Group items tagged

Trump himself kept demanding to know where he was, and even retweeted a tweet purportedly outing the whistleblower’s name.Trump and his allies did this despite warnings from experts that such acts could discourage future whistleblowers from revealing wrongdoing. Indeed, they probably saw those warnings as a good reason to keep up the attacks.

The author of this email has now been charged by federal prosecutors with making a death threat, Politico’s Natasha Bertrand reports. This came after Trump tweeted about the whistleblower many, many times, after Trump suggested the whistleblower should be executed and after Trump ripped into the whistleblower’s lawyer at a rally.

it adds an additional layer of depravity to the whole affair that the whistleblower’s complaint has been utterly irrelevant to Trump’s legal travails for months. The only conceivable reasons for doing this are to discourage future whistleblowers from exposing wrongdoing and to extract naked revenge against the whistleblower for daring to expose Trump’s corruption in the first place.

The larger context here is that Trump has already continued such attacks even when warned that they could have dire consequences. When reporters have personally appealed to Trump’s humanity by telling him they fear his attacks on the media could result in them getting harmed, he has basically shrugged.

even after a man was arrested for allegedly threatening mass murder against journalists while repeating Trump’s “enemy of the people” language about the media, Trump kept using the same language.

Trump recognizes zero obligation of any kind to temper his rhetoric or conduct, even when — or especially when — he learns it could have the severest of consequences.

The company’s chief executive was briefly fired after the nonprofit board lost trust in him.

OpenAI has spent the last year mired in scandal

Whistle-blowers alleged to the Securities and Exchange Commission that OpenAI’s nondisclosure agreements were illegal.

Safety researchers have left the company in droves

Now the firm is restructuring its core business as a for-profit, seemingly prompting the departure of more key leaders

On Friday, The Wall Street Journal reported that OpenAI rushed testing of a major model in May, attempting to undercut a rival’s publicity; after the release, employees found out the model exceeded the company’s standards for safety. (The company told The Journal the findings were the result of a methodological flaw.)

This behavior would be concerning in any industry, but according to OpenAI itself, A.I. poses unique risks. The leaders of the top A.I. firms and leading A.I. researchers have warned that the technology could lead to human extinction.

Since more comprehensive national A.I. regulations aren’t coming anytime soon, we need a narrow federal law allowing employees to disclose information to Congress if they reasonably believe that an A.I. model poses a significant safety risk

But McKinsey did not hold the majority of employees’ compensation hostage in exchange for signing lifetime nondisparagement agreements, as OpenAI did.

People reporting violations of the Atomic Energy Act have more robust whistle-blower protections than those in most fields, while those working in biological toxins for several government departments are protected by proactive, pro-reporting guidance. A.I. workers need similar rules.

Many companies maintain a culture of secrecy beyond what is healthy. I once worked at the consulting firm McKinsey on a team that advised Immigration and Customs Enforcement on implementing Donald Trump’s inhumane immigration policies. I was fearful of going public

Congress should establish a special inspector general to serve as a point of contact for these whistle-blowers. The law should mandate companies to notify staff about the channels available to them, which they can use without facing retaliation.

Earlier this month, OpenAI released a highly advanced new model. For the first time, experts concluded the model could aid in the construction of a bioweapon more effectively than internet research alone could. A third party hired by the company found that the new system demonstrated evidence of “power seeking” and “the basic capabilities needed to do simple in-context scheming

penAI decided to publish these results, but the company still chooses what information to share. It is possible the published information paints an incomplete picture of the model’s risks.

The A.I. safety researcher Todor Markov — who recently left OpenAI after nearly six years with the firm — suggested one hypothetical scenario. An A.I. company promises to test its models for dangerous capabilities, then cherry-picks results to make the model look safe. A concerned employee wants to notify someone, but doesn’t know who — and can’t point to a specific law being broken. The new model is released, and a terrorist uses it to construct a novel bioweapon. Multiple former OpenAI employees told me this scenario is plausible.

The United States’ current arrangement of managing A.I. risks through voluntary commitments places enormous trust in the companies developing this potentially dangerous technology. Unfortunately, the industry in general — and OpenAI in particular — has shown itself to be unworthy of that trust, time and again.

The fate of the first attempt to protect A.I. whistle-blowers rests with Governor Gavin Newsom of California. Mr. Newsom has hinted that he will veto a first-of-its-kind A.I. safety bill, called S.B. 1047, which mandates that the largest A.I. companies implement safeguards to prevent catastrophes, features whistle-blower protections, a rare point of agreement between the bill’s supporters and its critics

if those legislators are serious in their support for these protections, they should introduce a federal A.I. whistle-blower protection bill. They are well positioned to do so: The letter’s organizer, Representative Zoe Lofgren, is the ranking Democrat on the House Committee on Science, Space and Technology.

Last month, a group of leading A.I. experts warned that as the technology rapidly progresses, “we face growing risks that A.I. could be misused to attack critical infrastructure, develop dangerous weapons or cause other forms of catastrophic harm.” These risks aren’t necessarily criminal, but they are real — and they could prove deadly. If that happens, employees at OpenAI and other companies will be the first to know. But will they tell us?

"What set the successful appointee apart from the other candidates was that the appointee — unlike the others — had volunteered and was part of the DOJ litigation team defending a controversial Trump administration policy," according to their letter.

"Mr. Clark's last-minute politicization of the DOJ hiring process and issuance of policy memoranda — capped by his willingness to participate in what was close to an attempted coup d'état — demands immediate, close and transparent oversight and investigations."

