Saturday, June 18, 2022

Interesting that some crime still depends on ‘gangs’ at some point in the cycle. Should we call this “e-Fencing?”

https://www.cnbc.com/2022/06/17/the-fight-against-stolen-products-on-amazon-and-facebook-marketplace.html

Stolen goods sold on Amazon, eBay and Facebook are causing havoc for major retailers

Over the past year, large-scale robberies have swept through stores like Louis Vuitton in San Francisco’s Union Square and a nearby Nordstrom, which was robbed by 80 people.

Law enforcement and retailers have warned the public that this isn’t traditional shoplifting. Rather, what they’re seeing is theft organized by criminal networks.

And there’s a reason it’s on the rise.

What fuels this as an enterprise is the ease of reselling stolen merchandise on online marketplaces,” said Illinois Attorney General Kwame Raoul, who convened a national task force of state attorneys to make it easier to investigate across state lines. “It’s no longer the age where it’s done at flea markets or in the alley or in parking lots.”





Ethics, from as many perspectives as I can find.

https://www.bowdoin.edu/news/2022/06/bowdoin-selected-for-national-initiative-on-ai-ethics.html

Bowdoin Selected for National Initiative on AI Ethics

Sponsored by Google and the National Humanities Center (NHC), the Responsible Artificial Intelligence Curriculum Design Project grew out of mounting concern among academics over the extent to which AI permeates many aspects of our lives and the ethical questions raised by the implications of this. Representatives from fifteen universities and colleges, including Bowdoin, will partner with the NHC to develop undergraduate courses to examine the issue from a number of different angles.

One example of this kind of work that’s already underway is the Computing Ethics Narratives, another national initiative involving Bowdoin faculty aimed at integrating ethics into undergraduate computer science curricula at American colleges and universities.





Tools & Techniques.

https://www.makeuseof.com/free-excel-training-sites-and-courses/

5 Free Excel Training Sites and Courses to Become a Spreadsheet Master



Friday, June 17, 2022

This is a debate we will have at some point in time, why not now? Are we ready to deal with a sentient AI? What rights are we prepared to grant such an AI?

https://www.npr.org/2022/06/16/1105552435/google-ai-sentient

The Google engineer who sees company's AI as 'sentient' thinks a chatbot has a soul

LaMDA told Lemoine it sometimes gets lonely. It is afraid of being turned off. It spoke eloquently about "feeling trapped" and "having no means of getting out of those circumstances."

It also declared: "I am aware of my existence. I desire to learn more about the world, and I feel happy or sad at times."



(Related)

https://bigthink.com/the-future/google-sentient-ai/

Google has not created sentient AI — yet

A few months ago, I wrote a piece for Big Think about an alien intelligence that will arrive on planet earth in the next 40 years. I was referring to the world’s first sentient AI that matches or exceeds human intelligence. No, it will not come from a faraway planet — it will be born in a research lab at a prestigious university or major corporation. Many will hail its creation as one of the greatest achievements in human history, but we will eventually realize that a rival intelligence is no less dangerous when created here on Earth rather than a distant star system.



(Related)

https://finance.yahoo.com/news/engadget-podcast-google-ai-sentient-consciousness-blake-lemoine-timnit-gebru-ethics-transparency-123020559.html

Engadget Podcast: Google's AI isn't sentient but we must examine the ethics





Elite company.

https://www.pogowasright.org/changing-landscape-of-state-privacy-laws/

Changing Landscape of State Privacy Laws

Davis Wright Tremaine LLP writes:

State-level momentum to enact data privacy laws is at an all-time high as the internet and new technologies continue to raise privacy questions. Family businesses of all sizes rely on technology and may be regulated by state data privacy laws. Below, we provide a brief overview of the comprehensive privacy laws across the United States. These laws focus on comprehensive approaches to governing the collection and use of personal data. Industry-specific or narrowly scoped legislations are not included. We also briefly discuss the status of proposed privacy legislation in Oregon and Washington.
Five states—California, Virginia, Colorado, Utah, and Connecticut—have enacted comprehensive data privacy laws.

Read more at JDSupra.



