Saturday, September 03, 2022

Interesting that a coding error was not caught. Did they expect 100% public data or did they not even look?

https://www.wsj.com/articles/irs-says-it-exposed-some-confidential-taxpayer-data-on-website-11662145232?mod=djemalertNEWS

IRS Says It Exposed Some Confidential Taxpayer Data on Website

Tax agency says error led to posting about some taxpayers with IRAs

The Internal Revenue Service inadvertently posted what is normally confidential information involving about 120,000 individuals before discovering the error and removing the data from its website, officials said Friday.

The data are from Form 990-T, which is often required for people with individual retirement accounts who earn certain types of business income within those retirement plans.

Like most individual tax filings to the IRS, those forms are supposed to be confidential. But charities with so-called unrelated business income are also required to file Form 990-T, and those filings are supposed to be open to the public.

The IRS and Treasury Department blamed a human coding error that happened last year when Form 990-T began to be electronically filed. The nonpublic data was mistakenly included with the public data and all of it was available for searching and downloading on the agency’s website.





No money it compliance?

https://www.seattletimes.com/seattle-news/politics/facebook-parent-company-repeatedly-violated-wa-campaign-finance-law-court-finds/

Facebook parent company repeatedly violated WA campaign finance law, court finds

Meta, Facebook’s parent company, repeatedly and intentionally violated Washington campaign-ad transparency law and must pay penalties yet to be determined, a judge ruled Friday.

The court also denied Meta’s attempt to invalidate Washington’s decades-old transparency law, according to Attorney General Bob Ferguson, whose office has repeatedly sued Meta over its failure to abide by the law.

The oral ruling was made Friday by King County Superior Court Judge Douglass North. A written order was not immediately available.





Sounds trivial, but many small problems can create a very large problem.

https://www.vice.com/en/article/y3pbgy/hackers-create-traffic-jam-in-moscow-by-ordering-dozens-of-taxis-at-once-through-app

Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App

Hackers created a traffic jam in Moscow on Thursday by ordering dozens of taxis from the ride-hailing app Yandex Taxi to converge on the same location in one of the first known instances of attackers using an app-based taxi company to create chaos on the roads.

Video circulated on social media showing a very long traffic jam of taxis along an otherwise lightly trafficked road.





When everyone says these tools are not trustworthy, someone in the organization need to ensure you aren’t trusting them.

https://www.ft.com/content/d766f618-ec3a-449d-8683-84b3f3a73b06

Wall Street’s $1bn messaging ‘nightmare’

SEC investigation sparks questions about how banks monitor communications in an era of disappearing messages

In 2018 and 2019, as JPMorgan Chase bankers chased lucrative mandates from an aggressively expanding WeWork, they fired off messages to one of their most high-profile clients at a frenetic pace. But as they did so, they broke rules governing communications on Wall Street. The US Securities and Exchange Commission — in an early flashpoint of an investigation that has spread across Wall Street — found that JPMorgan failed to track more than 21,000 texts and emails, sent and received on personal phones or through unapproved apps, related to the co-working company, according to people familiar with the matter. The investigation, which became public last year, has ensnared a growing number of banks, which are preparing to pay more than $1bn in fines to the SEC and Commodity Futures Trading Commission, dwarfing earlier penalties for record-keeping breaches.





Tools & Techniques. (I may need more computer power…)

https://www.howtogeek.com/830179/how-to-run-stable-diffusion-on-your-pc-to-generate-ai-images/

How to Run Stable Diffusion on Your PC to Generate AI Images

Artificial Intelligence (AI) art is currently all the rage, but most AI image generators run in the cloud. Stable Diffusion is different — you can run it on your very own PC and generate as many images as you want. Here’s how you can install and use Stable Diffusion on Windows.



Friday, September 02, 2022

Interesting that tackers never tripped an alarm. Perhaps because there were none?

https://gizmodo.com/neopets-hackers-virtual-pets-bitcoin-1849485229

The Hackers Who Breached Neopets Were Inside Its IT Systems for 18 Months

Neopets, the company that sells virtual pets to tweenagers (and also a weird amount of adults), suffered a pretty devastating data breach earlier this year, but a recent update seems to show it was far worse than we previously thought.

