Senators Introduce COVID-19 Consumer Data Protection Act

· Andrew Orr · Link

Courthouse

Today a group of Republican senators announced plans to introduce the COVID-19 Consumer Data Protection Act.

The legislation would provide all Americans with more transparency, choice, and control over the collection and use of their personal health, geolocation, and proximity data. The bill would also hold businesses accountable to consumers if they use personal data to fight the COVID-19 pandemic.

A good move, I think. We need thoughtful legislation passed to preempt the contact tracing train.

Could We See a US Digital Dollar Soon?

· Andrew Orr · Link

Image of a digital dollar

So right away, the answer to my headline is “probably not.” The article I’m linking to says language of digital dollars was removed from the final version of the stimulus package. But I think it’s worthwhile to think about.

The bill establishes a digital dollar, which it defines as ‘a balance expressed as a dollar value consisting of digital ledger entries that are recorded as liabilities in the accounts of any Federal Reserve Bank or … an electronic unit of value, redeemable by an eligible financial institution (as determined by the Board of Governors of the Federal Reserve System).’

Now may not be the time to introduce entirely new technologies, especially if they slow the release of the package. But I personally like the idea, although I don’t advocate for a completely cashless society as I’ve mentioned before.

U.S. Government Wants to Track Coronavirus Spread With Location Data

· Andrew Orr · Link

Image of person holding phone

The U.S. government is in talks with Facebook, Google, and others to use location data to track the spread of the coronavirus.

Public-health experts are interested in the possibility that private-sector companies could compile the data in anonymous, aggregated form, which they could then use to map the spread of the infection, according to three people familiar with the effort, who requested anonymity because the project is in its early stages.

On the surface, it’s for good intentions (They always seem good on the surface). But we know that in certain situations, data can be de-anonymized. Some questions: How will they use this data? How effective would this be? Will the government keep the database afterward? My initial thought is that I have no problem with medical experts and scientists doing this. But I have no faith in this current administration, or faith in companies like Facebook and Google. What if they created an app to collect this data? That way it’s optional. And please passwordprotect the server.

A.G. William Barr Wants Tech Companies to Fight Child Sexual Abuse

· Andrew Orr · Link

Attorney General William Barr wants tech companies like Apple to fight online child sexual abuse even more with “voluntary standards.”

These voluntary principles are built on existing industry efforts to combat these crimes.  Some leading companies have dedicated significant resources to develop and deploy tools in the fight to protect children online and to detect, disrupt and identify offenders.  Although significant progress has been made, there is much more to be done to strengthen existing efforts and enhance collective action.

First, as I discovered last year Apple started to scan online iCloud content for child sexual abuse material (CSAM). Many other companies do the same. Second, although encryption wasn’t explicitly mentioned, this is undoubtedly (in my opinion) a new development in the war on encryption. Child predators are one of the scary boogeymen used by the government to erode our privacy even further. I of course do support Apple scanning for this content, but it’s not a black and white issue.

NSA Spy Program Cost Taxpayers $100 Million and Was Overall Useless

· Andrew Orr · Link

Form 2015 to 2019 the National Security Agency (NSA) collected Americans’ domestic phone calls and texts. The program cost US$100 million but only one investigation was able to make use of that data.

Moreover, only twice during that four-year period did the program generate unique information that the F.B.I. did not already possess, said the study, which was produced by the Privacy and Civil Liberties Oversight Board and briefed to Congress on Tuesday.

“Based on one report, F.B.I. vetted an individual, but, after vetting, determined that no further action was warranted,” the report said. “The second report provided unique information about a telephone number, previously known to U.S. authorities, which led to the opening of a foreign intelligence investigation.”

FCC Forced to Get Public Opinion on Net Neutrality

· Andrew Orr · Link

A court order is forcing the FCC to once again ask the public’s opinion on whether gutting net neutrality was a good idea. And just like last time, the agency is doing everything possible to distract, deflect, and defend.

In a reminder of just how petty federal telecoms regulation has become, the FCC can’t even take this implicit rebuke professionally. And so it attempted to hide the reality of the situation by flooding its announcements website on Wednesday with suddenly important news and describing the public comment period in the most obscure terms possible.