“Security and privacy have long been top companywide priorities at Twitter,” said Twitter spokeswoman Rebecca Hahn. She said that Zatko’s allegations appeared to be “riddled with inaccuracies” and that Zatko “now appears to be opportunistically seeking to inflict harm on Twitter, its customers, and its shareholders.” Hahn said that Twitter fired Zatko after 15 months “for poor performance and leadership.” Attorneys for Zatko confirmed he was fired but denied it was for performance or leadership.

the whistleblower document alleges the company prioritized user growth over reducing spam, though unwanted content made the user experience worse. Executives stood to win individual bonuses of as much as $10 million tied to increases in daily users, the complaint asserts, and nothing explicitly for cutting spam.

Chief executive Parag Agrawal was “lying” when he tweeted in May that the company was “strongly incentivized to detect and remove as much spam as we possibly can,” the complaint alleges.

Zatko described his decision to go public as an extension of his previous work exposing flaws in specific pieces of software and broader systemic failings in cybersecurity. He was hired at Twitter by former CEO Jack Dorsey in late 2020 after a major hack of the company’s systems.

“I felt ethically bound. This is not a light step to take,” said Zatko, who was fired by Agrawal in January. He declined to discuss what happened at Twitter, except to stand by the formal complaint. Under SEC whistleblower rules, he is entitled to legal protection against retaliation, as well as potential monetary rewards.

A person familiar with Zatko’s tenure said the company investigated Zatko’s security claims during his time there and concluded they were sensationalistic and without merit. Four people familiar with Twitter’s efforts to fight spam said the company deploys extensive manual and automated tools to both measure the extent of spam across the service and reduce it.

In 1998, Zatko had testified to Congress that the internet was so fragile that he and others could take it down with a half-hour of concentrated effort. He later served as the head of cyber grants at the Defense Advanced Research Projects Agency, the Pentagon innovation unit that had backed the internet’s invention.

Overall, Zatko wrote in a February analysis for the company attached as an exhibit to the SEC complaint, “Twitter is grossly negligent in several areas of information security. If these problems are not corrected, regulators, media and users of the platform will be shocked when they inevitably learn about Twitter’s severe lack of security basics.”

Zatko’s complaint says strong security should have been much more important to Twitter, which holds vast amounts of sensitive personal data about users. Twitter has the email addresses and phone numbers of many public figures, as well as dissidents who communicate over the service at great personal risk.

This month, an ex-Twitter employee was convicted of using his position at the company to spy on Saudi dissidents and government critics, passing their information to a close aide of Crown Prince Mohammed bin Salman in exchange for cash and gifts.

Zatko’s complaint says he believed the Indian government had forced Twitter to put one of its agents on the payroll, with access to user data at a time of intense protests in the country. The complaint said supporting information for that claim has gone to the National Security Division of the Justice Department and the Senate Select Committee on Intelligence. Another person familiar with the matter agreed that the employee was probably an agent.

“Take a tech platform that collects massive amounts of user data, combine it with what appears to be an incredibly weak security infrastructure and infuse it with foreign state actors with an agenda, and you’ve got a recipe for disaster,” Charles E. Grassley (R-Iowa), the top Republican on the Senate Judiciary Committee,

Many government leaders and other trusted voices use Twitter to spread important messages quickly, so a hijacked account could drive panic or violence. In 2013, a captured Associated Press handle falsely tweeted about explosions at the White House, sending the Dow Jones industrial average briefly plunging more than 140 points.

After a teenager managed to hijack the verified accounts of Obama, then-candidate Joe Biden, Musk and others in 2020, Twitter’s chief executive at the time, Jack Dorsey, asked Zatko to join him, saying that he could help the world by fixing Twitter’s security and improving the public conversation, Zatko asserts in the complaint.

The complaint — filed last month with the Securities and Exchange Commission and the Department of Justice, as well as the FTC — says thousands of employees still had wide-ranging and poorly tracked internal access to core company software, a situation that for years had led to embarrassing hacks, including the commandeering of accounts held by such high-profile users as Elon Musk and former presidents Barack Obama and Donald Trump.

But at Twitter Zatko encountered problems more widespread than he realized and leadership that didn’t act on his concerns, according to the complaint.

Twitter’s difficulties with weak security stretches back more than a decade before Zatko’s arrival at the company in November 2020. In a pair of 2009 incidents, hackers gained administrative control of the social network, allowing them to reset passwords and access user data. In the first, beginning around January of that year, hackers sent tweets from the accounts of high-profile users, including Fox News and Obama.

Several months later, a hacker was able to guess an employee’s administrative password after gaining access to similar passwords in their personal email account. That hacker was able to reset at least one user’s password and obtain private information about any Twitter user.

Twitter continued to suffer high-profile hacks and security violations, including in 2017, when a contract worker briefly took over Trump’s account, and in the 2020 hack, in which a Florida teen tricked Twitter employees and won access to verified accounts. Twitter then said it put additional safeguards in place.

This year, the Justice Department accused Twitter of asking users for their phone numbers in the name of increased security, then using the numbers for marketing. Twitter agreed to pay a $150 million fine for allegedly breaking the 2011 order, which barred the company from making misrepresentations about the security of personal data.

After Zatko joined the company, he found it had made little progress since the 2011 settlement, the complaint says. The complaint alleges that he was able to reduce the backlog of safety cases, including harassment and threats, from 1 million to 200,000, add staff and push to measure results.

