The FBI is Collecting Your Data Through its ‘FitTest’ App

· Andrew Orr · Link

The FBI has been promoting its fitness app called FitTest to help people exercise at home. It’s also collecting your data.

…an FBI spokesperson reiterated the app’s privacy statement, adding that “the app does not gather or save any personal information other than what you select for your profile.”

But the app’s privacy statement makes room for some tracking: When FitTest accesses pages from the official FBI website, it says, “fbi.gov’s privacy policy applies.” The fbi.gov privacy policy states that “individuals using this computer system are subject to having all of their activities monitored and recorded.”

I can’t wait for the FBIPhone and FBIMessage apps.

U.S. Government Wants to Track Coronavirus Spread With Location Data

· Andrew Orr · Link

The U.S. government is in talks with Facebook, Google, and others to use location data to track the spread of the coronavirus.

Public-health experts are interested in the possibility that private-sector companies could compile the data in anonymous, aggregated form, which they could then use to map the spread of the infection, according to three people familiar with the effort, who requested anonymity because the project is in its early stages.

On the surface, it’s for good intentions (They always seem good on the surface). But we know that in certain situations, data can be de-anonymized. Some questions: How will they use this data? How effective would this be? Will the government keep the database afterward? My initial thought is that I have no problem with medical experts and scientists doing this. But I have no faith in this current administration, or faith in companies like Facebook and Google. What if they created an app to collect this data? That way it’s optional. And please passwordprotect the server.

Utah is Now a Surveillance State Thanks to This Company

· Andrew Orr · Link

A surveillance company called Banjo has partnered with Utah state authorities to enable a dystopian panopticon.

The lofty goal of Banjo’s system is to alert law enforcement of crimes as they happen. It claims it does this while somehow stripping all personal data from the system, allowing it to help cops without putting anyone’s privacy at risk. As with other algorithmic crime systems, there is little public oversight or information about how, exactly, the system determines what is worth alerting cops to.

Your Online Activity is a Social Credit Score

· Andrew Orr · Link

Violet Blue has an interesting take, that of your online activity as a social credit score. The SCC is something we usually associate with China, but we’re seeing trends suggesting America is moving toward a similar system.

Combine this with companies like Instagram, Facebook, YouTube, and yes, Airbnb deciding what legal behaviors are acceptable for service, and now we’re looking at groups of historically marginalized people being denied involvement in mainstream economic, political, cultural and social activities — at scale.

Russia Disconnects From Internet in Tests

· Andrew Orr · News

Russia announced it successfully completed a series of tests that disconnected the whole country from the internet.

Homeland Security Cancels Facial Recognition Plan for Americans

· Andrew Orr · Link

Homeland Security had a plan to expand its use of airport facial recognition to include U.S. citizens. After much outcry the agency will drop that plan, although foreign nationals and visitors will still face mandatory scanning.

A spokesperson for Customs and Border Protection, which filed the proposal, said the agency has “no current plans to require U.S. citizens to provide photographs upon entry and exit from the United States,” and that it “intends to have the planned regulatory action regarding U.S. citizens removed from the unified agenda next time it is published.”

Traffic Cameras Could Soon Tell if you Text and Drive

· Andrew Orr · Link

Australia will soon install a camera system powered by machine learning that is designed to spot mobile phones in cars.

To let drivers adjust, warning letters will be sent to those spotted using phones by the cameras for the first three months. Australia uses a points system for drivers — unrestricted driver’s licenses have 13 points. After the first three months, drivers caught using their phones illegally will lose five points and be issued a $344 fine. During other periods, the penalty could increase to 10 points. If a driver loses all of their points, they could lose their license.

Distracted driving is absolutely a serious problem, but I don’t think more surveillance infrastructure is the answer.

Would Apple Leave Russia Over Device Ban?

· Andrew Orr · Link

TMO's Dramatic Reenactment of a Typical Russian Hacker

Going into effect on July 2020, Russia just passed a law that would ban the sale of devices that don’t come pre-installed with Russian software. This obviously butts up against the integrity of iOS. Would Apple have the “courage” to leave the country if the Kremlin tried to force them to install their surveillance software? Because of course it’s for surveillance. Why else would a government meddle with device makers in this way?

The law will not mean devices from other countries cannot be sold with their normal software – but Russian “alternatives” will also have to be installed.

The legislation was passed by Russia’s lower house of parliament on Thursday. A complete list of the gadgets affected and the Russian-made software that needs to be pre-installed will be determined by the government.

