Saturday, October 12, 2019

Trendy law?
California blocks police from using facial recognition in body cameras
Civil liberties advocates are declaring victory after California became the latest state to block police from using facial recognition technology in body cameras.
Gov. Gavin Newsom signed AB1215 on Tuesday, prohibiting police departments from outfitting body cameras with technology to identify people through their facial features or other biometric traits. The law takes effect Jan. 1 and expires in 2023, but can be renewed.
State lawmakers passed the bill after Amazon’s Rekognition facial recognition software incorrectly identified 26 legislators as criminal suspects, including the assemblyman who carried the measure, San Francisco Democrat Phil Ting.
No police agencies in the state use the technology now, according to the California Peace Officers’ Association.
Oregon and New Hampshire have similar bans, and cities including San Francisco and Oakland have adopted more sweeping laws.

Nothing illegal about asking? I wonder how many schools gave ICE this information. Would they keep doing it if it didn’t work?
Kaylin Jorge reports:
U.S. Immigration and Customs Enforcement agents (ICE) showed up at a Nashville elementary school in September seeking student records, FOX 17 News has confirmed.
Metro Schools said ICE agents went to Una Elementary School and tried to get information about students from school officials. ICE agents were not given any records, MNPS said.
Read more on FOX17.

Always behind the technology. Is that ethical?
Why it’s time to start talking about blockchain ethics
Blockchain technology is changing the nature of money and organizations. We should probably start pondering the potential consequences.
If blockchain technology can be reasonably expected to make a significant difference in society, then it deserves its own field of ethics, just like biotechnology, artificial intelligence, and nuclear technology, argues Rhys Lindmark, head of community and long-term societal impact at MIT’s Digital Currency Initiative.
Lindmark said that like other “tech ethics” fields, the field of blockchain ethics should examine what the technology is capable of doing, and ponder the potential consequences. For instance, blockchains make it possible to create leaderless, “decentralized” organizations. Does that mean no one is responsible if something goes wrong? In public blockchains like Bitcoin, the network’s shared software rules are supposed to automatically sort out what behavior is allowed. So if a user exploits the protocol for profit without breaking its rules, is that unethical? Meanwhile, global digital currencies like what Facebook is proposing might change the nature of money. How might that change politics and power dynamics?

Friday, October 11, 2019

So far, nothing looks like AI. (Dem AIs is clever!)
New Hacking Techniques Discovered In 2019 So Far

Hey! It’s not funny! (Okay, maybe a little)
Dutch Prostitution Site Hacked—250,000 Users’ Data Leaked
Hackers have obtained the data and personal details of around 250,000 users of the Dutch sex-work forum
… “Offering this information for sale is punishable by law, and if possible we will take legal action,” the moderator added. “In addition, a report has been made to the Dutch data protection authority.”
The site is reportedly used by both sex workers and their customers. Though prostitution is legal in the Netherlands, one serious concern around such leaks is that users real identities will be exposed and they will face blackmail, personal or professional consequences. That’s what happened in the bigger breach of adultery hook-up site Ashley Madison, which resulted in many a personal catastrophe.

Escort forums in Italy and the Netherlands hacked, user data put up for sale
A third forum for zoophilia and bestiality fans was also hacked. User data put up for sale as well.

Now will you start thinking about CCPA?
California AG Releases Draft CCPA Regulations
On October 10th, California state attorney general Xavier Becerra announced the release of proposed implementing regulations concerning the California Consumer Privacy Act (CCPA).

(Related) Nothing is ever so bad it can’t get worse!
New Ballot Initiative Seeks to Redo the CCPA
The author of the ballot initiative intends to include this proposal on the November, 2020 ballot.

