Encrypted email provider Protonmail has hailed a recent Swiss legal ruling as a "victory for privacy," after winning a lawsuit that sees it exempted from data retention laws in the mountainous realm. From a report: Referring to a previous ruling that exempted instant messaging services from data capture and storage laws, the Protonmail team said this week: "Together, these two rulings are a victory for privacy in Switzerland as many Swiss companies are now exempted from handing over certain user information in response to Swiss legal orders." Switzerland's Federal Administrative Court ruled on October 22 that email providers in Switzerland are not considered telecommunications providers under Swiss law, thereby removing them from the scope of data retention requirements imposed on telcos. The victory comes after controversy over a previous (and not directly related) Swiss court order that forced the company to collect mobile device push notification identifiers from a specified user's account. That user was later arrested by French police, who had asked their Swiss counterparts to obtain the surveillance order. Protonmail chief exec Andy Yen told The Register his business doesn't routinely collect such data on its users.

An anonymous reader quotes a report from Reuters: Sophie Fornairon's independent bookshop has survived the rise of Amazon thanks to a French law that prohibits price discounting on new books, but she says the e-commerce giant's ability to undercut on shipping still skews the market against stores like hers. Fornairon, who owns the Canal Bookstore in central Paris, now hopes that new legislation that would set a minimum price for book deliveries will even the contest further in the battle of neighborhood stores against Amazon. "It's a just return towards a level playing field," Fornairon, who employs four workers, said. "We're not at risk of closing down any time soon, but Amazon is a constant battle".

French law prohibits free book deliveries but Amazon has circumvented this by charging a single centime (cent). Local book stores typically charge about 5-7 euros ($5.82-8.15) for shipping a book. Amazon's pricing strategy had resulted in the growing market share of a single operator, the Ministry of Culture said. "This law is necessary to regulate the distorted competition within online book sales and prevent the inevitable monopoly that will emerge if the status quo persists," the ministry told Reuters. Centre-right Senator Laure Darcos, who drafted the law, decided upon the minimum delivery charge when she observed how bookstores maintained 70% of their business despite being forced to shut during early COVID lockdowns, because the government reimbursed the shipping fees. "It showed what a brake on business the postage costs are for local bookstores," Darcos said. Asked when the legislation would be enacted, the Ministry of Culture declined to give a date, saying it was too early to say.

Apple's privacy rules are "negatively affecting" Facebook, and its business, Facebook CEO Mark Zuckerberg claimed during its most recent earnings call. MacRumors reports: As a quick refresher, starting with iOS 14.5 and all newer versions of iOS and iPadOS, Apple requires that apps ask for users' permission to track them across other apps and websites. Under the App Tracking Transparency (ATT) framework, the latest change gives users a choice on whether they wish to be tracked for ads or other purposes. [...] Continuing on its anti-Apple's privacy rules campaign, Facebook CEO Mark Zuckerberg was quick to blame Apple for his company's lower than expected growth in the third quarter of the year. Kicking off the earnings call, Zuckerberg said Apple is "negatively affecting" Facebook but that he believes the company will be able to "navigate" the challenges Apple is presenting thanks to its long-term investments.

"As expected, we did experience revenue headwinds this quarter, including from Apple's changes that are not only negatively affecting our business, but millions of small businesses in what is already a difficult time for them in the economy. Sheryl and Dave will talk about this more later, but the bottom line is we expect we'll be able to navigate these headwinds over time with investments that we're already making today." While Zuckerberg and the Facebook executive team hold Apple's changes accountable for this quarter's performance, it may also be an asset. Zuckerberg has in the past stated that ATT could ultimately help Facebook, and it's a sentiment he again repeated during the earning's call. Apple's changes, according to Zuckerberg, are making "e-commerce and customer acquisition less effective on the web." Still, Facebook could benefit from the lessened effectiveness as "solutions that allow businesses to set up shop right inside our apps will become increasingly attractive," Zuckerberg added.

Facebook's chief operating officer, Sheryl Sandberg, also criticized Apple and its privacy rules, going as far as to claim that the new rules are negatively impacting Facebook while benefiting Apple's own advertising business: "We've been open about the fact that there were headwinds coming -- and we've experienced that in Q3. The biggest is the impact of Apple's iOS14 changes, which have created headwinds for others in the industry as well, major challenges for small businesses, and advantaged Apple's own advertising business." Despite Facebook facing an avalanche of pressure amid leaked internal documents and scrutiny, Sandberg pointed the finger at Apple for Facebook's lackluster performance this quarter. "Overall, if it wasn't for Apple's iOS 14 changes, we would have seen positive quarter-over-quarter revenue growth," Sandberg said.

During the company's first appearance at a U.S. congressional hearing, TikTok executive Michael Beckerman said it does not give information to the Chinese government and has sought to safeguard U.S. data. Reuters reports: Michael Beckerman, TikTok's head of public policy for the Americas, became the company's first executive to appear before Congress, testifying to a subcommittee of the Senate Commerce Committee. Republicans in particular pressed Beckerman on worries regarding TikTok's stewardship of data on the app's users. Senator Marsha Blackburn, the panel's top Republican, said she is concerned about TikTok's data collection, including audio and a user's location, and the potential for the Chinese government to gain access to the information. Blackburn questioned Beckerman on whether TikTok could resist giving data to China's government if material were to be demanded. "We do not share information with the Chinese government," Beckerman responded.