But Zatko saw major gaps in what the company was doing to satisfy its obligations to the FTC, according to the complaint. In Zatko’s interpretation, according to the complaint, the 2011 order required Twitter to implement a Software Development Life Cycle program, a standard process for making sure new code is free of dangerous bugs. The complaint alleges that other employees had been telling the board and the FTC that they were making progress in rolling out that program to Twitter’s systems. But Zatko alleges that he discovered that it had been sent to only a tenth of the company’s projects, and even then treated as optional.

“If all of that is true, I don’t think there’s any doubt that there are order violations,” Vladeck, who is now a Georgetown Law professor, said in an interview. “It is possible that the kinds of problems that Twitter faced eleven years ago are still running through the company.”

“Agrawal’s Tweets and Twitter’s previous blog posts misleadingly imply that Twitter employs proactive, sophisticated systems to measure and block spam bots,” the complaint says. “The reality: mostly outdated, unmonitored, simple scripts plus overworked, inefficient, understaffed, and reactive human teams.”

One current and one former employee recalled that incident, when failures at two Twitter data centers drove concerns that the service could have collapsed for an extended period. “I wondered if the company would exist in a few days,” one of them said.

The current and former employees also agreed with the complaint’s assertion that past reports to various privacy regulators were “misleading at best.”

For example, they said the company implied that it had destroyed all data on users who asked, but the material had spread so widely inside Twitter’s networks, it was impossible to know for sure

As the head of security, Zatko says he also was in charge of a division that investigated users’ complaints about accounts, which meant that he oversaw the removal of some bots, according to the complaint. Spam bots — computer programs that tweet automatically — have long vexed Twitter. Unlike its social media counterparts, Twitter allows users to program bots to be used on its service: For example, the Twitter account @big_ben_clock is programmed to tweet “Bong Bong Bong” every hour in time with Big Ben in London. Twitter also allows people to create accounts without using their real identities, making it harder for the company to distinguish between authentic, duplicate and automated accounts.

In the complaint, Zatko alleges he could not get a straight answer when he sought what he viewed as an important data point: the prevalence of spam and bots across all of Twitter, not just among monetizable users.

Zatko cites a “sensitive source” who said Twitter was afraid to determine that number because it “would harm the image and valuation of the company.” He says the company’s tools for detecting spam are far less robust than implied in various statements.

The complaint also alleges that Zatko warned the board early in his tenure that overlapping outages in the company’s data centers could leave it unable to correctly restart its servers. That could have left the service down for months, or even have caused all of its data to be lost. That came close to happening in 2021, when an “impending catastrophic” crisis threatened the platform’s survival before engineers were able to save the day, the complaint says, without providing further details.

The four people familiar with Twitter’s spam and bot efforts said the engineering and integrity teams run software that samples thousands of tweets per day, and 100 accounts are sampled manually.

Some employees charged with executing the fight agreed that they had been short of staff. One said top executives showed “apathy” toward the issue.

Zatko’s complaint likewise depicts leadership dysfunction, starting with the CEO. Dorsey was largely absent during the pandemic, which made it hard for Zatko to get rulings on who should be in charge of what in areas of overlap and easier for rival executives to avoid collaborating, three current and former employees said.

For example, Zatko would encounter disinformation as part of his mandate to handle complaints, according to the complaint. To that end, he commissioned an outside report that found one of the disinformation teams had unfilled positions, yawning language deficiencies, and a lack of technical tools or the engineers to craft them. The authors said Twitter had no effective means of dealing with consistent spreaders of falsehoods.

Dorsey made little effort to integrate Zatko at the company, according to the three employees as well as two others familiar with the process who spoke on the condition of anonymity to describe sensitive dynamics. In 12 months, Zatko could manage only six one-on-one calls, all less than 30 minutes, with his direct boss Dorsey, who also served as CEO of payments company Square, now known as Block, according to the complaint. Zatko allegedly did almost all of the talking, and Dorsey said perhaps 50 words in the entire year to him. “A couple dozen text messages” rounded out their electronic communication, the complaint alleges.

Faced with such inertia, Zatko asserts that he was unable to solve some of the most serious issues, according to the complaint.

Some 30 percent of company laptops blocked automatic software updates carrying security fixes, and thousands of laptops had complete copies of Twitter’s source code, making them a rich target for hackers, it alleges.

A successful hacker takeover of one of those machines would have been able to sabotage the product with relative ease, because the engineers pushed out changes without being forced to test them first in a simulated environment, current and former employees said.

“It’s near-incredible that for something of that scale there would not be a development test environment separate from production and there would not be a more controlled source-code management process,” said Tony Sager, former chief operating officer at the cyberdefense wing of the National Security Agency, the Information Assurance divisio

Sager is currently senior vice president at the nonprofit Center for Internet Security, where he leads a consensus effort to establish best security practices.

The complaint says that about half of Twitter’s roughly 7,000 full-time employees had wide access to the company’s internal software and that access was not closely monitored, giving them the ability to tap into sensitive data and alter how the service worked. Three current and former employees agreed that these were issues.

“A best practice is that you should only be authorized to see and access what you need to do your job, and nothing else,” said former U.S. chief information security officer Gregory Touhill. “If half the company has access to and can make configuration changes to the production environment, that exposes the company and its customers to significant risk.”

The complaint says Dorsey never encouraged anyone to mislead the board about the shortcomings, but that others deliberately left out bad news.

When Dorsey left in November 2021, a difficult situation worsened under Agrawal, who had been responsible for security decisions as chief technology officer before Zatko’s hiring, the complaint says.