They’re all potential mass murderers!
Kate Fazzini reports:
Researchers from the Aspen Institute are raising concerns about a Florida initiative meant to collect and collate huge amounts of data on schoolchildren in the state, according to a report released Thursday.
Florida schools are now required to collect, store and crunch data on students in the name of predicting school shootings. The Florida Schools Safety Portal, or FSSP, executive order was issued by Gov. Ron DeSantis earlier this year in response to the 2018 shooting at Marjory Stoneman Douglas High School in Parkland, Florida.
Read more on CNBC

Turning IT Upside Down In a Machine Learning World
The process of IT systems development will be reversed or turned upside down with machine learning. Those looking to win in the age of machine learning will place data and analytics as the centerpiece of their strategy for systems development. Data should no longer be viewed as a necessary evil required to complete a process step, rather it should be the foundation that informs the possibilities of the future. IT investments will start with identifying the question we want to answer, inventorying the data we possess, identifying the data architecture gaps and then, as the last step, we will build systems to support those objectives. Consider the comparison of how these two paradigms contrast relative to traditional software development phases.
At every step in the software lifecycle you can see how mindsets need to shift. Rather than optimizing for ‘how can I make your current pain points better,’ it is about determining the questions, that if answered, would yield groundbreaking results. Every organization has one or two key metrics, that if changed, could dramatically improve company performance. These metrics could be customer retention, lead acquisition, win rate or any of a large number of potential metrics/questions that if impacted by data, insights, and action could produce order of magnitude results in terms of revenue, margins, and valuation. As an example, in environments where market share matters, high volume interactions occur with low costs of sale and the difference of moving from a four percent lead conversion rate to an eight percent conversion rate can be the difference between average results and best in class results.

Two views of amazing…
Jeff Bezos’s Master Plan
Today, Bezos controls nearly 40 percent of all e-commerce in the United States. More product searches are conducted on Amazon than on Google, which has allowed Bezos to build an advertising business as valuable as the entirety of IBM. One estimate has Amazon Web Services controlling almost half of the cloud-computing industry—institutions as varied as General Electric, Unilever, and even the CIA rely on its servers. Forty-two percent of paper book sales and a third of the market for streaming video are controlled by the company; Twitch, its video platform popular among gamers, attracts 15 million users a day.

Is Amazon Unstoppable?
Politicians want to rein in the retail giant. But Jeff Bezos, the master of cutthroat capitalism, is ready to fight back.
Critics say that Amazon, much like Google and Facebook, has grown too large and powerful to be trusted. Everyone from Senator Elizabeth Warren to President Donald Trump has depicted Amazon as dangerously unconstrained. This past summer, at a debate among the Democratic Presidential candidates, Senator Bernie Sanders said, “Five hundred thousand Americans are sleeping out on the street, and yet companies like Amazon, that made billions in profits, did not pay one nickel in federal income tax.” And Steven Mnuchin, the Treasury Secretary, declared that Amazon has “destroyed the retail industry across the United States.” The Federal Trade Commission and the European Union, meanwhile, are independently pursuing investigations of Amazon for potential antitrust violations. In recent months, inquiries by news organizations have documented Amazon’s sale of illegal or deadly products, and have exposed how the company’s fast-delivery policies have resulted in drivers speeding down streets and through intersections, killing people.

I’m not sure we need a supplement to the First Amendment, but perhaps banning legislatures from banning companies from banning certain things should be banned?
Michigan bill aims to restrict what internet companies could ban from their sites
Two Michigan lawmakers are hoping to put new restrictions on what social media and other technology companies like Facebook, YouTube or Google could ban from their sites.
It’s unclear how the legislation would be enforced or regulated if signed into law, and the bill hasn’t advanced past the committee level.

