Advanced Search
Content Type: Examples
By 2016, numerous examples had surfaced of bias in facial recognition systems that meant they failed to recognise non-white faces, labelled non-white people as "gorillas", "animals", or "apes" (Google, Flickr), told Asian users their eyes were closed when taking photographs (Nikon), or tracked white faces but couldn't see black ones (HP). The consequences are endemic unfairness and a system that demoralises those who don't fit the "standard". Some possible remedies include ensuring diversity in…
Content Type: Examples
In 2016, when security expert Matthew Garrett stayed in a London hotel where the light switches had been replaced by Android tablets, it took him only a few hours to gain access to all of the room's electronics. The steps he followed: plug his laptop into a link in place of one of the tablets; set up a transparent bridge; analyse the data traffic with WireShark to identify the protocol in use; then exploit that protocol. That protocol was Modbus, an old protocol with no authentication. Once…
Content Type: Examples
By 2016, a logical direction for data-driven personalisation efforts to go was toward the "Internet of Emotions": equipping devices with facial, vocal, and biometric sensors that use affective computing to analyse and influence the feelings of device owners. Of particular concern is the potential for using subtle cues to manipulate people in a more nuanced way than is presently discussed. The beginnings of this are already visible in the example of an Amazon Echo that displayed the items a…
Content Type: Examples
The discovery in 2016 of previous hacker break-ins such as the 2013 theft of 360 million old MySpace accounts and the 2012 hack of LinkedIn suggest that although websites come and go and "linkrot" means web pages have a short half-life, user data lives on for a deceptively long time. This is especially true of user names, passwords, profiles, and other personal data that is both commercially valuable and useful to criminals over a long period. The email address that someone used to open a…
Content Type: Examples
In 2015, Chinese authorities banned the 1.6 million members of the country's People's Liberation Army from using smartwatches and other wearable technology in order to prevent security breaches. Army leaders announced the decision after a soldier in the city of Nanjing was reported for trying to use a smartwatch he had been given to take pictures of his comrades because automatic connections could mean the devices uploaded voice and video to the cloud in violation of national security…
Content Type: Examples
In 2015, ABI Research discovered that the power light on the front of Alphabet's Nest Cam was deceptive: even when users had used the associated app to power down the camera and the power light went off, the device continued to monitor its surroundings, noting sound, movement, and other activities. The proof lay in the fact that the device's power drain diminished by an amount consistent with only turning off the LED light. Alphabet explained the reason was that the camera had to be ready to be…
Content Type: Examples
In 2016, researchers at Dalhousie University in Canada and the Weizman Institute of Science in Israel developed a proof-of-concept attack that allowed them to take control of LED light bulbs from a distance of up to 400 metres by exploiting a flaw in the Zigbee protocol implementation used in the Philips Hue system. Because the same key was used in every bulb, once it had been extracted from one bulb it could be reused on all of them. Writing a new operating system to one of the bulbs…
Content Type: Examples
At the 2016 Usenix conference, MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) presented a system called Chronos that could use wifi signals to detect the position of a person or object inside a room to within tens of centimetres. MIT claimed Chronos was 20 times more accurate than previous wifi-based tracking systems, 94% successful in detecting which room a person was in, and 97% accurate in determining if a customer was inside or outside a shop. The researchers hoped…
Content Type: Examples
In 2016, when Australia was planning to introduce a new welfare system based on data collection, experts from New Zealand, where a similar system was set up in 2012, warned that experience showed that the most vulnerable people were checking out of any relationship with the state. They warned, for example, that the New Zealand welfare changes, which used data collected on welfare recipients to predict their future cost to the state, treated beneficiaries as a threat to society and were unproven…
Content Type: Examples
In a presentation at London's 2016 Black Hat cybersecurity conference, researchers from UCL showed that it was possible to use ultrasound to track consumers across multiple devices. Marketers were already using beacons inaudible to the human ear to activate functions on devices via their microphones, and retailers were using shopping reward apps such as Shopkick to push department or aisle-specific ads while customers were in their stores. The UCL researchers noted, however, the inherent…
