 per cent year on year. In London, scans rose by 88 per cent between March and May.’

Inside the fight to rid the world of abusive stalkerware

WIRED 29.10.20

Spyware tech is on the rise, leading to serious abuse:

‘Security firm Malwarebytes reports even steeper rises across the world – detections of monitoring apps between January to June rose 780 per cent, while spyware detections soared by 1,677 per cent. Kaspersky also reports a global increase. It found stalkerware on 8,201 devices in April 2020, up from 7,736 the previous year. Researchers also discovered ten new types of stalkerware during the second three months of 2020.  The number of detections has dropped since the peak of lockdown, but are still up dramatically on the start of the year, says Baloo. “These are really horrible, blatant stalking apps that monitor and intimidate.”  Refuge is currently working with 1,594 women experiencing tech abuse, although most cases of abuse it works with involve some sort of technology. “Some of these women are being completely controlled,” says Jane Keeper, director of operations at the charity. “This kind of abuse can be hard to detect, and it’s important for women to trust their instincts.” 

Refuge has a safety guide that gives practical advice on securing devices as well as a 24-hour helpline.  It’s not just stalkerware that’s on the rise. Refuge has also received more reports of legitimate devices such as smart doorbells and or find-my-phone apps being used to surveil partners and exes. When the UK lockdown was partially lifted in July, the charity recorded a 54 per cent rise in women contacting its helpline.  Monitoring apps give abusive partners extraordinary levels of surveillance and control. Android phones are more vulnerable than iPhones, which need to be jailbroken – but some apps can scrape iCloud memory logs for data. They’re hard to spot but warning signs might emerge – random requests for permissions, slower than usual operation or a battery which drains faster.’

Universities are using surveillance software to spy on students

WIRED 15.10.20

This is getting ridiculous:

‘Screwed over by the A-levels algorithm, new university students are being hit by another kind of techno dystopia. Locked in their accommodation – some with no means of escape – students are now being monitored, with tracking software keeping tabs on what lectures they attend, what reading materials they download and what books they take out of the library…  Some universities are trumpeting their surveillance practices as a boon. On October 7, the University of Buckingham, a private educational institution, unveiled a so-called “trailblazer degree” for undergraduates starting in 2022 that appears to, amongst other things, psychometrically analyse students to tailor the learning experience to them.   “AI and intelligent platforms will monitor student engagement and understanding, helping staff to see where students are falling behind or need more materials to aid their learning,” the university claims in its marketing materials. The system, it adds, will also “flag up at-risk students and alert university staff to those that may need extra attention”. To do this, the system monitors academic performance, engagement with course materials and other students and takes data from chatbots.’

Five Eyes governments, India, and Japan make new call for encryption backdoors 

ZDNET 11.10.20

Won’t be long now before the West becomes the New China:

‘Members of the intelligence-sharing alliance Five Eyes, along with government representatives for Japan and India, have published a statement over the weekend calling on tech companies to come up with a solution for law enforcement to access end-to-end encrypted communications.  The statement is the alliance's latest effort to get tech companies to agree to encryption backdoors.  The Five Eyes alliance, comprised of the US, the UK, Canada, Australia, and New Zealand, have made similar calls to tech giants in 2018 and 2019, respectively…  Officials said they are committed to working with tech companies on developing a solution that allows users to continue using secure, encrypted communications, but also allows law enforcement and tech companies to crack down on criminal activity.  The seven governments called for encryption backdoors not only in encrypted instant messaging applications, but also for "device encryption, custom encrypted applications, and encryption across integrated platforms…”  However, pressure has been mounting in recent years as western governments seek to reach intelligence-gathering parity with China.’

Drones, fever goggles, arrests: millions in Asia face 'extreme' Covid surveillance

The Guardian 01.10.20

Of course, these health-related measures will stay indefinitely:

‘In a report out today, privacy analysts warn that “extreme measures and unchecked powers” brought in to tackle Covid-19 could become permanent features of government across the region, and have an impact on the rights and privacy of millions of people.  Analysts at Verisk Maplecroft found that surveillance tools and technology such as fever detection goggles, drones that monitor curfews and lockdown, and apps that track the spread of Covid are already being deployed as part of laws and other measures brought in during the pandemic in countries including Cambodia, China, Pakistan and Thailand…  Amnesty said at the time: “The Chinese government has spent years developing technologies that facilitate intrusive mass surveillance. We fear the government will use the pandemic as an excuse to normalise and push forward a range of surveillance measures.”  Verisk Maplecroft says that this risk is exacerbated in countries where human rights are already fragile.  “When surveillance is introduced to protect health, we need to look at the secondary impact, your right to privacy,” says Nazalya “When downloading a smartphone application that tracks location and health we need to know how long the information will be stored, will it be anonymised? Then beyond that when we think about the use of data, there is always the danger that more authoritarian countries will use it for political ends.”’

Shirking from home? Staff feel the heat as bosses ramp up remote surveillance

The Guardian 26.09.20

Your home is no longer a private space:

‘Such surveillance comes in many forms. “Some of it is as simple as ‘checking in’,” Pagliari says, “stamping your timecard in a digital sense. You might have to do your work over the cloud, and it knows when you’ve logged on, for instance.” Tools such as Slack and Microsoft Teams report when an employee is “active”, and failure to open apps first thing in the morning is often taken by managers as the same as being late for work.  Other workers have reported more intense supervision. One communications worker, who asked to remain anonymous, said that her employer had recently started to require all staff to join a videoconference every morning, with their webcams switched on. Employees were told the move was to reduce the number of meetings, but many feel as though its true purpose is to ensure that they stay at their desks all day.  David Heinemeier Hansson, a co-founder of the collaboration startup Basecamp, which provides a software platform for companies to coordinate their remote workers, says he regularly has to turn down requests from potential clients for new methods of spying on their employees.’

The High Privacy Cost of a “Free” Website

The Markup 22.09.20

Everything you do when you visit a website is tracked right across the board:

‘To investigate the pervasiveness of online tracking, The Markup spent 18 months building a one-of-a-kind free public tool that can be used to inspect websites for potential privacy violations in real time…   The Markup’s findings underscore how the web’s foundational profit source, the online advertising industry, is trying to make money from every interaction on the internet—not just the obvious clicks, like visiting retailers.  Data collected from your detailed web browsing habits—what specific pages you visited, for how long, what you did there—can be tied to records of products and services you purchased both online and offline and tied to your identity through things like store consumer loyalty cards. This can then be linked to information collected from an app you downloaded on your smartphone or which movie or show you streamed last night. The profiles are filled with data about each visitor, including presumed interests and geographic location.  Companies claim this data allows them to make predictions about who is ready and able to buy certain products and provide those insights to sellers.’

Apple launches new privacy campaign amid iPhone 12 launch and tensions with Facebook

The Independent 03.09.20

A PR stunt to redress backlash against financial practices or a real desire to maintain the company’s philosophy of old?:

‘Apple has repeatedly stressed the value of privacy – both as a philosophical commitment that comes from chief executive Tim Cook as well as a selling point of its devices. The new ad is just the latest in the company's somewhat antagonistic privacy campaigns, which last year saw it post a huge ad that appeared to troll the rest of the tech industry during one of its biggest events of the year.  But the new ad also puts it in yet more conflict with Facebook, which said in a blog post last week that Apple's changes will "have a far-reaching impact on the developer ecosystem" and that they will make it harder for applications to make money…  

But one of the most controversial features is also largely invisible to users. iOS 14 asks that users consent to the collection of Apple's unique identifier – known as the Identifier for Advertisers or IDFA – which is used to identify them to advertisers, and considerably helps data collection.  Given that most users are expected not to consent to that opt-in process, many advertisers have complained that the "IDFA" will now be largely useless, putting a major limit on the way that people can be tracked and ads can be tailored.’

Not interested in bringing Alexa into your house? That's OK, Amazon's working with your LANDLORD now

RT 03.09.20

Alexa no longer in your home but in the whole building:

‘The e-commerce giant announced Alexa for Residential on Thursday, describing it as a feature “that makes having an Alexa-enabled home accessible for anyone, regardless of whether they rent or own their home.” Tenants can link up their own Amazon account, but if they don't have one, no problem – they'll be placed on the building's system.  Landlords, Amazon explains, will have the option to provide “custom voice experiences for their residents,” which could easily translate to charging a higher rent for the ability to submit maintenance requests, reserve amenities like laundry or gym time, pay their rent, and so on using the AI device… While Amazon insists installing Alexa in apartment buildings will only “make your property more attractive to residents,” even some mainstream media outlets are starting to have second thoughts about shoehorning the inquisitive AI assistant into private homes and spaces.’

MPs criticise privacy watchdog over NHS test-and-trace data

The Guardian 21.08.20

The ICO in the UK is not doing its job:

‘In a letter signed by 22 MPs from four parties, the group calls on the Information Commissioner’s Office (ICO) to consider fining the government “if it fails to adhere to the standards which the ICO is responsible for upholding”.  Daisy Cooper, the Liberal Democrat MP for St Albans, one of the letter’s signatories, said: “During the coronavirus pandemic the government has seemingly played fast and loose with data protection measures that keep people safe. The public needs a data regulator with teeth: the ICO must stop sitting on its hands and start using its powers – to assess what needs to change and enforce those changes – to ensure that the government is using people’s data safely and legally.”  Clive Lewis, the Labour MP for Norwich South, another signatory, said: “The Johnson government brought this programme forward more quickly than was practical, and we are all paying the consequences. Privacy is fundamental to trust.”’

Call of Duty: Party Police? British bobbies use THERMAL OPTICS to break up party (VIDEO)

RT 19.08.20

Police spying in the name of public health measures and encouraging others to spy for them:

‘Manchester is currently under strict lockdown, with residents banned from meeting people from different households indoors, and gyms and swimming pools are shut. Pubs and restaurants remain open, but mixed groups of households are not permitted to mingle there. The local lockdown was introduced by the government late last month, but the unclear rules triggered widespread anger and confusion...  

From police in Australia recording the daring arrest of three rooftop drinkers in thermal vision, to British cops using drones to stalk dog walkers in national parks, to Singapore’s use of terrifying robot dogs to bark residents into compliance, the coronavirus pandemic has seen the deployment of some high-tech methods of corralling the populace.  Yet gathering human intelligence is still the go-to method for police, at least in Manchester. After releasing the video footage, Greater Manchester Police urged the public to turn in anyone hosting an “illegal large gathering” by plugging the address of the party into a handy online form.'

Secret Service Bought Phone Location Data from Apps, Contract Confirms

VICE 17.08.20

Data brokers are flourishing:

‘Law enforcement agencies typically require a warrant or court order to compel a company to provide location data for an investigation. Many agencies have filed so-called reverse location warrants to ask Google to hand over information on what Android devices were in a particular area at a given time, for example. But an agency does not need to seek a warrant when it simply buys the data instead.  Senator Wyden is planning legislation that would block such purchases.  “It is clear that multiple federal agencies have turned to purchasing Americans’ data to buy their way around Americans’ Fourth Amendment Rights. I’m drafting legislation to close this loophole, and ensure the Fourth Amendment isn’t for sale,” Wyden’s statement added.  Motherboard has also reported how some law enforcement agencies are paying for access to data from hacked websites.  Other documents obtained as part of the same FOIA request detail the Secret Service's purchase of Babel Street's open source intelligence product. The Secret Service wanted a tool that would let it monitor a wide range of social networks, including Facebook, Instagram, SnapChat, Tumblr, Vine, YouTube, WhatsApp, and many others, according to one of the documents.’

