Search
Content type: Examples
27th June 2018
In 2012, Facebook CEO Mark Zuckerberg's sister, Randi, tweeted to fellow Twitter user Callie Schweitzer that Schweitzer had violated her privacy by posting a picture taken in her kitchen. Randi Zuckerberg, the former head of Facebook's marketing department, had posted the picture, which was taken in her kitchen and showed four people including her brother, to Facebook intending it to be viewed by Friends only. Schweitzer responded that the picture had popped up in her Facebook News Feed. Randi…
Content type: Examples
5th May 2018
In the wake of Tesla’s first recorded autopilot crash, automakers are reassessing the risk involved with rushing semi-autonomous driving technology into the hands of distractible drivers. But another aspect of autopilot—its ability to hoover up huge amounts of mapping and “fleet learning” data—is also accelerating the auto industry’s rush to add new sensors to showroom-bound vehicles. This may surprise some users: Tesla’s Terms of Use (TOU) does not explicitly state that the company will…
Content type: Examples
26th September 2018
In September 2018, a software patch was found by journalists to be widely available, that disabled or weakened the security features in the software used to enroll people on the Aadhaar databse, potentially from anywhere in the world. The patch was reportedly widely-available in WhatsApp groups, available for around $35USD. The demand for individuals to access the Aadhaar databse goes back to 2010, when private entities were allowed to enroll people in the Aadhaar database, to encourage…
Content type: Examples
8th December 2018
In September 2018, researchers discovered that websites accessed via mobile phones could access an array of device sensors, unlike apps, which request permissions for such access. The researchers found that 3,695 of the top 100,000 websites incorporate scripts that tap into one or more sensors, including Wayfair, Priceline, and Kayak. Unlike location sensors, motion, lighting, and proximity sensors have no mechanism for notifying users and requesting permission. Ad blockers were not effective…
Content type: Examples
5th May 2018
By 2015, the cost, invasiveness, and effort involved in conducting medical tests led to proposals for lightweight wearable sensors that could perform the same job. Several such efforts focus on making these sensors fashionably acceptable by making them out of skinlike substances with electronics embedded in them. A team at the University of Illinois is working on biostamps, which can be applied to the skin, include flexible circuits, and can be wirelessly powered. At the University of Tokyo, a…
Content type: Examples
3rd May 2018
Documents submitted as part of a 2015 US National Labor Relations Board investigation show that Walmart, long known to be hostile to unions, spied on and retaliated against a group of employees who sought higher wages, more full-time jobs, and predictable schedules. In combating the group, who called themselves the Organization United for Respect at Walmart (OUR Walmart), Walmart hired an intelligence-gathering service from Lockheed Martin, contacted the FBI, and set up an internal Delta team…
Content type: Examples
19th December 2018
In July 2018 Walmart filed a patent on a system of sensors that would gather conversations between cashiers and customers, the rattle of bags, and other audio data to monitor employee performance. Earlier in 2018, Amazon was awarded a patent on a wristaband that would monitor and guide workers in processing items. UPS uses sensors to monitor whether its drivers are wearing seatbelts and when they open and close truck doors. All these examples, along with others such as technology that allows…
Content type: Examples
20th December 2018
In July 2018, Election Systems and Software (ES&S), long the top US manufacturer of voter machines, admitted in a letter to Senator Ron Wyden (D-OR) that it had installed pcAnywhere remote access software and modems on a number of the election management systems it had sold between 2000 and 2006. The admission was in direct contradiction to the company's response for a New York Times article earlier in the year on US voting machines' vulnerability to hacking. ES&S says it stopped…
Content type: Examples
20th December 2018
In the run-up to the November 2018 US midterm elections, Vice tested Facebook's new system of mandatory "Paid for" disclosure intended to bring greater transparency to the sources of ads relating to "issues of national importance". Placing political ads requires a valid ID and proof of residence. Vice found that Facebook quickly approved ads the site attempted to place that named Islamic State, US vice president Mike Pence, and Democratic National Committee chair Tom Perez in the "Paid for"…
Content type: Examples
3rd May 2018
In 2016, the US's third-largest property and casualty insurer, Liberty Mutual, announced it would partner with Subaru to enable drivers who have bought Subaru's Starlink infotainment system to download a car app that will notify them if they are accelerating too aggressively or braking too hard. The insurer's RightTrack programme, which began in 2012 and of which the app is a part, gives drivers a 5% discount for enrolling and further discounts of up to 30% for following the app's instructions…
Content type: Examples
20th December 2018
A combination of entrenched and litigious voting machine manufacturers with immense control over their proprietary software and a highly complex and fragmented voting infrastructure mean that even though concerns were raised as early as 2004 about the security of US voting machines, the 2018 midterm election saw little improvement. The machines in use in the more than 10,000 US election jurisdictions are all either optical-scan or direct-recording electronic (DRE). Optical-scan, which scans…
