Victory! Fourth Circuit rules that border officials can't subject electronic devices to suspicionless forensic searches

Back in 2014, the Supreme Court ruled in Riley v California, holding that border guards do not have unlimited authority to search our personal electronic devices when we cross the border, requiring individualized criminal suspicion before a search can take place. Read the rest

The UK's Data Protection Bill doesn't protect immigrants; help the Open Rights Group raise £30,000 for a court challenge

The UK's Data Protection Bill is far-reaching and long overdue, extending vital privacy protection to Britons -- unless they're immigrants. Read the rest

Nova Scotia abandons its attempt to destroy a teenager who stumbled on a wide-open directory of sensitive information

Last month, an unnamed 19-year-old Nova Scotian grew frustrated with the lack of a search interface for the province's public repository of responses to public records requests; he wanted to research the province's dispute with its public school teachers and didn't fancy manually clicking on thousands of links to documents to find the relevant ones, so he wrote a single line of code that downloaded all the public documents to his computer, from which he could search them with ease. Read the rest

Here's why everyone in the world just emailed you a new privacy policy

The looming deadline for the EU General Data Protection Plan means that companies have a duty to be extremely clear about what data they're collecting on you and what they're doing with it, and give you a chance to refuse -- they've already had a duty to do this for a very long time under both EU law and California law, but the difference this time around is that the GDPR has large, terrifying teeth: companies that fail to comply can be fined 4% of their annual global turnover. Read the rest

NSA report discloses that the agency tripled its surveillance of Americans in 2017

One effect of the Snowden leaks is that the NSA now makes an annual disclosure of the extent of its domestic surveillance operations; that's how we know that the NSA collected 534 million phone call and text message records (time, date, location, from, to -- but not the content), which more than triples its surveillance takings in 2016. Read the rest

Amazon doesn't like how Signal circumvents censorship

Signal is an encrypted messaging app for smartphones and desktops that I and a lot of other folks use on a daily basis to communicate with discretion and security. I like it so much that I've moved away from using other services on my iOS and Android phones to using Signal for all of the texting I do, even with those who don't use the app. Unfortunately, according to The Verge, the Signal team is having a difficult time trying to provide its services to users in the UAE, Egypt and Oman, where the app has been banned by the government. Considering the fact that these states aren't known for treating political dissidents and minorities none too well, that's a big deal. For some people, encrypted comms are essential to avoiding incarceration or worse.

The crux of Signal's issues with providing services to users in these countries is that Amazon, whose CloudFront web services Signal's parent company, Open Whisper System, uses, has banned domain-fronting. Domain-fronting, put simply, is a technique for making traffic from one site look like it's from another site. In an email received by Open Whisper System's founder, Moxie Marlinspike (best damn name in the business,) the General Manager of Amazon CloudFront called Open Whisper Systems' domain-fronting out, telling Marlinspike that Amazon would love to have their business, but not his company refuses to comply with their no domain-fronting policies.

From the email:

When access to Signal was originally censored in Egypt, Oman, Qatar, and UAE, we responded by through Google App Engine.

Read the rest

LG's G7 ThinQ smartphone looks like a great handset but it creeps me out

Last week, I flew to Toronto to check out a new phone that LG's had a hell of a time trying to keep a secret: the LG G7 ThinQ.

It looks looks and feels a lot like most of the high end handsets that companies are pushing out today. It's slick to the touch (you'll definitely want to put it into a case), has a nice heft to it, and yes, a notch at the at the top of its display a là iPhone X, but the company reps were quick to point out to me that you can totally make it disappear with a little software sorcery.

Depending on where you are in the world, you'll be able to pick up the G7 ThinQ with 4GB of RAM plus 64GB storage or with 6GB RAM plus 128GB storage. No matter which one you fork over your money for, storage shouldn't be an issue: the handset supports microSD cards up to 2TB in size. The phone's got an ultra bright 1,000-nit display which, while they wouldn't let me take outside to test, LG swears will make it easy to see in direct sunlight. I don't doubt that this is the case.

Its camera does tricks, too. It uses onboard A.I. to guess at what you're taking a photo of and sets itself up to take the best shot of your subject that it can. Under controlled conditions, I was shown how it can take photos in near darkness that'll come out well lit and looking reasonably good. Read the rest

Cambridge Analytica shut down

Cambridge Analytica, the firm that consulted on Trump's 2016 campaign and mined the data of 87 million Facebook users without their permission, has shut its doors. Same goes for the company's UK counterpart SCL. From Wired:

The decision to close the company's doors internationally was announced to employees during a town hall meeting in the firm's New York City offices Wednesday. One source says that NYC employees were told to pack up and leave immediately....

Just yesterday, Cambridge Analytica's official Twitter account tweeted out a link to a website refuting the waves of bad press the company has received with the caption, "Get the Facts Behind the Facebook Story."

(image by Mark Frauenfelder) Read the rest

Why you couldn't quit Facebook

I tried to quit Facebook, but couldn't, not really, not yet. We know that in some respects we can't quit, because it keeps profiles on everyone anyway, but there's more to it than that. It's got its hooks deep into our relationships with friends and families. As Sarah Jeong writes, it performs work for us.