Geek out, Bob.
Breaking Down The 10 Need-To-Know Emerging Technologies
Forrester’s emerging tech spotlights have previously identified and characterized the various emerging technologies that are worth your time. In order to help you figure out how to best consume them, Will McKeon-White and I did our best to help simplify this shifting landscape in our latest report, written as a downloadable PowerPoint file: “Use The Cloud Platforms To Drive Your Tech-Driven Innovations.”
From this research, we came across three key takeaways:
  • Don’t assume your business can’t be enhanced by the technologies covered.
  • Open source is accelerating, but some technologies are far more proprietary than others.
  • Breadth and strength of services is defining the next wave of cloud competition, and vendors know it
And while we’ve touched upon some of the contents of this report in our cloud empowerment webinar and video blog so far, to provide more context on what the PowerPoint contains, we provide a breakdown of the various solutions/services offered by the major cloud providers (Alibaba, Amazon Web Services, Google Cloud Platform, IBM, Microsoft Azure, Oracle, and Salesforce) for the following 10 technologies:
  • Computer vision
  • Deep learning
  • Natural language generation
  • Distributed ledger technology
  • Edge computing
  • Augmented, virtual, and mixed reality technologies
  • Additive manufacturing
  • Digital twins
  • Serverless computing
  • Quantum computing

Wally asks another good question.

Thursday, October 10, 2019

I’m 100% concerned.
Joe Patrice writes:
At least clients are putting up a brave front.
When asked about new regulations like the California Consumer Privacy Act, 68 percent of in-house legal department respondents are either “not concerned” or only “somewhat concerned.” That’s a good indication that corporate counsel have a great plan for this stuff, right? Well, in the same survey, when asked “do you feel concerned about your organization’s ability to meet all aspects of the new privacy requirements?” 69 percent were “concerned” or “very concerned” with an additional 25 percent “somewhat concerned.” And 84 percent “have no clearly defined processes to meet new and emerging privacy regulations.”
Read more on Above the Law.

You know “they” (not just Amazon) listen to anything their devices hear, why not watch anything they see?
Amazon Workers May Be Watching Your Cloud Cam Home Footage
Teams in India and Romania use video snippets sent by customers for troubleshooting purposes and to train artificial intelligence algorithms.

We’re here to help?”
DHS cyber unit wants to subpoena ISPs to identify vulnerable systems
CISA, which warns both government and private-sector businesses of security vulnerabilities, privately complained of being unable to warn businesses about security threats because it can’t always identify who owns a vulnerable system.
The new proposal would allow CISA to use its new powers to directly warn businesses of threats to critical devices, such as industrial control systems — typically used in critical infrastructure.

Where Alexa goes, others will follow.
Amazon’s New Smart Products Raise All Kinds of Alexa Privacy Concerns
While Amazon’s introduction of so many new Alexa-enabled products at its Seattle headquarters caught some privacy advocates off-guard, this strategy of building out the Alexa family of products has been brewing for some time at Amazon. CEO Jeff Bezos has made no secret of the fact that he’d like to see the Alexa smart assistant technology become “ubiquitous” and “ambient,” much like Google Assistant.
What raises so many Alexa privacy concerns, however, is the fact that many of the new devices are blurring the line between wearable devices and surveillance gear. And these wearable devices come with microphones (in order to hear the questions asked by users), meaning that they might be used inadvertently to eavesdrop and record conversations in public, or used to invade other people’s privacy in strange new ways. Would you really want to sit down next to someone who might be recording every word you say?
Amazon has rolled out a particularly cheerful sounding Alexa-powered night light for kids called Glow. As one tech blog exclaimed after reading about this product, “Surveillance for all ages!”
And, in all credit to Amazon, it has tried to add some “privacy inventions” to its products. For example, there’s a new voice command that lets you ask Alexa what it has recorded about you. And there’s another feature that enables automatic deletion of all recorded content on a rolling basis.
But is this really enough in a post-GDPR world? The whole point of privacy regulation is for tech firms to obtain consent from users before their personal data is used, and to give them the option to delete all personal data upon request. In contrast, all of the new Alexa privacy features are opt-in rather than opt-out, meaning that Amazon really doesn’t want you opting out of data collection. And, since AI-powered technology needs data in order to “learn,” Amazon doesn’t let you delete conversations immediately – only after Alexa has had a chance to learn from them.