(Related)

https://thenextweb.com/news/rise-of-cpo-why-is-this-role-more-important-than-ever

The rise of the CPO: Why this role is more important than ever

As businesses navigate the increasing demands of digital transformation and product-led growth, the role of the CPO — as a facilitator of this transition — is more important than ever.

Speaking at TNW Conference 2022, Renee Niemi, CPO at non-profit organization Products that Count, provided valuable insights on how CPOs are shaping the future of business.





Not yet a ‘global’ navy, but large enough to cover the South China Sea?

https://apnews.com/article/beijing-china-shanghai-government-and-politics-6ce51d1901b3a5658cc9ef7e62b65000

China launches high-tech aircraft carrier in naval milestone

Beijing launched a new-generation aircraft carrier Friday, the first such ship to be both designed and built in China, in a milestone as it seeks to extend the range and power of its navy.

… the Type 003 ship’s capabilities are thought to rival those of Western carriers, as Beijing seeks to turn its navy, already the world’s largest, into a multi-carrier force.





Perspective.

https://www.bespacific.com/private-data-public-regulation/

Private Data/Public Regulation

Friedman, Barry, Private Data/Public Regulation (May 13, 2022). NSTL 2105 Hoover (2021), NYU School of Law, Public Law Research Paper Forthcoming, Available at SSRN: https://ssrn.com/abstract=4117794

“This article argues that, as a matter of constitutional law, government agencies that engage in policing cannot collect digital data, particularly about individuals for whom there is no suspicion of wrongdoing, without a sufficient regulatory scheme in place. A sufficient regulatory scheme justifies collection, achieves a public end, and has adequate protections for individual rights. Unauthorized and unregulated bulk digital collection of surveillance data simply may not occur.”



Thursday, June 16, 2022

This is not elite hackers, this is the “B” team that is simply repeating hacks that organizations know about but haven’t bothered to fix yet.

https://www.cpomagazine.com/cyber-security/chinese-hackers-able-to-directly-exploit-major-telcos-via-routers-and-networking-equipment-largely-using-published-vulnerabilities/

Chinese Hackers Able to Directly Exploit Major Telcos via Routers and Networking Equipment, Largely Using Published Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has published an alarming warning indicating that state-backed Chinese hackers have deep penetration into “major” US telcos, and are getting in by compromising an assortment of networking equipment and routers.

The report declined to name specific impacted telcos, but did indicate that this is not a case of zero-day exploits or even any sort of advanced tradecraft; the Chinese hackers appear to be using published exploits on various types of equipment that have simply not been patched or remediated.



(Related) You will pay for poor security one way or another...

https://www.cpomagazine.com/cyber-security/your-digital-forensics-and-incident-response-capabilities-or-lack-thereof-may-be-weighing-on-your-cyber-insurance-premiums/

Your Digital Forensics and Incident Response Capabilities — Or Lack Thereof — May Be Weighing on Your Cyber Insurance Premiums

Enterprises have never been more at risk of suffering cyber attacks and when they do, the damages have never been higher. According to cyber insurance provider Coalition, claims have skyrocketed for enterprises in multiple sectors, including IT at 46 percent, materials at 99 percent and industrials at 263 percent. The average ransom demand made to its policyholders, meanwhile, increased by almost 170 percent to $1.2 million in the first half of 2021.

With their policyholders under great threat, cyber insurers are at equal risk of having to provide them with significant payouts to cover damages linked to cyber incidents. They’ve mitigated this risk by raising the price of cover. In the U.S., cyber insurers raised their pricing by 130 percent in the fourth quarter of 2021 alone, according to insurance provider Marsh. They’ve also demanded that their policyholders do more on cybersecurity to even qualify for coverage. For enterprises looking to increase their cyber resilience to qualify for coverage or to lower their premiums, the answer may lie in digital forensics and incident response.





With access to the Internet, anyone can be a spy.

https://www.newsweek.com/ukraine-artificial-intelligence-catch-people-sabotaging-war-effort-1716251

Ukraine Using Artificial Intelligence to Catch People Sabotaging War Effort

Yenin said that sabotage groups can vary in profile and number because they can be created to carry out different tasks. Closer to the start of Russia's invasion, for example, Ukraine pinpointed five to 10 people who were tasked with committing "terrorist acts" and sabotage, including in the center of the capital, Kyiv.