Content type: Examples
20th December 2018
In the months leading up to the US 2018 midterm elections, Republican officials in Georgia, Texas, and North Carolina made moves they described as ensuring voting integrity but which critics saw as blocking voter access. In Georgia, where Secretary of State Brian Kemp is charged with enforcing election law and was simultaneously running for governor, election officials blocked 53,000 applications to register, 70% of which are those of African-Americans, under a law requiring personal…
Content type: Examples
20th December 2018
In July 2018, Robert Mueller, the special prosecutor appointed to look into Russian interference in the 2016 US presidential election, charged 12 Russian intelligence officers with hacking Hillary Clinton's campaign and the Democratic National Committee by spearphishing staffers. The charges include conspiracy to commit an offence against the US, aggravated identity theft, conspiracy to launder money, and conspiracy to access computers without authorisation. The hack led to the release of…
Content type: Examples
3rd May 2018
In 2016, supporters of Ted Cruz and Rand Paul for president were surprised to begin getting emails from the Trump campaign soon after their candidates dropped out of the race for the Republican nomination. In an investigation, CNNMoney found that nearly every failed 2016 presidential candidate sold, rented, or loaned their supporters' email addresses to other candidates, marketers, charities, and private companies. From analysing thousands of emails and Federal Election Commission records,…
Content type: Examples
29th November 2018
Following the 9/11 attacks in 2001, the New York City Police Department installed thousands of CCTV cameras and by 2008 in partnership with Microsoft had built the Lower Manhattan Security Coordination Center to consolidate its video surveillance operations into a single command centre that also incorporated other sensors such as licence plate readers and radiation detectors. In 2010 as part of its Domain Awareness System, the NYPD began integrating cutting-edge video analytics software into…
Content type: Examples
3rd May 2018
In 2015, US director of national intelligence James Clapper, backed by National Security Agency director Admiral Michael Rogers, warned Congress that the next phase of escalating online data theft is likely to involve manipulating digital information. Clapper and Rogers viewed this type of attack as more likely than a catastrophic event of digitally triggered damage to physical infrastructure. The pair believed that manipulating and deleting data would compromise data integrity and undermine…
Content type: Examples
5th May 2018
In February 2018 the US Immigration and Customs Enforcement (ICE) signed a contract with Vigilant Solutions, giving it access to the company's giant database of billions of license plate records, which can be searched to produce every place a given license plate has been seen in the last five years and issue instantaneous email alerts whenever a particular plate is newly sighted. Vigilant collects few of its own photos, but it acquires data from vehicle repossession agencies and other private…
Content type: Examples
4th December 2018
In May 2018, US Immigration and Customs Enforcement abandoned the development of machine learning software intended to mine Facebook, Twitter, and the open Internet to identify terrorists. The software, announced in the summer of 2017, had been a key element of president Donald Trump's "extreme vetting" programme and expected to flag at least 10,000 people a year for investigation. ICE decided instead to opt for a contractor who could provide training, management, and human personnel to do the…
Content type: Examples
29th November 2018
In 2011, the US Department of Homeland Security funded research into a virtual border agent kiosk called AVATAR, for Automated Virtual Agent for Truth Assessments in Real-Time, and tested it at the US-Mexico border on low-risk travellers who volunteered to participate. In the following years, the system was also tested by Canada's Border Services Agency in 2016 and the EU border agency Frontex in 2014. The research team behind the system, which included the University of Arizona, claimed the…
Content type: Examples
20th December 2018
With only days to go before the 2018 US midterm elections, a federal judge ruled that the state of Georgia must change its "exact match" law that required voter registrations with even the tiniest variation from other official identifications to be flagged as potential non-citizens unless they could produce proof of identity. A group of civil rights groups sued Republican secretary of state Brian Kemp, in charge of the elections despite also running for governor, to change the procedure, which…
Content type: Examples
4th December 2018
In September 2018, the US Department of Homeland Security proposed to add credit scores and histories to the list of information immigrants are required to submit when applying for legal resident status. The stated purpose of the proposed rule is to bar those who might become a "public charge" from acquiring legal residency, extending their stay, or changing their status. While credit reports do reveal information about an individual's debt, payment, and work history, they were never designed…
Content type: Examples
19th December 2018
In late 2018, after apps like Strava and Polar Flow exposed the movements of staff around military bases, the US Department of Defense banned military troops and other workers at sensitive sites from using fitness trackers and other apps that could reveal their users' location. Military leaders will have discretion over whether local staff can use GPS, and the devices themselves - smartwatches, tablets, phones, and fitness trackers - are not banned.