An unnamed executive had prepared a presentation for the new CEO’s first full board meeting, according to the complaint. Zatko’s complaint calls the presentation deeply misleading.

The presentation showed that 92 percent of employee computers had security software installed — without mentioning that those installations determined that a third of the machines were insecure, according to the complaint.

Another graphic implied a downward trend in the number of people with overly broad access, based on the small subset of people who had access to the highest administrative powers, known internally as “God mode.” That number was in the hundreds. But the number of people with broad access to core systems, which Zatko had called out as a big problem after joining, had actually grown slightly and remained in the thousands.

The presentation included only a subset of serious intrusions or other security incidents, from a total Zatko estimated as one per week, and it said that the uncontrolled internal access to core systems was responsible for just 7 percent of incidents, when Zatko calculated the real proportion as 60 percent.

Zatko stopped the material from being presented at the Dec. 9, 2021 meeting, the complaint said. But over his continued objections, Agrawal let it go to the board’s smaller Risk Committee a week later.

Agrawal didn’t respond to requests for comment. In an email to employees after publication of this article, obtained by The Post, he said that privacy and security continues to be a top priority for the company, and he added that the narrative is “riddled with inconsistences” and “presented without important context.”

On Jan. 4, Zatko reported internally that the Risk Committee meeting might have been fraudulent, which triggered an Audit Committee investigation.

Agarwal fired him two weeks later. But Zatko complied with the company’s request to spell out his concerns in writing, even without access to his work email and documents, according to the complaint.

Since Zatko’s departure, Twitter has plunged further into chaos with Musk’s takeover, which the two parties agreed to in May. The stock price has fallen, many employees have quit, and Agrawal has dismissed executives and frozen big projects.

Zatko said he hoped that by bringing new scrutiny and accountability, he could improve the company from the outside.

“I still believe that this is a tremendous platform, and there is huge value and huge risk, and I hope that looking back at this, the world will be a better place, in part because of this.”

 Defending his actions in 1971, Daniel Ellsberg said, “I felt that as an American citizen, as a responsible citizen, I could no longer cooperate in concealing this information from the American public.”

Republicans, including the President, have attacked Schiff for the way he portrayed a rough transcript of the President's call with Ukrainian President Volodymyr Zelensky at a public hearing last month, in which Schiff said that Trump told Zelensky "I want you to make up dirt on my political opponent. Understand? Lots of it, on this and on that."

The measure comes following Schiff's clarification earlier this month about comments he made in September that his committee had not spoken directly with a whistleblower -- after his office acknowledged that it had been in contact with the whistleblower before the complaint over Trump's conversation with Zelensky was filed.

The President expressed his support for the resolution on Monday morning, tweeting that "Censure (at least) Corrupt Adam Schiff! After what he got caught doing, any pol who does not so vote cannot be honest....are you listening Dems?"

Trump on Saturday also threatened to sue Schiff and House Speaker Nancy Pelosi as they lead an impeachment inquiry into the President.

DHS has moved slowly to grant them security clearances

denied Murphy pre-deposition access to all but unclassified materials he worked on

In 2018 a different whistleblower outed Facebook for its sketchy collaboration with Cambridge Analytica, a research organisation that allowed users’ data to be collected without their consent and used for political profiling by Donald Trump’s campaign. Facebook’s founder, Mark Zuckerberg, went to Washington, DC to apologise, and in 2019 America’s consumer-protection agency, the Federal Trade Commission, agreed to a $5bn settlement with Facebook. That is the largest fine ever levied against a tech firm.

Congress has repeatedly called in tech bosses for angry questioning and public shaming without taking direct action afterwards.

Senators, who cannot agree on such uncontroversial things as paying for the government’s expenses, united against a common enemy and promised Ms Haugen that they would hold Facebook to account.

Congress could update and strengthen the Children’s Online Privacy Protection Act (COPPA), which was passed in 1998 and bars the collection of data from children under the age of 13.

If Congress does follow through with legislation, it is likely to focus narrowly on protecting children online, as opposed to broader reforms, for which there is still no political consensus.

Social media’s harmful effects on children and teenagers is a concern that transcends partisanship and is easier to understand than sneaky data-gathering, viral misinformation and other social-networking sins.

Other legislative proposals take aim at manipulative marketing and design features that make social media so addictive for the young.

However, Ms Haugen’s most significant impact on big tech may be inspiring others to come forward and blow the whistle on their employers’ malfeasance.

“A case like this one opens the floodgates and will trigger hundreds more cases,” predicts Steve Kohn, a lawyer who has represented several high-profile whistleblowers.

One is the industry’s culture of flouting rules and a history of non-compliance. Another is a legal framework that makes whistleblowing less threatening and more attractive than it used to be.

The Dodd-Frank Act, which was enacted in 2010, gives greater protections to whistleblowers by preventing retaliation from employers and by offering rewards to successful cases of up to 10-30% of the money collected from sanctions against a firm.

If the threat of public shaming encourages corporate accountability, that is a good thing. But it could also make tech firms less inclusive and transparent, predicts Matt Perault, a former Facebook executive who is director of the Centre for Technology Policy at the University of North Carolina at Chapel Hill.

People may become less willing to share off-the-wall ideas if they worry about public leaks; companies may become less open with their staff; and executives could start including only a handful of trusted senior staff in meetings that might have otherwise been less restricted.