Bosses started spying on remote workers. Now they're fighting back

WIRED 10.08.20

Spying on employees has become ridiculously ubiquitous:

‘As working from home has flourished, so too has employee monitoring software. Programs such as Time Doctor, ActivTrak, Teramind and the dystopian-sounding StaffCop have all seen huge upticks in demand. Remote teams are now watched through their webcams via always-on video services like Sneek. In the office-free world, bosses can now clandestinely scan screenshots, login times and keystrokes at will to ensure their workforce is keeping its focus and productivity.  But some remote workers are fighting back against the tide of company scrutiny. “My employer sent me a laptop running with all their corporate spyware on it,” says one Florida-based programmer. “Right next to it is my own computer for all my personal stuff. Can they detect when I haven’t touched the laptop for an hour? Possibly. But I’m not being paid by the hour.”  Methods of avoiding employers’ prying eyes range from the sublime to the ridiculous. With surveillance software hard to evade (employers will likely notice if it’s been switched off), the tech-minded are downloading virtual machines. That means they can ring-fence offending programs – and their work – from the rest of their computer. “If you have a hefty enough PC, you can work in one window and game in another without them ever knowing,” explains the programmer.   Anti-surveillance software is experiencing a boom, too: Presence Scheduler, which can set your Slack status as permanently active, doubled in sales and traffic in the first two months of lockdown – until Slack clamped down and closed the coding loophole. “I believe my site caused the policy changes,” says developer Wesley Henshall. “But there was a further spike in interest once I emailed users that we’d adapted to the changes.”’

The future is ‘CLEAR’ and it’s Dystopian: Virus hype ushers in a Covid 19-84 nightmare of restricted access

RT 06.08.20

An Op-ed decrying the resurgence of new social apartheid rules:

‘The WEF presents the ‘Great Reset’ as a positive: in fact, if implemented, it will usher in a new, dark age of soul-destroying totalitarian tyranny. Important freedoms that we all took for granted will be lost. Spontaneity will be removed from our lives. The great irony is that George Orwell’s 1984 never arrived in 1984, but in 2020, under the cover of authorities ‘concern’ over an upper-respiratory tract virus. Covid-19 could perhaps more accurately be called ’Covid-1984’ for all the restrictive, authoritarian measures it has ushered in…  The World Economic Forum and all others pushing a new, hi-tech version of apartheid need to be told in no uncertain terms where to get off. For the world they are trying to create really is too awful to contemplate.’

Tech-enabled 'terror capitalism' is spreading worldwide. The surveillance regimes must be stopped

The Guardian 24.07.20

Yes, China’s model is embraced worldwide:

‘The people being targeted by terror capitalism include entire stateless groups, such as ethnic Bengalis in north-east India and Palestinian Arabs. They are almost always from minority or refugee populations, especially Muslim ones. While the Chinese system is unique in terms of its scale and the depth of its cruelty, terror capitalism is an American invention, and it has taken root around the world…  “Surveillance is about controlling and disciplining marginalized people – whether it’s people of color, immigrants, or poor people,” says a current employee of Microsoft, which was a key early-stage investor in AnyVision, an Israeli surveillance technology company that has used facial recognition to monitor Palestinians in the West Bank. “Companies use surveillance to discipline workers. Law enforcement uses surveillance to reinforce systemic racism and perpetuate mass incarceration. States use surveillance to enforce border logics and state oppression. Surveillance, as a concept, isn’t neutral – it is always about control.”’

The European Court of Justice has ruled that Privacy Shield is invalid

WIRED 16.07.20

Good news on tightening data siphoning:

‘The European Court of Justice said that the EU-US Privacy Shield failed to protect privacy and data protection rules. The landmark ruling will have substantial ramifications for thousands of companies currently sharing data with the US.  The ruling handed down by the highest court of EU law is complex, but those who brought the case will hope this victory forces the European Commission to introduce more safeguards to protect European data handled when it is handled and processed by American companies. As part of the same ruling, the Court also decided that another data transfer mechanism, Standards Contractual Clauses, or SSCs, remain valid…  So, what happens now that the Privacy Shield has been ruled invalid? Well, it’s not a catastrophe for the firms who rely on it as they can switch to SCC. Woods says that if the ECJ takes issue with how SCCs and the Privacy Shield operate, then questions will be moved to the data controller – Facebook, for example – and what controls Facebook has over that data once it’s somewhere else. “Can it ensure that it's not accessed by third parties?” asks Woods. “That is where the fight will go.”’

Government faces court over NHS Test and Trace privacy failings

WIRED 03.07.20

July 8th will be interesting:

‘Lawyers working on behalf of privacy and free speech organisation Open Rights Group (ORG) have issued health secretary Matt Hancock and the Department of Health and Social Care (DHSC) with a pre-action legal letter that says they have breached requirements of the Data Protection Act 2018 and GDPR by failing to properly conduct a Data Protection Impact Assessment (DPIA) for the whole Test and Trace system.  DPIAs are a form of risk assessment designed to make sure people’s data, privacy and human rights are protected – they’re also a mandatory legal requirement. They allow organisations processing people’s information to examine what is being done with that data, whether it needs to be collected, and what could go wrong. This can include the risks of data leaks, whether information can be abused and who has access to information…  

However, it isn’t the first time that the government has been threatened with legal action for failing to publish documents during the pandemic. At the start of June, openDemocracy and legal group Foxglove were hours from suing the government for failing to release contracts between the NHS and Amazon, Microsoft, Google, Faculty AI and Palantir. Freedom of Information Act requests for the contracts were refused on the grounds of commercial confidentiality but following the threat of legal action, they were published.  “We want to give the government every chance to get this right,” Killock adds. “We're not trying to bring down the program here. We want them to simply sort the risks out.”'

 Court Rules Facebook Widgets Can Be Considered Wiretaps

Gizmodo 02.07.20

Facebook can only evade so much scrutiny for its vampiric data collection:

‘“The most Facebook does is to identify (and then exaggerate) a circuit split on a narrow issue of law, but never explains why any Justice [...] would [support] Facebook’s position. Facebook antiseptically frames the question as whether a defendant can “wiretap” a communication that it receives directly from a plaintiff. But Facebook’s business practices (and the allegations in the complaint) present a very different question.  Plaintiffs were not communicating with Facebook but instead communicating with other websites. Plaintiffs then alleged (and Facebook does not dispute) that Facebook code embedded on those sites secretly directed Plaintiffs’ browsers to copy the communications in real time (to “intercept” them) and send the copies to Facebook.”’ 

Companies are enforcing their own contact tracing to track employees

WIRED 22.06.20

Am just too cynical to accept that data gathering is a health must:

‘The FTSE 100-listed mining giant is part of a cohort of companies that aren’t holding their breath for governments, Apple or Google to deliver a workable contact tracing app. Instead, they have decided to develop their own.’

Coronavirus mass surveillance could be here to stay, experts say

The Guardian 18.06.20

Privacy rights totally eroded in most countries under the guise of keeping people safe:

‘Top10VPN, a pro-digital privacy website that reviews secure internet connection software, has maintained a database since March of digital and physical surveillance measures implemented to fight the virus.  As of Wednesday, it showed digital tracking was in use in 35 countries, with contact tracing apps in at least 28 countries, half of which use GPS location data. Meanwhile, more than half of the apps do not disclose how long users’ data is stored.  “The number of countries using digital tracking and physical surveillance technologies has steadily risen,” said Samuel Woodhams, the website’s digital rights lead. “There are few countries on Earth that haven’t implemented increased surveillance during the pandemic.”… 

Israel’s approach of centralised spying was more akin to that of China, she said, where a surveillance dragnet has escalated domestic spying in the name of containing the outbreak.  “I can understand the decision-making process that was done in Israel, but I cannot justify it,” she said. “Hundreds of thousands of people moves were tracked by the secret service, which is really unheard of.”’

Plans for coronavirus immunity passports should worry us all

WIRED 08.06.20

‘Tech To The Rescue!’ efforts may be doomed before they take off:

‘The idea of a digital immunity passport or certificate also raises security and privacy concerns, not dissimilar to those around contact tracing apps. And, the system raises the spectre of a two-tier society, with those thought to be immune carrying on with life as normal while the rest remain in various states of lockdown.  Despite such challenges and warnings, variations on an immunity certificate or passport are already being used in Chile, while Italy and Germany are considering the idea. The UK is actively interested, with health secretary Matt Hancock saying the government was working on “systems of certification” – though immunity must be better understood and testing sorted first.  Plenty of tech firms have leapt into the fray to offer digital versions, and Estonia is trialling a system called ImmunityPassport developed by a group called Back to Work, led by Transferwise founder Taavet Hinrikus. As the country loosened its lockdown, it sought tools to aid that process, especially for employers to know their staff had been tested. Estonia already has digital identities for all of its citizens, so the project was linked to that system. “The idea was they could act on data, rather than guessing about symptoms,” says Harsh Sinha, the CTO of Transferwise who also worked on the project.’ 

Coronavirus: Singapore plans wearable virus contact-tracing device for all

The Independent 05.06.20

If acted upon, privacy would evaporate:

‘“We are developing and will soon roll out a portable wearable device that will not depend on possession of a smartphone,” Vivian Balakrishnan, the minister in charge of the city-state’s smart nation initiative said on Friday.  “If this portable device works, we may then distribute it to everyone in Singapore…”  “The government would likely have to mandate the use of such a device for the system to be effective, which is something that few countries have done so far,” said Frederic Giron, a Singapore-based analyst from market research company Forrester.’

Emergency Powers and Civil Liberties Report

BigBrotherWatch May 2020

‘Civil liberties have rarely faced such extraordinary threats. Those threats are compounded by the erosion of the rule of law and parliamentary democracy we are presently witnessing. It is against this backdrop that a digital coup is taking place. Major technology companies including Palantir, Amazon and Faculty have swooped in on the state, rapidly picking up health-related contracts with no transparency. The surveillance state is expanding, with intrusive thermal surveillance now deployed in workplaces and airports…  A Regulation to expand the number of Government agencies that can obtain communications data under the Investigatory Powers Act has been laid before Parliament.    This would increase the number of Government agencies that can access sensitive communications data to over fifty, with the Civil Nuclear Constabulary, the Environment Agency, the Insolvency Service, the UK National Authority for Counter Eavesdropping and the Pensions Regulator all receiving access to communications data. ..  In an open letter to the Prime Minister, Big Brother Watch and ten other civil liberties and digital rights organisations queried why the Government has decided that now is the time to widen already extreme surveillance powers, warning “the proposal uses the pandemic to set course for mission creep with minimal scrutiny.”’

AI firm that worked with Vote Leave wins new coronavirus contract

The Guardian 02.06.20

The data hoard by members of the government is too tantalising to ignore:

‘Dominic Cummings, the chief executive of the Vote Leave campaign and now chief adviser to the prime minister, Boris Johnson, recruited one of Faculty’s data scientists, Ben Warner, to work with him in Downing Street… One of Faculty’s shareholders is the Cabinet Office minister Lord Agnew, who owns £90,000 of the company’s shares. He is resisting calls to dispose of the shareholding despite his role overseeing the Government Digital Service, which is responsible for digital procurement…  The technology campaign group Foxglove said it had asked the government for copies of data sharing agreements signed with the companies involved in the government’s “Covid-19 datastore”, including Faculty, in April. Last month the government said it needed more time to decide whether releasing them would unduly damage the companies’ commercial interests.  “We haven’t seen the contracts, we haven’t seen the data sharing agreements,” said Cori Crider, the director of Foxglove. “We don’t know what they’re permitted to do with [the data].”  The Scott Trust, the ultimate owner of the Guardian, is the sole investor in GMG Ventures, which is a minority shareholder in Faculty.’

