Group items tagged

The digital privacy world was rocked late Thursday evening when The New York Times reported on Securus, a prison telecom company that has a service enabling law enforcement officers to locate most American cell phones within seconds. The company does this via a basic Web interface leveraging a location API—creating a way to effectively access a massive real-time database of cell-site records. Securus’ location ability relies on other data brokers and location aggregators that obtain that information directly from mobile providers, usually for the purposes of providing some commercial service like an opt-in product discount triggered by being near a certain location. ("You’re near a Carl’s Jr.! Stop in now for a free order of fries with purchase!") The Texas-based Securus reportedly gets its data from 3CInteractive, which in turn buys data from LocationSmart. Ars reached 3CInteractive's general counsel, Scott Elk, who referred us to a spokesperson. The spokesperson did not immediately respond to our query. But currently, anyone can get a sense of the power of a location API by trying out a demo from LocationSmart itself. Currently, the Supreme Court is set to rule on the case of Carpenter v. United States, which asks whether police can obtain more than 120 days' worth of cell-site location information of a criminal suspect without a warrant. In that case, as is common in many investigations, law enforcement presented a cell provider with a court order to obtain such historical data. But the ability to obtain real-time location data that Securus reportedly offers skips that entire process, and it's potentially far more invasive. Securus’ location service as used by law enforcement is also currently being scrutinized. The service is at the heart of an ongoing federal prosecution of a former Missouri sheriff’s deputy who allegedly used it at least 11 times against a judge and other law enforcement officers. On Friday, Sen. Ron Wyden (D-Ore.) publicly released his formal letters to AT&T and also to the Federal Communications Commission demanding detailed answers regarding these Securus revelations.

If one of the world’s leading smartphone makers, Huawei, turns away from Google’s Android operating system (OS), the US tech giant risks losing a huge number of users, Huawei’s CEO has warned. “[Huawei] will always be on the same line of interest, and if we don’t load Google’s system, Google will lose 700-800 million users in the future,” Ren Zhengfei said in an interview to CNBC.The Chinese telecommunications major was blacklisted last month by the Trump administration after Washington accused the company of spying for Beijing. Google, whose Android OS is used in many of Huawei’s phones, was among the American tech companies prohibited from dealing with Huawei.

Huawei said earlier that it is working on its own mobile operating system called Hongmeng and has already filed a trademark. In his interview, the CEO stressed that Hongmeng will allow the company to protect its growth if it is forced to replace Android, which Huawei does not want to do.

On a mysterious farm just above the Pacific Ocean, the group who built the internet is inviting a small number of friends to a semi-secret gathering. They describe it as a camp "where diverse people can freely exchange ideas about the technologies, laws, markets, and agreements we need to move forward.” Forward indeed.It wasn’t that long ago that the internet was an open network of computers, blogs, sites, and posts.But then something happened -- and the open web was taken over by private, for-profit, closed networks. Facebook isn’t the web. YouTube isn’t the web. Google isn’t the web. They’re for-profit businesses that are looking to sell audiences to advertisers.Brewster Kahle is one of the early web innovators who built the Internet Archive as a public storehouse to protect the web’s history. Along with web luminaries such as Sir Tim Berners-Lee and Vint Cerf, he is working to protect and rebuild the open nature of the web.advertisementadvertisement“We demonstrated that the web had failed instead of served humanity, as it was supposed to have done,” Berners-Lee told Vanity Fair. The web has “ended up producing -- [through] no deliberate action of the people who designed the platform -- a large-scale emergent phenomenon which is anti-human.”

o, they’re out to fix it, working on what they call the Dweb. The “d” in Dweb stands for distributed. In distributed systems, no one entity has control over the participation of any other entity.Berners-Lee is building a platform called Solid, designed to give people control over their own data. Other global projects also have the goal of taking take back the public web. Mastodon is decentralized Twitter. Peertube is a decentralized alternative to YouTube.This July 18 - 21, web activists plan to convene at the Decentralized Web Summit in San Francisco. Back in 2016, Kahle convened an early group of builders, archivists, policymaker, and journalists. He issued a challenge to  use decentralized technologies to “Lock the Web Open.” It’s hard to imagine he knew then how quickly the web would become a closed network.Last year's Dweb gathering convened more than 900 developers, activists, artists, researchers, lawyers, and students. Kahle opened the gathering by reminding attendees that the web used to be a place where everyone could play. "Today, I no longer feel like a player, I feel like I’m being played. Let’s build a decentralized web, let’s build a system we can depend on, a system that doesn’t feel creepy” he said, according to IEEE Spectrum.With the rising tide of concerns about how social networks have hacked our democracy, Kahle and his Dweb community will gather with increasing urgency around their mission.The internet began with an idealist mission to connect people and information for good. Today's web has yet to achieve that goal, but just maybe Dweb will build an internet more robust and open than the current infrastructure allows. That’s a mission worth fighting for.

