Search
Content type: Examples
In May 2018, the ACLU of Northern California obtained documents under a FOIA request showing that Amazon was essentially giving away its two-year-old Rekognition facial recognition tools to law enforcement agencies in Oregon and Orlando, Florida. Amazon defended the move by saying the technology has many useful purposes, including finding abducted children and identify attendees at the 2018 wedding of Britain's Prince Harry and Meghan Markle. The company markets Rekognition as useful for…
Content type: Examples
In September 2018, AI Now co-founder Meredith Whittaker sounded the alarm about the potential for abuse of the convergence of neuroscience, human enhancement, and AI in the form of brain-computer interfaces. Part of Whittaker's concern was that the only companies with the computational power necessary to develop these technologies are those already leading in AI: Google, Facebook, Microsoft, and equivalent. The result would be that the neural data collected from individuals' thoughts would be…
Content type: Examples
In 2018, a Duke University medical doctor who worked with Microsoft researchers to analyse millions of Bing user searches found links between some computer users' physical behaviours - tremors while using a mouse, repeated queries, and average scrolling speed - and Parkinson's disease. The hope was to be able to diagnose conditions like Parkinson's and Alzheimer's earlier and more accurately. Other such studies tracked participants via a weekly online health survey, mouse usage, and, via…
Content type: Examples
Following the 9/11 attacks in 2001, the New York City Police Department installed thousands of CCTV cameras and by 2008 in partnership with Microsoft had built the Lower Manhattan Security Coordination Center to consolidate its video surveillance operations into a single command centre that also incorporated other sensors such as licence plate readers and radiation detectors. In 2010 as part of its Domain Awareness System, the NYPD began integrating cutting-edge video analytics software into…
Content type: Explainer
In the digital economy there is a trend towards corporate concentration. This is true for social media platforms, search engines, smart phone operating systems, digital entertainment, or online retailers. Meanwhile, the way in which market dominance is measured traditionally does not always capture the extent of their control: firstly, their products and services are often “free” and secondly, it’s often not clear in which “markets” and “sectors” these companies operate, since there is so much…
Content type: Examples
In 2013, Edward Snowden, working under contract to the US National Security Agency for the consultancy Booz Allen Hamilton, copied and leaked thousands of classified documents that revealed the inner workings of dozens of previously unknown surveillance programs. One of these was PRISM, launched in 2007, which let NSA use direct access to the systems of numerous giant US technology companies to carry out targeted surveillance of the companies' non-US users and Americans with foreign contacts by…
Content type: News & Analysis
As the international cyber security debate searches for new direction, little attention is paid to what is going on in Africa. Stepping over the remains of the UN Group of Governmental Experts, and passing by the boardrooms of Microsoft struggling to deliver their Digital Geneva Convention, African nations are following their own individual paths.
Unfortunately, these paths increasingly prioritise intrusive state surveillance and criminalisation of legitimate expression online as…
Content type: Examples
In April 2010, Facebook launched a set of tools to enable websites to add a social layer by adding a Facebook frame to their pages. The company's three launch partners, Microsoft's Docs.com, Yelp, and Pandora, had access to a more comprehensive tool, Instant Personalization, which allowed them to look directly at individuals' Facebook profiles and use the public information presented there to provide a personalised experience such as playing music (Pandora) or restaurants (Yelp) that the person…
Content type: Press release
Photo credit: Forbrukerrådet
The Norwegian Consumer Council has today published a report which shows how Facebook and Google appear to push users into sharing personal data, and raises questions around how such practices are GDPR compliant.
Off the back of the analysis, Privacy International is joining NCC and several other consumer and privacy groups in Europe to ask European data protection authorities to investigate whether the companies are acting in accordance with GDPR. Copies of the…
Content type: Examples
In a report on mobile security updates, the US Federal Trade Commission finds that because of the complexity of the mobile ecosystem applying security updates to operating system software on some mobile devices is time-consuming and complicated. Based on information gathered from eight device manufacturers - Apple, Blackberry, Google, HTC, LG, Microsoft, Motorola, and Samsung, the FTC recommends that manufacturers should deploy these updates more quickly and suggests that manufacturers should…
Content type: Examples
Two of the most notorious malware outbreaks of 2017 were the ransomware WannaCry and the wiper malware NotPetya. Both relied on the NSA's EternalBlue exploit of the Microsoft Server Message Block, which was leaked online by the hacker group The Shadow Brokers. Along with EternalBlue, The Shadow Brokers also leaked three other exploits: EternalSynergy, EternalRomance, and EternalChampion. In early 2018, RiskSense security researcher Sean Dillon ported these three to work on Windows versions…
Content type: Examples
The Dutch data protection authority has found that Microsoft's Windows 10 operating system breaches Dutch law by processing personal data of the system's users without informing them clearly about what type of data the company uses and for what purpose. In addition, users cannot give valid consent because the company does not clearly inform them that under the default settings it collects personal usage data through its Edge web browser. The result is to rob users of control over both their…
Content type: Explainer
“Smart city” is a marketing term used to define the use of technology – and in particular data collection – to improve the functioning of cities. The idea behind smart cities is that the more local governments know about city inhabitants the better the services they deliver will be. However, the reality is that the term means different things to different actors from companies to governments.
The World Bank suggests two possible definitions of smart cities. The first one is “a technology-…
Content type: Examples
In early 2016 Libreville, the capital of Gabon, signed up for Microsoft's CityNext programme, which is intended to supply innovative "smart city" solutions in eight key areas: health, social services, infrastructure, water, electricity, justice, culture, and education. Applications in each area will allow the city to manage traffic and urban transport, govern and collect taxes, and provide citizens with electronic access to health, citizen, police, and emergency services, as well as make it…
Content type: Examples
In September 2016, an algorithm assigned to pick the winners of a beauty contest examined selfies sent in by 600,000 entrants from India, China, the US, and all over Africa, and selected 44 finalists, almost all of whom were white. Of the six non-white finalists, all were Asian and only one had visibly dark skin. The contest was run by Beauty.ai, an initiative from the Russia and Hong Kong-based Youth Laboratories, and was supported by Microsoft and Nvidia. The reason was the lack of diversity…
Content type: Impact Case Study
What is the problem
Business models of lots of companies is based on data exploitation. Big Tech companies such Google, Amazon, Facebook; data brokers; online services; apps and many others collect, use and share huge amounts of data about us, frequently without our explicit consent of knowledge. Using implicit attributes of low-cost devices, their ‘free’ services or apps and other sources, they create unmatched tracking and targeting capabilities which are being used against us.
Why it is…
Content type: News & Analysis
Private surveillance companies selling some of the most intrusive surveillance systems available today are in the business of purchasing security vulnerabilities of widely-used software, and bundling it together with their own intrusion products to provide their customers unprecedented access to a target’s computer and phone.
It's been known for some time that governments, usually at a pricey sum, purchase such exploits, known as zero- and one-day exploits, from security researchers to…