Saturday, November 21, 2020

Even law firms get attacked. Techies, send this to your legal department. Lawyers, send this to your techies.

https://www.databreaches.net/ransomware-surges-what-law-firms-need-to-know/

Ransomware Surges: What Law Firms Need to Know

Ted Kobus, a partner at BakerHostetler was interviewed this week in a podcast on ransomware. Ted had this to say, among other things:

Ted Kobus: So approximately 25% of the incidents we worked on in 2019 involved ransomware. We love to talk about how 2020 is the year that you fill in the blank. But in reality, 2020 really is the year of ransomware and it’s when it really blew up. We are still crunching the numbers but my guess is approximately 35% to 40% of our matters involve ransomware this year. On top of that, we are likely to work on 1,700 incidents this year, which is a 70% increase over last year, that’s a lot of ransomware. Late last year, we joked on our team about ransomware Thursday because a lot of ransomware matters would come in on Thursdays. Now, we’re seeing one to five new matters every day of the week.

Listen to the whole podcast or read the transcript on Legal Talk Network.





Replacing lawyers with software.

https://www.lawsitesblog.com/2020/11/time-names-two-legaltech-startups-as-among-the-100-best-inventions-of-2020.html

TIME Names Two Legaltech Startups As Among The 100 Best Inventions Of 2020

TIME has named two legal technology startups as among the 100 Best Inventions of 2020: the bankruptcy startup Upsolve and the consumer arbitration platform FairShake.

Regarding Upsolve, the publication cited its free nonprofit tool for helping people avoid the high cost of personal bankruptcy.

Upsolve’s software fixes that, helping users complete the complex legal paperwork so that they can file for bankruptcy without hiring a lawyer,” TIME said.

As to FairShake, TIME said it helps consumers seek restitution after a big company rips them off or mistreats them.

FairShake makes battling the big guys easy, with a free service that automates the process of filing an arbitration claim,” TIME said.



(Ditto)

https://venturebeat.com/2020/11/20/google-proposes-applying-ai-to-patent-application-generation-and-categorization/

Google proposes applying AI to patent application generation and categorization

Google asserts that the patent industry stands to benefit from AI and machine learning models like BERT, a natural language processing algorithm that attained state-of-the-art results when it was released in 2018. In a whitepaper published today, the tech giant outlines a methodology to train a BERT model on over 100 million patent publications from the U.S. and other countries using open-source tooling, which can then be used to determine the novelty of patents and generate classifications to assist with categorization.





Unbiased initial research.

https://www.makeuseof.com/google-unfiltered-search-results/

6 Ways To Get Unfiltered Google Search Results

Google uses the information it collects about you to make your search results more accurate and relevant. But by shaping the content you see to match your perceived interests, it also places you in a “filter bubble." This means you may miss out on useful sites that Google's algorithms deem less suitable for you.



Friday, November 20, 2020

Know where ALL your data resides. You should have an ‘update’ procedure to follow when you go to backups.

https://blocksandfiles.com/2020/11/19/gdpr-right-to-be-forgotten-verification-tool/

Oops! The backup restored GDPR right to be forgotten details

The GDPR directive gives individuals the right to be forgotten and requires EU and UK companies in certain instances to erase all personal data per a customer’s request.

But this is problematic when details are contained inside a non-searchable database backup file. At first sight the individual has been forgotten, but if a backup file is restored the business again has that person’s details in plain view, and so breaks the GDPR rules.





Unconscious consent?

https://www.axios.com/ethics-brain-machine-interfaces-d50b6618-b2b3-4bc1-960a-c27f73be3e63.html

The tricky ethics of neurotechnologies

As the science of brain-computer interfaces (BCI) and other neurotechnologies progresses, researchers are calling for ethical guidelines to be established now — before the technology fully matures.

Why it matters: We’re still far away from technologies that fully access and even read the human brain, but the sheer power of such tools — and the highly personal data they could gather — means society needs to determine what they should do before they actually can do it.

