Defining
a good hacker: Stealing from the best the government has without
being noticed. Of course this could just be normal everyday
espionage.
https://www.wired.com/story/china-nsa-hacking-tool-epme-hijack/
China
Hijacked an NSA Hacking Tool in 2014—and Used It for Years
The
hackers used the agency’s EpMe exploit to attack Windows devices
years before the Shadow Brokers leaked the agency’s zero-day
arsenal online.
MORE
THAN FOUR years after a mysterious
group of hackers known as the Shadow Brokers began
wantonly leaking
secret NSA hacking tools onto
the internet, the question that debacle raised—whether any
intelligence agency can prevent its "zero-day" stockpile
from falling
into the wrong hands —still
haunts the security community. That wound has now been reopened,
with evidence that Chinese hackers obtained and reused another NSA
hacking tool years before the Shadow Brokers brought it to light.
Something
for my Ethical Hackers?
https://venturebeat.com/2021/02/22/eu-report-warns-that-ai-makes-autonomous-vehicles-highly-vulnerable-to-attack/
EU
report warns that AI makes autonomous vehicles ‘highly vulnerable’
to attack
The
dream of autonomous vehicles is that they can avoid human error and
save lives, but a new European Union Agency for Cybersecurity (ENISA)
report
has
found that autonomous vehicles are “highly vulnerable to a wide
range of attacks” that could be dangerous for passengers,
pedestrians, and people in other vehicles. Attacks considered in the
report include sensor attacks with beams of light, overwhelming
object detection systems, back-end malicious activity, and
adversarial machine learning attacks presented in training data or
the physical world.
I
suspect China has quite a different perspective on privacy.
https://www.huntonprivacyblog.com/2021/02/23/hunton-partner-dora-luo-publishes-china-the-draft-pipl-and-the-gdpr-a-comparative-perspective/
Hunton
Partner Dora Luo Publishes “China: The Draft PIPL and the GDPR –
A Comparative Perspective”
In
the February 2021 issue of the Data
Protection Leader,
Hunton partner Dora Luo discusses China’s draft Personal
Information Protection Law (“Draft PIPL”) (in
Chinese )
in the context of other comprehensive data protection frameworks,
such as the EU General Data Protection Regulation (“GDPR”).
The
article examines the Draft
PIPL in
the context of advanced technologies that have accelerated the
collection of personal information more frequently than before. The
Draft PIPL marks the introduction of a comprehensive system for the
protection of personal information in China, which does not merely
incorporate or replace rules that are already enshrined in other
Chinese laws, but also draws inspiration from the GDPR.
Raises
some interesting questions indeed.
https://www.pogowasright.org/fbi-seized-congressional-cellphone-records-related-to-capitol-attack/
FBI
Seized Congressional Cellphone Records Related to Capitol Attack
Ken
Klippenstein and Eric Lichtblau report:
Within hours of the storming of the
Capitol on January 6, the FBI began securing thousands of phone and
electronic records connected to people at the scene of the rioting —
including some related to members of Congress, raising potentially
thorny legal questions.
Using special emergency powers and other
measures, the FBI has collected reams of private cellphone data and
communications that go beyond the videos that rioters shared widely
on social media, according to two sources with knowledge of the
collection effort.
In the hours and days after the Capitol
riot, the FBI relied in some cases on emergency orders that do not
require court authorization in order to quickly secure actual
communications from people who were identified at the crime scene.
Investigators have also relied on data “dumps” from cellphone
towers in the area to provide a map of who was there, allowing
them to trace call records — but not content — from
the phones.
Read
more on The
Intercept.
Lots
to read.
https://fpf.org/blog/acting-ftc-chairwoman-slaughter-highlights-priorities-in-privacy-papers-for-policymakers-event-keynote/
ACTING
FTC CHAIRWOMAN SLAUGHTER HIGHLIGHTS PRIORITIES IN PRIVACY PAPERS FOR
POLICYMAKERS EVENT KEYNOTE
The
Future of Privacy Forum’s 11th-annual Privacy
Papers for Policymakers event
– the first event in the series to take place virtually – was a
success!
… In
her keynote
address,
which was also her first major speech as acting chair of the Federal
Trade Commission, Acting FTC Chairwoman Slaughter outlined three of
her major privacy-related priorities for the Commission:
1.
Making enforcement more efficient and effective.
2.
Protecting privacy during the pandemic.
3.
Racial equity concerns in data use and abuse.
…
You
can read Acting FTC Chairwoman Slaughter’s full remarks at PPPM
2021 on
the FTC website.
… Click
the links below to read each of the winning papers, or read
the 2021 PPPM Digest to
read summaries of the papers and learn more about the authors and
judges.
This
came quicker than I had thought possible. Still much work to be
done.
https://www.nbcnews.com/tech/social-media/facebook-users-australia-can-again-share-news-links-n1258589
Facebook
users in Australia can again share news links
Facebook said late Monday it will restore the
ability of Australian users to share links to news articles following
a new deal with the local government.
The agreement, which gives Facebook and the
Australian government two
more months to negotiate a long-term agreement, ends a
nearly weeklong period during which Facebook users in Australia could
not access or share news stories on the platform.
Facebook
had restricted
news-sharing in
response to impending legislation that would
have required it to let an independent arbiter determine how much
compensation it had to give to publishers
for linking to their stories. Users could not share links or access
news stories from Australian or global outlets.
The new deal includes amendments that give
Facebook greater control over how it compensates publishers.