Facebook and other big tech firms, which have been criticised for violating people’s privacy online, can no longer count on any privacy either.

his case is one of dozens discovered by reporters appearing to show Credit Suisse opened or maintained accounts for clients who had serious convictions that might be expected to show up in due diligence checks. There are other instances in which Credit Suisse may have taken quick action after red flags emerged, but the case nonetheless shows that dubious clients have been attracted to the bank.

Like every other bank in the world, Credit Suisse professes to have stringent control mechanisms to carry out extensive due diligence on its customers to “ensure that the highest standards of conduct are upheld”. In banking parlance, such controls are called know-your-client or KYC checks.

A 2017 leaked report commissioned by Switzerland’s financial regulator shed some light on the bank’s internal procedures at that time. Clients would face intensified scrutiny when flagged as a politically exposed person from a high-risk country, or a person involved in a high-risk activity such as gambling, weapons trading, financial services or mining, the report said.

Such controls might be expected to prevent a bank from opening accounts for clients such as Rodoljub Radulović, a Serbian securities fraudster indicted in 2001 by the US Securities and Exchange Commission. However, the leaked data identifies him as the co-signatory of two Credit Suisse company accounts. The first was opened in 2005, the year after the SEC had secured a default judgment against Radulović for running a pump-and-dump scheme.

One of Radulović’s company accounts held 3.4m CHF (£2.2m) before they closed in 2010. He was recently given a 10-year prison sentence by a court in Belgrade for his role trafficking cocaine from South America for the organised crime boss Darko Šarić.

Due diligence is not only for new clients. Banks are required to continually reassess existing customers. The 2017 report said Credit Suisse screened customers at least every three years and as often as once a year for the riskiest clients. Lawyers for Credit Suisse told the Guardian these periodic reviews were introduced “more than 15 years ago”, meaning it was continually running due diligence on existing clients from 2007.

The bank might, therefore, have been expected to have discovered that its German client Eduard Seidel was convicted of bribery in 2008. Seidel was an employee of Siemens. As the multinational’s lead in Nigeria, he oversaw a campaign of industrial-scale bribery to secure lucrative contracts for his employer by funnelling cash to corrupt Nigerian politicians.

After German authorities raided the Munich headquarters of Siemens in 2006, Seidel immediately confessed his role in the bribery scheme, though he said he had never stolen from the company or appropriated its slush funds. His involvement in the corruption led to his name being entered into the Thomson Reuters World-Check database in 2007.

However, the leaked Credit Suisse data shows his accounts were left open until at least well into the last decade. At one point after he left Siemens, one account was worth 54m CHF (£24m). Seidel’s lawyer declined to say whether the accounts were his. He said his client had addressed all outstanding matters relating to his bribery offences and wished to move on with his life.

The lawyer did not respond to repeated invitations to explain the source of the 54m CHF. Siemens said it did not know about the money and that its review of its own cashflows shed no light on the account.

A representative for Sederholm said Credit Suisse never froze his accounts and did not close them until 2013 when he was unable to provide due diligence material. Asked why Sederholm needed a Swiss account, they said that he was living in Thailand when it was opened, adding: “Can you please tell me if you would prefer to put your money in a Thai or Swiss bank?”

One client, Stefan Sederholm, a Swedish computer technician who opened an account with Credit Suisse in 2008, was able to keep it open for two-and-a-half years after his widely reported conviction for human trafficking in the Philippines, for which he was given a life sentence.

Swiss banks have cultivated their trusted reputation since as far back as 1713, when the Great Council of Geneva prohibited bankers from revealing details about the fortunes being deposited by European aristocrats. Switzerland soon became a tax haven for many of the world’s elites and its bankers nurtured a “duty of absolute silence” about their clients affairs.

The custom was enshrined in statute in 1934 with the introduction of Switzerland’s banking secrecy law, which criminalised the disclosure of client banking information to foreign authorities. Within decades, wealthy clients from all over the world were flocking to Swiss banks. Sometimes, that meant clients with something to hide.

One former Credit Suisse employee at the time alleges there was a deeply ingrained culture in Swiss banking of looking the other way when it came to problematic clients. “The bank’s compliance departments [were] masters of plausible deniability,” they told a reporter from the Organized Crime and Corruption Reporting Project, one of the coordinators of the Suisse secrets project. “Never write anything down that could expose an account that is non-compliant and never ask a question you do not want to know the answer to.”

The 2000s was also a decade in which foreign regulators and tax authorities became increasingly frustrated at their inability to penetrate the Swiss financial system. That changed in 2007, when the UBS banker Bradley Birkenfeld voluntarily approached US authorities with information about how the bank was helping thousands of wealthy Americans evade tax with secret accounts.

Birkenfeld was viewed as a traitor in Switzerland, where banking whistleblowers are often held in contempt. However, a wide-ranging US Senate investigation later uncovered the aggressive tactics used by UBS and Credit Suisse, the latter of which was found to have sent bankers to high-end events to recruit clients, courted a potential customer with free gold, and in one case even delivered sensitive bank statements hidden in the pages of a Sports Illustrated magazine.

The revelations sent shock waves through Switzerland’s financial sector and enraged the US, which pressured Switzerland into unilaterally disclosing which of its taxpayers had secret Swiss accounts from 2014. That same year, Switzerland reluctantly signed up to the international convention on the automatic exchange of banking Information.

By adopting the so-called common reporting standard (CRS) for sharing tax data, Switzerland in effect agreed that its banks would in the future exchange information about their clients with tax authorities in foreign countries. They started doing so in 2018.

Membership of the global exchange system is often cited by Switzerland’s banking industry as a turning point. “There is no longer Swiss bank client confidentiality for clients abroad,” the Swiss Bankers Association told the Guardian. “We are transparent, there is nothing to hide in Switzerland.”