… Many of the ethical issues created by BCI — questions of transparency and fairness — resemble those raised by AI or even social media, only intensified.

  • It’s one thing for tech companies to track what we click on and what we watch, but data generated by the nervous system can be unconscious, which could fatally undermine principles of consent and the privacy.

  • And neurotechnology could go beyond reading the brain to effectively coding it, feeding it data that could influence thoughts and behaviors, which brings into question core concepts around free will.





Artificial teaching?

https://www.brandeis.edu/now/2020/november/artificial-intelligence-classroom-qa.html

Artificial intelligence and the classroom of the future

This is part of a larger vision of future classrooms where human instruction and AI technology interact to improve educational environments and the learning experience.

James Pustejovsky, the TJX Feldberg Professor of Computer Science, is working towards that vision with a team led by the University of Colorado Boulder, as part of the new $20 million National Science Foundation-funded AI Institute for Student-AI Teaming.





Perspective.

https://www.technologyreview.com/2020/11/19/1012165/the-promise-of-the-fourth-industrial-revolution/

The promise of the fourth industrial revolution

New technologies can optimize the way people work. When implemented thoughtfully, such innovations can improve overall business processes. Those changes are accepted as part of progress.

But when a technology changes how and where people live and their relationships to one another and upends economies, it merits the term “revolution.” Because it changes everything.

… To determine how this is taking shape, MIT Technology Review Insights canvassed dozens of organizations that are using the internet of things to do things that weren’t possible before. What follows is a series of the best, most innovative examples. Some of these applications may inspire organization to rethink how they collect, analyze, and act on data—all of them contribute to a better or at least more efficient planet.

Download the full report.



(Related)

https://www.prnewswire.com/news-releases/artificial-intelligence-and-machine-learning-5g-and-iot-will-be-the-most-important-technologies-in-2021-according-to-new-ieee-study-301177050.html

Artificial Intelligence and Machine Learning, 5G and IoT will be the Most Important Technologies in 2021, According to new IEEE Study

IEEE, the world's largest technical professional organization dedicated to advancing technology for humanity, today released the results of a survey of Chief Information Officers (CIOs) and Chief Technology Officers (CTOs) in the U.S., U.K., China, India and Brazil regarding the most important technologies for 2021 overall, the impact of the COVID-19 pandemic on the speed of their technology adoption and the industries expected to be most impacted by technology in the year ahead.

2021 Most Important Technologies and Challenges

Which will be the most important technologies in 2021? Among total respondents, nearly one-third (32%) say AI and machine learning, followed by 5G (20%) and IoT (14%).

Manufacturing (19%), healthcare (18%), financial services (15%) and education (13%) are the industries that most believe will be impacted by technology in 2021, according to CIOs and CTOS surveyed.





For my researchers…

https://thenextweb.com/neural/2020/11/20/tldr-this-ai-summarizes-research-papers-so-you-dont-have-to/

TL;DR: This AI summarizes research papers so you don’t have to

… researchers at the Allen Institute for Artificial Intelligence have developed a new model to summarize text from scientific papers, and present it in a few sentences in the form of TL;DR (Too Long Didn’t Read).

The team has rolled this model out to the Allen Institute’s Semantic Scholar search engine for papers. Currently, you’ll only see these TL;DR summaries on papers related to computer science on search results or the author’s page.

You can try out the AI on the Semantic Scholar search engine. Plus, you can read more about summarizing AI in this paper.





Concerts for shut-ins. The first one tonight!

https://www.bespacific.com/re-hearing-beethoven-festival-at-the-library-of-congress/

Re-Hearing Beethoven Festival at the Library of Congress

The Library of Congress planned to mark Ludwig van Beethoven’s 250th birthday with a series of concerts that offered a fresh look at Beethoven’s nine remarkable symphonies, performed by string quartets, piano duos and the U.S. Marine Band. While the pandemic has moved the concerts online, they can now be enjoyed from the comfort of your couch, with the benefit of extra programming. The series begins with the acclaimed Takács Quartet — featured at a sold-out in-person Kennedy Center concert in December — performing pieces by Beethoven, Schubert and Bartok. Visit the Library’s website for bonus content, including commentary from the musicians, curators and guests, and get a look at Beethoven-related items from the Library’s collection. 8 p.m. Free registration.”