(Related) Does this mean war?
https://www.makeuseof.com/microsoft-google-facebook-eu/
Microsoft
Plans to Take Down Google and Facebook in the EU
A proposed
Australian law caused Google and Facebook to flee the country, and
Microsoft wants it to happen in Europe too.
… As
such, the government put forward a new law that would mean Google and
Facebook would have to pay the source website for every time they
displayed a news snippet. Facebook
responded by removing its Australian news coverage in
light of the law.
Google,
however, put up a fight. It argued that its snippets encouraged
people to click on it to read more, thus driving more traffic to the
news website. It also said that such a law would be too expensive to
maintain in the long run.
… When
Microsoft caught wind of this news, it flew in to save Australia from
Google. Not only did it declare that its own search engine, Bing,
was ready to fill the void that Google would leave, but it also fully
supported Australia's news laws.
Granted,
the news law wasn't aimed at Microsoft at all;
but if it were, the company stated it'd abide by them.
However,
Microsoft isn't stopping there. The company has likely realized
that, wherever this law goes, it would bring with it the pressure on
Google to scale down or leave. That's good news for Bing, who
struggles to keep up with the search engine giant's popularity.
As
such, US
News reported
on how Microsoft plans to encourage EU countries to adopt this new
law too.
Perhaps
compliance isn’t as well defined as we thought? More likely, it’s
a case of asking forgiveness rather than asking permission?
https://digiday.com/media/new-york-times-cafemedia-california-privacy-law/
How The New
York Times and CafeMedia have taken divergent approaches to complying
with California’s privacy law
More
than a year after the California Consumer Privacy Act took effect,
publishers and programmatic ad sellers are still split
on how they are required to comply with California’s privacy law.
Some
like The New York Times have taken a strict interpretation, adopting
a conservative approach in complying with the law. Others like ad
management firm CafeMedia have taken a looser interpretation of the
CCPA’s notoriously ambiguous definition of sale and may eventually
find themselves running afoul of regulators.
A
clear statement of the issue. If as Arthur C. Clarke said, “Any
sufficiently advanced technology is indistinguishable from magic,”
then it should be no surprise that politicians (Okay, all
non-techies) are mystified.
https://www.weforum.org/agenda/2021/02/we-need-to-talk-about-artificial-intelligence/
We
need to talk about Artificial Intelligence
While
consensus starts to form around the impact that AI will have on
humankind, civil society, the public and the private sector alike are
increasing their requests for accountability and trust-building.
Ethical considerations such as AI bias (by race, gender, or other
criteria), and algorithmic transparency (clarity on the rules and
methods by which machines make decisions) have already negatively
impacted society through the technologies we use daily.
The
AI integration within industry and society and its impact on human
lives, calls for ethical and legal frameworks that will ensure its
effective governance, progressing AI social opportunities and
mitigating its risks. There is a need for sound mechanisms that will
generate a comprehensive and collectively shared understanding of
AI’s development and deployment cycle. Thus, at its core, this
governance needs to be designed under continuous dialogue utilizing
multi-stakeholder and interdisciplinary methodologies and skills.
Yet,
this dialogue is hampered by the fact that creators
of AI technology have all the information and understanding of the
subject, while policymakers trying to regulate it often have very
little.
On the one hand, there is a limited number of policy experts who
truly understand the full cycle of AI technology. On the other hand,
the technology providers lack clarity, and at times interest, in
shaping AI policy with integrity by implementing ethics in their
technological designs (with, for example, ethically
aligned design ).
Nobody
cared.
https://kjzz.org/content/1660988/whistleblowers-software-bug-keeping-hundreds-inmates-arizona-prisons-beyond-release
Whistleblowers:
Software Bug Keeping Hundreds Of Inmates In Arizona Prisons Beyond
Release Dates
According
to Arizona Department of Corrections whistleblowers, hundreds of
incarcerated people who should be eligible for release are being held
in prison because the inmate management software cannot interpret
current sentencing laws.
KJZZ
is not naming the whistleblowers because they fear retaliation. The
employees said they have been raising the issue internally for more
than a year, but prison administrators have not acted to fix the
software bug. The sources said Chief Information Officer Holly
Greene and Deputy Director Joe Profiri have been aware
of the problem since 2019.
The
Arizona Department of Corrections confirmed there is a problem with
the software.
Sarcastic
or not, an interesting article.
https://www.theatlantic.com/ideas/archive/2021/02/five-trump-amendments-constitution/618097/
The
5 Trump Amendments to the Constitution
When
I step back to look at the legacy of President Donald Trump, a
surprising conclusion emerges: He has substantially altered the
Constitution. His changes aren’t formal, of course. But his
informal amendments are important. If left to stand, they threaten
to make Congress an advisory body and give carte blanche to rogue
presidents.
What
do you bet they’ve been doing it all wrong?
https://www.bespacific.com/a-complete-guide-for-lawyers-texting-clients/
A
Complete Guide for Lawyers Texting Clients
Sharon
Miki – “Undoubtedly, communicating via text is part of daily
life. So if you’re a lawyer who isn’t texting your clients yet,
you could be missing out on a powerful way to reach clients and
streamline your client
communication process.
Lawyer texting could make all the difference in a client-lawyer
relationship,
as it helps you communicate quickly, clearly, and often. When used
correctly and under the right circumstances, business texting for
lawyers means faster, more effective communication—while also
giving clients a better client-centered
experience.
In
the following guide,
we’ll cover the pros and cons of lawyer texting. We’ll also
outline important ethical, security, and compliance best practices
for attorneys to consider before you start texting with clients.
Finally, we’ll highlight some of the top tools that can simplify
and enhance security for lawyers texting clients…”