Switzerland’s almost 90-year-old banking secrecy law, however, remains in force – and was recently broadened. The Tax Justice Network estimates that countries around the world collectively lose $21bn (£15.4bn) each year in tax revenues because of Switzerland. Many of those countries will be poorer nations that have not signed up to the CRS data exchange.

More than 90 countries, most of which are in the developing world, remain in the dark when their wealthy taxpayers hide their money in Swiss accounts.

This inequity in the system was cited by the whistleblower behind the leaked data, who said the CRS system “imposes a disproportionate financial and infrastructural burden on developing nations, perpetuating their exclusion from the system in the foreseeable future”.

“This situation enables corruption and starves developing countries of much-needed tax revenue. These countries are the ones that therefore suffer most from Switzerland’s reverse-Robin-Hood stunt,” they said.

“I am aware that having an offshore Swiss bank account does not necessarily imply tax evasion or any other financial crime,” they said. “However, it is likely that a significant number of these accounts were opened with the sole purpose of hiding their holder’s wealth from fiscal institutions and/or avoiding the payment of taxes on capital gains.”

The whistleblower added that no one in the government knew the true figure of the dead because “we have lost contact with major divisions”.

FSB officers had been ordered to assess the effects of western sanctions, they said, but were told that it was a hypothetical box-ticking exercise. “You have to write the analysis in a way that makes Russia the victor . . . otherwise you get questioned for not doing good work,” they wrote. “Suddenly it happens and everything comes down to your completely groundless analysis.

“[We are] acting intuitively, on emotion . . . our stakes will have to be raised ever higher with the hope that suddenly something might come through for us.

“By and large, though, Russia has no way out. There are no options for a possible victory, only defeat.”

The letter said that Ramzan Kadyrov, the Chechen leader and an ally of Putin, was on the verge of outright conflict with the Russians after his “hit squad”, sent to kill President Zelensky, was destroyed by Ukrainian forces.

Even if Zelensky were killed, the report said, Russia would have no hope of occupying Ukraine. “Even with minimum resistance from the Ukrainians we’d need over 500,000 people, not including supply and logistics workers.”

The analyst said that the SVR, Russia’s foreign intelligence service, was trying to “dig up dirt” to claim that Ukraine had built nuclear weapons, a pretext for a pre-emptive strike.

The 2,000-word document was published by Vladimir Osechkin, a Russian human rights activist who runs the anti-corruption website Gulagu.net.

Christo Grozev, an expert on the Russian security services, said he had shown the letter to two FSB officers, both of whom had had “no doubt it was written by a colleague”.

The war, the writer said, had been given a “provisional deadline” of June because by then the Russian economy will have collapsed. “I have hardly slept at all recently, working all hours, in a brain-fog,” they wrote. “Maybe it’s from overwork, but I feel like I am in a surreal world. Pandora’s Box has been opened.”

The author said they could not rule out international conflict and that they were expecting “some f***ing adviser to convince the leadership” to send an ultimatum to the West threatening war if sanctions were not lifted.

“What if the West refuses?” they wrote. “In that instance I won’t exclude that we will be pulled into a real international conflict, just like Hitler in 1939.” Elsewhere in the letter they said: “Our position is like Germany in 1943-44 — but that’s our starting position.”

During a bizarre Q&A with reporters before a meeting with his extremely depleted Cabinet on Monday, Trump questioned whether the whistleblower needs protection.Democrats and the whistleblower's attorneys have raised questions about the individual's safety in potential congressional testimony. Trump took the opportunity of the Cabinet meeting to again attack the whistleblower.

Taylor is expected to be asked about the text messages he sent US Ambassador to the EU Gordon Sondland in September, before the whistleblower complaint was released.

The top Democrat in the Senate, Sen. Chuck Schumer, wrote to the Director of National Intelligence and Intelligence Community Inspector General demanding to know how they're going to protect the whistleblower's identity.

Losing Republicans is clearly something Trump worries about, which he transmitted Monday as he complained about Democrats, who unlike Republicans, he said, are "vicious and they stick together.""They don't have Mitt Romney in their midst," Trump said, referring to the Utah Senator who has criticized Trump and who we learned today goes by the pseudonym Pierre Delecto on Twitter.

One hard deadline is Election Day 2020. The ultimate question for Democrats could end up being whether they need to follow every lead they discover in order to vote that Trump committed high crimes or misdemeanors.

The President has invited foreign powers to interfere in the US presidential election.Democrats want to impeach him for it.It is a crossroads for the American system of government as the President tries to change what's acceptable for US politicians. This newsletter will focus on this consequential moment in US history.

Only four senior Ensign executives are permitted to see the company’s full financial statements, according to the complaint, and investment staff members may access information only on the Ensign assets relating to their own area of work.

The company files abbreviated annual tax returns that report the taxes it paid on the small fraction of its investment activity that is taxable. The returns, which are publicly available, show that in some recent years, the company has reported losses of millions of dollars — a period in which, according to the complaint, a fuller accounting of its operations would have shown billions of dollars in profits.

This limited type of tax return requires Ensign to disclose the total value of its holdings, which the complaint asserts, has for years run to tens of billions of dollars. On those returns, Ensign has sometimes stated that it held $1 million, other times “more than $1,000,000,” and it once left this section of the paperwork unfilled.

Antoine Deltour, a former auditor at PwC, is accused of passing information on clients to French journalist Edouard Perrin, who first broke the story on French TV in 2012, in collaboration with the BBC's Panorama.

