Something
to quote from…
https://www.pogowasright.org/notable-privacy-and-security-books-2021/
Notable
Privacy and Security Books 2021
Looking
for good books to gift or read over the holidays? Privacy scholar
Dan Solove has compiled a helpful list
of notable books on privacy and security from 2021.
Want
even more recommendations from all years? Professors Paul Schwartz
and Solove maintain a resource page on Nonfiction
Privacy + Security Books.
Is
any update useful without a federal privacy law?
https://www.pogowasright.org/federal-study-acknowledges-failures-in-police-surveillance-oversight/
Federal
Study Acknowledges Failures in Police Surveillance Oversight
For
years researchers have called out the Wiretap Report for being
outdated and incomplete
There
are major flaws in how the federal government monitors police
surveillance of Americans, a new
government report found,
representing the first time the federal court system has acknowledged
its own failure to track things like wiretaps and electronic
surveillance.
A
study, conducted by the Federal
Judicial Center,
the research branch of the judicial branch of the U.S. government,
says the federal court system’s annual Wiretap Report—which
compiles information on local and federal law enforcement
interceptions of people’s communications—is riddled with
inaccuracies. Reporting requirements, the study found, fail to
incorporate new technologies, further leaving the public and
lawmakers in the dark as to how police use devices like stingrays
and
how often they collect things like text messages and cellphone data.
Privacy
and civil liberties advocates have long criticized the system for
overseeing law enforcement surveillance, but never before has the
judicial agency publicly acknowledged its own failings.
Every
year, federal and state judges are required by law to report all the
wiretap orders they approved to the Administrative Office of the U.S.
Courts, and prosecutors are also required to report wiretap orders
they requested. The office uses that data to send Congress the
annual Wiretap Report,
which helps inform decisions about law enforcement, surveillance, and
data privacy issues.
For
at least the last 15 years, legal experts, judges, and lawmakers have
criticized the Wiretap Report for under-reporting the amount of
wiretap orders that are actually issued and for failing to keep up
with modern technology and surveillance techniques.
Albert
Gidari, a retired lawyer who served as the consulting director of
privacy at the Stanford Center for Internet and Society, has long
called out the Wiretap Report’s inaccuracies. He started in 2005
speaking out about the inefficacy of wiretaps at conferences, and
then, in 2010, once companies started releasing transparency reports,
he pointed out their inaccuracies. In 2017, Gidari published a blog
post highlighting
how
the Wiretap Report under-reported law enforcement surveillance. He
found that while the Wiretap Report identified 3,554 phone wiretaps
in 2014, phone carriers that same year reported receiving 10,712
wiretap orders.
Gidari
said that nothing has changed with the Wiretap Report since.
“It’s
not the sexiest issue that faces the country, but it’s still a
really important one, especially in a world where everything is
collected,” Gidari said. “Our very privacy foundations are
really at risk.”
He
said the Judicial Center acknowledging these flaws was essential to
taking steps to fixing the problem.
Between
2019 and 2021, the center conducted a series of focus groups and
surveys split into two groups, one judiciary stakeholders like
prosecutors, and judges, and the other non-judiciary stakeholders
like academics, lawyers, civil rights groups, and congressional
staff.
The
study came after a 2017
letter from Sen. Ron Wyden,
a Democrat from Oregon, directed the Judicial
Conference,
the policy-making body for the federal courts, to implement
transparency reforms for electronic surveillance, including an update
to the Wiretap Report’s methodology.
Wyden
said he plans to introduce legislation that will require similar
reports on other surveillance methods.
“The
wiretap report is a relic from the last century that reports on
surveillance of pagers and fax machines, instead of use of modern
surveillance technology, like malware and stingrays,” Wyden said in
an email to The Markup. “The courts deserve a lot of credit for
taking on the process of updating the wiretap reports, but it is
clear that Congress will also need to pass a new law requiring annual
reports for other forms of surveillance, such as location tracking
and demands for data stored in the cloud.”
While
each focus group in the study had different concerns with the Wiretap
Report, some common key issues surfaced. Both groups called for
updates to the report to reflect surveillance on modern technology
and for better enforcement against inaccuracies.
Outdated
Technologies
The
Wiretap Report became a legally required disclosure in 1968 with the
Omnibus Crime Control and Safe Streets Act. At the time, the only
device that wiretaps were really intended for were landline phones.
But
now wiretaps are mostly conducted on cellphones, and often phone data
is included. Prosecutors and judges in the study said they couldn’t
accurately disclose their surveillance requests because the
“technologies listed on the forms were not up to date,” according
to the study.
While
the Wiretap Report covers surveillance on phone calls, there’s no
transparency on surveillance on phone data, device location,
messaging through texts or messenger apps, or online voice calls.
It
also doesn’t cover new methods of surveillance like geofence
warrant requests or stingray devices that intercept phone data.