Content Type: Examples
In September 2016, an algorithm assigned to pick the winners of a beauty contest examined selfies sent in by 600,000 entrants from India, China, the US, and all over Africa, and selected 44 finalists, almost all of whom were white. Of the six non-white finalists, all were Asian and only one had visibly dark skin. The contest was run by Beauty.ai, an initiative from the Russia and Hong Kong-based Youth Laboratories, and was supported by Microsoft and Nvidia. The reason was the lack of diversity…
Content Type: Examples
In June 2016, National Security Agency deputy director Richard Ledgett told a conference on military technology conference that the agency was researching whether internet-connected biomedical devices such as pacemakers could be used to collect foreign intelligence. Ledgett identified the complexity of the Internet of Things as both a security nightmare and an opportunity for signals intelligence. However, the NSA prioritises its resources by focusing solely on technology used by its opponents…
Content Type: Examples
In 2015, the Canadian Department of National Defence issued a procurement request for a contractor who could find "vulnerabilities and security measures" in a 2015 pick-up truck whose model and make were not specified and "develop and demonstrate exploits" for the military. The contractor was to find as many exploits as possible by analysing every part of the truck, demonstrate that the hacks could actually hurt someone or enable an attacker to gather information, and deliver explicit source…
Content Type: Call to Action
Email your MP using any or all of the points below to start your message
You must personalise your message, for example to say why you feel passionate about this issue or what aspects particularly concern you.
Make sure you put: "Urgent: Data Protection Bill - Amendments for Report State on 9 May" in the subject title
Use the ‘Contact’ box above to send your email
Points to raise in your letter
RE: Data Protection Bill - Amendments for Report State on 9 May…
Content Type: Examples
The news that connected TVs and set-top boxes were listening in on their owners' conversations led the state of California to pass legislation (AB1116) prohibiting companies from operating a voice recognition feature without prominently informing the user or installer during initial setup. In addition, the bill bars manufacturers and third parties from using recordings of spoken words "collected through the operation of a voice recognition feature" in order to improve their voice recognition or…
Content Type: Examples
In the 2014 report "Networked Employment Discrimination", the Future of Work Project studied data-driven hiring systems, which often rely on data prospective employees have no idea may be used, such as the results of Google searches, and other stray personal data scattered online. In addition, digital recruiting systems that only accept online input exclude those who do not have internet access at home and must rely on libraries and other places with limited access and hours to fill in and…
Content Type: Examples
In a 2015 study of 79 apps listed in NHS England's Health Apps Library, which tests programs to ensure they meet standards of clinical and data safety, researchers at Imperial College London discovered that 70 of them sent personal data to associated online services and 23 sent that data without encrypting it. Four included both health and personal data in the unprotected transfer. The study also found that even though more than half the apps had privacy policies, these were vague and unclear…
Content Type: Examples
In 2016, 21-year-old Russian photographer Egor Tsvetkov launched the "Your Face is Big Data" project. He created the project by semi-secretly photographing passengers seated across from him on the St. Petersburg metro, then uploading the images to an online service called FindFace. FindFace's service, which is intended to facilitate checking out potential dates met through online sites, takes uploaded random photographs and searches for matches on Russia's most popular social network, Vkontakte…
Content Type: Examples
Because banks often decline to give loans to those whose "thin" credit histories make it hard to assess the associated risk, in 2015 some financial technology startups began looking at the possibility of instead performing such assessments by using metadata collected by mobile phones or logged from internet activity. The algorithm under development by Brown University economist Daniel Björkegren for the credit-scoring company Enterpreneurial Finance Lab was built by examining the phone records…
Content Type: Examples
A new generation of technology has given local law enforcement officers in some parts of the US unprecedented power to peer into the lives of citizens. The police department of Frenso California uses a cutting-edge Real Time Crime Center that relies on software like Beware.