https://www.forbes.com/sites/emmawoollacott/…
Content type: Examples
3rd May 2018
In May 2015, the US Department of Justice and the FBI submitted a declaration to an Oregon federal judge stating that the US government's no-fly lists and broader watchlisting system relied on predictive judgements of individuals rather than records of actual offences. The documents were filed as part of a longstanding case brought by the American Civil Liberties Union, which claimed that the government did not provide steps individuals could take to get off the blacklists and that the process…
Content type: Examples
19th December 2018
Although the US rejected a "National Data Center" approach in 1966, eventually instead passing the 1974 Privacy Act, in 2018 the House of Representatives proposed a national database of all 40 million recipients of benefits under the Supplemental Nutrition Assistance Program (SNAP, formerly known as "food stamps"). The proposed legislation assigned the creation of the database to the Department of Agriculture, with help from private vendors and would collect Social Security numbers, birthdates…
Content type: Examples
5th May 2018
On August 1, 2017, Wisconsin company Three Square Market began offering its employees the option of implanting a tiny chip between their thumb and index finger. The chip enables employees to wave at hand at any of the company's RFID readers in order to enter the building, pay for food in the cafeteria, or use other company services. More than 50 out of the 80 staff at its headquarters volunteered; a few are said to be considering incorporating the chip into a piece of jewellery rather than have…
Content type: Examples
5th May 2018
Like other countries, the US began incorporating RFID chips into its passports in 2006. The chips, which store passport information including name, date of birth, passport number, photo, and biometric identifiers, enable machine-readable border controls like those now seen at an increasing number of airports. For authentication and to prevent counterfeiting and tampering, the chips also include a cryptographic signature (certificate) that authenticates the country issuing the passport. This…
Content type: Examples
26th October 2018
The key claim of retargeting, the business of companies like Paris-based Criteo, is that it can match long-tail advertisers with long-tail publishers and retailers. Ad exchanges enable these connections by identifying the specific group of people who need what smaller brands have - products such as specific light bulbs or replacement parts. By 2017, retargeting had become a $10 billion business.
https://www.mediapost.com/publications/article/311653/a-tale-of-two-tails.html
tags: Criteo, cross…
Content type: Case Study
3rd February 2018
What happened
As we traveled the world we saw alarming use and spread of surveillance capabilities. From country to country we saw the same policy ideas, and the same kit. The role of industry to the growth of surveillance capability had never been exposed before.
What we did
In 1996 we published the first ‘Big Brother Incorporated’ study, identifying the vast numbers of technology firms who were investing in surveillance technologies. We were particularly surprised by the rise of German…
Content type: Examples
20th December 2018
In September 2018 the UK's Information Commissioner found that it was likely that during 2017 a number of migrant rough sleepers were reported to the Home Office enforcement teams by the homelessness charity St. Mungo's. The finding followed a complaint from the Public Interest Law Unit. The charity claimed it passed on these details when people wanted to return home. The Home Office halted its policy of deporting migrant rough sleepers in December 2017 and the government was to pay hundreds of…
Content type: Examples
20th December 2018
A database compiled through investigations conducted in 2018 by the Guardian and the Undercover Research Group network of activists shows that undercover police officers spied on 124 left-wing activist groups between 1970 and 2007. The police infiltrated 24 officers over that time within the Socialist Workers Party, which, with a membership of a few thousand, advocates revolution to ablish capitalism. Four of these undercover officers began sexual relationships with deceived female members, and…