Less like a legal pendulum, more like a yo-yo.
Similar” Illegal Comments Must Be Taken Down
On Thursday 3rd October, Europe’s highest court ordered Facebook to take down content that was sufficiently similar to comments that had been ruled defamatory.
Specifically, the European Court of Justice ruled that “EU law does not preclude a host provider such as Facebook from being ordered to remove identical and, in certain circumstances, equivalent comments previously declared to be illegal.”
Furthermore judges said: “EU law does not preclude such an injunction from producing effects worldwide, within the framework of the relevant international law.” This would appear to be at odds with its ruling last week that the so-called “Right to be Forgotten” – whereby search engines must delist outdated or irrelevant information from searches for individual names – does NOT extend to international territorial scope.

The Modern Contract Handbook – A Downloadable Guide
Any reader of Artificial Lawyer would recognize that contracts are one of the biggest puzzles a business needs to solve. Every stage of the contract lifecycle – from creation, through collaboration, negotiation, agreement, tracking and renewal – can create friction. It’s well known now that according to the IACCM, 83% of people are dissatisfied with the contract process. Solving this is why Juro exists, but in working to fix it, we’ve been fortunate enough to learn an enormous amount about how to actually make contracts work for everyone. That’s why we decided to wrap it all together and share it with the community – download your copy of the Modern Contract Handbook here.

Perspective gained by discussions with those who are doing AI. (See the graphic)
Top Trends on the Gartner Hype Cycle for Artificial Intelligence, 2019
Between 2018 and 2019, organizations that have deployed artificial intelligence (AI) grew from 4% to 14%, according to Gartner’s 2019 CIO Agenda survey.
Conversational AI remains at the top of corporate agendas spurred by the worldwide success of Amazon Alexa, Google Assistant and others. Meanwhile, new technologies continue to emerge such as augmented intelligence, edge AI, data labeling and explainable AI.

Machines can be people too.
India: Copyright And Artificial Intelligence
Who owns copyright in work created using Artificial Intelligence?
The challenging part is where we have to decide who owns the copyright in a situation where a creative and artistic work is generated by an automated machine, or any form of artificial intelligence, and such creation takes place independently without any kind of human effort.
Certain kinds of Copyright ownership are discussed as follows:
a) The Programmer
b) The user
c) The Artificial Intelligence
d) Nobody

Lawyer like a hacker...
Shedding Some Light on the Dark Web for Legal Researchers
Legal Executive Institute – “…What makes the Dark Web “dark,” are not the nefarious things that sometimes occur there; rather, it is the anonymity it offers.
Undetectable Web activity is obviously valuable to a criminal, but it is equally valuable for many “normal” users… All of this secrecy makes the Dark Web a handy tool for legal researchers. Anonymous browsing is terrific for such everyday research tasks as conducting competitive intelligence gathering, tracking down infringement of copyright or trademarks without tipping off the target, or locating sensitive subjects without revealing your identity. Anonymity also is very helpful for gathering information on individuals or looking around for clues to identity theft. Putting on a disguise before searching the Web is just another way legal researchers can locate useful information effectively yet secretly. The question is: How do you travel these virtual back alleys safely and legally?…”

Perspective. A quiz for when my students get cocky. (Questions and answers are in the PDF)
Americans and Digital Knowledge
A majority of U.S. adults can answer fewer than half the questions correctly on a digital knowledge quiz, and many struggle with certain cybersecurity and privacy questions. A new Pew Research Center survey finds that Americans’ understanding of technology-related issues varies greatly depending on the topic, term or concept.
This survey consisted of 10 questions designed to test Americans’ knowledge of a range of digital topics, such as cybersecurity or the business side of social media companies. The median number of correct answers was four. Only 20% of adults answered seven or more questions correctly, and just 2% got all 10 questions correct…”

Is this also true for senior business managers?
Social Media: Senior Leaders Need to Get on the Bus
If you are a senior leader in the military, being engaged on social media is becoming more of an imperative by the day. There are many reasons why this is essential, but here are my top 10:
3) It is important for us to acknowledge that the higher you go, the more insulated and distant you are from where the rubber meets the road. Social media gives us the opportunity to hear directly from our service members about what is bothering them, or the challenges facing them and their families. It is not always glamorous – not unlike reading the inside of a porta-potty at NTC – but the majority of the time, you will get unfiltered, grassroots feedback, and that is something we can all benefit from.