Thursday, November 19, 2020

Be a dipper?

https://www.natlawreview.com/article/ongoing-data-breach-dispute-underscores-emerging-legal-issues-data-privacy

Ongoing Data Breach Dispute Underscores Emerging Legal Issues in Data Privacy Litigation

According to the lawsuits, Wawa’s practice of accepting “swiped” payment cards, as opposed to “dipped” cards with chips, enabled the data breach. Whereas a swipe-only payment processing system enables easier theft, a chipped card uses “industry developed EMV chip technology” that makes fraud “significantly more difficult”. Whenever a chipped card is insert into a payment system, it generates a unique code for each transaction. This unique code makes theft more cumbersome.

At the heart of the credit unions’ claim is an allegation that the PCI DSS should be the standards upon which a merchant’s liability for damages from a data breach should be determined. Under this theory of tort liability, the PCI DSS could displace any other best practices and standards to become the de facto practices for merchants to follow. A link between the PCI DSS and common law tort duties could result in a seismic shift in liability. According to the Verizon 2020 Payment Security Report, only 27.9% of organizations fully comply with the PCI DSS. This is down from a historic high of 55% in 2016.

Wawa allegedly failed to comply with all or some of the requirements. The credit unions alleged that Wawa’s failure to comply resulted in negligence under at least two different theories.





To help my Computer Security students understand…

https://www.natlawreview.com/article/evolution-personal-data-us-law

Evolution of Personal Data in U.S. Law

Early digital age protections of data in the U.S. tending to apply very specific definitions. First, the government began protecting the particular types of data that concerned legislators, regulators, and the general public – financial/banking information, descriptions of health care, and information relating to children. This was the data that people felt was most private and most likely to be abused. It was the data that many people would have been concerned about sharing with strangers.

The definitions around these laws reflected the specificity of their intent.

...The terms defined in this first wave of data breach notice laws were based on lists. Each law listed a set of information categories likely to facilitate the theft of a citizen’s identity.

The CCPA shattered this concept. As the first omnibus privacy act in the U.S., the California Consumer Privacy Act brought European thinking to privacy protection law. Rather than a limited vertical market like finance or health care, or a narrow legal goal like stopping identity theft, the CCPA sought to create new rights that individuals would have to protect data collected about them, and the CCPA sought to impose those rights down on businesses who previously felt that they were owners of the data. The CCPA never defined anything as fundamental or nebulous as “ownership” of the data, but it did offer a new, breathtakingly broad definition of the personal information at the heart of the statute.





Because AI might be the only “I” we get.

https://www.bespacific.com/white-house-issues-guidance-for-federal-agencies-on-ai-applications/

White House issues guidance for federal agencies on AI applications

ZDNet – “US federal agencies have now been issued a guidance by the White House on how to regulate artificial intelligence (AI) applications that are produced in the US. “This memorandum sets out policy considerations that should guide, to the extent permitted by law, regulatory and non-regulatory approaches to AI applications developed and deployed outside of the federal government,” stated Russell Vought, director of the Office of Management and Budget (OMB) in the memo [PDF] for all the heads of executive departments and agencies, including independent regulatory agencies. The OMB guidance comes 21 months after President Donald Trump signed an executive order to fast-track the development and regulation of AI in the US. President Trump at the time touted the executive order would see the launch of the American AI initiative, which would place US resources towards ensuring that AI technology is made locally. According to the guidance, the idea is to ensure that agencies do not introduce regulations and rules that “hamper AI innovation and growth”…”





Maybe, maybe not.

https://thenextweb.com/neural/2020/11/18/neurals-guide-to-the-glorious-future-of-ai-heres-how-machines-become-sentient/

Neural’s guide to the glorious future of AI: Here’s how machines become sentient

The future realization of robot lifeforms is referred to by a plethora of terms – sentience, artificial general intelligence (AGI), living machines, self-aware robots, and so forth – but the one that seems most fitting is “The Singularity.

