From Digital Age to Nano Age. WorldWide.

Tag: surveillance

Atoms Lanka Solutions > surveillance
Robotic Automations

The Net Gala hosts its first event for the stylish and chronically online | TechCrunch

May 7, 2024 3:13 AM0


The warehouse was dim and slightly misty. But the bar was open, and a photographer was snapping away anyway.

On Friday, the crowd followed the white rabbit to Brooklyn for The Net Gala, a chic tech answer to The Met Gala. The theme of the event was internet surveillance, prompting attendees to clad in black, with some dazzling in Schiaparelli. Think “Matrix meets Mugler,” a commentary on growing up in the age of the internet, a celebration of culture through art, fashion, music and, of course, technology.

Guests took photos on black steps before making their way upstairs, which is where the show’s theme really emerged: A camcorder hooked to a vintage television replayed the event in real-time. A confessional booth with a handheld digital voice recorder let attendees spill secrets while a piece of generative artwork mirrored the movements of guests passing by. Rico Nasty erupted through the speakers outside while the artist Heno, releasing new music, blasted through the VR headsets that took one into the metaverse.

The Net Gala was thrown by the social collective Boys Club, a new media company best known for its podcast, newsletter, events and magazine. It bills itself as for the “chronically online and tech curious.” Deana Burke and Natasha Hoskin co-founded Boys Club in 2021 to bring women together to discuss emerging technologies and their effects.

The first Boys Club event took place in a loft in Chinatown, bringing together 60 people. More than 500 people attended The Net Gala, flooding the dance floor and taking stickers passed around that said, “I’m tired of being hyper-surveilled.” For this event, Boys Club partnered with blockchain Lusko, a longtime collaborator who builds tools to help artists manage their creative projects.

The technology was a throwback to the 90s and early 2000s: vintage televisions, camcorders — while also paying homage to the future, with digital collectibles and virtual reality. Image Credits: Noa Griffel

Speaking to TechCrunch, Boys Club said it decided to have a surveillance-themed gala to create commentary around it as a pressing matter in today’s society while also fundraising for the Lower Eastside Girls Club. Boys Club ultimately helped raise $5,000 for the club, which aims to help young women learn about topics such as STEM and Civic Engagement.

Though Boys Club took an opportunity to have fun with the issue of surveillance, the issue is indeed a serious one. From government surveillance to cybersecurity and hacking, society’s increased digitization has created problems that innovators are still rushing to fix. Just in the past week, TechCrunch has reported on security bugs in phone tracking apps, the massive United Healthcare attack, and the use of hacking in war.

Boys Club said that the “general aesthetics around surveillance are interesting, and it felt ripe to have some fun bringing this theme to life.” It also stressed the importance of awareness.

“As we design a new internet, the over collection, commodification, and weaponization of personal data is something that we hope gets left behind in Web2,” Boys Club said. Its co-founder Burke doubled down on that point.

Artist Bayli co-hosted the first-ever Net Gala, which brought together stylish names in tech, fashion, and music. Image Credits: Noa Griffel

“As we live more and more of our lives online, we think it’s important to be much more acutely aware of how technology interacts with your day-to-day and what privacy tradeoffs you’re often making for the sake of convenience,” Burke told TechCrunch. “Awareness is the priority.”

The Boys Club picked artists who could help bring the creative internet to life, it said, which meant teaming up with Heno for an interactive digital art installation, having a vending machine that gave out digital collectibles, and finding co-chairs that supported the mission. Bayli, an artist, co-chaired the event and praised The Net Gala for “championing women-run tech and crypto companies.”

“Where else can you fund such a cool mask-up of art, fashion, and tech, all wrapped up in one fabulous event,” Bayli told TechCrunch. “Seriously, so many gorgeous brains in one place.”

Attendees also raved about the party. Jeheli Odidi, a creative director, loved the way the party brought together different sides of New York. Odidi highlighted that there were “tech girlies,” alongside “art boys and music people,” and everyone seemed easy and approachable. Musician T.S. Rose told TechCrunch it was vital to have events like this to “get all kinds of people together to get our creative wheels turning.”

“Coders, musicians, designers, seeing how we can incorporate each other’s talents and all these new techs to our projects. These rooms spark magic in the making,” Rose said.