In July, the company announced that it had been hacked and that data on its members—believed to be about 69 million people—had potentially been accessed. This week, the company divulged new details about the incident, revealing that, among other things, the cybercriminals were able to linger inside its corporate IT systems for about 18 months.

An update published Monday shows that, from January 3, 2021 until July 19, 2022, the cybercriminals had access to member user data. What kind of data? It would appear to be pretty much everything. The update reads:

After our investigation, we have determined that for past and present Neopets players, affected information may include the data provided when registering for or playing Neopets, including name, email address, username, date of birth, gender, IP address, Neopets PIN, hashed password, as well as data about a player’s pet, game play, and other information provided to Neopets. For players that played prior to 2015, the information also could have included non-hashed, but inactive, passwords.





Resource.

https://www.bespacific.com/american-association-of-law-libraries-aall-launches-new-legal-information-resource/

American Association of Law Libraries (AALL) Launches New Legal Information Resource

AALL: “The American Association of Law Libraries (AALL) is offering a new resource for information professionals—law librarians, legal information professionals , and public librarians—and members of the public to easily locate online primary legal materials. The new Online Legal Information Resources (OLIR) includes information for U.S. states, the District of Columbia, U.S. territories, the U.S. Federal Government, and Canada. Developed by the AALL Advancing Access to Justice Special Committee the OLIR includes links to session laws, statutory codes, registers, administrative codes, and court opinions. To help users easily identify reliable online sources, the OLIR contains information about whether the legal materials are official, authentic, preserved, and copyrighted. The OLIR also includes contact information for state and local public law libraries, covering whether services to incarcerated people are provided.”





I don’t have the talent of a Mozart or even a Weird Al Yankovic, but I might try this genre…

https://www.buzzfeednews.com/article/katienotopoulos/alexa-play-the-poop-song?scrolla=5eb6d68b7fedc32c19ef33b4

Kids Yell “Poop” At Alexa, And These Musicians Profit

… As it turns out, there are quite a few songs that will fill Alexa requests for the whole gamut of things a kindergartener might dream up: poop, diapers, dog poop, stinky butt, farts.



Thursday, September 01, 2022

I think we’ll hear more of this tool.

https://apnews.com/article/technology-police-california-arkansas-d395409ef5a8c6c3f6cdab5b1d0e27ef

Tech tool offers police ‘mass surveillance on a budget’

… Police have used “Fog Reveal” to search hundreds of billions of records from 250 million mobile devices, and harnessed the data to create location analyses known among law enforcement as “patterns of life,” according to thousands of pages of records about the company.

Sold by Virginia-based Fog Data Science LLC, Fog Reveal has been used since at least 2018 in criminal investigations ranging from the murder of a nurse in Arkansas to tracing the movements of a potential participant in the Jan. 6 insurrection at the Capitol. The tool is rarely, if ever, mentioned in court records, something that defense attorneys say makes it harder for them to properly defend their clients in cases in which the technology was used.

The company was developed by two former high-ranking Department of Homeland Security officials under ex-President George W. Bush. It relies on advertising identification numbers, which Fog officials say are culled from popular cellphone apps such as Waze, Starbucks and hundreds of others that target ads based on a person’s movements and interests, according to police emails. That information is then sold to companies like Fog.

… What distinguishes Fog Reveal from other cellphone location technologies used by police is that it follows the devices through their advertising IDs, unique numbers assigned to each device. These numbers do not contain the name of the phone’s user, but can be traced to homes and workplaces to help police establish pattern-of-life analyses.

“The capability that it had for bringing up just anybody in an area whether they were in public or at home seemed to me to be a very clear violation of the Fourth Amendment,” said Davin Hall, a former crime data analysis supervisor for the Greensboro, North Carolina Police Department. “I just feel angry and betrayed and lied to.”