We need to fix GDPR’s biggest failure: broken cookie notices

WIRED 28.05.20

As expected, GDPR directives are a waste of time. Websites will always track you:

‘For their study, Nouwens and his colleagues scraped the UK’s top 10,000 websites for the cookie consent notices they had deployed and found the vast majority weren’t following the rules. “We found that 88.2 per cent of them were configured illegally,” he says. “The way the test was designed was quite a generous way of looking at it because we only looked at the things that could be processed automatically rather than things that would need some more qualitative analysis.” In general, most consent notices were meaningless or used “dark patterns" to push people towards accepting all tracking. Some research has found that even when people do make choices, websites can ignore them.’

EU officials point finger at US tech companies for ‘imposing’ standards on Covid-19 apps, call for more ‘digital sovereignty’

RT 26.05.20

It’s a good sign that countries will get to rely on their own home-sourced tech:

‘Top digital officials in Europe have criticized US tech giants for “imposing” standards on Covid-19 tracing apps and called for Europe to wean itself off its reliance on foreign technology companies…  Earlier this month, a German government official told Politico that Europe needs to “have a discussion on how Silicon Valley is increasingly taking over the job of a nation state,” but that the conversation does not need to happen “amid a pandemic.”’

It looks like the UK’s data regulator has given up, blaming coronavirus

WIRED 19.05.20

Blame the pandemic on lack of efforts?:

‘The ICO’s reduced action during the outbreak comes alongside wider criticism that the watchdog isn’t enforcing GDPR. At the start of May The Telegraph reported that an American consultant had been brought in to consider the ICO’s powers, following a parliamentary inquiry last year calling for a review into whether the ICO has "the resources necessary to act as an effective regulator". The ICO said that it was a planned, routine review.   And we need an effective privacy watchdog, even more so during the outbreak. The ICO has had plenty of work sparked by the pandemic, including an increase in scams and the government’s attempt to build a contact-tracing app…

But if the watchdog is seen as impotent or distracted, the concern is that companies may not bother following the law, especially if they believe there are no repercussions looming, says Fielding. And it could impact whether people take the time to file reports, like the complainant who received the letter from the ICO saying no action would be taken. "If people don’t have any faith the ICO will do anything, they won’t bother complaining to the ICO," Fielding says. "There’s a sense that even if the ICO might be a bit of a threat under normal circumstances, now it’s just crawled into its burrow and shut the door.”' 

Apple whistleblower goes public over 'lack of action’

The Guardian 20.05.20

The Privacy-First global company is lying to us all:

‘A former Apple contractor who helped blow the whistle on the company’s programme to listen to users’ Siri recordings has decided to go public, in protest at the lack of action taken as a result of the disclosures.  In a letter announcing his decision, sent to all European data protection regulators, Thomas le Bonniec said: “It is worrying that Apple (and undoubtedly not just Apple) keeps ignoring and violating fundamental rights and continues their massive collection of data.  “I am extremely concerned that big tech companies are basically wiretapping entire populations despite European citizens being told the EU has one of the strongest data protection laws in the world. Passing a law is not good enough: it needs to be enforced upon privacy offenders.”…  “The recordings were not limited to the users of Apple devices, but also involved relatives, children, friends, colleagues, and whoever could be recorded by the device. The system recorded everything: names, addresses, messages, searches, arguments, background noises, films, and conversations. I heard people talking about their cancer, referring to dead relatives, religion, sexuality, pornography, politics, school, relationships, or drugs with no intention to activate Siri whatsoever.’

Smart cameras will soon check if you’re social distancing and wearing a mask

Fast Company 13.05.20

This tech bonanza boom is starting to stink:

‘As more states push to reopen certain businesses and relax stay-at-home orders, companies in the surveillance business are developing technology to help enforce social distancing. Motorola’s Avigilon subsidiary, for instance, is developing software for its latest-generation security cameras that will detect when people are standing too close or not wearing masks…  Carter Maslan, a former Google Maps product director who is now Camio’s CEO, says the social distancing product is a “wartime repurpose” story. Camio originally developed it to detect corporate instances of “tailgating,” in which one person swipes an entry card and several other people slip in behind. By drawing a grid in 3D space, Camio determines when people are standing too close, then presents those images in a searchable database.’

US states rush-recruiting Covid-19 contact tracers are overcompensating for their incompetence with authoritarianism

RT 13.05.20

‘Witch-hunt’ season legally opens in some US states:

‘Washington Governor Jay Inslee set out the details of his state’s “robust, vigorous and comprehensive” contact tracing plan earlier this week, warning that if it does not succeed, “this virus could come right back and bite us.” By Friday, he plans to have 1,371 contact tracers “trained and ready” - including 351 members of the state’s National Guard - with the hope of being able to pounce on positive test results and reach out to all a newly-infected person’s contacts within 48 hours. Until those people test negative, Inslee said, they must remain isolated - i.e. at home - and so must anyone who lives with them.  

With such dismal track records, these states’ governments are lucky their citizens trust them to pick up the trash, never mind to responsibly exercise the ever-expanding surveillance powers that have been seized under cover of the coronavirus.  No one is suggesting we abandon the notion of quarantining the sick - a tried and true method of containing epidemics. But after two months of quarantining even the healthy with a lockdown begun too late to provide the security for which Americans have traded our liberty, it’s time for government to show some restraint for a change.'

Coronavirus: Israel turns surveillance tools on itself

BBC 13.05.20

Very democratic (not) process taking place:

‘The Middle East's cyber-superpower has made extensive use of surveillance technology to try tackle Covid-19, as countries around the world grapple with the trade-off between privacy and monitoring infection… Arik Brabbing slips his surgical mask under his chin and breathes in Tel Aviv's warm air. He was better known during his three decades in the Shin Bet by his cover name “Harris".  Now retired, he says counter-terrorism technology is hunting down people exposed to Covid-19. 

"It's the same system, the same methods," he explains. "We know that someone was here in the park. We can get from the [phone] company all the details about the hour, the place, exactly the place... and we can understand who else was around.”  I ask him a series of questions - some get a response, others don’t.  Can people be monitored in real-time? "I cannot answer your question.”  How accurate is the geo-location data? "Accurate enough. It's a very, very, very sensitive tool, ok? But I don't want to add another word about the sensitivity," he says, arguing that it could reveal capabilities to enemies.  Can agents log-in to security cameras to track patients? "No, No, No. It is against the law." The Shin Bet "saved lives from terror, but it saves lives also from the corona," he says.’ 

Credit card companies are tracking shoppers like never before: Inside the next phase of surveillance capitalism

Fast Company 12.05.20

After being repeatedly told not to use cash during corona crisis, credit card companies are reeling the data in:

'“Transaction data is the holy grail for marketers today,” says Michael Moreau, cofounder of Habu, a Boston-based startup that helps advertisers marshal their data… These transactions have given rise to a complex data-selling ecosystem. At the heart of it are credit card processing networks, including Visa, American Express, and Mastercard, the latter of which took in $4.1 billion in 2019—a quarter of its annual revenue—from leveraging its warehouse of transaction data for services that include marketing analytics as well as reward programs and fraud detection. And then there are the banks, retailers, payment processors, and software companies that empower online transactions. Few disclose their methods; some actively obfuscate their work; all vow that personal data is anonymized and aggregated, and therefore secure…  Targeting individuals based on transaction data is “ridiculously easy,” says Robert Brill, founder of Brill Media, which uses data from Mastercard and other sources to buy digital advertising on behalf of clients.’

Just how anonymous is the NHS Covid-19 contact tracing app?

WIRED 12.05.20

Mission creep is what the NHSX app should be called:

‘“The DPIA clearly states that the data is valuable for research, and may be linked to other datasets at some point in future,” says Rowenna Fielding, a privacy and data protection expert at Protecture, a consultancy. “Although there are assurances in the DPIA that any such linkage or secondary uses of the data will be carried out with appropriate governance and controls, this claim cannot be taken at face value and must be backed up with clear lines of accountability, processes for evaluating linkage or export requests, and strong assurance monitoring.”  Fielding adds that one of the biggest risks to people being reidentified from the app is a “human one” rather than a purely technical one. “Pressure from this, or future governments to extend the purpose and functionality of the app, employers making use of the app mandatory as a condition of ongoing employment, inadequate control over the various third parties involved in the app’s functioning,” Fielding says. “The use of a centralised architecture – despite the privacy problems with this approach – would seem to indicate that there is intent (if not actual plans) to leverage the app for wider purposes than Covid-19 contact tracing.”’

Governments may see immunity passports as a way of reopening societies, but they’re a plunge towards totalitarianism

RT 07.05.20

‘The British government has been consulting technology company Onfido, which specialises in facial biometrics, about immunity passports, which it says may be “possible in months.”  And in the US, Google and Apple have announced that they are teaming up to develop contact-tracing technology based on Bluetooth, which will “help countries around the world slow the spread.” But amid all the excitement, few have stopped to question what good exactly immunity passports are supposed to do… Immunity passports are a breach of a fundamental rule of thumb, which previous generations fought and died for, but so many young people now have never been taught about. One principle remains true, even in a time of crisis – especially in a crisis, in fact, as that’s when  principles matter the most. That principle is this: that you should never have to identify yourself to the state. The state should identify itself to you.’

Universities quietly develop personal Covid-19 ‘risk score’ app in bid to mainstream Black Mirror-style social credit for student

RT 06.05.20

Corona has been a treasure bag for Big Brother adepts:

‘Three American universities have received government coronavirus funding to create a mobile app combining contact-tracing with an individual “risk score” – mimicking the Chinese apps the US denounced as dystopian nightmares… China’s social credit score is held up as the ne plus ultra of dystopian tracking systems, but the disconcerting multitude of companies scrambling to get in on the ground floor of tracking American citizens under the guise of fighting the coronavirus has the potential to make Beijing’s system look positively tame by comparison. From former Microsoft CEO Bill Gates’ proposed “digital certificates” to failed presidential candidate Mike Bloomberg’s private army of disease detectives to Google and Apple’s contact-tracing platform, Americans’ infection status has become a hot commodity.’

Coronavirus will turn your office into a surveillance state

WIRED 04.05.20

Privacy post-corona is dead:

‘Enlighted, a subsidiary of Siemens, is now pushing its software as a way to track people who may have coronavirus symptoms. Acting as a kind of contract tracing tool, the technology can monitor where infected employees have been, who they came in contact with, and which floors of an office they may have spread the virus in. Not only will executives know the extent of the exposure, but they can save money because they know specifically which rooms need a deep cleaning – so a whole 500,000 square foot facility doesn't have to be cleaned every time an employee tests positive for Covid-19… 

But it’s that collection of data, whether for cleaning or contact tracing, that is raising privacy concerns. While the technology will enable people to get back to work, will they feel more surveilled?   Some privacy advocates already believe it does. Gus Hosein, executive director of Privacy International, a London-based charity that defends privacy rights, says technical solutions such as these will only exacerbate the existing inequalities for those occupations already under a lot of surveillance – and that have little job security – such as delivery drivers and those working in warehouses or call centres. The data generated from this technology can now be used to target and sanction these employees, Hosein adds.  “This is a perfect storm of opportunistic vendors trying to profit off employers' fears; and employers' terrified of loss of further income, seeking solace in tech solutions,” Hosein said. “But ‘solutions’ such as this come in a wider context of increased workplace monitoring and surveillance. They bring promises of efficiency and productivity but with little regard for workers rights and well-being.”’

Will thermal cameras help to end the lockdown? (VIDEO)

BBC 30.04.20

Another really useless tech idea is touted for public consumption:

‘Thermal cameras detect whether people have a temperature. They are being tested at Bournemouth Airport, to see if they can detect carriers of the coronavirus before they infect others.   Hospitals and restaurants are also considering whether they could be a useful tool to enable the transition to a more normal world.’