A tool for yelling at my students? The Magic version may cause seizures.
To create a big message on someone’s screen, head to Here you’ll find a simple interface that allows you to enter a message and pick from one of four styles. From there, you can preview the message and save it.
To see how your message will work, just enter it and pick a style, then click Preview. When satisfied, click again to return to the main screen. Once you click Save, a URL will appear in the bottom bar. Click this to copy it, then you can send it to people or display it on your own computer.

A plan we would all invest in?

Wednesday, October 09, 2019

Is this in time to contribute to a secure 2020 election?
Senate Intel Cmte Releases Bipartisan Report on Russia’s Use of Social Media
Today, Senate Select Committee on Intelligence Chairman Richard Burr (R-NC) and Vice Chairman Mark Warner (D-VA) released a new report titled, “Russia’s Use of Social Media.” It is the second volume released in the Committee’s bipartisan investigation into Russia’s attempts to interfere with the 2016 U.S. election. The new report examines Russia’s efforts to use social media to sow societal discord and influence the outcome of the 2016 election, led by the Kremlin-backed Internet Research Agency (IRA). The analysis draws on data provided to the Committee by social media companies and input from a Technical Advisory Group comprising experts in social media network analysis, disinformation campaigns, and the technical analysis of complex data sets and images to discern the dissemination of disinformation across social media platforms…”

(Related) Not perfect, but these tools and techniques are a start.

(Related) Perhaps the candidates just don’t care.
2020 Presidential Candidate Campaign Websites Fail On User Privacy
Despite everything that has happened over the last four years, the security posture of the 2020 presidential candidates' campaign websites is little better and often worse than it was in 2016.
An Online Trust Audit, from the Online Trust Alliance (OTA -- part of the Internet Society), examined the visible privacy, website security and consumer protection postures of the current 23 candidates' campaign sites. Only seven candidates achieved the OTA Honor Roll (that is, with no failures in any of the three areas), but none with flying colors. These seven include Donald Trump and Bernie Sanders, but current Democratic frontrunners Elizabeth Warren and Joe Biden both fail.
Interestingly, the OTA forewarned all the candidates about the publication of this audit, giving them seven days to update their sites. Only one candidate site took up this option -- but the update was insufficient to alter its 'fail' result.

Be less vulnerable than your neighbor.
New Report Outlines IoT Security Vulnerabilities
For years, we’ve been hearing about the security vulnerabilities of consumer and small office/home office (SOHO) digital devices. At the same time, security researchers have increased their rate of vulnerability disclosures and bug bounty programs for the Internet of Things (IoT) have proliferated in popularity. And, yet, nothing seems to be getting done when it comes to boosting the security capabilities of commonly used devices such as routers and network attached storage (NAS) devices. That’s the big takeaway lesson from consulting and research firm Independent Security Evaluators (ISE), which has just released a new report (“SOHOpelessly Broken 2.0”), which details the IoT security vulnerabilities found in 13 popular devices.

A security perspective.
In the last 10 months, 140 local governments, police stations and hospitals have been held hostage by ransomware attacks

76 Percent of SMBs Based in United States Have Experienced Cyberattacks in Past 12 Months

Is this technology evil? I’m not so sure sharing video with the police is such a bad idea.
Ring's police partnerships must end, say more than 30 civil rights groups
Ring has more than 500 police partnerships across the US, and a coalition of civil rights groups are calling for local governments to cancel them all. On Tuesday, tech-focused nonprofit Fight For the Future published an open letter to elected officials raising concerns about Ring's police partnerships and its impacts on privacy and surveillance.