How Motorola Helps Enable Government Surveillance

· Andrew Orr · Link

Since 2017 Motorola Solutions has invested US$1.7 billion to support or buy companies that build police body cameras, train the cameras with facial recognition, find suspects in videos, and track vehicle movement via license plates.

The company provided a statement that described its plan to add artificial intelligence products, including object detection and “unusual motion detection,” to a package it sells to public safety agencies. The systems can help flag a potential trespasser or the appearance of smoke, the company said. The company emphasized that the new tools are not meant to make automatic policing decisions but to help officers decide how to act.

NSA Publishes Threatening Letter Calling for Encryption Backdoors

· Andrew Orr · Link

Glenn S. Gerstell, general counsel for the National Security Agency (NSA) published a letter in the New York Times, writing about how a “digital revolution threatens to upend our entire national security infrastructure.” He thinks backdoors into encryption is one answer (of course he doesn’t use the word backdoor), as well as the agency collecting even more data from citizens. Read his letter by clicking the link below, then read this take by Nefarious Laboratories.

Make no mistake, this letter is a thinly-veiled threat to every major corporation around the globe: provide the U.S. government with access to all of your data or else, “there is another path, and it is the one taken by authoritarian regimes around the world”.

Amazon's Surveillance Company Partners With 400 More Police Forces

· Andrew Orr · Link

Ring, the Amazon-owned surveillance company that sells doorbell cameras, is partnering with 400 more police forces across the U.S.

The partnerships let police automatically request the video recorded by homeowners’ cameras within a specific time and area, helping officers see footage from the company’s millions of Internet-connected cameras installed nationwide, the company said. Officers don’t receive ongoing or live-video access, and homeowners can decline the requests, which Ring sends via email thanking them for “making your neighborhood a safer place.”

Previous Ring coverage: Here, and here.

Apple Blocks Spying Kazakhstan Root Certificate

· Andrew Orr · Link

The Kazakhstan government is trying to spy on citizens with a government-issued root certificate for websites. Apple, Google, and Mozilla are blocking it in their browsers.

The root certificate in question, labeled as “trusted certificate” or “national security certificate,” if installed, allows ISPs to intercept, monitor, and decrypt users’ encrypted HTTPS and TLS connections, helping the government spy on its 18 million people and censor content.

Once installed, the certificate allowed the Kazakh government to decrypt and read anything a user visiting popular sites—Facebook, Twitter, and Google, among others—types or posts, including intercepting their account information and passwords.

FBI to Monitor Social Media for Domestic Terrorism Threats

· Andrew Orr · Link

The FBI wants to monitor Facebook, Twitter, and Instagram for domestic terrorism threats in real time.

The FBI ultimately wants an interactive tool that can be accessed by all headquarters division and field office personnel via web browsers and through multiple devices. Interested vendors should have the capabilities to offer the agency the ability to set filters around the specific content they see, send immediate and custom alerts and notifications around “mission-relevant” incidents, have broad international reach and a strong language translation capability and allow for real-time geolocation-based monitoring that can be refined as events develop.

Just ask the NSA.

Amazon Helps Cops Get Ring Surveillance Videos Without Warrants

· Andrew Orr · Link

A couple weeks ago I shared news that Amazon is requiring police to promote its Ring surveillance cameras. Not that bad, I thought, because at least the police had to have the owner’s permission. But I was optimistic, because Amazon is giving police talking points on how to persuade owners, and even seizing the video footage if the owner said no.

As reported by GovTech on Friday, police can request Ring camera footage directly from Amazon, even if a Ring customer denies to provide police with the footage. It’s a workaround that allows police to essentially “subpoena” anything captured on Ring cameras.

Things like government surveillance and hacking are precisely why I will never buy smart home products. Update: A Ring spokesperson emailed me a correction: The reports that police can obtain any video from a Ring doorbell within 60 days is false. Ring will not release customer information in response to government demands without a valid and binding legal demand properly served on us. Ring objects to overbroad or otherwise inappropriate demands as a matter of course.

U.S. Government Tracks Journalists in Database

· Andrew Orr · Link

A startling investigation by NBC 7 journalists reveals how the U.S. government tracks journalists through use of a database.

Documents obtained by NBC 7 Investigates show the U.S. government created a secret database of activists, journalists, and social media influencers tied to the migrant caravan and in some cases, placed alerts on their passports.

In fact, their own government had listed their names in a secret database of targets, where agents collected information on them. Some had alerts placed on their passports, keeping at least two photojournalists and an attorney from entering Mexico to work.

This is why private services like end-to-end encrypted messaging apps are so important. It’s bad enough if a foreign government is surveilling you. We don’t need our own government to do the same.