‘Blow to privacy’: Top Israeli court to ban use of anti-terror tech on coronavirus patients, unless govt makes it law

RT 26.04.20

New coalition government has to halt its invasive surveillance measures.  Until it signs them into law:

‘In a ruling on Sunday, the court said that the government must discontinue its use of domestic intelligence service Shin Bet’s broad spying powers to track the cell phones of those infected, unless it comes up with at least a temporary order to codify the practice in the next few weeks, provided the legislative process kicks off by April 30.  “We must take every precaution to ensure that the extraordinary developments with which we are dealing these days do not put us on a slippery slope in which extraordinary and harmful tools are used without justification,” the court said, branding unchecked surveillance of Israeli citizens “a serious blow to the constitutional right to privacy,” which “should not be taken lightly.”’

7 Billion Suspects - The Surveillance Society (Video)

ARTE April 2020

Brilliant documentary looking at various surveillance tech surveillance around the world.

Australia launches controversial COVID-19 tracking app as some states start easing rules

REUTERS 26.04.20

Australia goes for surveillance app, and New Zealand to soon adopt it:

‘The Australian government launched a controversial coronavirus tracing app on Sunday and promised to legislate privacy protections around it as authorities try to get the country and the economy back onto more normal footing… A few countries, including South Korea and Israel, are using high-tech methods of contact tracing which involves tracking peoples’ location via phone networks, though such centralized, surveillance-based approaches are viewed as invasive and unacceptable in many countries.’

Contact apps won't end lockdown. But they might kill off democracy

The Guardian 25.04.20

Contact tracing will not work for various reasons:

‘You don’t need to be a rocket scientist, let alone an IT expert, to realise that there are legions of devils in the details. (Harvard’s Safra Center for Ethics has a very good guide to some of them.) Who tells your phone that you’ve been diagnosed, for example? Given the possibility that – in a post-lockdown scenario – individuals with Covid-19 might be subjected to stigma, harassment or dismissal, they might be understandably reluctant to broadcast the fact.  Then there’s the problem that not everyone has a smartphone, even though it’s commonly supposed in tech circles that they do. The pandemic has revealed that a significant minority of the population (mostly older people) still relies on olde-worlde feature phones. Moreover, it turns out that not all smartphones are created equal: one estimate is that 50% of all smartphones can’t use the proximity-sensing systems being developed by Apple and Google… 

If we get this wrong, not only will we not succeed in easing the lockdown, but we might also be kissing goodbye to the shrivelled democracy we still possess. There’s no lockdown exit through the App Store.’

Coronavirus: Drone patrol to enforce social distancing is scrapped over privacy concerns

The Independent 25.04.20

Sky policing measures abandoned in Connecticut:

‘A controversial eye-in-the-sky drone programme to enforce social distancing and monitor people for coronavirus symptoms has been grounded before its first flight.  The police department’s plans sparked uproar in the Connecticut town of Westport, and now won’t even get off the ground.  The pilot program was announced earlier in the week in partnership with Dragonfly, a health care data service… 

Westport resident Michael Picard said: “The decision by the Westport Police Department to scrap their drone program is a victory for the people and civil liberties, especially in a time of overreach.”  The ACLU’s David McGuire said: “We are not hearing a cry for new surveillance technologies. The urgent need at the moment, according to public health experts, is to ramp up testing capability, suppress transmission through social distancing measures, and support our hospitals as they face an influx of patients.”’

Surveillance a price worth paying to beat coronavirus, says Blair thinktank

The Guardian 24.04.20

Blair should have applied his think-tank resources prior to this century’s most devastating war:

’A dramatic increase in technological surveillance is a “price worth paying” to fight Covid-19, argues a report from the Tony Blair Institute for Global Change… A joint letter from almost 300 academics working in computer science and privacy rejected the dichotomy the TBI proposed, arguing that technological surveillance would hamper, not help, efforts to fight the coronavirus by wrecking the public trust that is needed for uptake.  The academics wrote: “It is crucial that citizens trust the applications in order to produce sufficient uptake to make a difference in tackling the crisis. It is vital that, in coming out of the current crisis, we do not create a tool that enables large-scale data collection on the population, either now or at a later time. Thus, solutions which allow reconstructing invasive information about the population should be rejected without further discussion. Such information can include the ‘social graph’ of who someone has physically met over a period of time.”’

Facebook’s name-and-shame coronavirus groups are hellish

WIRED 23.04.20

Witch-hunts on the rise:

‘During the UK’s lockdown, nosey neighbours have turned to social media to name and shame those who flaunt government guidelines or businesses alleged to have hiked prices. On Facebook, searching ‘Covid name and shame’ brings up more than 30 coronavirus-related groups with tens of thousands of members. But are they consumer champions, protecting the average person against predatory business practices, or digital vigilantes potentially doing more damage than good?  One of the biggest groups is ‘Covid-19 The Good The Bad And The Ugly – The peoples Group!’. Since March 19, it has gained more than 10,000 members. “We believe the popularity was due to it being such an accessible platform for people to voice their concerns, disdain and outrage,” says group creator Jay Ace. The group abides by self-imposed guidelines. Bullying is not tolerated and keyword alerts notify admins to instances of racism or homophobia. Personal addresses are also banned, but shamed shops are not treated with the same anonymity… 

It’s little surprise these groups are thriving, as the onus on policing behaviour is being placed on the public. Of the UK’s 43 police forces, at least 26 of them have created dedicated online forms for reporting apparent breaches of government guidelines, and police forces have been inundated with calls. On April 7, Derbyshire Police chief constable Peter Goodman told the Home Affairs Select Committee that 11 per cent of all its calls are now Covid-19 related. In response, the public are being encouraged to reprimand neighbours themselves, with a statement on the official Ask the Police website advising that “in relation to one-off incidents, you initially speak to the people about your concerns.”’

Coronavirus tests Germans’ devotion to privacy

Coda 21.04.20

Germans are saying no to data mining:

‘The Academy of Sciences Leopoldina in the central German city of Halle advocated the voluntary collection of mobile phone data, in order to gain a better overview of the epidemic, even suggesting that data protection legislation be “reevaluated and, if necessary, adjusted in the short term.” Involuntary mass collection of location data has also been floated at the government level, before being withdrawn… As the newspaper Handelsblatt explains, “angst about potential surveillance is rooted in Germany’s past.” The combined legacy of the Nazi Gestapo and the East German Stasi are thought to be part of the reason Germany has been a pioneer in data protection — with legislation dating back to the 1970’s. This attitude to personal data has been tested, however, by recent discussions about the extent of measures that the government can take to control the Covid-19 pandemic.’

2 billion phones cannot use Google and Apple contact-tracing tech

Ars Technica 20.04.20

Not only would this surveillance system be redundant for lack of mass testing, but the hardware needed would exclude $2 billion smartphone users.  I bet it will still go ahead anyway:

‘Apple’s iPhones and devices running on Google’s Android operating system now account for the vast majority of the 3.5 billion smartphones estimated to be in active use globally today. That provides a huge potential network to track infection, with surveys suggesting widespread public support for the idea.  The two rivals are collaborating to develop a contact-tracing system for release as soon as next month.  However, their scheme relies on specific wireless chips and software that are missing from hundreds of millions of smartphones that are still in active use, particularly those that were released more than five years ago.’

App-based contact tracing may help end coronavirus lockdowns

The Economist 16.04.20

They would be useless without mass testing:

‘Smartphone contact tracing is just one part of a broader infrastructure that must be built to track down SARS-CoV-2 faster than it can spread through the population. It will not, for instance, be worth much unless ways of testing and diagnosing people en masse are also rolled out. Without these, there will be no information to feed back into the app network about who may be spreading the virus… 

It is also important not to invest too much in the idea that automation is everything. Apps and phones can certainly provide location and proximity data, but only human tracers can bring human intelligence to bear on the matter. For example, in late January Taiwan’s contact-tracing team successfully used a mixture of data from the country’s national-health-insurance system and its mobile-phone firms to track down the source of infection for the island’s first covid-19 death—the unlucky taxi driver had picked up a Chinese businessman at the airport. They did this without resort to Bluetooth tracking apps—albeit that their ability to scrutinise the data they needed required the invocation of national-emergency powers.’

Don’t trust Apple or Google with coronavirus data, says German app developer

RT 14.04.20

Tech giants should be taken off the round table:

‘Apple and Google unveiled an app last week that uses bluetooth connections to trace the spread of the Covid-19 coronavirus… In Europe, the rollout of such apps has been met with privacy concerns. "We do not think it is the best solution that Google and Apple own the server on which all the contacts plus the medical status of citizens around the world are uploaded," Julian Teicke, a leader of Germany's Healthy Together startup initiative, told Reuters on Tuesday.   "What we need is an independent party that allows governments some kind of control over what happens with this medical and contact data," he added.’

Apple and Google are building a coronavirus tracking system into iOS and Android

The Verge 10.04.20

Tech giant united! Enter dystopia:

‘The new system, which is laid out in a series of documents and white papers, would use short-range Bluetooth communications to establish a voluntary contact-tracing network, keeping extensive data on phones that have been in close proximity with each other. Official apps from public health authorities will get access to this data, and users who download them can report if they’ve been diagnosed with COVID-19. The system will also alert people who download them to whether they were in close contact with an infected person.  Apple and Google will introduce a pair of iOS and Android APIs in mid-May and make sure these health authorities’ apps can implement them. During this phase, users will still have to download an app to participate in contact-tracing, which could limit adoption. But in the months after the API is complete, the companies will work on building tracing functionality into the underlying operating system, as an option immediately available to everyone with an iOS or Android phone.’

Coronavirus: How technology and apps could allow the UK to leave lockdown – but impose new restrictions of their own

The Independent 10.04.20

Once tracking tools take place, privacy shatters and will not be given priority:

‘The visions proposed by technologists for countries like the UK – and already adopted in some form by other places – is that in the months to come, as lockdown lifts, our movements and networks could be governed by technology. Citizens will move back to something like normality, the hope is, but may sometimes be buzzed to say that their phone has been in contact with another phone that belongs to an anonymous person suspected to have Covid-19 – and that they should stay indoors.

Such solutions will require access to people’s most personal data – their location, their health history, and that of their friends – if it is to be successful. The world could face a profound trade-off between the privacy of that data and the speed with which they are able to go back to normal and be forced to choose between the efficacy of such technology and the protection of the information it relies on… 

“Technology can play an important role in the global effort to combat the COVID-19 pandemic, however, this does not give governments carte blanche to expand digital surveillance,” said Rasha Abdul Rahim, deputy director of Amnesty Tech.  “The recent past has shown governments are reluctant to relinquish temporary surveillance powers. We must not sleepwalk into a permanent expanded surveillance state.  “Increased digital surveillance to tackle this public health emergency can only be used if certain strict conditions are met. Authorities cannot simply disregard the right to privacy and must ensure any new measures have robust human rights safeguards.  “Wherever governments use the power of technology as part of their strategy to beat Covid-19, they must do so in a way that respects human rights.”’