The Boys Club said The Net Gala will become an annual event and return next year. This gives The First Friday in May a chic new meaning.




Software Development in Sri Lanka

Robotic Automations

Meta could face further squeeze on surveillance ads model in EU | TechCrunch

April 25, 2024 8:15 PM0


Meta’s tracking ads business could be facing further legal blows in the European Union: An influential advisor to the bloc’s top court affirmed Thursday that the region’s privacy laws limits on how long people’s data can be used for targeted advertising.

In the non-legally binding opinion, Advocate General Athanasios Rantos said use of personal data for advertising must be limited.

This is important because Meta’s tracking ads business relies upon ingesting vast amounts of personal data to build profiles of individuals to target them with advertising messages. Any limits on how it can use personal data could limit its ability to profit off of people’s attention.

A final ruling on the point remains pending — typically these arrive three to six months after an AG opinion — but the Court of Justice of the EU (CJEU) often takes a similar view to its advisors.

The CJEU’s role, meanwhile, is to clarify the application of EU law so its rulings are keenly watched as they steer how lower courts and regulators uphold the law.

Proportionality in the frame

Per AG Rantos, data retention for ads must take account of the principle of proportionality, a general principle of EU law that also applies to the bloc’s privacy framework, the General Data Protection Regulation (GDPR) — such as when determining a lawful basis for processing. A key requirement of the regulation is to have a legal basis for handling people’s information.

In a press release the CJEU writes with emphasis: “Rantos proposes that the Court should rule that the GDPR precludes the processing of personal data for the purposes of targeted advertising without restriction as to time. The national court must assess, based inter alia on the principle of proportionality, the extent to which the data retention period and the amount of data processed are justified having regard to the legitimate aim of processing those data for the purposes of personalised advertising.”

The CJEU is considering two legal questions referred to it by a court in Austria. These relate to a privacy challenge, dating back to 2020, brought against Meta’s adtech business by Max Schrems, a lawyer and privacy campaigner. Schrems is well known in Europe as he’s already racked up multiple privacy wins against Meta — which have led to penalties that have cost the tech giant well over a billion dollars in fines since the GDPR came into force.

An internal memo by Meta engineers, obtained by Motherboard/Vice back in 2022, painted a picture of a company unable to apply policies to limit its use of people’s data after ingestion by its ads systems as it had “built a system with open borders”, as the document put it. Although Meta disputed the characterization, claiming at the time the document “does not describe our extensive processes and controls to comply with privacy regulations”.

But it’s clear Meta’s core business model relies on its ability to track and profile web users to operate its microtargeted advertising business. So any hard legal limits on its ability to process and retain people’s data could have big implications for its profitability. To wit: Last year, Meta suggested around 10% of its worldwide ad revenue is generated in the EU.

In recent months, European Union lawmakers and regulators have also notably been dialling up pressure on the adtech giant to ditch its addiction to surveillance advertising — with the Commission explicitly name-checking the existence of alternative ad models, such as contextual advertising, when it opened an investigation into Meta’s binary “consent or pay” user offer last month, under the market power-focused Digital Markets Act.

A key GDPR steering body, meanwhile, also put out guidance on “consent or pay” earlier this month — stressing that larger ad platforms like Meta must give users a “real choice” about decisions affecting their privacy.

No sensitive data free-for-all for ads

In today’s opinion, AG Rantos has also opined on a second point that’s been referred to the court: Namely whether making “manifestly” public certain personal information — in this case, info related to Schrems’ sexual orientation — gives Meta carte blanche to retrospectively claim it can use the sensitive data for ad targeting.

Schrems had complained he received ads on Facebook targeting his sexuality. He subsequently discussed his sexuality publicly but had argued the GDPR principle of purpose limitation must be applied in parallel, referencing a core plank of the regulation that limits further processing of personal data (i.e. without a new valid legal basis such as obtaining the user’s consent).

AG Rantos’ opinion appears to align with Schrems’. Discussing this point, the press release notes (again with emphasis): “while data concerning sexual orientation fall into the category of data that enjoy particular protection and the processing of which is prohibited, that prohibition does not apply when the data are manifestly made public by the data subject. Nevertheless, this position does not in itself permit the processing of those data for the purposes of personalised advertising.

