Group items tagged

When AT&T and Time Warner announced their $85.4 billion deal in October, lawmakers greeted the acquisition frostily. Now their tone is changing.At a hearing on Capitol Hill on Wednesday that was being closely watched for how mega-mergers will be viewed in the coming Trump administration, members of a Senate Judiciary subcommittee that oversees regulatory agencies that decide on mergers said the deal merited tough scrutiny. The chief executives of AT&T and Time Warner were grilled at the hearing about a range of issues related to the deal.But in a change from previous comments, lawmakers also questioned whether traditional ways of evaluating mergers are growing outdated as Silicon Valley companies like Facebook and Google become massive media platforms that threaten the television industry. Their tone was more circumspect than those that immediately followed the deal’s announcement, when lawmakers had been more critical.

On the 21st floor of a high-rise hotel in Cleveland, in a room full of political operatives, Microsoft’s Research Division was advertising a technology that could read each facial expression in a massive crowd, analyze the emotions, and report back in real time. “You could use this at a Trump rally,” a sales representative told me. At both the Republican and Democratic conventions, Microsoft sponsored event spaces for the news outlet Politico. Politico, in turn, hosted a series of Microsoft-sponsored discussions about the use of data technology in political campaigns. And throughout Politico’s spaces in both Philadelphia and Cleveland, Microsoft advertised an array of products from “Microsoft Cognitive Services,” its artificial intelligence and cloud computing division. At one exhibit, titled “Realtime Crowd Insights,” a small camera scanned the room, while a monitor displayed the captured image. Every five seconds, a new image would appear with data annotated for each face — an assigned serial number, gender, estimated age, and any emotions detected in the facial expression. When I approached, the machine labeled me “b2ff” and correctly identified me as a 23-year-old male.

“Realtime Crowd Insights” is an Application Programming Interface (API), or a software tool that connects web applications to Microsoft’s cloud computing services. Through Microsoft’s emotional analysis API — a component of Realtime Crowd Insights — applications send an image to Microsoft’s servers. Microsoft’s servers then analyze the faces and return emotional profiles for each one. In a November blog post, Microsoft said that the emotional analysis could detect “anger, contempt, fear, disgust, happiness, neutral, sadness or surprise.” Microsoft’s sales representatives told me that political campaigns could use the technology to measure the emotional impact of different talking points — and political scientists could use it to study crowd response at rallies.

Facial recognition technology — the identification of faces by name — is already widely used in secret by law enforcement, sports stadiums, retail stores, and even churches, despite being of questionable legality. As early as 2002, facial recognition technology was used at the Super Bowl to cross-reference the 100,000 attendees to a database of the faces of known criminals. The technology is controversial enough that in 2013, Google tried to ban the use of facial recognition apps in its Google glass system. But “Realtime Crowd Insights” is not true facial recognition — it could not identify me by name, only as “b2ff.” It did, however, store enough data on each face that it could continuously identify it with the same serial number, even hours later. The display demonstrated that capability by distinguishing between the number of total faces it had seen, and the number of unique serial numbers. Photo: Alex Emmons

WASHINGTON (AP) -- The Obama administration has been quietly advising local police not to disclose details about surveillance technology they are using to sweep up basic cellphone data from entire neighborhoods, The Associated Press has learned. Citing security reasons, the U.S. has intervened in routine state public records cases and criminal trials regarding use of the technology. This has resulted in police departments withholding materials or heavily censoring documents in rare instances when they disclose any about the purchase and use of such powerful surveillance equipment. Federal involvement in local open records proceedings is unusual. It comes at a time when President Barack Obama has said he welcomes a debate on government surveillance and called for more transparency about spying in the wake of disclosures about classified federal surveillance programs.

One well-known type of this surveillance equipment is known as a Stingray, an innovative way for law enforcement to track cellphones used by suspects and gather evidence. The equipment tricks cellphones into identifying some of their owners' account information, like a unique subscriber number, and transmitting data to police as if it were a phone company's tower. That allows police to obtain cellphone information without having to ask for help from service providers, such as Verizon or AT&T, and can locate a phone without the user even making a call or sending a text message. But without more details about how the technology works and under what circumstances it's used, it's unclear whether the technology might violate a person's constitutional rights or whether it's a good investment of taxpayer dollars. Interviews, court records and public-records requests show the Obama administration is asking agencies to withhold common information about the equipment, such as how the technology is used and how to turn it on. That pushback has come in the form of FBI affidavits and consultation in local criminal cases.