Attorney General William Barr asks Facebook CEO Mark Zuckerberg to hold off on his plans to encrypt the company’s three messaging services until officials can determine it will not reduce public safety in a letter dated Oct. 4.Barr’s request is backed by officials in the U.K. and Australia. BuzzFeed News first reported the story after obtaining a draft of the open letter on Thursday. The letter, which the DOJ sent to CNBC Thursday, builds on concerns about Facebook’s plans to integrate and encrypt its messaging services across Messenger, Instagram and WhatsApp. A New York Times investigation published Saturday found that encrypted technology helps predators share child pornography online in a way that makes it much harder for law enforcement to track down.

After NBC News on Wednesday published a trove of leaked documents that show how Facebook "treated user data as a bargaining chip with external app developers," White House hopeful Sen. Bernie Sanders declared that it is time "to break Facebook up."

When British investigative journalist Duncan Campbell first shared the trove of documents with a handful of media outlets including NBC News in April, journalists Olivia Solon and Cyrus Farivar reported that "Facebook CEO Mark Zuckerberg oversaw plans to consolidate the social network's power and control competitors by treating its users' data as a bargaining chip, while publicly proclaiming to be protecting that data." With the publication Wednesday of nearly 7,000 pages of records—which include internal Facebook emails, web chats, notes, presentations, and spreadsheets—journalists and the public can now have a closer look at exactly how the company was using the vast amount of data it collects when it came to bargaining with third parties.

The document dump comes as Facebook and Zuckerberg are facing widespread criticism over the company's political advertising policy, which allows candidates for elected office to lie in the ads they pay to circulate on the platform. It also comes as 47 state attorneys general, led by Letitia James of New York, are investigating the social media giant for antitrust violations.

Google ultimately caved to Russia’s Federal Antimonopoly Service, agreeing to pay $7.8 million (438 million rubles) for violating antitrust laws. The corporate Colossus will also pay two other fines totaling an additional $18,000 (1 million rubles) for failing to comply with past orders issued by state regulators. Last year Google caved to similar demands by the European Union.

In August 2016 Russia’s Federal Antimonopoly Service responded to a complaint by Russian search engine operator Yandex and fined the U.S.-based Google 438 million rubles for abusing its dominant market position to force manufacturers to make Google applications the default services on devices using Android. Regulators set the fine at 9 percent of Google’s reported profits on the Russian market in 2014, plus inflation. Similar to the case against the European Union Google challenged the penalty in several appellate courts before finally agreeing this week to meet the government’s demands. The corporation also agreed to stop requiring manufacturers to install Google services as the default applications on Android-powered devices. The agreement is valid for six years and nine months, Russia’s Antimonopoly Service reported. Last year Google, after a protracted battle, caved to similar antitrust regulations by the European Union, but the internet giant has also come under fire elsewhere. In 2015 Australian treasurer Joe Hockey implied Google in his list of corporate tax thieves. In January 2016 British lawmakers decided to fry Google over tax evasion. Google and taxes were compared to the Bermuda Triangle. One year ago the dispute between the European Union’s competition watchdog and Google, culminated in the European Commission formally charging Google with abusing the dominant position of its Android mobile phone operating system, having launched an investigation in April 2015.

The elusive Shadow Brokers didn't have much luck selling the NSA's hacking tools, so they're giving more of the software away -- to everyone. In a Medium post, the mysterious team supplied the password for an encrypted file containing many of the Equation Group surveillance tools swiped back in 2016. Supposedly, the group posted the content in "protest" at President Trump turning his back on the people who voted for him. The leaked data appears to check out, according to researchers, but some of it is a couple of decades old and focused on platforms like Linux. If anything, the leak might backfire. Edward Snowden notes that while the leak is "nowhere near" representing the NSA's complete tool set, there's enough that the NSA should "instantly identify" where and how the kit leaked. This doesn't mean the Shadow Brokers themselves are about to face capture. However, this may give the agency info it needs to both connect the dots (how much of a role did NSA contractor Harold Thomas Martin III play in the online leak, for instance?) and prevent a repeat incident.Does this open a can of worms? It's hard to say -- researchers are still combing over the data. If there are any hacks that can be made useful, though, this could be problematic for server operators worried about cybercrime. If nothing else, it shows that the Shadow Brokers didn't reveal their full hand.

India is the world’s largest democracy and is home to 13.5 percent of the world’s internet users. So the Indian Supreme Court’s August ruling that privacy is a fundamental, constitutional right for all of the country’s 1.32 billion citizens was momentous. But now, close to three months later, it’s still unclear exactly how the decision will be implemented. Will it change everything for internet users? Or will the status quo remain? The most immediate consequence of the ruling is that tech companies such as Facebook, Twitter, Google, and Alibaba will be required to rein in their collection, utilization, and sharing of Indian user data. But the changes could go well beyond technology. If implemented properly, the decision could affect national politics, business, free speech, and society. It could encourage the country to continue to make large strides toward increased corporate and governmental transparency, stronger consumer confidence, and the establishment and growth of the Indian “individual” as opposed to the Indian collective identity. But that’s a pretty big if. Advertisement The privacy debate in India was in many ways sparked by a controversy that has shaken up the landscape of national politics for several months. It began in 2016 as a debate around a social security program that requires participating citizens to obtain biometric, or Aadhaar, cards. Each card has a unique 12-digit number and records an individual’s fingerprints and irises in order to confirm his or her identity. The program was devised to increase the ease with which citizens could receive social benefits and avoid instances of fraud. Over time, Aadhaar cards have become mandatory for integral tasks such as opening bank accounts, buying and selling property, and filing tax returns, much to the chagrin of citizens who are uncomfortable about handing over their personal data. Before the ruling, India had weak privacy protections in place, enabling unchecked data collection on citizens by private companies and the government. Over the past year, a number of large-scale data leaks and breaches that have impacted major Indian corporations, as well as the Aadhaar program itself, have prompted users to start asking questions about the security and uses of their personal data.