Raphael Halet, the other former PwC employee, is suspected of a separate leak and faces the same charges. Mr Perrin is accused of being an accomplice.

While Luxembourg has laws protecting whistleblowers, they are confined to exposing illegal practices. Civil rights groups have attacked the case.

"Deltour should be protected and commended, not prosecuted. The information he disclosed was in the public interest," said Cobus de Swardt, the Managing Director of Transparency International.

Despite expressing his support for the anti-lockdown movement, Trump said on Wednesday that he “strongly” disagrees with Georgia governor Brian Kemp’s decision to reopen bowling alleys, hair salons and other businesses this weekend. Many of the state’s business owners have also concluded it is “way too early” to return to normal.

A tale of two states.

Kentucky

The pandemic has made it almost impossible to register new voters using traditional methods in states across the US. That could have a huge impact on November’s election, writes Sam Levine.

Mainland China reported 55,000 cases of coronavirus in the country’s first wave of infections. But a study by researchers in Hong Kong suggests that number would have been more like 232,000, had the later adopted definition of a Covid-19 case been applied from the outset.

…Mexico, at least 21 doctors and nurses have suffered violent attacks, in public, after being wrongly accused of spreading the disease.

This California town is testing everyone

doctor from Bolinas, California, says her small town north of San Francisco is hoping to become a “model” for the rest of the country, after resolving to test every single member of its community for Covid-19. The town raised $300,000 through GoFundMe to buy testing equipment for its population of 1,600, to help researchers understand how the virus s

cats

Two cats in New York state have tested positive for the virus, apparently after catching it from humans – the first confirmed cases of US pets catching Covid-19.

Catastrophic’ flooding is coming soon. That’s according to new research, which has found that the number of people affected by floods will double to around 147 million annually by the end of the 2020s.

Trump, for example, urged Republicans to stop fighting like a boxer "with his hands tied behind his back," saying, "We want to be so respectful of everybody, including bad people. And we're going to have to fight much harder."

Trump alleged that there would be dire consequences if his supporters did not take immediate action -- saying that, if Biden took office, "You will have an illegitimate president. That's what you'll have. And we can't let that happen." And he said, "We fight like hell. And if you don't fight like hell, you're not going to have a country anymore."

In sum: McClintock and other Trump allies are entitled to argue that all of these Trump comments are not impeachable, even that they are not incendiary. But he left a misleading impression when he posed the question, "but what did he actually say?" and did not mention the most contentious things Trump actually said.

"And I also want to thank my Democratic colleagues for finally joining Republicans in condemning mob violence after six months of refusing to acknowledge it."

Republicans are entitled to argue that Democrats should have issued such condemnations more forcefully or frequently, but it's just inaccurate to say or suggest they didn't issue the condemnations at all.

Mueller never said Trump did nothing wrong. In fact, Mueller's final report explains that there was strong evidence that Trump obstructed justice, on several occasions. But Mueller decided not to make a decision on whether to charge Trump, for many reasons, including Department of Justice policy that a president "cannot be charged with a federal crime while he is in office."

And according to figures released by the Justice Department, the investigation actually cost $32 million, not $40 million.

Jordan also said, as he has as far back as 2019, that the whistleblower who filed the primary 2019 complaint about Trump's dealings with Ukraine "worked for Joe Biden."

It's possible the whistleblower interacted with Biden in the course of their job duties in the government, but that's substantially different than working for Biden himself. The whistleblower's lawyers said in 2019 that "our client has spent their entire government career in apolitical, civil servant positions in the Executive Branch" and that "in these positions our client has come into contact with presidential candidates from both parties in their roles as elected officials -- not as candidates."

Biden's comments come after he defeated President Donald Trump in a race in which mask-wearing became a political topic, with Biden urging Americans to follow public health experts' guidance and Trump refusing to do so -- holding rallies and White House events largely maskless attendees and downplaying their importance.

"It doesn't matter who you voted for; where you stood before Election Day," Biden said Monday. "It doesn't matter your party, your point of view. We could save tens of thousands of lives if everyone would just wear a mask for the next few months

He called drug-maker Pfizer's Monday announcement that early data shows its coronavirus vaccine is more than 90% effective good news.

the pandemic is an "immense and growing" threat and that a "dark winter" is still likely, with the numbers of cases and deaths reaching new peaks in recent days.

Biden's transition team earlier Monday morning announced the group of public health experts that will make up his coronavirus advisory board, which includes Rick Bright, a whistleblower from the Trump administration

he was met with skepticism by Trump administration officials when he raised concerns in the early throes of the pandemic about critical supplies shortages, is a clear signal of the contrasted direction that Biden intends to take his administration

Revealing the members of the pandemic task force is the transition's first major announcement, highlighting how important the President-elect finds combating the deadly virus which has taken more than 230,000 lives in the United States. The announcement also comes as the nation nears 10 million cases, with over 9.9 million reported cases as of Sunday evening, according to Johns Hopkins University data.

Both Biden and Vice President-elect Kamala Harris received a briefing from the transition coronavirus advisory board on Monday

Biden pledged repeatedly on the campaign trail that he would listen to the advice from scientists and public health experts about the pandemic if elected president and slammed Trump's handling of the virus

The first such battle Biden cited was that to control the virus.

It's reminiscent of the focus that Biden, and former President Barack Obama, devoted to the economy when they won the White House 12 years ago in the midst of a deep economic crisis.