Not targeted to children… How would you define ‘likely?’ Are children likely to access Google?

https://fpf.org/blog/age-appropriate-design-code-passes-california-legislature/

AGE-APPROPRIATE DESIGN CODE PASSES CALIFORNIA LEGISLATURE

This week, the California legislature passed AB 2273, the California Age-Appropriate Design Code Act (ADCA). The California ADCA is modeled after the UK’s Age Appropriate Design Code, and would apply to businesses that provide “an online service, product, or feature likely to be accessed by a child.” If enacted by Governor Gavin Newsom, the child-centered design law would be the first of its kind in the United States.

The California ADCA would introduce significant new compliance obligations for US businesses that go beyond the requirements codified in COPPA – the longstanding federal children’s privacy law. Unlike COPPA, which defines “child” as an individual under 13 years old and applies to child-directed services, the California bill defines “child” as an individual under 18 and applies to any online service that is “likely to be accessed by a child.” For covered entities, the bill would require the implementation of new protective measures for young users, such as configuring default privacy settings to those with the highest level of privacy, and places new limits on profiling, processing geolocation data, and the use of “dark patterns” to influence behavior.





Something local to spice up the discussion…

https://www.vice.com/en/article/bvmvqm/an-ai-generated-artwork-won-first-place-at-a-state-fair-fine-arts-competition-and-artists-are-pissed

An AI-Generated Artwork Won First Place at a State Fair Fine Arts Competition, and Artists Are Pissed

Jason Allen's AI-generated work "Théâtre D'opéra Spatial" took first place in the digital category at the Colorado State Fair.

A man came in first at the Colorado State Fair’s fine art competition using an AI generated artwork on Monday. “I won first place,” a user going by Sincarnate said in a Discord post above photos of the AI-generated canvases hanging at the fair.

Sincarnate’s name is Jason Allen, who is president of Colorado-based tabletop gaming company Incarnate Games. According to the state fair’s website, he won in the digital art category with a work called “Théâtre D'opéra Spatial.” The image, which Allen printed on canvas for submission, is gorgeous. It depicts a strange scene that looks like it could be from a space opera, and it looks like a masterfully done painting. Classical figures in a Baroque hall stare through a circular viewport into a sun-drenched and radiant landscape.

But Allen did not paint “Théâtre D'opéra Spatial,” AI software called Midjourney did. It used his prompts, but Allen did not wield a digital brush. This distinction has caused controversy on Twitter where working artists and enthusiasts accused Allen of hastening the death of creative jobs.



Wednesday, August 31, 2022

Logical yes, achievable maybe.

https://hbr.org/2022/08/when-and-why-you-should-explain-how-your-ai-works

When — and Why — You Should Explain How Your AI Works

AI adds value by identifying patterns so complex that they can defy human understanding. [Not sure that is possible. Bob] That can create a problem: AI can be a black box, which often renders us unable to answer crucial questions about its operations. That matters more in some cases than others. Companies need to understand what it means for AI to be “explainable” and when it’s important to be able to explain how an AI produced its outputs. In general, companies need explainability in AI when: 1) regulation requires it, 2) it’s important for understanding how to use the tool, 3) it could improve the system, and 4) it can help determine fairness.



(Related)

https://www.foreignaffairs.com/world/spirals-delusion-artificial-intelligence-decision-making

Spirals of Delusion

… But thinking about AI in terms of a race for dominance misses the more fundamental ways in which AI is transforming global politics. AI will not transform the rivalry between powers so much as it will transform the rivals themselves. The United States is a democracy, whereas China is an authoritarian regime, and machine learning challenges each political system in its own way. The challenges to democracies such as the United States are all too visible. Machine learning may increase polarization—reengineering the online world to promote political division. It will certainly increase disinformation in the future, generating convincing fake speech at scale. The challenges to autocracies are more subtle but possibly more corrosive. Just as machine learning reflects and reinforces the divisions of democracy, it may confound autocracies, creating a false appearance of consensus and concealing underlying societal fissures until it is too late.





Worth a review.

https://www.csoonline.com/article/3218104/stuxnet-explained-the-first-known-cyberweapon.html#tk.rss_all

Stuxnet explained: The first known cyberweapon

Thanks to Stuxnet, we now live in a world where code can destroy machinery and stop (or start) a war.