As officers respond to calls, Beware automatically runs the address. The program also scoures billions of data points, including arrest reports, property records, commercial databases, deep Web searches and the man’s social…
Content Type: Examples
In 2016, the American Civil Liberties Union of Northern California published a report revealing that the social media monitoring service Geofeedia had suggested it could help police track protesters. The report's publication led Twitter and Facebook to restrict Geofeedia's access to their bulk data. ACLUNC argued that even though the data is public, using it for police surveillance is an invasion of privacy. Police are not legally required to get a warrant before searching public data; however…
Content Type: Examples
At the Sixth Annual Conference on Social Media Within the Defence and Military Sector, held in London in 2016, senior military and intelligence officials made it clear that governments increasingly view social media as a tool for the Armed Forces and a "new front in warfare". Social media are also viewed as a source of intelligence on civilian populations and enemies and as a vector for propaganda. The conference was sponsored by Thales, which was working with the National Research Council of…
Content Type: Examples
Documents submitted as part of a 2015 US National Labor Relations Board investigation show that Walmart, long known to be hostile to unions, spied on and retaliated against a group of employees who sought higher wages, more full-time jobs, and predictable schedules. In combating the group, who called themselves the Organization United for Respect at Walmart (OUR Walmart), Walmart hired an intelligence-gathering service from Lockheed Martin, contacted the FBI, and set up an internal Delta team…
Content Type: Examples
In 2015, a data leak apparently linked to the new Uber partner app exposed the personal information of hundreds of drivers, including their Social Security numbers, scanned drivers' licences, tax forms, and other documents. The information was likely to have been available for at least a few hours. Uber said the leak was fixed within 30 minutes and affected no more than 674 US drivers.
https://motherboard.vice.com/en_us/article/z4mjkj/uber-left-hundreds-of-drivers-licenses-and-social-…
Content Type: Examples
In 2016, a group of criminologists intend on identifying the famous graffiti artist Banksy used a forensic technique known as geographical profiling. The technique is more commonly used to identify potential suspects in cases of serial rape, arson, and murder, and works by mapping crimes to see if they cluster around particular geographical locations. The researchers had, however, a clue: the Daily Mailhad previously identified a candidate: Robin Gunningham. The researchers used addresses…
Content Type: Examples
In 2015, US director of national intelligence James Clapper, backed by National Security Agency director Admiral Michael Rogers, warned Congress that the next phase of escalating online data theft is likely to involve manipulating digital information. Clapper and Rogers viewed this type of attack as more likely than a catastrophic event of digitally triggered damage to physical infrastructure. The pair believed that manipulating and deleting data would compromise data integrity and undermine…
Content Type: Examples
Computer programs that perform risk assessments of crime suspects are increasingly common in American courtrooms, and are used at every stage of the criminal justice systems to determine who may be set free or granted parole, and the size of the bond they must pay. By 2016, the results of these assessments were given to judges during criminal sentencing and a sentencing reform bill was proposed in Congress to mandate the use of such assessments in federal prisons. In a study of the risk scores…
Content Type: Examples
In 2014, NYC Planning Labs Chris Whong was sent and made public a complete a complete dump of historical trip and fare logs from New York City taxis in response to a Freedom of Information request. The more than 20GB of uncompressed data comprising more than 173 million individual trips included pickup and drop-off locations and times and other metadata - but also personally identifiable information about the driver. Careful analysis enabled researchers to deanonymise the entire dataset,…
Content Type: Examples
In May 2015, the US Department of Justice and the FBI submitted a declaration to an Oregon federal judge stating that the US government's no-fly lists and broader watchlisting system relied on predictive judgements of individuals rather than records of actual offences. The documents were filed as part of a longstanding case brought by the American Civil Liberties Union, which claimed that the government did not provide steps individuals could take to get off the blacklists and that the process…
Content Type: Examples
As GPS began being increasingly incorporated into smartphones, satnav manufacturers like the Dutch company TomTom were forced to search for new revenue streams. In 2011, TomTom was forced to apologise when the Dutch newspaper AD reported that the company had sold driving data collected from customers to police, which used it to site speed cameras in locations where speeding was common. TomTom said that any information it shares had been anonymised; however, in response to the newspaper story…