Since then, most of the saboteurs have focused on tasks like trying to share the location of armed groups and recording the effectiveness of shelling via missiles or artillery, the report said.



(Related) Think of it as a wholesale wiretap…

https://www.wired.com/story/ukraine-russia-internet-takeover/

Russia Is Taking Over Ukraine’s Internet

In occupied Ukraine, people’s internet is being routed to Russia—and subjected to its powerful censorship and surveillance machine.





Implications for security. Tools for disinformation. Imagine an industry that manufactures “evidence” on demand!

https://www.theverge.com/2022/6/15/23169012/voicemod-morgan-freeman-ai-voice-astronauts-pilots

Voicemod uses AI to transform your voice into Morgan Freeman, astronauts, and more

Voicemod, a popular real-time voice changer, is starting to use artificial intelligence to transform your voice into Morgan Freeman and other characters. A new Voicemod AI Voices beta is launching today, offering up eight options to transform your voice into fantasy characters, pilots, astronauts, and the actor Morgan Freeman.

Voicemod has been transforming voices for years thanks to classic sound design techniques, but these new voice effects combine AI, too. The “Morgan” voice, as Voicemod calls it, is particularly impressive, allowing you to pretend to be the famous movie star or simply a polished voice actor.



(Related) Anyone with sufficient voice recordings can have a bot that sounds just like them.

https://www.gawker.com/politics/an-exclusive-interview-with-ruth-bader-ginsburgs-chat-bot

AN EXCLUSIVE INTERVIEW WITH RUTH BADER GINSBURG’S CHAT BOT



(Related)

https://www.bespacific.com/deepfakes-on-trial-a-call-to-expand-the-trial-judges-gatekeeping-role-2/

Deepfakes on Trial: a Call to Expand the Trial Judge’s Gatekeeping Role to Protect Legal Proceedings from Technological Fakery

Delfino, Rebecca, Deepfakes on Trial: a Call to Expand the Trial Judge’s Gatekeeping Role to Protect Legal Proceedings from Technological Fakery (February 10, 2022). Loyola Law School, Los Angeles Legal Studies Research Paper No. 2022-02, Available at SSRN: https://ssrn.com/abstract=4032094 or http://dx.doi.org/10.2139/ssrn.4032094

Picture this: You are arrested and accused of a serious crime, like carjacking, assault with a deadly weapon, or child abuse. The only evidence against you is a cellphone video showing the act of violence. To the naked eye, the perpetrator on the video is you. But you are innocent. The video is a “deepfake” – an audiovisual recording created using readily available Artificial Intelligence technology that allows anyone with a smartphone to believably map one person’s movements and words onto another person’s face. How will you prove the video is deepfake in court? And, who—the judge or the jury–gets to decide if it’s fake? The law does not provide clear answers. But this much is certain–deepfake evidence is an emerging threat to our justice system’s truth-seeking function. Deepfakes will invade court proceedings from several directions—parties may fabricate evidence to win a civil action, governmental actors may rely on deepfakes to secure criminal convictions, or lawyers may purposely exploit juror bias and skepticism about what is real. Currently, no evidentiary procedure explicitly governs the presentation of deepfake evidence in court. The existing legal standards governing the authentication of evidence are inadequate because the rules were developed before the advent of deepfake technology. As a result, they do not solve the urgent problems of–how to show a video is fake and how to show it isn’t. In addition, although in the last several years, legal scholarship and the popular news media have addressed certain facets of deepfakes, there has been no commentary on the procedural aspects of deepfake evidence in court. Absent from the discussion is who gets to decide whether a deepfake is authentic. This article addresses the matters that prior academic scholarship about deepfakes obscures. It is the first to propose a new rule of evidence reflecting a unique reallocation of the fact-determining responsibilities between the jury and the judge, treating the question of deepfake authenticity as one for the court to decide as part of an expanded gatekeeping function under the rules of evidence. Confronting deepfakes evidence in legal proceedings demands that courts and lawyers use imagination and creativity to navigate pitfalls of proof and manage a jury’s doubts and distrust about what is real. Your freedom may depend on how we meet these challenges.”