“That
type of surveillance is not being entered in a wiretap report, and it
probably couldn’t be under current legal authorities,” Stephen
Wm. Smith, a retired federal magistrate judge and a former director
of Fourth Amendment and Open Courts at Stanford’s Center for
Internet and Society, said. “We need to update our other
surveillance laws to require reporting on the same level as wiretap
reporting.”
Both
Gidari and Smith participated in the study as non-judiciary
stakeholders.
Prosecutors
and judges said because the technologies covered were outdated, there
was confusion over what they needed to report to the Wiretap Report.
They recommended adding new technologies like communications apps and
VoIP
apps
to the report.
“All
participants agreed that the statute (18 U.S.C. § 2519) is out of
date with respect to modern communications technology, and that an
update would resolve at least some of the confusion about what is to
be reported and how,” the study said.
Inaccurate
Reports
All
participants in the study also said that the Wiretap Report was
consistently inaccurate, even when it comes to more traditional
wiretaps, raising further concerns that policymakers would make
decisions based on flawed information.
Prosecutors
and judges blamed a lack of standards for the inaccurate reports,
noting that there is no central template to follow for these
disclosures. For example, participants weren’t sure if there
needed to be a new wiretap issued for each phone number or device
added to an investigation or if only an extension for an existing
wiretap order was necessary, according to the study.
State
prosecutors also said that they lacked training on how to file
reports. And the Administrative Office of the U.S. Courts has no way
of requesting information or penalizing those who don’t adequately
report it.
“There
is no feedback from the Administrative Office concerning errors or
omissions on the submitted forms. Without feedback, there is no
accountability, and the errors and omissions are likely to persist,”
the study said.
Watchdogs
who have scrutinized the Wiretap Report over the years have
repeatedly raised concerns that some jurisdictions simply do not
disclose their wiretaps, even when legally required to do so.
Smith,
for example, found that many major cities had fewer wiretaps reported
than small communities. He also found some of them just didn’t
report at all.
“They
weren’t doing any wiretaps in Dallas? I mean, come on,” he said.
He recommended that the Administrative Office call out the cities
and states that were failing to report each year.
The
study also noted that many participants weren’t aware that the
Administrative Office doesn’t have enforcement capabilities.
“Learning
about the states that absolutely refused to report, that was new to
us,” Gidari said. “It never occurred to me that the AO didn’t
have the ability to pick up the phone and call a recalcitrant
prosecutor and the chief judge of the district and say, ‘You’re
not reporting. This is a law.’”
Because
of this lack of enforcement capabilities, participants in the study
recommend that Congress take action, calling for legislative changes
that would give the Administrative Office enforcement powers or the
ability to impose penalties for failure to report.
“The
more Congress becomes aware of this, the more likely it is that
something will happen,” Smith said.
This
article was originally
published on The Markup and
was republished under the Creative
Commons Attribution-NonCommercial-NoDerivatives license.
I
doubt they will switch to an ‘opt in’ strategy, so what will they
do? Perhaps they will search databases owned by governments?
https://www.theverge.com/2021/12/16/22840179/france-cnil-clearview-ai-facial-recognition-privacy-gdpr
French
regulator tells Clearview AI to delete its facial recognition data
France’s
foremost privacy regulator has ordered Clearview AI to delete all its
data relating to French citizens, as
first reported by TechCrunch.
In
its
announcement,
the French agency CNIL argued that Clearview had violated
the GDPR in
collecting the data and violated various other data access rights in
its processing and storage. As a result, CNIL is calling on
Clearview to purge the data from its systems or face escalating fines
as laid out by European privacy law.
Figuring
out AI.
https://www.quantamagazine.org/what-does-it-mean-for-ai-to-understand-20211216/
What
Does It Mean for AI to Understand?
Remember
IBM’s Watson, the AI Jeopardy!
champion?
A 2010
promotion proclaimed,
“Watson understands natural language with all its ambiguity and
complexity.” However, as we saw when Watson subsequently failed
spectacularly in its quest to “revolutionize
medicine with artificial intelligence,”
a veneer of linguistic facility is not the same as actually
comprehending human language.
Natural
language understanding has
long been a major goal of AI research. At first, researchers tried
to manually program everything a machine would need to make sense of
news stories, fiction or anything else humans might write. This
approach, as Watson showed, was futile — it’s impossible to write
down all the unwritten facts, rules and assumptions required for
understanding text. More recently, a new paradigm has been
established: Instead of building in explicit knowledge, we let
machines learn to understand language on their own, simply by
ingesting vast amounts of written text and learning to predict words.
The result is what researchers call a language model. When based on
large neural networks, like OpenAI’s GPT-3, such models can
generate uncannily humanlike prose
(and
poetry!)
and seemingly perform sophisticated linguistic
reasoning.