Defense Information Systems Agency Suffers Data Breach

· Andrew Orr · Link

Between May and July 2019 sensitive data like Social Security Numbers were stolen from servers belonging to the Defense Information Systems Agency (DISA), a U.S. defense agency. Earlier this month it notified victims.

The Defense Information Systems Agency has begun issuing letters to people whose personally identifiable information may have been compromised in a data breach on a system hosted by the agency. While there is no evidence to suggest that any of the potentially compromised PII was misused, DISA policy requires the agency to notify individuals whose personal data may have been compromised.

US Reportedly Gave Allies Evidence of Huawei Backdoors

· Andrew Orr · Link

Although the U.S. hasn’t shared it publicly, it claims to have found actual evidence of Huawei backdoors.

The United States has long claimed that Huawei can secretly access networks through the networking gear it sells to telcos, but the goverment previously argued that it doesn’t need to show any proof. US officials still are not providing such evidence publicly but have begun sharing their intelligence with other countries.

The best part is that, according to The Wall Street Journal, the origin of this report, these backdoors were intentionally put into place for law enforcement. And yet, the DoJ wants Apple to put backdoors in iOS that they swear can only be accessed by law enforcement, and definitely not foreign state hacking groups.

FBI Investigates Over 1,000 Cases of Chinese IP Theft

· Andrew Orr · Link

At the China Initiative Conference, government officials from the FBI and DoJ spent four hours talking about theft of U.S. intellectual property by China.

“The threat from China is real, it’s persistent, it’s well-orchestrated, it’s well-resourced, and it’s not going away anytime soon,” John Demers, Assistant Attorney General for National Security, opened the conference.

“This one to me really stands out as the greatest long-term threat to our nation’s information and intellectual property, and to our economic vitality,” said FBI Director Christopher Wray.

More Cities, States Say No to Cashless Businesses

· Andrew Orr · Link

Last month New York City passed a bill to ban businesses from rejecting cash. On February 13 a similar resolution will be heard in Washington, D.C.

Excluding people from paying with cash means “essentially discriminating against people who are low-income, people who are homeless, also undocumented,” she said.

Getting a credit or debit card often requires a form of ID, a utility or another bill, money to deposit and a financial history. Mitchell said that in Washington, D.C., nearly a third of residents rely on cash every day because they don’t have a card or even a bank account.

Lindsey Graham’s Draft Bill Punishes Companies Using End-to-End Encryption

· Andrew Orr · Link

Senator Lindsey Graham is drafting a bill [PDF] that could penalize companies using end-to-end encryption.

Although the measure doesn’t directly mention encryption, it would require that companies work with law enforcement to identify, remove, report and preserve evidence related to child exploitation — which critics said would be impossible to do for services such as WhatsApp that are encrypted from end-to-end.

If technology companies don’t certify that they are following the best practices set by the 15-member commission, they would lose the legal immunity they currently enjoy under Section 230 relating to child exploitation and abuse laws. That would open the door to lawsuits for “reckless” violations of those laws, a lower standard than contained in current statutes.

Of all the dumb things this administration has done, attacking encryption is a doozy. It’s not clear how much this would impact Apple, since the company does in fact scan for child abuse images. But iMessage and a few other services are end-to-end encrypted.

Amazon’s 2019 Transparency Report Shows Slight Decline in Government Requests

· Andrew Orr · Link

Amazon’s 2019 transparency report says it received 1,841 subpoenas, 440 search warrants, and 114 other court orders in the second half of 2019.

We previously reported on how Amazon’s transparency reports have purposefully become more vague over the years rather than clearer — bucking the industry trend. At just three pages, the company spends most of it explaining how it responds to each kind of legal demand rather than expanding on the numbers themselves.

Two other notable findings: Apple was the only other company to report a decline in government requests. And Amazon’s Ring surveillance product hasn’t released a transparency report.

This New Law Could Ban Cable TV Fees

· Andrew Orr · News

Image of judge’s gavel

A new law that passed both the House of Representatives and the Senate could ban ISPs from charging you certain fees.

How to Call Your Legislators With a Shortcut

· Andrew Orr · Link

Shortcuts icon

Matthew Cassinelli was part of the team that created Workflow, which Apple acquired and turned into the Shortcuts app. He recently created a shortcut that lets you enter your zip code and automatically call your legislators.

Hello. You can use this tool to immediately call your senator/representative based on your ZIP code. Contact them now.