(Related) Perhaps a start?

https://www.cnet.com/news/politics/eu-strengthens-disinformation-rules-to-target-deepfakes-bots-fake-accounts/

EU Strengthens Disinformation Rules to Target Deepfakes, Bots, Fake Accounts

An overhauled set of rules designed to stem the flow of disinformation were released Thursday by the European Commission. The EU's strengthened Code of Practice on Disinformation will hold signatories to the code, which include tech giants Meta, Google, TikTok and Twitter, liable for failing to take action by fining them up to 6% of their global revenue.





How Colorado does facial recognition.

https://www.pogowasright.org/colorado-law-restricts-use-of-facial-recognition-technology-by-government-agencies/

Colorado Law Restricts Use of Facial Recognition Technology by Government Agencies

Linn Foster Freedman of Robinson + Cole writes:

Ramping up the state’s continued focus on data privacy, on June 8, 2022, Colorado Governor Jared Polis signed legislation aimed at limiting the use of facial recognition technology by government agencies and state institutions of higher education.
The new law, SB 113, requires an agency, defined as “an agency of the state government or of a local government; or a state institution of higher education,” that intends to “develop, procure, use or continue to use facial recognition service” to provide notice of intent to use those services with its “reporting authority” prior to using the technology.
The notice must provide details of the vendor to be used, the capabilities and limitations on the use of the facial recognition technology, the type of data collected by the technology, how data will be collected and processed, the purpose of the use, and the benefits of the proposed use of the technology.

Read more at Data Privacy + Cybersecurity Insider.





Anyone can easily obtain the tools.

https://www.bespacific.com/genetic-paparazzi-are-right-around-the-corner-and-courts-arent-ready-to-confront-the-legal-quagmire-of-dna-theft/

Genetic paparazzi are right around the corner, and courts aren’t ready to confront the legal quagmire of DNA theft

Via LLRX Genetic paparazzi are right around the corner, and courts aren’t ready to confront the legal quagmire of DNA theft Liza Vertinsky and Yaniv Heled, are law professors who study how emerging technologies like genetic sequencing are regulated. They believe that growing public interest in genetics has increased the likelihood that genetic paparazzi with DNA collection kits may soon become as ubiquitous as ones with cameras. While courts have for the most part managed to evade dealing with the complexities of surreptitious DNA collection and testing of public figures, they won’t be able to avoid dealing with it for much longer. And when they do, they are going to run squarely into the limitations of existing legal frameworks when it comes to genetics.





Tools & Techniques

https://www.freetech4teachers.com/2022/06/a-new-way-to-find-registration-free.html

A New Way to Find Registration-free Tools

No-Signup Tools is a new site that features exactly what its name implies, web tools that you can use for free without having to sign-up for an account. You can browse through No-Signup Tools alphabetically, by ranking, or by category. Browsing the categories is probably the best way to use No-Signup Tools.

The No-Signup Tools categories of interest to readers of this blog will probably be teaching, writing, and productivity. It was in those categories that I found helpful tools like Math Homework Generator, Egg Timer, and saw an old favorite called Hemingway App.

Web tools that don't require registration or other personal information ... can be great for those of us who just don't want to give our email addresses to yet another website.

No-Signup Tools is good, but it isn't specific to education. For a similar resource that was specifically created with teachers and students in mind, take a look at Nathan Hall's list of No Registration Needed Tools.



Wednesday, June 15, 2022

I doubt Israel will allow this technology out of their “control.” Still, the US would love to control access to the software…

https://www.theguardian.com/world/2022/jun/14/nso-group-pegasus-us-l3harris

US defence contractor in talks to take over NSO Group’s hacking technology

Deal – which would require approval from US and Israel – would give L3Harris control over controversial Pegasus tool

The US defence contractor L3Harris is in talks to take over NSO Group’s surveillance technology, in a possible deal that would give an American company control over one of the world’s most sophisticated and controversial hacking tools.

Multiple sources confirmed that discussions were centred on a sale of the Israeli company’s core technology – or code – as well as a possible transfer of NSO personnel to L3Harris. But any agreement still faces significant hurdles, including requiring the blessing of the US and Israeli governments, which have not yet given the green light to a deal.