Twitter jams open a back door to track your phone – which may already be in use by the government 

RT 09.04.20

Twitter opens itself up to location tracking:

‘Twitter is no longer allowing users to hide private data like their phone’s unique tracking identifier from advertisers, at the same time the US government is apparently targeting advertiser data to track Covid-19. Coincidence?   The social media giant announced the changes in a popup when users logged in on Wednesday, glibly informing those outside Europe that they would no longer be able to disable sharing “mobile app advertising measurements” and that there was nothing they could do about it… 

Even those who believe enhanced government surveillance during a pandemic is justified need only look to history to observe how ’wartime powers’ are seldom relinquished during peacetime. While it would be naive to claim Twitter isn’t already funneling users’ private data to governments as well as its corporate clients – that has been public knowledge since former NSA contractor Edward Snowden released documents on the PRISM project in 2013 – the growing romance between Big Brother and Big Tech should be cause for concern for anyone interested in ensuring privacy doesn’t become the biggest casualty of the coronavirus epidemic.’

The NHS coronavirus app could track how long you spend outside

WIRED 08.04.20

All of these measures mean absolutely nothing if no tests are available:

‘The NHS is drawing up plans that could see it expand the remit of its coronavirus contact-tracing app to enforce social distancing by warning people if they spend too much time outside.  The smartphone app, currently under development at the health service’s innovation unit NHSX, is expected to be released within weeks. Its main purpose has been reported as “contact-tracing”: it would keep tabs of users’ encounters with their contacts through Bluetooth, and then automatically notify those people if a user is infected with coronavirus... 

Silkie Carlo, director of the pro-privacy campaign group Big Brother Watch, criticises the plan, saying that “a government-backed location tracking app risks the most insidious mission creep.”  “If authorities use this crisis as an opportunity to extend surveillance, they will haemorrhage trust and undermine important public health measures.”  News that the government – through NHSX – was planning the launch of a contact-tracing app first emerged last week, in a report by Sky News. The report revealed that the technical side of the development had been contracted out to US technology firm VMware, while the algorithm had been designed by the University of Oxford’s Nuffield Department of Medicine.’

“The only way to make sure that citizens trust it, is to be radically transparent”—covid-19 surveillance (podcast)

The Economist 06.04.20

Hal Hodson, The Economist’s technology editor talks about the possible pitfalls when a surveillance state is enacted and where full transparency fails.

Tracking everyone’s whereabouts won’t stop COVID-19

Fast Company 04.04.20

The tech measures being touted as the only way to fight a pandemic have little or no relevant input in such a crisis:

‘Following China, Taiwan, and South Korea’s success in bending the curve of infection, commentators and surveillance vendors are urging governments in the U.S. to replicate their use of invasive surveillance tools, even when it’s unclear whether this technology is actually effective at fighting the coronavirus. Rather than simply accepting tracking with open arms, Americans should be wary of geeks bearing gifts. Today’s startups could do more than squander venture capital dollars—their misguided COVID-19 surveillance measures may cost lives and undermine our democracy… 

Even if lawmakers agree to limits on COVID-19 surveillance data today, they might roll limits back tomorrow. When past civil rights have been curtailed in times of crisis, whether Lincoln’s suspension of habeas corpus or Congress’s enactment of the USA PATRIOT Act after 9/11, these “temporary measures” long outlived the crises they sought to address. If we respond to the coronavirus with invasive, high-tech surveillance, we risk history repeating itself. It’s a dangerous bargain, especially when our most effective tool against the virus is not some new high-tech tracking system: It’s low-tech soap.’

Coronavirus: location-tracking apps could stop the disease – here’s how

The Conversation 06.04.20

A fearful population would always submit to surveillance measures which will not go away after the crisis has ended:

‘By modelling the spread of the virus in response to different tracing strategies, the researchers showed that only digital contact-tracking could get control over the pandemic. This would involve using a smartphone app to track people’s movements and automatically notifying them if they have come in contact with someone known to have caught the virus. It would then encourage them to immediately self-isolate and prevent further contamination. 

The location-tracking aspect of the app could be enhanced by enabling users to check in to locations such as shops, public transport stations or workplaces. To encourage more people to use the app, it could also provide access to health services, information and even food or medicine deliveries during self-isolation. The researchers also said that the app should be combined with other measures such as social distancing and frequent handwashing… 

Of course tracking apps presents risks to public trust. One challenge is to ensure that tracking systems are not indefinitely maintained. When the pandemic is over, citizens need assurance that Big Brother will not be looking over their shoulder. There also needs to be transparency over who has access to the data, what they can do with it, and when it will be destroyed.

But in the meantime, the new research suggests digital contact tracing is likely to be the best means for restoring a sense of safety and freedom in our communities.’

We're watching you: COVID-19 surveillance raises privacy fears

Al Jazeera 03.04.20

Worldwide encroachment on privacy is taking place:

‘Rights advocacy group Privacy International has called the roll-out of emergency laws, mandatory tracking and various other surveillance tools an "assault on people’s liberties unprecedented in its global scale”.  Advocacy director Edin Omanovic says that while many measures are based on the advice of health experts and some "well-designed apps based on consent are relatively harmless" and effective, it is vital to make sure they are based on evidence and need and respect data protection laws.

There should be no place for apps that are effective but overstep people's civil rights, he says.

"You could also force someone to quarantine by aiming a sniper sight at their head, but that doesn’t mean we should celebrate the utility of snipers in responding to the crisis," Omanovic said.  " There are far less intrusive alternatives which don’t undermine people’s safety and empower unaccountable government units.”… 

Erik Baekkeskov, a senior lecturer in Public Policy at the University of Melbourne, told Al Jazeera that two factors often seen in public policy-making could work in tandem so political power can be consolidated.   "One is the window of opportunity presented by the crisis to create new policies that actually favour the leadership, its allies or its constituencies. COVID-19 is enabling leaders in many countries to enact policies in the name of responding to the disease that they would not normally be able to get approved," Baekkeskov said.  The other factor is institutionalisation, which allows such policies to stay in place even after the problems they were developed for have gone away.'

Coronavirus: Privacy in a pandemic

BBC 02.04.20

Data sharing is open season now:

‘Earlier this week the British Prime Minister shared a picture of an online Cabinet meeting, complete with the Zoom meeting ID and the usernames of ministers. And millions of us are sharing views of our kitchens over this and other video-conferencing apps, without apparently being too concerned about poor privacy controls.  Meanwhile, the National Health Service in England has sent out a document that appears to mark a shift in its policy on patient data, giving staff more latitude to share information relating to the coronavirus. In particular, it mentions the use of data to understand trends in the spread and impact of the virus and "and the management of patients with or at risk of Covid-19 including: locating, contacting, screening, flagging and monitoring such patients”… 

We can see this battle playing out in the debate over the contact-tracing apps now being considered by a number of European countries, including the UK.  A press conference with a consortium of European scientists aiding their development began with a clear declaration about putting privacy at their core.  Hans-Christian Boos, an AI entrepreneur and adviser to Chancellor Merkel, is one of the initiative's leaders.  He said one of the motivating factors was to address the question: "Can we really build proximity-tracing while preserving privacy completely?”'

Coronavirus: Israeli spyware firm pitches to be Covid-19 saviour

BBC 03.04.20

A much-maligned company from a repressive regime would like to track people from all nations:

‘A controversial Israeli cyber-security company is marketing software that uses mobile phone data to monitor and predict the spread of the coronavirus.  NSO Group says it is in talks with governments around the world, and claims some are already testing it…  

NSO said a number of governments around the world were piloting the system, but would not reveal their identity or whether any of them had started using it in the field.’

Coronavirus: UK considers virus-tracing app to ease lockdown

BBC 31.03.20

Tracking apps to go the way of China.  Tech to the rescue!:

‘The location-tracking tech would enable a week's worth of manual detective work to be done in an instant, they say.  But the academics say no-one should be forced to enrol - at least initially.  UK health chiefs have confirmed they are exploring the idea.

"NHSX is looking at whether app-based solutions might be helpful in tracking and managing coronavirus, and we have assembled expertise from inside and outside the organisation to do this as rapidly as possible," said the tech-focused division's chief Matthew Gould”.  

To encourage take-up, it is suggested the app also acts as a hub for coronavirus-related health services and serves as a means to request food and medicine deliveries.

The academics note that similar smartphone software has already been deployed in China. It was also voluntary there, but users were allowed to go into public spaces or on public transport only if they had installed it.’

Coronavirus: Russia includes jail terms to enforce crackdown

BBC 31.03.20

Each country deals with lockdown differently:

‘The Russian parliament has approved an “anti-virus” package of laws including up to seven years in prison for serious violations of quarantine rules.

The tough laws and amendments were rushed through in record time, as regions across Russia followed Moscow’s lead in imposing strict lockdowns, to slow the spread of coronavirus.  

The starkest amendment in the package of laws, with a seven-year prison sentence, will apply if someone with coronavirus breaks the quarantine and others die as a result.

There are also hefty fines for healthy people who simply violate the order to stay at home, and a potential new punishment of up to five years for spreading dangerous, fake news about the epidemic… 

Officials plan to use phone tracking as well as a wide and sophisticated network of surveillance cameras to implement the quarantine and hold any rule-breakers to account.’

Bosses Panic-Buy Spy Software to Keep Tabs on Remote Workers

Bloomberg 27.03.20

Pandemic allows bosses to keep tabs on employees:

‘With so many people working remotely because of the coronavirus, surveillance software is flying off the virtual shelves. “Companies have been scrambling,” said Brad Miller, CEO of surveillance-software maker InterGuard. “They’re trying to allow their employees to work from home but trying to maintain a level of security and productivity.”

Axos spokesman Gregory Frost said in a statement that “the enhanced monitoring of at-home employees we implemented will ensure that those members of our workforce who work from home will continue” to meet quality and productivity standards that are expected from all workers… 

Along with InterGuard, software makers include Time Doctor, Teramind, VeriClock, innerActiv, ActivTrak and Hubstaff. All provide a combination of screen monitoring and productivity metrics, such as number of emails sent, to reassure managers that their charges are doing their jobs.’

Big Tech teams up with White House to battle Covid-19 – and spy on us all

RT 28.03.20

Phone tracking is in fashion:

‘Considering how many Americans use Apple devices – almost 200 million, according to some of the most recent estimates – the app certainly seems like the ideal way for the authorities to identify and track everyone who might be displaying symptoms of the coronavirus.
There is no question that cell phone data can be, and is being, tracked. The video clip showing the dispersion of Spring Break-goers from Florida back across the US, which went viral on Thursday, is proof of that.’

Amazon's Alexa now offering to diagnose coronavirus in happy marriage of Big Tech with Big Brother

RT 28.03.20

Alexa can hear you cough, advise on testing and in listening in to your domestic interactions, call the police on you:

‘Given the Orwellian legislation being passed in the UK - and proposed in the US - that would permit authorities to detain suspected coronavirus patients indefinitely, the “Alexa heard you cough, please come with us” scenario isn’t as far-fetched as it might seem. Amazon is inextricably intertwined with the US government - its servers host the CIA, NSA, Department of Homeland Security, and Department of Defense, among other agencies - and governments have always used crises to adopt draconian policies their subjects would not otherwise accept. Coronavirus is no different. This time, however, Big Brother has Big Tech on his side, and the little guy doesn’t stand a chance.’

‘This could get Orwellian really fast’: COVID-19 could end privacy as we know it https://www.fastcompany.com/90482264/this-could-get-orwellian-really-fast-covid-19-could-end-privacy-as-we-know-it

Fast Company 26.03.20

When data in the name of health security may get highjacked:

‘Cities overseas are using thermal cameras to detect symptoms of infection. Some places, including China and Hong Kong, have employed drones to monitor excessive social interaction or connected wristbands to ensure patient compliance. Even here in the U.S., the White House has considered the use of mobile location data analytics for tracing contact among residents.
But while using this data effectively can save lives, the global mobilization to save people from the scourge of COVID-19 also reveals the urgent need for governments to set policy for sometimes-untested surveillance tech and data use. If data is employed to track down new cases of COVID-19 and to urge close contacts to quarantine, what happens to that data once the pandemic is over?’