"These extreme secrecy efforts are in relation to very controversial, local government surveillance practices using highly invasive technology," said Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union, which has fought for the release of these types of records. "If public participation means anything, people should have the facts about what the government is doing to them." Harris Corp., a key manufacturer of this equipment, built a secrecy element into its authorization agreement with the Federal Communications Commission in 2011. That authorization has an unusual requirement: that local law enforcement "coordinate with the FBI the acquisition and use of the equipment." Companies like Harris need FCC authorization in order to sell wireless equipment that could interfere with radio frequencies. A spokesman from Harris Corp. said the company will not discuss its products for the Defense Department and law enforcement agencies, although public filings showed government sales of communications systems such as the Stingray accounted for nearly one-third of its $5 billion in revenue. "As a government contractor, our solutions are regulated and their use is restricted," spokesman Jim Burke said.

The National Security Agency doesn’t think it’s relevant that its dragnet of American telephone data — information on who’s calling who, when, and for how long — was ruled illegal back in May. An American Civil Liberties Union lawsuit is asking the Second Circuit Court of Appeals, which reached that conclusion, to immediately enjoin the program. But the U.S. government responded on Monday evening, saying that Congressional passage of the USA Freedom Act trumped the earlier ruling. The Freedom Act ordered an end to the program — but with a six-month wind-down period.

The ACLU still maintains that even temporary revival is a blatant infringement on American’s legal rights. “We strongly disagree with the government’s claim that recent reform legislation was meant to give the NSA’s phone-records dragnet a new lease on life,” said Jameel Jaffer, the ACLU’s deputy legal director in a statement. “The appeals court should order the NSA to end this surveillance now.  It’s unlawful and it’s an entirely unnecessary intrusion into the privacy of millions of people.” On Monday, the Obama administration announced that at the same time the National Security Agency ends the dragnet, it will also stop perusing the vast archive of data collected by the program. Read the U.S. government brief responding to the ACLU below:

When the Senate Intelligence Committee passed the Cybersecurity Information Sharing Act by a vote of 14 to 1, committee chairman Senator Richard Burr argued that it successfully balanced security and privacy. Fifteen new amendments to the bill, he said, were designed to protect internet users’ personal information while enabling new ways for companies and federal agencies to coordinate responses to cyberattacks. But critics within the security and privacy communities still have two fundamental problems with the legislation: First, they say, the proposed cybersecurity act won’t actually boost security. And second, the “information sharing” it describes sounds more than ever like a backchannel for surveillance.

On Tuesday the bill’s authors released the full, updated text of the CISA legislation passed last week, and critics say the changes have done little to assuage their fears about wanton sharing of Americans’ private data. In fact, legal analysts say the changes actually widen the backdoor leading from private firms to intelligence agencies. “It’s a complete failure to strengthen the privacy protections of the bill,” says Robyn Greene, a policy lawyer for the Open Technology Institute, which joined a coalition of dozens of non-profits and cybersecurity experts criticizing the bill in an open letter earlier this month. “None of the [privacy-related] points we raised in our coalition letter to the committee was effectively addressed.” The central concern of that letter was how the same data sharing meant to bolster cybersecurity for companies and the government opens massive surveillance loopholes. The bill, as worded, lets a private company share with the Department of Homeland Security any information construed as a cybersecurity threat “notwithstanding any other provision of law.” That means CISA trumps privacy laws like the Electronic Communication Privacy Act of 1986 and the Privacy Act of 1974, which restrict eavesdropping and sharing of users’ communications. And once the DHS obtains the information, it would automatically be shared with the NSA, the Department of Defense (including Cyber Command), and the Office of the Director of National Intelligence.

In a statement posted to his website yesterday, Senator Burr wrote that “Information sharing is purely voluntary and companies can only share cyber-threat information and the government may only use shared data for cybersecurity purposes.” But in fact, the bill’s data sharing isn’t limited to cybersecurity “threat indicators”—warnings of incoming hacker attacks, which is the central data CISA is meant to disseminate among companies and three-letter agencies. OTI’s Greene says it also gives companies a mandate to share with the government any data related to imminent terrorist attacks, weapons of mass destruction, or even other information related to violent crimes like robbery and carjacking. 

Facebook expects to pay a fine of up to $5 billion in a settlement with federal regulators. The tech giant disclosed that figure in its first-quarter 2019 financial results. Facebook has been in negotiations with the Federal Trade Commission following concerns that the company violated a 2011 consent decree. Back then, company leaders promised to give consumers "clear and prominent notice" when sharing their data with others and to get "express consent."

But, experts say, Facebook broke its promise. Just one example: giving user data to Cambridge Analytica, the political consulting firm that did work for the 2016 Trump campaign. Facebook estimates the fine will be in the $3 billion to $5 billion range and has set aside $3 billion for payment. "The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome," the company's statement says.