What other languages get equal treatment?
Here’s another report that I wish was just fiction. Joe Cadillic writes:
In New England, undercover Federal agents are following people into stores and interrogating them simply because they are speaking a foreign language.
Last month, the American Civil Liberties Union filed a lawsuit claiming that the U.S. Border Patrol is sending undercover agents into stores to interrogate and arrest suspected illegal immigrants because they were speaking Spanish.
Exhibit C of the complaint gives a detailed account of how two Border Patrol agents, James Loomis and Brendan Burns, followed a few alleged illegal immigrants from Vermont into a thrift shop in West Lebanon, New Hampshire.
Read more on MassPrivateI.

Like tariffs, I wonder if this really works?
The United States strikes a blow to China's AI ambitions
The United States just handicapped China's lofty artificial intelligence ambitions.
Washington this week targeted Chinese facial recognition startups SenseTime, Megvii and Yitu over national security concerns and foreign policy interests, aggravating the clash between the two economic superpowers over who will dominate the technologies of the future.
The three tech startups, along with a handful of other Chinese firms like AI-driven surveillance camera maker Hikvision and voice recognition firm iFlyTek, are now banned from buying US products or importing American technology.

(Related) Easily summed up.
Could blacklisting China's AI champions backfire?
Putting the brakes on China's AI champions may serve the US's own national security and foreign policy interest in the short term.
But ultimately, it could spur on the Chinese Communist Party's determination to make its tech industry less dependent on foreign partners, with all the financial and geopolitical consequences that entails.

A breach notification act, but also another nibble at Privacy.
New Cybersecurity and Privacy Law in NY Affects Employers in NY and Beyond
JDSupra – Pillsbury – “The SHIELD Act will impose substantial new obligations on any employer with an employee residing in New York State, as well as on many employers across the country that conduct online hiring.
    • Regardless of their location or size, employers that receive, collect or otherwise possess private information about New York residents must comply with the New York Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”)
    • Even employers with no New York employees may trigger coverage based on information collected through their online hiring processes.
    • Employers with such data must adopt cybersecurity data safeguards that comply with the provisions of the SHIELD Act and are subject to notification requirements in the event of a data breach…”

Unlikely to change under the CCPA.
FBI’s search for information on Americans was in violation of the law, judge says
Though senior FBI officials flagged the issues, and the Justice Department reported the missteps, the violations of what is known as Section 702 of the Foreign Intelligence Surveillance Act highlight ever-present concerns with the FBI’s ability to search such databases without individual warrants for information on Americans.
Court opinions disclosed Tuesday by U.S. intelligence officials also show that, despite concerns raised by the Foreign Intelligence Surveillance Court (FISC), the FBI resisted for nearly a year to change its procedures for tracking its queries for the data of Americans.
In the most noteworthy violation disclosed Tuesday, the FBI in March 2017 conducted queries on databases using more than 70,000 email addresses or phone numbers of FBI employees or contractors. The bureau proceeded with the queries despite the advice of its general counsel, though it did not review the results, according to an October 2018 court opinion.

A tool for my geeks.
Google’s Grasshopper coding class for beginners comes to the desktop
Google today announced that Grasshopper, its tool for teaching novices how to code, is now available on the desktop, too, in the form of a web-based app.
Google also today added two new classes to Grasshopper, in addition to the original “fundamentals” class on basic topics like variables, operators and loops. The new classes are Using a Code Editor and Intro to Webpages, which teaches you more about HTML, CSS and JavaScript.

Can you get a job if you don’t have a social media account?
US job seekers scrub their social media accounts to get success
ZDNet – “Many of us behave differently on social media and at work. But what are Americans hiding from their employers, and how far will they go to protect their professional reputations by securing their social media sites? Pittsburgh, PA-based screening company JDP surveyed 2007 Americans about their social media habits and how job hunting affects these habits. Over four in five (84%) believe that social media activity regularly impacts hiring decisions, and 82% have set up some degree of privacy on their social media profiles. One in four have every social platform set to private, and one in five admit to posting material that could jeopardize a current, or future opportunity. Over two in five (43%) have used privacy settings to avoid employers or co-workers, and 40% have created an alias account. Almost half (46%) have used a search engine to see what can be found online about them, and have modified their social media settings based on the information that they found. The most incriminating material was found on Facebook…”