Privacy Advocates Are Sounding Alarms Over Coronavirus Surveillance

CoinDesk 23.03.20

Big Data = the new petrol:

‘Last week the Wall Street Journal reported the Centers for Disease Control (CDC) enlisted Palantir, a data-analysis behemoth that works with law enforcement and other government security agencies, to model outbreak data. Palantir and Clearview AI, the facial recognition startup that acquired billions of facial images through public web scraping, have been in contact with state governments about tracking people who came in contact with infected individuals….
There is a precedent for this, and from not long ago. The 9/11 terrorist attacks in 2001 led to an expansion of surveillance cameras and networks across the U.S. and the Patriot Act, a federal law that removed legislative guardrails to government surveillance and decreased transparency, accelerating the National Security Agency’s intrusive and massive surveillance capabilities later revealed by whistleblower Edward Snowden...
Despite the public backlash against the NSA’s practices, lawmakers have yet to de-authorize it.  Experts recognize the fundamental need to address immediate consequences of the coronavirus pandemic, but there is skepticism Clearview AI or Palantir would offer the required transparency and least intrusive approach.  Garvie worries about crisis profiteering. “It’s the use of fear to market surveillance tools,” says Garvie.  “I just caution anyone considering contracting for these tools to make sure the decision is not being driven by the supplier, by the company, using the crisis to push through unnecessary surveillance mechanisms.”’

Coronavirus is forcing a trade-off between privacy and public health

Technology Review 24.03.20

When a vaccine for coronavirus may get privacy laws obliterated:

‘Many countries that have successfully contained their outbreaks, including China, South Korea, and Singapore, have utilized aggressive surveillance measures to track and isolate infected individuals. Other countries that have been trigger-shy about similar measures, like Italy and Spain, now face devastating caseloads that have overwhelmed their health-care systems. The US, traditionally one of the most privacy-preserving governments, is now buckling under the pressure: the White House has begun talks with Google and Facebook about tapping into their data on users’ movements.’

Never let a crisis go to waste: US lawmakers bask in coronavirus panic while quietly building the police state of their dreams

RT 20.03.20

Coronavirus is indeed a wet dream for governments with fascist inclinations:

‘The ominously-named EARN IT Act (short for “Eliminating Abusive and Rampant Neglect of Interactive Technologies Act”) that quietly debuted in the Senate earlier this month is a carefully crafted weapon for crushing encryption without explicitly banning, industry professionals have warned. While this particular bill purports to be all about ending child sexual exploitation, the industry is concerned it will make their business model unsustainable - while doing nothing to protect children… 

Just as the September 11 terror attacks were quickly weaponized by the George W. Bush administration to impose unprecedented restrictions on Americans’ civil liberties in the form of the Patriot Act and accompanying legislation, so is coronavirus becoming an excuse for lawmakers of all levels to dig out their police-state wish-lists and start crossing off items, taking advantage of the biggest distraction the country has seen in nearly two decades… 

One can certainly point out that China’s (and Italy’s, and France’s) heavy-handed emergency measures, restricting citizens to their homes and (in the most extreme cases) sending tanks through the streets are saving lives. Unfortunately for Americans, police state powers adopted during a crisis are almost never relinquished - and never without a fight. When the country makes it through this crisis, its people will have another long, hard battle to fight if they hope to claw back their lost civil liberties.’

Phones Could Track the Spread of Covid-19. Is It a Good Idea?

WIRED 15.03.20

Tech dynasties think it’s a great idea:

‘An open letter signed by several dozen prominent technologists, executives, and clinicians, posted on Tuesday, called on the tech industry to do more to combat the coronavirus. Among other things, the group recommended that Apple and Google update their smartphone software to make it possible to track contact between people, providing users grant permission. Apple and Google did not return requests for comment.

“If such a feature could be built before SARS-CoV-2 is ubiquitous, it could prevent many people from being exposed,” the letter suggests. “In the longer term, such infrastructure could allow future disease epidemics to be more reliably contained, and make large scale contact tracing of the sort that has worked in China and [South] Korea, feasible everywhere.”

Peter Eckersley, a distinguished technology fellow at the Electronic Frontier Foundation and a signer of the letter, says it should be possible to implement such a system without establishing a national database that could enable government surveillance. “The checks could happen privately on your own phone” or with advanced security software, he says.

The Covid-19 outbreak is rapidly inspiring new approaches to scientific research, disease detection, and drug development. Smartphone surveillance might seem like a good solution to tracking the spread, but it is far from guaranteed to work. And it might do more harm than good.'

Coronavirus vs. the Mass Surveillance State: Which Poses the Greater Threat?

Counterpunch 12.03.20

A good assessment of society’s trajectory:

‘Without constitutional protections in place to guard against encroachments on our rights when power, technology and militaristic governance converge, it won’t be long before we find ourselves, much like Edward G. Robinson’s character in Soylent Green, looking back on the past with longing, back to an age where we could speak to whom we wanted, buy what we wanted, think what we wanted, and go where we wanted without those thoughts, words and movements being tracked, processed and stored by corporate giants such as Google, sold to government agencies such as the NSA and CIA, and used against us by militarized police with their army of futuristic technologies.’

What is DingTalk, Alibaba’s Slack equivalent that quarantined kids in China hate?

QUARTZ 10.03.20

New Chinese app tells how what to do and when to do it:

‘The productivity app from e-commerce giant Alibaba has long had a love-and-hate relationship with Chinese employees, with one observer calling it an “Orwellian” version of Slack. In recent weeks, it’s been review bombed by its newest users, after Alibaba adapted the app for the country’s gigantic online learning experiment…. “I really feel DingTalk is like hell, especially when I finally have some time off and want to have a good sleep but am awakened by ‘Ding’ messages,” said a user on Zhihu, a Chinese question-and-answer website. “DingTalk is a high-tech, modern day shackle used by management to treat employees as slaves,” said another.'

EU privacy rules no obstacle to coronavirus fight; smartphone tracking a no-no

REUTERS 10.03.20

GDPR will bend rules in some countries to track affected coronavirus people:

‘Technophiles support the use of such data to reconstruct the movements of people exposed to the flu-like virus and identify others at risk of infection. Privacy advocates counter that this approach, used in China, subjects people to the kind of digital surveillance that has no place in a Western democracy… 

Italy, the European country hardest hit by coronavirus, has passed emergency legislation requiring anyone who has recently stayed in an at-risk area to notify health authorities either directly or through their doctor.  Germany, meanwhile, recently inserted wording into its GDPR enabling legislation that specifically allows for the processing of personal data in the event of an epidemic, or natural and man-made catastrophes, said Lutz.’

CHANGE PASSWORDS ON YOUR DEVICES TO STOP CAMERAS IN YOUR HOUSE SPYING ON YOU, GOVERNMENT WARNS

The Independent 04.03.20

‘Caroline Normand, Which? director of advocacy said: "Which? has repeatedly exposed serious security flaws with devices including wireless cameras and children's toys, so mandatory security requirements and strong enforcement that ensures manufacturers, retailers and online marketplaces are held accountable for selling unsecure products is essential.

"Until new laws are in place, it is vital that consumers research smart device purchases carefully, and follow guidance to ensure their devices are protected by strong passwords and receiving regular security updates to reduce the risk of hackers exploiting vulnerabilities.”'

Amazon's Ring logs every doorbell press and app action

BBC 04.03.20

Ring’s logging of data far surpasses that of its original use:

‘The details were revealed via a data request submitted by the BBC.  It also disclosed that every interaction with Ring's app is also stored, including the model of phone or tablet and mobile network used.  One expert said it gave Amazon the potential for even broader insight into its customers' lives.

"What's most interesting is not just the data itself, but all the patterns and insights that can be learned from it," commented independent privacy expert Frederike Kaltheuner… "Data access requests only ever show us the tip of the iceberg of the amount of data that companies collect about us," commented Ms Kaltheuner.  "There's huge value - and power - in collecting non-personal data for all sorts of purposes: market research, training and AI.  "Even anonymous data can have privacy implications, for instance about the collective privacy of, say, a housing block, a group of people, or a household unit.”'

You’re under arrest—and live on camera

Fast Company 03.03.20

As if Ring doorbells aren’t enough, US police to use live video recording enhanced with real-time drone footage:

‘“We were able to verify the gunman’s and officers’ locations, and gather more intelligence because we were live-streaming,” says Randall McGlamery, the police department’s spokesperson. Henry County, which adopted the technology in 2017, is one of the first of a growing number of police agencies using live video to remotely monitor encounters from the vantage point of officers’ chests. “If you’re in a chase or if you’re in a flight or if we think something’s wrong, we can tap in live, and in real time know what’s happening remotely, and report to other people what’s going on,” says McGlamery.  The technology also heralds other new tantalizing police-enhancing tools, he adds: “I think we’ve just touched the bottom level of what is going to happen in the future.”…  

“Police body cameras were never supposed to be like another kind of surveillance camera; they were supposed to be an oversight mechanism,” says Jay Stanley, a senior policy analyst with the American Civil Liberties Union. “The danger is that by streaming to a centralized location, they become much more like government surveillance and less like oversight.”’

Smart camera and baby monitor warning given by UK's cyber-defender

BBC 03.03.20

When a stranger can talk to your baby:

‘In one, the attacker spoke to a young girl, pretending to be Father Christmas. In another, a couple from Leeds had been watched thousands of times online without their knowledge. And security researchers easily breached an adult toy that had a camera attached, in 2017.’

Rail station wi-fi provider exposed traveller data

BBC 02.03.20

Free WiFi at stations reveals personal details available online:

‘The database, found online by a security researcher, contained 146 million records, including personal contact details and dates of birth.  It was not password protected.‘

Coronavirus Spending Bill Could Be Used to Cement Spying Powers, Surveillance Critics in Congress Warned

The Intercept 27.02.20

In the US, coronavirus bill could be used to get surveillance bill back. I anticipate that a lot of countries would be using the virus as an excuse to have surveillance powers enshrined in law:

‘House skeptics of mass surveillance have good reason to fear that funding to combat the impact of coronavirus may be used to pass this legislation. The last time critics of government overreach attempted to reform the USA Freedom Act — which modified the Patriot Act — they were denied a standalone vote, when it was instead attached to a must-pass government spending bill. The promise from leadership at the time was that the extension would be short-term, and skeptics would have an opportunity the next time around for reforms. That’s now in doubt.
“We have to have a separate vote on something as important as this FISA reauthorization,” said Rep. Pramila Jayapal, D-Wash., a member of the Judiciary Committee.’

Slouching towards dystopia: the rise of surveillance capitalism and the death of privacy

New Statesman 26.02.20

A very good article charting the road to privacy death:

‘The important point is that surveillance and our passive acceptance of it lies at the heart of the dystopia we are busily constructing. It doesn’t matter which technology is used to identify people: what matters is that we can be identified, and then correlated and tracked across everything we do. Mass surveillance is increasingly the norm… What’s happened in the West, largely unnoticed by the citizenry, is a sea-change in the social contract between individuals and the state. Whereas once the deal was that we accepted some limitations on our freedom in exchange for security, now the state requires us to surrender most of our privacy in order to protect us. The (implicit and explicit) argument is that if we have nothing to hide there is nothing to fear. And people seem to accept that ludicrous trope. We have been slouching towards dystopia.’