In a statement, a senior White House official said: “Such a transaction, if it were to take place, raises serious counterintelligence and security concerns for the US government.”

If agreed, the deal would mark an astounding turnaround for NSO, less than a year after the Biden administration placed the company on a US blacklist and accused it of acting “contrary to the foreign policy and national security interests of the US”.

NSO’s government clients are known to have used the surveillance technology to target journalists, human rights activists, senior government officials in US-allied countries, and lawyers around the world.

The Guardian and other media outlets have also detailed how NSO’s surveillance technology, Pegasus, has been used by the company’s government clients to target American citizens, including Carine Kanimba, daughter of the Rwandan dissident Paul Rusesabagina, as well as journalists, activists and US state department officials working abroad.

One person familiar with the talks said that if a deal were agreed, it would probably involve selling NSO’s capabilities to a drastically curtailed customer base that would include the US government, the UK, Australia, New Zealand and Canada – which comprise the “five eyes” intelligence alliance – as well as some Nato allies.

The person also said that the deal faced several unresolved issues, including whether the technology would be housed in Israel or the US and whether Israel would be allowed to continue to use the technology as a customer.





Do you think the non-government purchasers are using the same data for purposes we would approve of?

https://www.bespacific.com/how-the-federal-government-buys-our-cell-phone-location/

How the Federal Government Buys Our Cell Phone Location

EFF: “Over the past few years, data brokers and federal military, intelligence, and law enforcement agencies have formed a vast, secretive partnership to surveil the movements of millions of people. Many of the mobile apps on our cell phones track our movements with great precision and frequency. Data brokers harvest our location data from the app developers, and then sell it to these agencies. Once in government hands, the data is used by the military to spy on people overseas, by ICE to monitor people in and around the U.S., and by criminal investigators like the FBI and Secret Service. This post will draw on recent research and reporting to explain how this surveillance partnership works, why is it alarming, and what can we do about it…”



(Related)

https://gizmodo.com/amazon-ring-camera-audio-recording-sen-ed-markey-survei-1849060626

Senator Presses Amazon to Disclose Just How Creepy Ring Cameras Can Be

Sen. Ed Markey on Tuesday said that his office plans to push forward with an already yearslong investigation into “harmful surveillance practices” and “invasive data collection” facilitated by Amazon’s flagship home security product, Ring.

In a letter to Amazon CEO Andrew Jassey—the handpicked replacement of ex-CEO Jeff Bezos, who transitioned to executive chairman last summer—Markey is pushing Amazon to disclose its own internal research into the range and capabilities of the microphones included in Ring cameras and doorbells. Markey (D-Mass.) wrote that while steps taken by the company in response to past concerns were worthy of acknowledgement, he remained troubled by reports that Ring’s products were capturing “vast amounts of audio recordings” in both public and private settings, playing a part in “blackmail, stalking, and other damaging practices.”

… These concerns are heightened, Markey said, due to Amazon’s ongoing efforts to recruit police departments into a program designed to grant them access to its footage. Roughly 10 percent of U.S. law enforcement agencies—more than 2,100 departments in total—have signed agreements with Amazon. Officers enrolled in the program are granted access to a police-specific platform, enabling them to solicit footage directly from more than 10 million users on a voluntary basis.



Tuesday, June 14, 2022

A number of new questions. Will there be as many drones as Amazon delivery trucks or as many as the packages in the trucks. If the drone gets hacked mistakenly drops the package in my yard, can I keep it?

https://www.cnet.com/tech/computing/amazon-set-to-launch-drone-delivery-in-california/

Amazon Set to Launch Drone Delivery in California

Amazon said Monday that it's launching a fleet of delivery drones. The retail giant will test its new Amazon Prime Air delivery system in Lockeford, California, the company said.

Amazon worked with the Federal Aviation Administration and local officials in Lockeford, a small town south of Sacramento, to gain permission for the drones to take flight.

Once the system launches, customers in Lockeford will be able to order products through Amazon Prime Air and wait for the drone to arrive. It will fly to its destination, descend to the customer's backyard and drop the package from a safe height, before zooming away.