Rather than debate semantics, we’re going to sweep all those little ways of saying “human-level intelligence or better” together and conflate them to mean: A machine capable of at least human-level reasoning, thought, memory, learning, and self-awareness.

Modern AI researchers and developers tend to gravitate towards the term AGI. Normally, we’d agree because general intelligence is grounded in metrics we can understand – to qualify, an AI would have to be able to do most stuff a human can.

But there’s a razor-thin margin between “as smart as” and “smarter than” when it comes to hypothetical general intelligence and it seems likely a mind powered by super computers, quantum computers, or a vast network of cloud servers would have far greater sentient potential than our mushy organic ones. Thus, we’ll err on the side of superintelligence for the purposes of this article.

Let’s get super scientific here and crank out a listicle with five separate ways AI could gain human-level intelligence and awareness:

  1. Machine consciousness is back-doored via quantum computing

  2. A new calculus creates the Master Algorithm

  3. Scientists develop 1:1 replication of organic neural networks

  4. Cloud consciousness emerges through scattered node optimization

  5. Alien technology

Here’s hoping that, no matter how The Singularity comes about, it ushers in a new age of prosperity for all intelligent beings. But just in case it doesn’t work out so well, we’ve got something that’ll help you prepare for the worst. Check out these articles in Neural’s Beginner’s Guide to the AI Apocalypse series:





Also for researchers?

https://www.bespacific.com/wonder-tools-googles-new-journalist-studio/

Wonder Tools – Google’s New Journalist Studio

Jeremy Kaplan: “Google recently launched Journalist Studio, a toolkit with free reporting and data visualization resources. The tools are easy to use, well-designed and immediately applicable to big reporting projects and small research inquiries. Some of these tools have been around for a while, so part of this launch is just glossy repackaging. Pinpoint is the most valuable part of the toolkit. It provides you with a free digital hub for storing and analyzing massive datasets of documents, emails, audio files, handwritten notes and more. You can store up to 200,000 documents in each collection, and up to 100gb overall. Request more space if you need it…”



Wednesday, November 18, 2020

Security fines like GDPR fines? Fine by me!

https://www.databreaches.net/trudeau-privacy-law-to-level-stiff-fines-for-digital-breaches/

Trudeau Privacy Law to Level Stiff Fines for Digital Breaches

Kait Bolongaro reports:

Prime Minister Justin Trudeau’s government unveiled a remake of Canadian privacy laws to strengthen user rights in the digital world.
Under legislation introduced Tuesday in Ottawa, companies that commit the most serious offenses would be hit with fines worth as much as 5% of revenue or C$25 million ($19 million), whichever is higher. The government said these penalties would be the strongest among the Group of Seven.

Read more on Bloomberg.





How important are good backups? Consider...

https://www.databreaches.net/nc-alamance-skin-center-breach-left-patient-data-totally-unrecoverable/

NC: Alamance Skin Center breach left patient data totally unrecoverable

Alamance Skin Center recently reported a HIPAA breach to HHS as being a “Loss” incident with data in EMR. But previous media coverage provided an even more dire understanding of the incident.

On November 4, Triad Business Journal reported that the medical practice, part of Cone Health, had been the victim of a ransomware attack. The attackers reportedly gained a foothold via a phishing attack. The type of ransomware was not reported.

According to Cone Health, “a thorough forensic investigation concluded that no patient information was taken in the attack. However, patient data at the practice is unrecoverable.”

Alamance notified HHS that 100,000 patients were impacted by the incident.

Alamance’s notification  on their web site follows, in part. It explains that the ransomware attack was in late July, but it was on October 21 that they discovered that data were unrecoverable. They do not mention whether they had any backup or if so, how recent it might be.