In an initial reaction to the AG’s views on both legal questions, Schrems, who is founder and chairman of the European privacy rights nonprofit, noyb, welcomed the opinion, via his lawyer for the case against Meta, Katharina Raabe-Stuppnig.

“At the moment, the online advertising industry simply stores everything forever. The law is clear that the processing must stop after a few days or weeks. For Meta, this would mean that a large part of the information they have collected over the last decade would become taboo for advertising,” she wrote in a statement highlighting the importance of limits on data retention for ads.

“Meta has basically been building a huge data pool on users for 20 years now, and it is growing every day. EU law, however, requires ‘data minimisation’. If the Court follows the opinion, only a small part of this pool will be allowed to be used for advertising — even if have consented to ads,” she added.

On the issue of further use of sensitive data that’s been made public, she said: “This issue is highly relevant for anyone who makes a public statement. Do you retroactively waive your right to privacy for even totally unrelated information, or can only the statement itself be used for the purpose intended by the speaker? If the Court interprets this as a general ‘waiver’ of your rights, it would chill any online speech on Instagram, Facebook or Twitter.”

Reached for its own reaction to the AG opinion, Meta spokesman Matthew Pollard told TechCrunch it would await the court ruling.

The company also claims to have “overhauled privacy” since 2019, suggesting it’s spent €5BN+ on EU-related privacy compliance issues and expanding user controls. “Since 2019, we have overhauled privacy at Meta and invested over five billion Euros to embed privacy at the heart of our products,” wrote Meta in an emailed statement. “Everyone using Facebook has access to a wide range of settings and tools that allow people to manage how we use their information.”

On sensitive data, Pollard highlighted another claim by Meta that it “does not use sensitive data that users provide us to personalise ads”, as the statement puts it.

“We also prohibit advertisers from sharing sensitive information in our terms and we filter out any potentially sensitive information that we’re able to detect,” Meta also wrote, adding: “Further, we’ve taken steps to remove any advertiser targeting options based on topics perceived by users to be sensitive.”

In April 2021, Meta announced a policy change in this area — saying it would no longer allow advertisers to target users with ads based on sensitive categories such as their sexual orientation, race, political beliefs or religion. However, in May 2022, an investigation by the data journalism nonprofit, The Markup, found it was easy for advertisers to circumvent Meta’s ban by using “obvious proxies”.

A CJEU ruling back in August 2022 also looks very relevant here as the court affirmed then that sensitive inferences should be treated as sensitive personal data under the GDPR. Or, put another way, using a proxy for sexual orientation to target ads requires obtaining the same stringent standard of “explicit consent” as directly targeting ads at a person’s sexual orientation would need in order to be lawful processing in the EU.

Meta’s ‘consent or pay’ tactic must not prevail over privacy, EU rights groups warn

Apple, Google and Meta face first formal investigations under EU’s DMA


Software Development in Sri Lanka

Robotic Automations

Lawmakers vote to reauthorize US spying law that critics say expands government surveillance | TechCrunch

April 20, 2024 7:24 PM0


Lawmakers passed legislation early Saturday reauthorizing and expanding a controversial U.S. surveillance law shortly after the powers expired at midnight, rejecting opposition by privacy advocates and lawmakers.

The bill, which passed on a 60-34 vote, reauthorizes powers known as Section 702 under the Foreign Intelligence Surveillance Act (FISA), which allows the government to collect the communications of foreign individuals by accessing records from tech and phone providers. Critics, including lawmakers who voted against the reauthorization, say FISA also sweeps up the communications of Americans while spying on its foreign targets.

White House officials and spy chiefs rallied behind efforts to reauthorize FISA, arguing the law prevents terrorist and cyber attacks and that a lapse in powers would harm the U.S. government’s ability to gather intelligence. The Biden administration claims the majority of the classified information in the president’s daily intelligence briefing derives from the Section 702 program.

Privacy advocates and rights groups rejected the reauthorization of FISA, which does not require the FBI or the NSA to obtain a warrant before searching the Section 702 database for Americans’ communications. Accusations that the FBI and the NSA abused their authority to conduct warrantless searches on Americans’ communications became a key challenge for some Republicans initially seeking greater privacy protections.