n order to bolster the ruling the government will also be introducing a set of data protection laws that are to be developed by a committee led by retired Supreme Court judge B.N. Srikrishna. The committee will study the data protection landscape, develop a draft Data Protection Bill, and identify how, and whether, the Aadhaar Act should be amended based on the privacy ruling.

Should the data protection laws be implemented in an enforceable manner, the ruling will significantly impact the business landscape in India. Since the election of Prime Minister Narendra Modi in May 2014, the government has made fostering and expanding the technology and startup sector a top priority. The startup scene has grown, giving rise to several promising e-commerce companies, but in 2014, only 12 percent of India’s internet users were online consumers. If the new data protection laws are truly impactful, companies will have to accept responsibility for collecting, utilizing, and protecting user data safely and fairly. Users would also have a stronger form of redress when their newly recognized rights are violated, which could transform how they engage with technology. This has the potential to not only increase consumer confidence but revitalize the Indian business sector, as it makes it more amenable and friendly to outside investors, users, and collaborators.

As Silicon Valley censorship radically escalated over the past several months — banning pre-election reporting by The New York Post about the Biden family, denouncing and deleting multiple posts from the U.S. President and then terminating his access altogether, mass-removal of right-wing accounts — so many people migrated to Parler that it was catapulted to the number one spot on the list of most-downloaded apps on the Apple Play Store, the sole and exclusive means which iPhone users have to download apps. “Overall, the app was the 10th most downloaded social media app in 2020 with 8.1 million new installs,” reported TechCrunch.It looked as if Parler had proven critics of Silicon Valley monopolistic power wrong. Their success showed that it was possible after all to create a new social media platform to compete with Facebook, Instagram and Twitter. And they did so by doing exactly what Silicon Valley defenders long insisted should be done: if you don’t like the rules imposed by tech giants, go create your own platform with different rules.

But today, if you want to download, sign up for, or use Parler, you will be unable to do so. That is because three Silicon Valley monopolies — Amazon, Google and Apple — abruptly united to remove Parler from the internet, exactly at the moment when it became the most-downloaded app in the country. If one were looking for evidence to demonstrate that these tech behemoths are, in fact, monopolies that engage in anti-competitive behavior in violation of antitrust laws, and will obliterate any attempt to compete with them in the marketplace, it would be difficult to imagine anything more compelling than how they just used their unconstrained power to utterly destroy a rising competitor.

An analysis of public comments on the FCC's plan to repeal net neutrality rules found that 2 million of them were filed using stolen identities. That's according to New York Attorney General Eric Schneiderman. "Millions of fake comments have corrupted the FCC public process—including two million that stole the identities of real people, a crime under New York law," Schneiderman said in an announcement today. "Yet the FCC is moving full steam ahead with a vote based on this corrupted process, while refusing to cooperate with an investigation."

Some comments were submitted under the names of dead people. "My LATE husband's name was fraudulently used after a valiant battle with cancer," one person told the AG's office. "This unlawful act adds to my pain that someone would violate his good name." Schneiderman set up a website where people can search the FCC comments for their names to determine if they've been impersonated. So far, "over 5,000 people have filed reports with the Attorney General's office regarding identities used to submit fake comments," the AG's announcement said.

While the 5,000 reports provide anecdotal evidence, the AG's office performed an analysis of the 23 million public comments in order to figure out how many were submitted under falsely assumed identities. Many comments for and against net neutrality rules are identical because advocacy groups urged people to sign form letters, so the text of a comment alone isn't enough to determine if it was submitted by a real person. The AG's office thus examined comment text along with other factors, such as whether names matched lists of stolen identities from known data breaches. Schneiderman's office also told Ars that it looked into whether or not the submission of comments was in alphabetical order, one after another, in short time periods. In general, analysis of formatting and metadata played a role in the analysis. The number of comments believed to be fake has grown as the A.G.'s investigation continues, and it isn't done yet. Schneiderman's office is still analyzing the public comments. We asked Schneiderman's office how many of the fake comments supported net neutrality rules, and how many opposed them, but were told that the information was not available. While fake comments used names and addresses of people from across the nation, more than "100,000 comments per state" came "from New York, Florida, Texas, and California," Schneiderman's announcement said.