Read more on their web site.





Can I scrape the Internet for articles I point to from my blog?

https://slate.com/technology/2020/11/clearview-ai-first-amendment-illinois-lawsuit.html

Clearview AI’s First Amendment Theory Threatens Privacy—and Free Speech, Too

What could be one of the most consequential First Amendment cases of the digital age is pending before a court in Illinois and will likely be argued before the end of the year. The case concerns Clearview AI, the technology company that surreptitiously scraped 3 billion images from the internet to feed a facial recognition app it sold to law enforcement agencies. Now confronting multiple lawsuits based on an Illinois privacy law, the company has retained Floyd Abrams, the prominent First Amendment litigator, to argue that its business activities are constitutionally protected. Landing Abrams was a coup for Clearview, but whether anyone else should be celebrating is less clear. A First Amendment that shielded Clearview and other technology companies from reasonable privacy regulation would be bad for privacy, obviously, but it would be bad for free speech, too.

The people who’ve sued Clearview contend that the company is violating an Illinois privacy law that regulates the collection, use, and dissemination of biometric information. The company argues in defense that its business practices involve the kinds of activities that the First Amendment has been held to protect in the past—collecting publicly available information, analyzing it, and sharing the conclusions of that analysis. In a brief filed in October, it likened its app to a search engine and contended that its judgment about “what information will be most useful to users” is an “editorial” judgment akin to those made by newspapers.



(Related)

https://www.buzzfeednews.com/article/briannasacks/lapd-banned-commercial-facial-recognition-clearview?scrolla=5eb6d68b7fedc32c19ef33b4

Los Angeles Police Just Banned The Use Of Commercial Facial Recognition

The LAPD, the third-largest police department in the United States, issued a moratorium on the use of third-party facial recognition software on Nov. 13, after it was told that documents seen by BuzzFeed News showed more than 25 LAPD employees had performed nearly 475 searches using Clearview AI as of earlier this year. Department officials have made conflicting statements in the past about their use of facial recognition technology, including claims that they deploy it sparingly.





Perspective.

https://www.psychologytoday.com/us/blog/mind-brain-and-value/202011/how-should-we-think-about-the-ethics-artificial-intelligence

How Should We Think about the Ethics of Artificial Intelligence?

Fiona McEvoy on the role of regulation, ethics, and consumer vigilance.

New and emerging tech products are now embedded in almost every industry, so the ethical challenges of technologies like AI aren’t limited to the sector that develops them. They should concern “user industries” too. Fundamentally, it’s this incredible penetration of tech that has given rise to concerns about ethics and societal consequences.





More ‘virtual tours’ for the self-isolating.

https://www.makeuseof.com/visit-cultural-sites-search-google/

Google Now Lets You Virtually Visit 100 Cultural Sites in Search

The company announced on The Keyword that it is adding a new feature coming to search that makes it so you can virtually explore over 100 important cultural sites worldwide without hopping on a plane.

To get access to this feature, you must search in English for information about one of the supported locations. While browsing the wealth of information offered by Google, you can click on the "About" section to see a link to the virtual tour.

Google announced that it has more than 100 cultural locations you can visit through Search. Unfortunately, the company didn't release a full list of places, so you'll have to do some experimenting to see if the places you're curious about are supported.

The company's blog post did announce and link to some locations you can visit, though. For example, you can get tours of the Palace of Versailles in France, the Palace Museum in China, Sicily's Valley of the Temples, Mount Haguro in Japan, the Smithsonian National Museum of the American Indian in the US, and Brazil's Museu Nacional de Belas Artes.



(Related) If you need a reason to stay home...

https://thenextweb.com/plugged/2020/11/18/google-maps-will-now-display-number-of-covid-19-cases-in-an-area/

Google Maps will now display number of COVID-19 cases in an area

Google Maps is rolling out new information related to COVID-19 in a particular area. The app will now display the total number of cases and deaths till now and a 7-day trend indicating if the numbers are going up or down. Plus, you’ll also get to access local guidelines, restrictions, and information related to testing centers.

rolling out to Android and iOS Maps users globally in the coming weeks.