Bipartisan efforts aimed to require the government obtain a warrant before searching its databases for Americans’ communications. But these failed ahead of the final vote on the Senate floor.

Following the passage in the early hours of today, Senator Mark Warner, who chairs the Senate Intelligence Committee, said that FISA was “indispensable” to the U.S. intelligence community.

The bill now goes to the President’s desk, where it will almost certainly pass into law.

FISA became law in 1978 prior to the advent of the modern internet. It started to come under increased public scrutiny in 2013 after a massive leak of classified documents exposed the U.S. government’s global wiretapping program under FISA, which implicated several major U.S. tech companies and phone companies as unwilling participants.

The Senate was broadly expected to pass the surveillance bill into law, but it faced fresh opposition after the House passed last week its version of the legislation that critics said would extend the reach of FISA to also include smaller companies and telecom providers not previously subject to the surveillance law.

Communications providers largely opposed the House’s expanded definition of an “electronic communications service provider,” which they said would unintentionally include companies beyond the big tech companies and telecom providers who are already compelled to hand over users’ data.

An amendment, introduced by Sen. Ron Wyden, to remove the expanded measure from the bill failed to pass in a vote.

Wyden, a Democratic privacy hawk and member of the Senate Intelligence Committee, accused senators of waiting “until the 11th hour to ram through renewal of warrantless surveillance in the dead of night.”

“Time after time anti-reformers pledge that their band-aid changes to the law will curb abuses, and yet every time, the public learns about fresh abuses by officials who face little meaningful oversight,” said Wyden in a statement.

In the end, the bill passed soon after midnight.

Despite the last-minute rush to pass the bill, a key provision in FISA prevents the government’s programs under Section 702 from suddenly shutting down in the event of lapsed legal powers. FISA requires the government to seek an annual certification from the secretive FISA Court, which oversees and approves the government’s surveillance programs. The FISA Court last certified the government’s surveillance program under Section 702 in early April, allowing the government to use its lapsed authority until at least April 2025.

FISA will now expire at the end of 2026, setting up a similar legislative showdown midway through the next U.S. administration.

NSA is buying Americans’ internet browsing records without a warrant


Software Development in Sri Lanka

Robotic Automations

'Reverse' searches: The sneaky ways that police tap tech companies for your private data | TechCrunch

April 13, 2024 9:55 AM0


U.S. police departments are increasingly relying on a controversial surveillance practice to demand large amounts of users’ data from tech companies, with the aim of identifying criminal suspects.

So-called “reverse” searches allow law enforcement and federal agencies to force big tech companies, like Google, to turn over information from their vast stores of user data. These orders are not unique to Google — any company with access to user data can be compelled to turn it over — but the search giant has become one of the biggest recipients of police demands for access to its databases of users’ information.

For example, authorities can demand that a tech company turn over information about every person who was in a particular place at a certain time based on their phone’s location, or who searched for a specific keyword or query. Thanks to a recently disclosed court order, authorities have shown they are able to scoop up identifiable information on everyone who watched certain YouTube videos.

Reverse searches effectively cast a digital dragnet over a tech company’s store of user data to catch the information that police are looking for.

Civil liberties advocates have argued that these kinds of court-approved orders are overbroad and unconstitutional, as they can also compel companies to turn over information on entirely innocent people with no connection to the alleged crime. Critics fear that these court orders can allow police to prosecute people based on where they go or whatever they search the internet for.

So far, not even the courts can agree on whether these orders are constitutional, setting up a likely legal challenge before the U.S. Supreme Court.

In the meantime, federal investigators are already pushing this controversial legal practice further. In one recent case, prosecutors demanded that Google turn over information on everyone who accessed certain YouTube videos in an effort to track down a suspected money launderer.

A recently unsealed search application filed in a Kentucky federal court last year revealed that prosecutors wanted Google to “provide records and information associated with Google accounts or IP addresses accessing YouTube videos for a one week period, between January 1, 2023, and January 8, 2023.”