Facebook had replaced much of the emotional labor of social networking that consumed previous generations. We have forgotten (or perhaps never noticed) how many hours our parents spent keeping their address books up to date, knocking on doors to make sure everyone in the neighborhood was invited to the weekend BBQ, doing the rounds of phone calls with relatives, clipping out interesting newspaper articles and mailing them to a friend, putting together the cards for Valentine’s Day, Easter, Christmas, and more. We don’t think about what it’s like to carefully file business cards alphabetically in a Rolodex. People spent a lot of time on these sorts of things, once, because the less of that work you did, the less of a social network you had. ...

It’s hard to pin down what Facebook is because the platform replaces labor that was previously invisible. We have a hard time figuring out what Facebook actually is because we have a hard time admitting that at least part of what it supplanted is emotional labor — hard and valuable work that no one wants to admit was work to begin with.

To leave Facebook is to create work for friends and family. Read the rest

Facebook warns investors to expect bigger and worse scandals than Cambridge Analytica

The Cambridge Analytica affair wiped billions off of Facebook's valuation and prompted millions of users to #DeleteFacebook, but inevitably, the company bounced back, reporting high earnings in its quarterly investor disclosures. Read the rest

SEC fines Yahoo (now Altaba) $35 million over massive data breach

How the once mighty have fallen. Read the rest

Facebook vs regulation: we exist nowhere and everywhere, all at once

Where is Facebook located? Well, if you're the taxman, Facebook's global HQ is a tiny shed somewhere in Ireland, where Facebook can escape virtually all taxation; but on the other hand, if you're the EU, Facebook is headquartered in America, where the General Data Protection Regulation doesn't apply. Read the rest

Cops use backdoored WhatsApp photo to extract fingerprints and convict user

South Wales Police announced they were able to access a WhatsApp user's photos through a backdoor, then extract fingerprint data from a picture of a weed dealer's hand to help convict 11 involved people. Read the rest

Department of Homeland Security wants to build a database to track journalists and their sources

Well, this is creepy: According to Bloomberg Law, the U.S. Department of Homeland Security is currently shopping for a contractor that can help it compile a list of editors, journalists, and online "media influencers." Additionally, they're looking for goons to help them identify all social media coverage that relates to the agency or events that the agency may be involved in.

From Bloomberg:“Services shall provide media comparison tools, design and rebranding tools, communication tools, and the ability to identify top media influencers,” according to the statement. DHS agencies have “a critical need to incorporate these functions into their programs in order to better reach federal, state, local, tribal, and private partners,” it said.

The plan, according to DHS, is to set up a database of influential journalists, publications and online influencers. Those with access to the database--you can go ahead and read that as Big Brother--will be able to browse “present contact details and any other information that could be relevant, including publications this influencer writes for, and an overview of the previous coverage published by the media influencer.”

So, kind of like Mudrack, but for spooks.

The proposed database could be searchable by factors such as what beat a writer covers, where they're located, what publications they work for, and whether they rely on local or international sources in their work. Now, here's where it gets ugly. One of the other points that DHS wants to be able to search is the "sentiment" of a story. Was a writer's take on events pro-America or not? Read the rest

Facebook tried to get hospitals to share patient data, including medical conditions

Facebook tried to get hospitals to share "anonymized data" on patients with it, including conditions and prescriptions, for a "research project." Read the rest

87 million Facebook users' data shared with Cambridge Analytica

Facebook admitted Wednesday that 87 million users' data was harvested by Cambridge Analytica--about 74% more than previously disclosed.

The new figure sharply increased the company’s previous estimate of how many users’ information was harvested by Cambridge Analytica. For weeks, Facebook had said that the data of about 50 million users was at issue.

Facebook released the revised estimate of affected users as part of an extended statement about its plans for handling personal data. The company said it would start alerting users on April 9 about whether their information may have been shared with Cambridge Analytica.

Another day, another numbingly obvious example of "dumb fucks." Read the rest

Zuckerberg: Americans won't receive the same Facebook privacy tools as Europeans (Update: now they will)

Facebook could give American users the same privacy enhancements that are coming to European users. But they won't, Mark Zuckerberg admits. Put simply, they aren't legally obliged to.

In a phone interview with Reuters yesterday Mark Zuckerberg declined to commit to universally implementing changes to the platform that are necessary to comply with the European Union’s incoming General Data Protection Regulation (GDPR).

Rather, he said the company was working on a version of the law that would bring some European privacy guarantees worldwide — declining to specify to the reporter which parts of the law would not extend worldwide.

“We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” Reuters quotes Zuckerberg on the GDPR question.

This is a subtle shift of line. Facebook’s leadership has previously implied the product changes it’s making to comply with GDPR’s incoming data protection standard would be extended globally.

Photo: Reuters / Jonathan Ernst

UPDATE: Today, on a conference call with reporters, Zuckerberg says “We intend to make all the same controls available everywhere, not just in Europe.” Read the rest

More posts