Stuxnet is a powerful computer worm designed by U.S. and Israeli intelligence that to disable a key part of the Iranian nuclear program. Targeted at an air-gapped facility, it unexpectedly spread to outside computer systems, raising a number of questions about its design and purpose.





Apparently I don’t know them all…

https://www.makeuseof.com/how-to-get-free-movies-music-from-libraries/

5 Ways to Get Free Movies and Music From Your Local Library

… While there are plenty of websites and apps streaming free movies and music, most platforms make money through advertising. The services featured in this article, however, are available through public libraries for free and (crucially) are free of advertising.



Tuesday, August 30, 2022

How would you do it?

https://www.ft.com/content/aa147054-ec14-4a75-a183-bee345319948

Insurers must rethink handling of cyber attacks on states

They could cost billions but new exclusions based on whether attacks are ‘warlike’ or not will prove bad for everyone

The invasion of Ukraine earlier this year drew considerable global attention to the possibility that Russia might combine its physical attacks on the country with cyber attacks aimed at weakening critical infrastructure and information systems. Russia has had limited success, so far, in using such cyber attacks against Ukraine, but that hasn’t stopped those insurance companies that sell cyber-insurance policies from worrying that this could cost them billions of dollars — not only in Ukraine, but also in countries such as the US and the UK, where most cyber-insurance policies are sold.





Tools & Techniques.

https://www.bespacific.com/pdf24-tools/

PDF24 Tools

Free and easy-to-use online PDF tools that make you more productive: PDF24 offers you a collection of tools that you can use to work productively with PDFs and other files. The PDF24 tools leave nothing to be desired. There is hardly anything in the PDF area that you cannot do with PDF24. The PDF24 tools were developed to be as easy to use as possible. Intuitive usability was the goal. We have achieved this goal and that is why the PDF24 tools are so popular. Safety is important to us. File transfers to the PDF24 servers are encrypted. All files are completely removed from our servers after a short time. If you want to be even more secure, you can use the PDF24 Creator, where all files remain on your PC. PDF24’s online tools work directly in the web browser. You do not need to install any software. This means you can use the PDF24 tools on any device with an Internet connection. PDF24 supports all current operating systems and browsers. Whether on Windows, Linux, MACs or smartphones, PDF24 does a good job almost everywhere. The PDF24 Online Tools process files on special PDF24 servers. Your system is not burdened in the process and therefore does not need any special requirements. 100% free of charge – You can use all PDF24 tools free of charge and without any restrictions. This is achieved via some advertising on the web pages…”



(Related)

https://www.makeuseof.com/translate-pdf-file-into-any-language/

How to Translate a PDF File Into Any Language

If you have a PDF file in a foreign language, or if you need to send a PDF to someone in another language, here's how you translate them.



Monday, August 29, 2022

Confusing to me (the non-lawyer). How do I tell you what is in my database? What examples can I show?

https://www.pogowasright.org/another-tough-ruling-for-people-search-databases-camacho-v-control-group-media/

Another Tough Ruling for People Search Databases–Camacho v. Control Group Media

Eric Goldman writes:

This is another people search case with another rough outcome for defendants. If the defendants in these cases don’t get relief on appeal, I don’t know how the people search and yearbook industries are going to survive.
[Note: this opinion is over 25,000 words long, which helps explain why it’s taken me until now to blog it. These people search/yearbook opinions are tough on bloggers too!]
The question here is whether the CDA immunizes Defendants’ from being held liable for Plaintiffs’ claims that they violated California’s and Alabama’s right of publicity statutes by displaying Plaintiffs’ names and corresponding information as a ‘teaser’ to sell subscriptions to access their database.”

Read more at Technology & Marketing Law Blog.