YOLO Creator Joseph Redmon Stopped CV Research Due to Ethical Concerns

SyncedReview 24.02.20

YOLO creator stops research due to disquiet about its military use:

‘Joseph Redmon, creator of the popular object detection algorithm YOLO (You Only Look Once), tweeted last week that he had ceased his computer vision research to avoid enabling potential misuse of the tech — citing in particular “military applications and privacy concerns.”…
Redmon said he felt certain degree humiliation for ever believing “science was apolitical and research objectively moral and good no matter what the subject is.” He said he’d come to realize that facial recognition technologies have more downside than upside, and that they would not be developed if enough researchers thought about the broader impact of the enormous downside risks.’

Barclays scraps ‘Big Brother’ tracking software after backlash from staff and campaigners  

The Independent 20.02.20

Software at Barclays used to monitor employees is scraped:

‘The bank implemented a new pilot scheme last week which allowed managers to see individual data on how long each staff member was away from their desk and sent warnings to those deemed to be slacking. …

Campaign group Privacy International said: “Data protection rules are very clear, strict and do not allow employers to carry out such monitoring unless they are able to prove that this is strictly necessary and proportionate and it does not severely impact employees’ rights.  “People are entitled to some fundamental rights even if they are in work,” it said. “International banks are no exception.”  Mary Walker, employment and HR expert and partner at law firm Gordons, said employees had a “legitimate interest” in making sure staff work efficiently.’

Internet privacy: the apps that protect you from your apps

The Guardian 16.02.20

More apps to be deployed to deter data collectors.  The only snag is you have to totally trust them:

‘For trackers across the net, that means the app maintains a blacklist, preventing the worst offenders from loading on to protected devices at all. Then, in situations where the snoopers might be sitting between the device and the internet – think an unscrupulously monetised airport wifi – the app offers a simple VPN service that kicks in automatically when needed, preventing anyone else on the connection from seeing what’s being shared.

Anyone, that is, other than Disconnect.Me. Because the difficult problem with the new wave of privacy apps is that, to use them to keep your data safe, you have to really trust them with the most sensitive information of all…

Services such as Jumbo make an even bigger demand: for that app to work, it must request and store your usernames and passwords for every service you want it to work with, probably the most sensitive passwords you have, given the importance of accounts on Facebook, Google and Amazon.’

FACEBOOK DATING LAUNCH BLOCKED AMID CONCERNS OVER PEOPLE’S PERSONAL DATA

The Independent 13.02.20

‘The company had planned to launch the feature in time for Valentine's Day but that has now been delayed because regulators were unsure what it would be doing with the data gathered through the service, according to the Irish Data Protection Commission (DPC)…The company had intended to roll out the feature across Europe on 13 February, according to the DPC. It said that it had only heard about it on 3 February, and that it was "very concerned that this was the first we'd heard from Faceook Ireland about this new feature", given it was supposed to roll out so soon.’

1 in 10 Americans uses stalkerware to track partners and exes, poll finds

CNET 12.02.20

That’s an alarmingly huge number of stalkers:

‘Because the apps run in the background, victims receive no notification that someone has installed stalkerware on their devices. The stealth nature of the apps makes them dangerous, Roundy says, and NortonLifeLock notifies users when the apps are detected…  The apps fit an odd category of malicious software that can harm users but is sold legally. It's installed by people who know the victims, rather than distant cybercriminals. Roundy said people often use stalkerware when relationships are ending, a time when domestic violence experts say the risk of harm to an abused partner is highest.’

A World Without Privacy Will Revive the Masquerade

The Atlantic 07.02.20

No efficient ways are left to retain privacy, this must change:

‘We’ll need a combination of old-fashioned political pressure to situate and vindicate privacy rights in law, limiting data collection and use, and the forging of new technical tools to make compliance with that law easier. Restrictions on collection and use of data can bring up short the current race to the bottom, and a follow-on slide toward the paranoia of Pseudoworld. It should not only be that the lucky few can manage to buy and practice their way into a semblance of even the reduced privacy we enjoy today. Functional anonymity is as valuable in commerce as in speech. The burden shouldn’t be borne by those on whom these technologies are deployed. It must be shared by those who want to know all about us, and who would further subtly shape us according to their own imperatives.’

Schools to use teacher body cameras to combat bad behavior amid privacy concerns

RT 06.02.20

Has the classroom become a combat zone?

‘Schools in England are equipping teachers with body cameras in a bid to “de-escalate” confrontations in the classroom as part of a trial program with the intention to make them a permanent feature, raising privacy concerns.’

This year privacy-first tech will (slowly) start going mainstream

WIRED 05.02.20

Let’s hope so!

‘In 2020, we’ll see far more demand from founders, entrepreneurs, employees and investors to change technology’s existing business models. This will include proactive measures to ensure that technology is responsibly designed to protect consumer privacy, promotes human well-being and supports further innovation. Technology can and should be a force for creating opportunity and social good, and companies focused on building privacy-first solutions will shine.

And the impetus won’t just come from startups. In 2020, we will see a household name (my money’s on Apple) announce a product feature that offers its users far more control over their data, leading to more innovation and creativity across the industry. And, from the point of view of us consumers, there will be no going back. Now that we understand that we can (and should) have the delightful and personalised internet experiences we’re used to, built on technology that prevents our data from being shared and monetised, why would we settle for anything less?’

Google admits it let random strangers download your videos… as it seeks monthly fee for rifling through your photos

RT 05.02.20

‘The search behemoth has quietly notified users of its Google Takeout service, which downloads a user’s Google Data archive, that an unspecified number of their private videos ended up in random users’ Takeout archives.

…No less than Amnesty International has slammed Google’s “surveillance-based business model” for weaponizing personal data and making submission to the digital Panopticon a prerequisite for accessing services as basic as searching the internet. Google already has eyes and ears in many users’ homes in the form of its Nest smart-home system, complete with a camera that can’t be turned off, but there’s no such thing as too much data.’

Will we just accept our loss of privacy, or has the techlash already begun?

The Guardian 02.02.20

‘Alan Rusbridger chairs the Reuters Institute for the Study of Journalism and is a senior adviser to Watatawa communications consultancy’:

‘So one scenario is that nothing much will change. Elite newspapers and Harvard professors can wring their hands about the human rights implications and the menacing power of the algorithm. But, in the end, the world has moved on and the privacy genie is never going back into the bottle. A second scenario is that there will be some sort of techlash, with consumers increasingly changing their privacy settings – both real and metaphorical.  

A third scenario could see a gradual shift in behaviours as new players enter the market, along with new technologies that allow for the better stewardship of personal data. So-called edge computing seeks to move information out of the cloud and back on to personal devices. Think of the developments in the Apple iPhone that seek to do encryption and store biometric information on your smartphone itself rather than pinging information halfway round the globe.

The final scenario is regulation. Europe has led the way with GDPR (see the recent thumping £500k fine on Dixons Carphone for not spotting the malicious software planted on more than 5,000 tills). It used to be assumed that the US would be slow to go down this route, but there have been baby steps in Vermont and Illinois, and January 2020 saw the introduction of the California Consumer Privacy Act, which marks a significant change in how west coast companies need to behave. Who will follow?’

Will having longer, healthier lives be worth losing the most basic kinds of privacy?

The Guardian 03.0.20

‘Fitbits and toilet sensors represent one aspect of the so-called Internet of Things. Aided by 5G technology, tens of billions of devices – cars, cookers, heating systems – will soon be connected. In theory, it will not be very hard to cross-reference, say, people’s alcohol consumption, exercise rates and friendship patterns – not to mention their medical records – and then either nudge or strongly push their lives in supposedly beneficial directions. The utilitarian arguments for doing so, bound up with managing health spending, advancing medical knowledge and maximising life expectancy, are obvious. But the ethical case against much of this seems equally clear. The only thing that can balance these two sets of imperatives is the state, and so far, most British politicians seem barely aware of this new set of issues, which demand new rules and laws.’

I freaked out when I saw what sites were telling Facebook about me

FAST COMPANY 29.01.20  

’That point was underlined on Tuesday, when Facebook launched a feature—first promised by CEO Mark Zuckerberg in the wake of the Cambridge Analytica scandal—called Off-Facebook Activity. Located in the service’s privacy settings, it lets you see all the websites and apps that reported data back to Facebook about your visits and activities. Looking at my summary page was an eye-opener.  A word of explanation: After quitting Facebook in November 2017, I (sort of) rejoined it just shy of four months ago under an assumed name. I use my new account only when my work as a reporter requires it. Even in that small space of time, 309 apps and websites dutifully reported my visits, purchases, and other actions back to Big Brother Facebook. Most of them reported data back more than once, many of them four or five times, and a few more than 50 times. That’s despite the fact that I’ve never clicked on any ads or added a single friend. They don’t care—it’s all automated.’

How to use Facebook’s ‘Off-Facebook Activity’ tool

TNW 29.01.20

On Facebook’s new guidelines: ‘The most in-depth option is “Manage Your Off-Facebook Activity.” From this page you’ll be able to see who’s shared stuff about you with Facebook. Gird your loins, however, because however many sites you think it is, I can almost guarantee you it’s more. My number came out to 686 websites and apps. I didn’t think I used that many combined in my entire internet life, but there you go.’ 

Should colleges really be putting smart speakers in dorms?

Technology Review 27.12.2019

’“We need a safe way to experiment with these technologies and understand the consequences of their use instead of just continuing a blind march towards surveillance for the purpose of profit-making,” Newman says. “These are sophisticated applications with lifelong consequences for the individuals who are analyzed by them, to ends as yet unknown. We all need to be really judicious and thoughtful here.”’

Inside Amazon’s plan for Alexa to run your entire life 

Technology Review 5.11.2019

‘From a consumer’s perspective, however, these changes also have critical privacy implications. Prasad’s vision effectively assumes Alexa will follow you everywhere, know a fair bit about what you’re up to at any given moment, and be the primary interface for how you coordinate your life. At a baseline, this requires hoovering up enormous amounts of intimate details about your life. Some worry that Amazon will ultimately go far beyond that baseline by using your data to advertise and market to you. “This is ultimately about monetizing the daily lives of individuals and groups of people,” says Jeffrey Chester, the executive director of the Center for Digital Democracy, a consumer privacy advocacy organization based in Washington, DC’.

Backdoored backup? Apple nixed iCloud encryption after FBI complained your data is a valuable resource

RT 22.01.20

Apple drops its iCloud encryption services:

‘Apple faces a thorny dilemma: it can allow Washington to cast it as the enemy in Barr’s low-budget encryption drama and negotiate away a few more civil liberties until the next time the FBI needs some good security theater – a route that will allow the trillion-dollar company to stay out of court and keep raking in the cash, until customers realize they’re getting Google-level privacy for Apple-level prices. Or the company can remind the FBI how much of the government’s functioning has been outsourced to Big Tech, remind the agency it actually needs Apple’s cooperation, and tell Barr to back off – an option that might require a few legal escapades, but will earn it the undying appreciation of its customers.’

U.S. Funds Program With Free Android Phones For The Poor — But With Permanent Chinese Malware

Forbes 09.01.20

Poor people are being sold malware-ridden phones:

‘But the case in the U.S. has another element in that low-income folk who have been endangered. The question worth asking is: Is privacy only for the rich?’

AMAZON EMPLOYEES WERE WATCHING RING FOOTAGE FOR FUN

Futurism 09.01.20

Amazon’s Ring employees snooping on customers for fun:

‘Ring confirmed at least four instances of employees being fired after accessing video footage beyond the scope of their work for the company in a November 29 letter obtained by Motherboard. The letter was a response to senators who were probing its privacy and cybersecurity protocols.’ 

