Over 24,000 People Sign Data Privacy Petition to Stop Facebook Extremism

A petition signed by over 24,000 people has been delivered to Congress from Fight for the Future, Senator Ron Wyden to encourage a federal data privacy law. The impetus? Far-right extremism on social media websites such as Facebook.

Coalition members urged lawmakers to protect against attacks like that on the Capitol last year by addressing Facebook’s data-fueled algorithmic manipulation.

When Facebook whistleblower Frances Haugen testified before Congress in October, she named algorithmic manipulation as the platform’s source of power. Algorithmic manipulation is only possible with invasive and copious personal data on individual people, harvested via mass surveillance.

President Biden Signs 'National Defense Authorization Act' Into Law for Cybersecurity

The National Defense Authorization Act of 2022 lays out voluntary cybersecurity practices for private companies that handle critical infrastructure in the U.S.

But provisions all rely on the voluntary participation by industry, which owns and operates the vast majority of the nation’s critical infrastructure. Despite bipartisan calls after massive breaches at SolarWinds, Microsoft Exchange, Colonial Pipeline and other hacks, the NDAA made it through the House without mandatory incident reporting requirements for the private sector.

I disagree on the “voluntary” part. Make it mandatory, otherwise we end up with T-Mobile’s half-dozen breaches in the span of four years.

Proposed Bill Would Make Social Media Companies Responsible for Disinformation

A bill sponsored by state Sen. Brad Hoylman (D-Manhattan) aims to hold social media companies accountable for disinformation.

The legislation adds a section to the state’s penal code, adding a new cause of action for public nuisance allowing the state Attorney General, city corporation counsels or private citizens to bring lawsuits after companies or individuals for “knowingly or recklessly” contributing to things like promoting self-harm or vaccine disinformation.

State Legislators Help Libraries in Fight Over Ebook Licensing Terms

A report from Axios says libraries want better licensing terms for eBooks from Amazon and other publishers. States are stepping in to help the libraries.

A Maryland law set to take effect in January and a similar bill in New York would require publishers that sell ebooks to consumers to also license them to libraries on reasonable terms. The Maryland law and New York bill say it is not reasonable to limit the number of ebook licenses libraries can buy at the same date they are available to the general public.

Co-Founder of Swiss SMS Giant 'Mitto AG' Accused of Government Surveillance

Swiss tech company Mitto AG is trusted by companies such as Twitter and Google to deliver SMS security codes to users, appointment reminders, sales promotions, and more. It’s co-founder and COO Ilja Gorelik has been accused of selling access to Mitto’s networks for surveillance.

The existence of the alternate service was only known to a small number of people within the company, these former employees said. Gorelik sold the service to surveillance companies which in turn contracted with government agencies, according to the employees.

Government Traces Ransomware Payments to Business Address in Moscow

The New York Times writes how the U.S. government has traced ransomware payments to an address in Federation Tower East in Moscow, Russia.

That this high-rise in Moscow’s financial district has emerged as an apparent hub of such money laundering has convinced many security experts that the Russian authorities tolerate ransomware operators. The targets are almost exclusively outside Russia, they point out, and in at least one case documented in a U.S. sanctions announcement, the suspect was assisting a Russian espionage agency.

Proposed Bill Would Ban Bots From Buying Online Goods

A report from PCMag: Democrats are reintroducing a bill that would ban automated bots from buying online goods. The legislation aims to stop scalpers.

The proposed legislation expands on an earlier law passed in 2016 that outlawed automated bots from circumventing control measures to buy up ticket sales for public events, such as music concerts and sporting events. In addition, the law made it illegal for scalpers to resell the tickets obtained through the bot.

France Seeks Removal of 'Wish' From App Stores, Search Engines

The French administration wants app stores and search engines to remove Wish after an investigation of its products. They found that many of the products listed in Wish don’t meet European standards.

When Wish is notified that it is selling a dangerous good, those products are removed from the marketplace within 24 hours as expected. And yet, “in most cases, those products remain available under a different name, and sometimes even from the same seller. The company doesn’t keep any log related to transactions of non-compliant and dangerous products,” France’s Ministry of the Economy says in its statement.

Rule Approved: Banks Must Report Cyber Attacks Within 36 Hours

U.S. regulators have approved a rule to require banks to report major cyber incidents within 36 hours.

The rule, dubbed the Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers, was cemented by the Office of the Comptroller of the Currency, Board of Governors of the Federal Reserve System and the Federal Deposit Insurance Corporation. There is currently no specific window that banks must repot such incident to the agencies in question.

'REvil' Ransomware Group Taken Down Through Multi-Country Effort

The FBI, working with Cyber Command, the Secret Service, and other countries, took down REvil.

According to three people familiar with the matter, law enforcement and intelligence cyber specialists were able to hack REvil’s computer network infrastructure, obtaining control of at least some of their servers. After websites that the hacker group used to conduct business went offline in July, the main spokesman for the group, who calls himself “Unknown,” vanished from the internet.