Tuesday, November 17, 2020

Legal” and “Ethical” are not the same thing. I wonder what was going on when they did this?

How the NYPD obtains people’s personal data with no oversight

Craig McCarthy reports:

The NYPD has used tens of thousands of questionable subpoenas over the last decade to intimidate private companies into handing over the personal information of cops and civilians alike — all with no oversight from the city or the courts, The Post has found.
While the vast majority of subpoenas in New York State — and across the country — require the signature of a judge or the blessing of a grand jury, the New York City Council empowered the department nearly a century ago to issue such commands to force unwilling cops to produce internal records or appear at disciplinary hearings.

Read more on NY Post.





How” may be less interesting than “Why.”

How the U.S. Military Buys Location Data from Ordinary Apps

Joseph Cox reports:

The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed connected to this sort of data sale is a Muslim prayer and Quran app that has more than 98 million downloads worldwide. Others include a Muslim dating app, a popular Craigslist app, an app for following storms, and a “level” app that can be used to help, for example, install shelves in a bedroom.

Read more on Vice.





Looks like I missed this in September.

https://www.insideprivacy.com/data-privacy/the-spanish-supervisory-authority-approves-a-gdpr-code-of-conduct-on-advertising/

The Spanish Supervisory Authority Approves a GDPR Code of Conduct on Advertising

On September 16, 2020, the Spanish Supervisory Authority (“AEPD”) approved a “Code of Conduct for Data Processing in Advertising (“Code”) (see the decision approving the code here ). This is the first GDPR approved Code of Conduct with an accredited monitoring body in the European Union. The Code enters into effect on November 17, 2020, two months after its approval.





Difficult question to answer: What don’t you know?

https://phys.org/news/2020-11-extremely-aggressive-internet-censorship-world.html

'Extremely aggressive' internet censorship spreads in the world's democracies

A University of Michigan team used Censored Planet, an automated censorship tracking system launched in 2018 by assistant professor of electrical engineering and computer science Roya Ensafi, to collect more than 21 billion measurements over 20 months in 221 countries. They will present the findings Nov. 10 at the 2020 ACM Conference on Computer and Communications Security.

Ensafi's team found that censorship is increasing in 103 of the countries studied, including unexpected places like Norway, Japan, Italy, India, Israel and Poland—countries which the paper notes are rated as some of the freest in the world by advocacy group Freedom House. They were among nine countries where Censored Planet found significant, previously undetected censorship events between August of 2018 and April of 2020. Previously undetected events were also identified in Cameroon, Ecuador and Sudan.





Teaching about AI.

https://www.edsurge.com/research/guides/ai-is-for-everyone-everywhere

AI is for Everyone, Everywhere

this guide serves as a toolkit for K-12 teachers who are preparing the next generation of AI users and developers. Featuring in-depth interviews with practitioners, infographics and project guidelines for classroom teachers, as well as a webinar on the importance of AI in education, it aims to provide schools with straightforward and practical ways to integrate computational thinking across their curricula. Moreover, it is an invitation for teachers of all subjects and students of any age, ability or background to take part in AI explorations.





A tool for learning or for evidence gathering?

https://www.bespacific.com/free-software-to-create-full-copies-of-sites-to-archive/

Free software to create full copies of sites to archive

HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility. It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site’s relative link-structure. Simply open a page of the “mirrored” website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system. WinHTTrack is the Windows (from Windows 2000 to Windows 10 and above) release of HTTrack, and WebHTTrack the Linux/Unix/BSD release. See the download page.…” [Presidential transitions are a time when government sites go offline, data and information is removed and lost. It may be helpful to make copies of sites that you need to archive.]





For my favorite English teachers…

https://dilbert.com/strip/2020-11-17