Once upon a time government research lead to civilian products. Clearly that has flipped.

https://www.csoonline.com/article/3663688/congressional-hearings-focus-on-ai-machine-learning-challenges-in-cybersecurity.html

Congressional hearings focus on AI, machine learning challenges in cybersecurity

Talent shortages and ensuring that AI and machine learning systems are trustworthy are among the biggest concerns explained to the U.S. Congress.

Congressional hearings on artificial intelligence and machine learning in cyberspace quietly took place in the U.S. Senate Armed Forces Committee’s Subcommittee on Cyber in early May 2022. The committee discussed the topic with representatives from Google, Microsoft and the Center for Security and Emerging Technology at Georgetown University. While work has begun in earnest within industry and government, it is clear that much still needs to be done.

The hearing chair, Senator Joe Manchin (D-WV), articulated the importance of AI and machine learning to the armed forces of the United States. Additionally, the committee highlighted the “shortfall of technically trained cybersecurity personnel across the country in government and industry alike.” This perspective aligns with the Solarium Commission report, which was subsequently released in early-June 2022.

Eric Horvitz, Microsoft’s chief scientific officer, shared information from the company’s October 2021 Digital Defense Report and highlighted its efforts to engage in accordance with President Biden’s Improving the Nation’s Cybersecurity executive order, EO 14028.



(Related) And the civilian side isn’t uniformly excellent either.

https://www.cpomagazine.com/cyber-security/moodys-report-cybersecurity-investment-up-but-preparedness-remains-inconsistent/

Moody’s Report: Cybersecurity Investment Up, But Preparedness Remains Inconsistent

A recent research report from Moody’s Investors Service observes that organizations tend to have upped their cybersecurity investments across the board, but that the additional spending is not necessarily leading to better outcomes or more thorough defensive perimeters.

Organizations are almost universally onboarding basic cybersecurity defenses and over half now hold cyber insurance, but spending on “advanced” and “robust” defensive solutions continues to lag. 93% of organizations now have a dedicated cybersecurity manager in place, but the frequency and depth of their interaction varies greatly between companies.





It’s like a casual glance held rigidly for months… It’s like a traffic camera that happens to point at your house. It’s like the neighbor’s door camera looking across the street.

https://www.courthousenews.com/can-police-secretly-spy-on-your-home-without-a-warrant-the-first-circuit-doesnt-know/

Can police secretly spy on your home without a warrant? The First Circuit doesn’t know

Despite three years’ deliberation on the issue, the First Circuit failed to decide whether police may install a secret video camera outside someone’s home and record everything that happens there for eight months without a warrant.

The en banc court split 3-3 in a 129-page ruling, leaving the issue completely up in the air.

Judges Sandra Lynch, Jeffrey Howard and Gustavo Gelpí saw no reason why police need a warrant to record what anyone walking by a home can see.

But Judges David Barron, O. Rogeriee Thompson and William Kayatta — all Obama appointees — argued that even if a casual observer walking by could see or even videotape what was happening outside the home, this case was different.

We have not yet encountered,” they said, “the casual, accidental observer … who could take in all that occurs in a home’s curtilage over the course of eight months and recall it perfectly and at a moment’s notice.”

As for future cases, the result is unclear. There’s a good chance the Supreme Court will take the opportunity to decide the issue, given the First Circuit’s inability to reach a result and the fact that other courts have divided over it, with the Seventh Circuit allowing such a pole camera despite the Supreme Court’s recent ruling and the Colorado Supreme Court holding otherwise.





Think of it as a self driving car bent on causing collisions, not avoiding them.

https://www.scmp.com/news/china/science/article/3181546/china-develops-ai-can-use-deception-hunt-satellites

China develops AI that ‘can use deception to hunt satellites’

The team ran thousands of simulated space battles in which the hunters developed the ability to ‘trick’ their target

Researchers believe there will be no role for humans in this type of conflict, with AI being used to power both hunter and prey

A research team in China said that an anti-satellite artificial intelligence system has mastered the art of deception in a simulated space battle.

In the experiment, the AI commanded three small satellites to approach and capture a high-value target, repeating the exercise thousands of times.

Eventually the targeted satellite learned to detect the incoming threat and fired up powerful thrusters to evade the pursuit.

But it was then lured into a trap after the AI ordered the three hunters to veer off their original trajectory, as if giving up the pursuit.