The search application said that as part of an undercover transaction, the suspected money launderer shared a YouTube link with investigators, and investigators sent back two more YouTube links. The three videos — which TechCrunch has seen and have nothing to do with money laundering — collectively racked up about 27,000 views at the time of the search application. Still, prosecutors sought an order compelling Google to share information about every person who watched those three YouTube videos during that week, likely in a bid to narrow down the list of individuals to their top suspect, who prosecutors presumed had visited some or all of the three videos.

This particular court order was easier for law enforcement to obtain than a traditional search warrant because it sought access to connection logs about who accessed the videos, rather than the higher-standard search warrant that courts can use to demand that tech companies turn over the contents of someone’s private messages.

The Kentucky federal court approved the search order under seal, blocking its public release for a year. Google was barred from disclosing the demand until last month when the court’s order expired. Forbes first reported on the existence of the court order.

It’s not known if Google complied with the order, and a Google spokesperson declined to say either way when asked by TechCrunch.

Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, said this was a “perfect example” why civil liberties advocates have long criticized this type of court order for its ability to grant police access to people’s intrusive information.

“The government is essentially dragooning YouTube into serving as a honeypot for the feds to ensnare a criminal suspect by triangulating on who’d viewed the videos in question during a specific time period,” said Pfefferkorn, speaking about the recent order targeting YouTube users. “But by asking for information on everyone who’d viewed any of the three videos, the investigation also sweeps in potentially dozens or hundreds of other people who are under no suspicion of wrongdoing, just like with reverse search warrants for geolocation.”

Demanding the digital haystack

Reverse search court orders and warrants are a problem largely of Google’s own making, in part thanks to the gargantuan amounts of user data that the tech giant has long collected on its users, like browsing histories, web searches and even granular location data. Realizing that tech giants hold huge amounts of users’ location data and search queries, law enforcement began succeeding in convincing courts into granting broader access to tech companies’ databases than just targeting individual users.

A court-authorized search order allows police to demand information from a tech or phone company about a person who investigators believe is involved in a crime that took place or is about to happen. But instead of trying to find their suspect by looking for a needle in a digital haystack, police are increasingly demanding large chunks of the haystack — even if that includes personal information on innocent people — to sift for clues.

Using this same technique as demanding identifying information of anyone who viewed YouTube videos, law enforcement can also demand that Google turn over data that identifies every person who was at a certain place and time, or every user who searched the internet for a specific query.

Geofence warrants, as they are more commonly known, allow police to draw a shape on a map around a crime scene or place of interest and demand huge swaths of location data from Google’s databases on anyone whose phone was in that area at a point in time.

Read more on TechCrunch

Police can also use so-called “keyword search” warrants that can identify every user who searched a keyword or search term within a time frame, typically to find clues about criminal suspects researching their would-be crimes ahead of time.

Both of these warrants can be effective because Google stores the granular location data and search queries of billions of people around the world.

Law enforcement might defend the surveillance-gathering technique for its uncanny ability to catch even the most elusive suspected criminals. But plenty of innocent people have been caught up in these investigative dragnets by mistake — in some cases as criminal suspects — simply by having phone data that appears to place them near the scene of an alleged crime.

Though Google’s practice of collecting as much data as it can on its users makes the company a prime target and a top recipient of reverse search warrants, it’s not the only company subject to these controversial court orders. Any tech company large or small that stores banks of readable user data can be compelled to turn it over to law enforcement. Microsoft, Snap, Uber and Yahoo (which owns TechCrunch) have all received reverse orders for user data.

Some companies choose not to store user data and others scramble the data so it can’t be accessed by anyone other than the user. That prevents companies from turning over access to data that they don’t have or cannot access — especially when laws change from one day to the next, such as when the U.S. Supreme Court overturned the constitutional right to access abortion.

Google, for its part, is putting a slow end to its ability to respond to geofence warrants, specifically by moving where it stores users’ location data. Instead of centralizing enormous amounts of users’ precise location histories on its servers, Google will soon start storing location data directly on users’ devices, so that police must seek the data from the device owner directly. Still, Google has so far left the door open to receiving search orders that seek information on users’ search queries and browsing history.

But as Google and others are finding out the hard way, the only way for companies to avoid turning over customer data is by not having it to begin with.

Google moves to end geofence warrants, a surveillance problem it largely created


Software Development in Sri Lanka

Back
WhatsApp
Messenger
Viber