Biden pledging to take the pandemic seriously, while Trump diminished the importance of the virus

Sen. Richard Blumenthal (D., Conn.), the chairman of the subcommittee conducting Tuesday’s hearing, called on Mr. Zuckerberg to appear before Congress to testify, terming the company “morally bankrupt.”

Facebook has said it plans to continue doing internal research and is working on ways to make that work available to others. The company has recently battled with some academic researchers over access to its data, but Facebook says that it works cooperatively with many others.

Republican and Democratic lawmakers at the hearing renewed their calls for regulation, such as strengthening privacy and competition laws and special online protections for children, as well as toughening of the platforms’ accountability. One idea that got a particular boost was requiring more visibility into social-media data as well as the algorithms that shape users’ experiences.

“The severity of this crisis demands that we break out of previous regulatory frames,” she said. “Tweaks to outdated privacy protections…will not be sufficient.”

A good starting point, she added, would be “full access to data for research not directed by Facebook. On this foundation, we can build sensible rules and standards to address consumer harms, illegal content, data protection, anticompetitive practices, algorithmic systems and more.”

Ms. Haugen also raised national-security concerns about Facebook, citing foreign surveillance on the platform—for example, Chinese monitoring of Uyghur populations—and what she termed Facebook’s “consistent understaffing” of its counterintelligence teams.

Ms. Haugen made the case for policy changes to address her perceived concerns. In products such as cars and cigarettes, she said, independent researchers can evaluate health effects, but “the public cannot do the same with Facebook.”

“This inability to see in Facebook’s actual systems and confirm that they work as communicated is like the Department of Transportation regulating cars by only watching them drive down the highway,” she said, arguing for an independent government agency that would employ experts to audit the impact of social media.

She said that if Congress moves to change Section 230, a federal accountability law that protects Facebook and other companies from liability for user-generated content, it should distinguish between that kind of content and choices that companies make about what type of content to promote.

“Facebook should not get a pass on choices it makes to prioritize virality and growth and reactiveness over public safety,” she said.

Ms. Haugen was hired by Facebook two years ago to help protect against election interference on Facebook. She said she acted because she was frustrated by what she viewed as Facebook’s lack of openness about the platform’s potential for harm and its unwillingness to address its flaws.

“I would simply say, let’s get to work,” said Sen. John Thune (R., S.D.), who has sponsored several measures on algorithm transparency. “We’ve got some things we can do here.”

“There’s always reason for skepticism” about Congress reaching consensus on legislation, Mr. Blumenthal said after the hearing. But he added that “there are times when the dynamic is so powerful that something actually is done…I have rarely, if ever, seen the kind of unanimity on display today.”

Haugen filed at least eight complaints with the Securities and Exchange Commission alleging that the company is hiding research about its shortcomings from investors and the public.

Haugen, who started at Facebook in 2019 after previously working for other tech giants like Google (GOOGL GOOGLE) and Pinterest (PINS), is set to testify on Tuesday before the Senate Subcommittee on Consumer Protection, Product Safety, and Data Security.

Facebook has aggressively pushed back against the reports, calling many of the claims "misleading" and arguing that its apps do more good than harm.

Lena Pietsch said in a statement to CNN Business immediately following the "60 Minutes" interview. "We continue to make significant improvements to tackle the spread of misinformation and harmful content. To suggest we encourage bad content and do nothing is just not true."

Pietsch released a more than 700-word statement laying out what it called "missing facts" from the segment

Haugen said she believes Facebook Founder and CEO Mark Zuckerberg "never set out to make a hateful platform, but he has allowed choices to be made where the side effects of those choices are that hateful and polarizing content gets more distribution and more reach."

Haugen said she was recruited by Facebook in 2019 and took the job to work on addressing misinformation. But after the company decided to dissolve its civic integrity team shortly after the 2020 Presidential Election, her feelings about the company started to change.

The social media company's algorithm that's designed to show users content that they're most likely to engage with is responsible for many of its problems

Haugen said that while "no one at Facebook is malevolent ... the incentives are misaligned."

the more anger that they get exposed to, the more they interact and the more they consume."

More recently, as new technologies have offered more avenues to increase surveillance and data collection, the court has reiterated its position in a number of leading cases against several countries, including France, Romania, Russia and Britain, condemned for having infringed the right to private and family life that in the interpretation of the cour

unnecessary “wide-ranging and particularly serious interference with the fundamental right to respect for private life” and personal data, this court reaffirmed the outstanding place privacy holds in Europe

If European governments and parliaments do not respect fundamental principles and judicial obligations, our lives will become much less private. Our ability to participate effectively in public life is threatened, too, because these measures curtail our freedom of speech and our right to receive information — including that of public interest. Not all whistleblowers have the technical knowledge Mr. Snowden possessed. Many would fear discovery if they communicated with journalists, who in turn would lose valuable sources, jeopardizing their ability to reveal unlawful conduct in both the public and private spheres. Watergates can only happen when whistleblowers feel protected.

First, legislation should limit surveillance and the use of data in a way that strictly respects the right to privacy as spelled out in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, European data protection standards, the case law of the European Court of Human Rights and that of the European Court of Justice. These norms oblige states to respect human rights when they gather and store information relating to our private lives and to protect individuals from unlawful surveillance, including when carried out by foreign agencies.

Third, security agencies must operate under independent scrutiny and judicial review. This will require intrusive oversight powers for parliaments and a judiciary that is involved in the decision-making process to ensure accountability. Countries that have adopted controversial surveillance laws should reconsider or amend them. And those considering new surveillance legislation should do so with great caution.