Perspective.

https://www.ft.com/content/989b2e50-e8b5-474c-86a3-190c6881b235

A post-dollar world is coming

The currency may look strong but its weaknesses are mounting





The best source of sources I know.

https://www.bespacific.com/data-mining-resources-2022/

Data Mining Resources 2022

Via LLRX Data Mining Resources 2022 Data mining and knowledge discovery is a quickly evolving field that is part of the portfolio of CI, BI and KM professionals, law librarians, research analysts, infopros, data scientists, data journalists and students in college and graduate programs. This expansive bibliography by Marcus P. Zillman comprises a wealth of information, resources, tools, techniques and applications, as well as links to many open datasets. The subject matter includes data mining, data scrapping, data aggregation, big data and big analytics. The resources include: ebooks and glossaries, research papers, video tutorials and online training, APIs, open source web data extraction tools, datasets, bibliographies, case studies, scientific and academic papers and substantive articles, as well as training and certifications on data mining, and open source code.



Sunday, August 28, 2022

I’m sure we have already covered these...

https://www.zdnet.com/article/5-exciting-applications-for-artificial-intelligence/

Artificial intelligence: 5 innovative applications that could change everything

Artificial intelligence is transforming how businesses across many different industries operate. By adopting AI, businesses can automate activities, producing more efficient and effective results. The McKinsey Technology Trends Outlook 2022 report took an in-depth look at AI and its many applications – which reach far beyond the tech industry. Here's a look at a few major sectors where AI will have important impacts.





About time!

https://www.databreaches.net/facebook-cambridge-analytica-data-breach-lawsuit-ends-in-11th-hour-settlement/

Facebook-Cambridge Analytica data breach lawsuit ends in 11th hour settlement

Mark Townsend reports:

Facebook has dramatically agreed to settle a lawsuit seeking damages for allowing Cambridge Analytica access to the private data of tens of millions of users, four years after the Observer exposed the scandal that mired the tech giant in repeated controversy.
A court filing reveals that Meta, Facebook’s parent company, has in principle settled for an undisclosed sum a long-running lawsuit that claimed Facebook illegally shared user data with the UK analysis firm.

Read more at The Guardian.





More on the ultimate question.

https://dial.uclouvain.be/pr/boreal/object/boreal:264528

Humans With, Not Versus Robots

Wesley Newcomb Hohfeld postulated, synthesizing seemingly unbudging legal tradition, that law is about (a finite set of) relationships between humans. First animals and now, increasingly, robots make us question this. This paper will discuss in some detail the ways in which the law might accommodate some of the relationships that humans have with robots. These relationships can vary greatly as to their degree of closeness between the parties, ranging from the rather detached, in which robots are seen as tools (which arguably forms the great majority of cases now and, some argue, should always be so), to quite up close and personal as is the case with certain robots which are seen as companions or partners (increasingly being reported as a trend we are moving towards), to even seeing them as part and parcel, as extensions of our own person or body parts. Since our relationship to our tools has been dealt with by law and is largely uncontroversial, the current article will focus on human-robot collaborations and what legal shape they may take, exploring available legal avenues, as well as innovations in terms of legal status.





From a local…

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4195066

Regulating the Risks of AI

Margot E. Kaminski University of Colorado Law School; Yale University - Yale Information Society Project; University of Colorado at Boulder - Silicon Flatirons Center for Law, Technology, and Entrepreneurship

Companies and governments now use Artificial Intelligence (AI) in a wide range of settings. But using AI leads to well-known risks—that is, not yet realized but potentially catastrophic future harms that arguably present challenges for a traditional liability model. It is thus unsurprising that lawmakers in both the United States and the European Union (EU) have turned to the tools of risk regulation for governing AI systems.

This Article observes that constructing AI harms as risks is a choice with consequences. Risk regulation comes with its own policy baggage: a set of tools and troubles that have emerged in other fields. Moreover, there are at least four models for risk regulation, each with divergent goals and methods. Emerging conflicts over AI risk regulation illustrate the tensions that emerge when regulators employ one model of risk regulation, while stakeholders call for another.

This Article is the first to examine and compare a number of recently proposed and enacted AI risk regulation regimes. It asks whether risk regulation is, in fact, the right approach. It closes with suggestions for addressing two types of shortcomings: failures to consider other tools in the risk regulation toolkit (including conditional licensing, liability, and design mandates), and shortcomings that stem from the nature of risk regulation itself (including the inherent difficulties of non-quantifiable harms, and the dearth of mechanisms for public or stakeholder input).