Terrifying or nothing to fear? Apple admits to scanning user photos, presumably only to hunt child abuse

RT 01.01.20

Apple in crosshairs as they intend to scan photos to determine sexual abuse:

‘Apple has confirmed that it scans user images in an effort to detect evidence of child abuse, but the company has revealed little about how the scans work, piquing concerns about data privacy and the reach of intrusive tech firms.  While it’s unclear when the image scans started, Apple’s chief privacy officer Jane Horvath confirmed at an event in Las Vegas this week that the company is now “utilizing some technologies to help screen for child sexual abuse material.”  Apple initially suggested it might inspect images for abuse material last year – and only this week added a disclaimer to its website acknowledging the practice – but Horvath’s remarks come as the first confirmation the company has gone ahead with the scans.’

FACEBOOK ACCIDENTALLY LEAKS PHONE NUMBERS OF 419 MILLION USERS

Independent 05.09.19

‘A security researcher found 419 million records on an unsecured server, meaning no password was needed to access them.  A total of 18 million were from users in the UK, while around 133 million were from American accounts.’

Facebook’s latest data breach feeds a list of HUNDREDS OF MILLIONS of its privacy abuse victims

RT 05.09.20

Facebook’s Privacy breach:

'Zuckerberg may wax lyrical about privacy giving people “the freedom to be themselves” in damage-control blog posts, but in a motion to dismiss a class-action lawsuit, Facebook lawyer Orin Snyder seems to have revealed the uncomfortable reality: “There is no invasion of privacy at all, because there is no privacy.”’ 

What's Your Social Credit Score (video)

TruthStreamMedia 27.12.19

Brilliant video from TruthStreamMedia showing we are no less targeted through our choices than people are in China.

ONE NATION, TRACKED - AN INVESTIGATION INTO THE SMARTPHONE TRACKING INDUSTRY FROM TIMES OPINION

NYT 19.12.19

Unknown companies track your everyday movements through the smartphone:

‘The data reviewed by Times option didn’t come from a telecom or giant tech company, nor did it come from a governmental surveillance operation. It originated from a location data company, one of dozens quietly collecting precise movements using software slipped onto mobile phone apps. You’ve probably never heard of most of the companies — and yet to anyone who has access to this data, your life is an open book. They can see the places you go every moment of the day, whom you meet with or spend the night with, where you pray, whether you visit a methadone clinic, a psychiatrist’s office or a massage parlor.’

China moves towards ‘digital totalitarian state’ as surveillance technology continues to advance

Independent 18.12.19

Total surveillance dystopia in China:

‘The rollout has come at the expense of personal privacy. The Times found the authorities stored the personal data of millions of people on servers unprotected by even basic security measures. It also found private contractors and middlemen have wide access to personal data collected by the Chinese government.’

ALEXA SHOULD BE BANNED FROM THE BEDROOM, PRIVACY EXPERT SAYS

Independent 17.12.19

Alexa should be banned from the bedroom:

‘"There are people who are very senior in the tech world who will not have so much as a smartphone in their bedroom. If a company is offering you a device with an internet-connected microphone at a low price, you have to think about that very carefully.”  Amazon is not the only company that collects audio recordings from smart speakers, with Apple's HomePod also found to be sending voice data to employees for review.’

Silicon Valley Is Listening to Your Most Intimate Moments

Bloomberg 11.12.19

Snooping from Google, Amazon and Apple:

‘“Having microphones that listen all the time is concerning. We’ve found that users of these devices close their eyes and trust that companies are not going to do anything bad with their recorded data,” says Florian Schaub, a University of Michigan professor who studies human behavior around voice-command software. “There’s this creeping erosion of privacy that just keeps going and going. People don’t know how to protect themselves.”’

Project Nightingale: Google accesses trove of US patient data

BBC 12.11.19

Google gains access to hundreds of medical patients’ data:

‘However, Project Nightingale has already attracted criticism from those who argue that it takes away patients' control of their own data.  "There's a massive issue that these public-private partnerships are all done under private contracts, so it's quite difficult to get some transparency," said Prof Jane Kaye at the University of Oxford.  "Google is saying they don't link it to their other data but what they're doing all the time is refining their algorithms, refining what they do and giving them[selves] market advantage.”’

How Israeli spy tech reaches deep into our lives

MiddleEastEye 11.11.19

Israel stands out:

“If this dystopian future continues to unfold, New York, London, Berlin and Paris will increasingly look like Nablus, Hebron, East Jerusalem and Gaza. And we will all come to understand what it means to live inside a surveillance state engaged in cyber warfare against those it rules over.”

Crack down on genomic surveillance

NATURE 03.12.19

Article in Nature strongly condemns DNA biometric research:

‘When DNA information is against the law “In short, the scientific community in general — and publishers in particular — need to unequivocally affirm that the Declaration of Helsinki (a set of ethical principles regarding human experimentation, developed for the medical community) applies to all biometric identification research (see go.nature.com/34bypbf). Unethical work that has been published in this terrain must be retracted."‘ 

How US experts helped China build a DNA surveillance state

Technology Review 21.02.19

Tracing lineage in China with the help of American companies:

‘Scientists working with Chinese police have been using equipment from Thermo Fisher, a supplier of biotechnology tools in Massachusetts. They also shared genetic survey data with Kenneth Kidd, a geneticist at Yale University…  The genetic data was being used to be able to determine, from a blood sample, if someone had Uighur ancestry. Chinese scientists even filed a patent on the idea.’

Need medical help? Sorry, not until you sign away your privacy

Technology Review 23.10.18

Medical data gathering process in the US targeting the most vulnerable:

‘If you don’t want to hand over your information right away, or if you have concerns about the security of your doctor’s data-gathering efforts—you should be able to see the doctor anyway.’ 

Apple Is Going After The Healthcare Industry, Starting With Personal Health Data

CB Insights 08.01.19

Apple wants to know when you sleep, walk, brush your teeth:

‘Apple is blurring the line between wellness and healthcare, using its position in your pocket to connect the two. If it can crack the personal health record and patient data platform, it would empower patients to make decisions and give data access to whoever they choose. This is a very different paradigm for healthcare, where patients have increasingly more leverage, information, and agency in their decision making.’

These new rules were meant to protect our privacy. They don’t work

The Guardian 10.11.19

GDPR failed in tackling data:

“To do that, we will need to overhaul our approach. The GDPR protects data. To protect people, we need a bill of rights, one that protects our civil liberties in the age of AI.”

Inside Amazon’s plan for Alexa to run your entire life

Technology Review 05.11.19

Alexa moving into proactive searches by using layers and more data:

‘The crux of the plan is for the voice assistant to move from passive to proactive interactions. Rather than wait for and respond to requests, Alexa will anticipate what the user might want. The idea is to turn Alexa into an omnipresent companion that actively shapes and orchestrates your life. This will require Alexa to get to know you better than ever before…“This is what I believe the next few years will be about: reasoning and making it more personal, with more context,” says Prasad. “It’s like bringing everything together to make these massive decisions.”’

Could Privacy and Security Scandals Scuttle the IoT’s Many Benefits?

Technology Review 05.11.19

Snooping inside the home:

“But a radio system does not have the resolution for facial recognition. Identifying actions without recognizing faces does not raise the same privacy fears. “It can bring action recognition to people’s homes and allow for its integration in smart home systems,” say Li and co. That could be used to monitor an elderly person’s house and alert the appropriate services about a fall, for example. And it would do so without much risk to privacy.”

Activists are pressuring lawmakers to stop Amazon Ring’s police surveillance partnerships

Vox 08.10.19

Amazon Ring is facing lawsuits:

‘“With no oversight and accountability, Amazon’s technology creates a seamless and easily automated experience for police to request and access footage without a warrant, and then store it indefinitely,” they wrote. “In the absence of clear civil liberties and rights-protective policies to govern the technologies and the use of their data, once collected, stored footage can be used by law enforcement to conduct facial recognition searches, target protesters exercising their First Amendment rights, teenagers for minor drug possession, or shared with other agencies like ICE or the FBI.”’

'Alexa, are you invading my privacy?' – the dark side of our voice assistants

The Guardian 09.10.19

‘The wiretapping business of voice assistants The Gizmodo editor Adam Clark Estes was initially excited by the first major hardware innovation since Apple’s iPad four years earlier. The more he learned about the technology, however, the less he liked it. His own Echo would wake up unprompted. Recordings began showing up as evidence in court cases. The FBI refused to confirm or deny that it was using Alexa for surveillance purposes. “It became increasingly clear to me that the privacy watchdogs were right,” he says. “It is, at base, a wiretapping device.”’ 

Big Tech joins up with Big Brother to turn your private health data into $38bn ‘public treasure’

RT 21.01.10

Health data in the US open to all:

‘The US government has officially thrown its weight behind the rollout of FHIR, mandating in 2020 that all medical providers who receive government funding make patient data available through FHIR-compatible apps. This move cements an unspoken alliance between Big Tech and Big Brother that has repeatedly seen the former deployed to circumvent troublesome constitutional restrictions imposed on the latter. The government may not be able to violate Fourth Amendment provisions against unreasonable search and seizure, but if, say, the FBI wants access to a target’s health records, it no longer has to show up at their doctor’s office with a warrant – those records will be sitting in an unsecured corporate database on the cloud, if history is any guide. Unless the medical records industry seriously overhauls its idea of what constitutes information security, patient data will be fair game for everyone from the NSA to the lowliest basement-bound hacker.’

The biggest lie tech people tell themselves — and the rest of us

Vox 08.10.19

Technology is not a natural evolution:

‘As a reporter who covers technology and the future, I constantly hear variations of this line as technologists attempt to apply the theory Charles Darwin made famous in biology to their own work. I’m told that there is a progression of technology, a movement that is bigger than any individual inventor or CEO. They say they are simply caught in a tide, swept along in a current they cannot fight. They say it inevitably leads them to facial recognition (now even being deployed on children), smart speakers that record your intimate conversations, and doorbells that narc on your neighbors. They say we can’t blame these companies for the erosion of privacy or democracy or trust in public institutions — that was all going to happen sooner or later….  Technologists’ desire to make a parallel to evolution is flawed at its very foundation. Evolution is driven by random mutation — mistakes, not plans. (And while some inventions may indeed be the result of mishaps, the decision of a company to patent, produce, and market those inventions is not.) Evolution doesn’t have meetings about the market, the environment, the customer base. Evolution doesn’t patent things or do focus groups. Evolution doesn’t spend millions of dollars lobbying Congress to ensure that its plans go unfettered.’

CIA Chief: We'll Spy on You Through Your Dishwasher

WIRED 15.03.12

5G technology is ‘transformational’ for governments and military agencies; David Petraeus speaking at the IQT Summit 2012 had this to say:

“Transformational is an overused word, but I do believe it properly applies to these technologies, particularly to their effect on clandestine tradecraft.  Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification sensor networks, tiny embedded servers, and energy harvesters - all connected to the next-generation internet using abundant, low-cost, and high-power computing”.

US intelligence chief: we might use the internet of things to spy on you

The Guardian 09.02.16

James Clapper, the US Director of National Intelligence, admitted the following: 

“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials”.

Soon, satellites will be able to watch you everywhere all the time

Technology Review 26.06.19

Unfettered development of space satellite tech which has recently been approved for commercial use is also threatening privacy.  With synthetic aperture radar (radar sensing and hyperspectral images which capture electromagnetic wavelengths outside the visible spectrum), signals can bounce off a human on earth and go back to the satellite, which can then determine the height of the person/object down to the millimeter.   What was once the purview of governmental spy agencies, could now be used by anyone who pays for the service.  Peter Martinez, of the Secure World Foundation has this to say:  

“People’s movements, what kinds of shops do you go to, where do your kids go to school, what kind of religious institutions do you visit, what are your social patterns, all of these kinds of questions could in principle be interrogated, should someone be interested.”