One of the hunting satellites then suddenly changed course and deployed a capturing device from a distance of less than 10 metres (33 feet).

[Don’t miss this article on space junk: https://multimedia.scmp.com/news/world/article/2177933/space-debris/?src=article-launcher



Monday, June 13, 2022

Wow! What a surprise!

https://www.pogowasright.org/mandatory-student-spyware-is-creating-a-perfect-storm-of-human-rights-abuses/

Mandatory Student Spyware Is Creating a Perfect Storm of Human Rights Abuses

Daly Barnett of EFF writes:

Spyware apps were foisted on students at the height of the Covid-19 lockdowns. Today, long after most students have returned to in-person learning, those apps are still proliferating, and enabling an ever-expanding range of human rights abuses. In a recent Center for Democracy and Technology report, 81 percent of teachers said their schools use some form of this “student monitoring” spyware. Yet many of the spyware companies supplying these apps seem neither prepared nor concerned about the harms they are inflicting on students.

These student spyware apps promise scalable surveillance-as-a-service. The lure of “scalability” is a well-documented source of risk to marginalized users, whose needs for individualized consideration are overshadowed by the prospect of building mass-scale, one-size-fits-all “solutions” to social problems. The problems of scale are dangerously exacerbated by laws that disparately impact marginalized communities.

Today, Americans face an unprecedented, record-breaking wave of legislation targeting transgender youth: from sports bans, to speech and literature bans, to the criminalization of life-saving healthcare, all on top of the widespread practices of locker-room- and bathroom-bans.

And it’s not just trans kids in the crosshairs: Roe v. Wade, the Supreme Court precedent that protects the right to have an abortion, is likely about to be overturned.

That means that students who use their devices to research trans healthcare or abortion related material could find those devices weaponized against them, potentially resulting in criminal charges. If prosecutors consider charges against students, the data gathered by mandatory student spyware apps like Bark, Gaggle, GoGuardian, and Securly will prove invaluable.

Another recent report, this one from Senator Warren’s office, concluded that student spyware apps are more dangerous than previously imagined. Their use in schools has disproportionately targeted students from marginalized communities and needlessly increased their contact with law enforcement.

Bark, one of the spyware companies singled out by the report’s authors, replied by insisting that they develop their machine learning mechanisms informed by data ethics checklists. But these checklists are ineffective, as demonstrated by the ongoing, mounting harms caused by student spyware, such as outing LGBTQ+ students.

Securly’s own example spreadsheet of content filtering categories includes “Health” sites (like WebMD), which are flagged as “needs supervision,” and “Adult” sites, which are fully blocked. While blocking “adult” content in schools may sound reasonable, this category needs to be understood in context: the machine learning algorithms that filter content routinely misclassify any LGBTQ+ content as “Adult” content. Gaggle blocks access to any LGBTQ+ content. GoGuardian blocks access to reproductive health materials.

The recklessness of flagging WebMD and huge quantities of LGBTQ+ material gives us a sense of the lack of care taken by many student spyware vendors. If visits to WebMD are flagged for adult review, and there are already examples of these apps outing LGBTQ+ students, it isn’t difficult to see the harms that will occur as more anti-trans laws pass and the legal right to abortion is overturned.

Apps like Bark and Gaggle could be compelled by law enforcement into gathering information on students who are LGBTQ+ or seeking an abortion. But these apps are wildly unprepared to be the in-school enforcers of such laws. Even a casual reading of their underwhelming responses to Senator Warren’s report makes it clear that they are unconcerned about their future role as Witchfinder General in the abortion and gender wars.

The overwhelming medical consensus holds that denying trans healthcare puts youths’ lives at risk. Laws that criminalize your identity violate our civil liberties. So do bills that undermine freedom of speech.

Software that produces and forwards data that is used as evidence against young people seeking to exercise their human rights and civil liberties affects us all. Whether or not you are immediately affected by anti-LGBTQ+ laws, anti-trans laws, or anti-abortion laws; whether or not you are a student required to use a spyware-infected device, this should matter to you.

It matters to us. EFF fights for the right of all users to be served by their technology, not jailed by it.

This article originally appeared at EFF.