Maine internet service providers will face the strictest consumer privacy protections in the nation under a bill signed Thursday by Gov. Janet Mills, but the new law will almost certainly be challenged in court. Several technology and communication trade groups warned in testimony before the Legislature that the measure may be in conflict with federal law and would likely be the subject of legal action.

The new law, which goes into effect on July 1, 2020, would require providers to ask for permission before they sell or share any of their customers’ data to a third party. The law would also apply to telecommunications companies that provide access to the internet via their cellular networks.

The law is modeled on a Federal Communications Commission rule, adopted under the administration of President Obama but overturned by the administration of President Trump in 2017. The rule blocked an ISP from selling a customer’s personal data, which is not prohibited under federal law.

The US Senate today voted to reverse the Federal Communications Commission's repeal of net neutrality rules, with all members of the Democratic caucus and three Republicans voting in favor of net neutrality. The Senate approved a Congressional Review Act (CRA) resolution that would simply undo the FCC's December 2017 vote to deregulate the broadband industry. If the CRA is approved by the House and signed by President Trump, Internet service providers would have to continue following rules that prohibit blocking, throttling, and paid prioritization.

Democrats face much longer odds in the House, where Republicans hold a 236-193 majority. Republicans have a slim majority in the Senate, but Sen. Susan Collins (R-Maine), Sen. John Kennedy (R-La.), and Sen. Lisa Murkowski (R-Alaska) broke ranks in order to support net neutrality and common carrier regulation of broadband providers. The vote was 52-47.

If one of the world’s leading smartphone makers, Huawei, turns away from Google’s Android operating system (OS), the US tech giant risks losing a huge number of users, Huawei’s CEO has warned. “[Huawei] will always be on the same line of interest, and if we don’t load Google’s system, Google will lose 700-800 million users in the future,” Ren Zhengfei said in an interview to CNBC.The Chinese telecommunications major was blacklisted last month by the Trump administration after Washington accused the company of spying for Beijing. Google, whose Android OS is used in many of Huawei’s phones, was among the American tech companies prohibited from dealing with Huawei.

Huawei said earlier that it is working on its own mobile operating system called Hongmeng and has already filed a trademark. In his interview, the CEO stressed that Hongmeng will allow the company to protect its growth if it is forced to replace Android, which Huawei does not want to do.

The Federal Communications Commission (FCC) under President Donald Trump on Thursday afternoon voted to begin slashing regulations protecting a free and open internet. The decision (pdf) ran along party lines, with the FCC’s two Republican members voting to dismantle net neutrality. Mignon Clyburn, the Commission’s Democratic member, was the sole dissenting vote. “While the majority engages in flowery rhetoric about light-touch regulation and so on, the endgame appears to be no-touch regulation and a wholesale destruction of the FCC’s public interest authority in the 21st century,” Clyburn wrote in her dissent, according to The Hill.

The White House and U.S. intelligence chiefs Wednesday backed making permanent a law that allows for the collection of digital communications of foreigners overseas, escalating a fight in Congress over privacy and security. The law, enshrined in Section 702 of the Foreign Intelligence Surveillance Act, is due to expire on December 31 unless Congress votes to reauthorize it, but is considered vital by U.S. intelligence agencies. Privacy advocates have criticized the law though for allowing the incidental collection of data belonging to millions of Americans without a search warrant. The push to make the law permanent may lead to a contentious debate over renewal of Section 702 in Congress, where lawmakers in both parties are deeply divided over whether to adopt transparency and oversight reforms

Reuters reported in March that the Trump administration supported renewal of Section 702 without any changes, citing an unnamed White House official, but it was not clear at the time whether it wanted the law made permanent.

The elusive Shadow Brokers didn't have much luck selling the NSA's hacking tools, so they're giving more of the software away -- to everyone. In a Medium post, the mysterious team supplied the password for an encrypted file containing many of the Equation Group surveillance tools swiped back in 2016. Supposedly, the group posted the content in "protest" at President Trump turning his back on the people who voted for him. The leaked data appears to check out, according to researchers, but some of it is a couple of decades old and focused on platforms like Linux. If anything, the leak might backfire. Edward Snowden notes that while the leak is "nowhere near" representing the NSA's complete tool set, there's enough that the NSA should "instantly identify" where and how the kit leaked. This doesn't mean the Shadow Brokers themselves are about to face capture. However, this may give the agency info it needs to both connect the dots (how much of a role did NSA contractor Harold Thomas Martin III play in the online leak, for instance?) and prevent a repeat incident.Does this open a can of worms? It's hard to say -- researchers are still combing over the data. If there are any hacks that can be made useful, though, this could be problematic for server operators worried about cybercrime. If nothing else, it shows that the Shadow Brokers didn't reveal their full hand.