Under questioning by Republican Senator Ted Cruz, Beckerman said that TikTok has "no affiliation" with Beijing ByteDance Technology, a ByteDance entity at which the Chinese government took a stake and a board seat this year. Beckerman also testified that TikTok's U.S. user data is stored in the United States, with backups in Singapore. "We have a world-renowned U.S. based security team that handles access," Beckerman said. Republican Senator John Thune said TikTok is perhaps more driven by content algorithms than even Facebook, as the app is famous for quickly learning what users find interesting and offering them those types of videos. Beckerman said TikTok would be willing to provide the app's algorithm moderation policies in order for the Senate panel to have it reviewed by independent experts.

An anonymous reader quotes a report from KrebsOnSecurity: U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX's systems may have been involved in cyberattacks on U.S. and E.U. organizations. Headquartered in Shenzhen, China, PAX Technology Inc. has more than 60 million point-of-sale terminals in use throughout 120 countries. Earlier today, Jacksonville, Fla. based WOKV.com reported that agents with the FBI and Department of Homeland Security (DHS) had raided a local PAX Technology warehouse. In an official statement, investigators told WOKV only that they were executing a court-authorized search at the warehouse as a part of a federal investigation, and that the inquiry included the Department of Customs and Border Protection and the Naval Criminal Investigative Services (NCIS).

Several days ago, KrebsOnSecurity heard from a trusted source that the FBI began investigating PAX after a major U.S. payment processor started asking questions about unusual network packets originating from the company's payment terminals. According to that source, the payment processor found that the PAX terminals were being used both as a malware "dropper" -- a repository for malicious files -- and as "command-and-control" locations for staging attacks and collecting information. The source said two major financial providers -- one in the United States and one in the United Kingdom -- had already begun pulling PAX terminals from their payment infrastructure, a claim that was verified by two different sources. The source was unable to share specific details about the strange network activity that prompted the FBI's investigation. But it should be noted that point-of-sale terminals and the technology that supports them are perennial targets of cybercriminals.

Some 150 people were arrested worldwide and more than $31.6 million in cash and virtual currencies were seized during a 10-month international investigation into opioid trafficking through darknet marketplaces, the Department of Justice announced Tuesday. From a report: The massive probe, called "Operation Dark HunTor," spanned three continents and led to the recovery of about 234 kilograms (over 500 pounds) of illegal drugs, including enough fentanyl to cause more than 4 million lethal doses, according to deputy attorney general Lisa Monaco. A darknet is encrypted online content that can only be accessed with specific browsers and is primarily used to purchase or sell illegal goods or services, especially illegal drugs. 65 people were arrested in the United States, one in Bulgaria, three in France, 47 in Germany, four in the Netherlands, 24 in the United Kingdom, four in Italy and two in Switzerland. Prosecutors allege the suspects were responsible for tens of thousands of illegal sales across the U.S., Europe and Australia.

TikTok, YouTube and Snapchat will appear before Congress Tuesday with a key priority: distinguishing their practices from Facebook's. From a report: Facebook is under attack, and its tech peers don't want to get caught in the crossfire as lawmakers mull legislation to rein in the company. At the hearing before the Senate Commerce consumer protection subcommittee, representatives from TikTok, YouTube and Snap will focus on ways their services differ from Facebook and Instagram and measures they've already put in place to protect children.

TikTok's Michael Beckerman, vice president and head of public policy, will highlight proactive safety moves the company has made, including disabling direct messages for users under 16. Snap's Jennifer Stout, vice president of global public policy, will note that the company was designed to avoid some of the toxicity of social media platforms and uses human moderation for creator posts that will reach more than 25 users. YouTube's Leslie Miller, vice president of government affairs and public policy, will point out that the company already has designed different services and products for younger users, including YouTube Kids, Made for Kids and Supervised Experiences.

Owen Jones, a British newspaper columnist and activist for the Labour Party, writes in an opinion piece for The Guardian: The aftermath of the horrific killing of Conservative MP David Amess should have been a moment for politicians and the public to unite in an effort to protect democracy. Instead, the discussion has been derailed by a push to ban anonymous social media accounts, which would stifle free speech and democratic rights. Threatening online messages to politicians and other public figures should be taken seriously. As someone who has experienced online abuse, and a physical attack at the hands of the far right, I know all too well the danger. But, in this tragic event, there seems to be no known connection between the death of Amess and anonymous online posting.

While MPs are grieving, and understandably feel vulnerable, we must ask whether strengthening the online safety bill is the right approach. By shifting attention away from extremism toward online anonymity, do we hinder our democracy? There are many legitimate reasons why a citizen may not feel comfortable posting their opinion or sharing information under their own identity. Given the number of politicians who offer off-the-record quotes to journalists on a daily basis, generally for fear of their jobs or other harmful consequences, MPs will be able to empathize with this. The bill would allow Ofcom to punish social networks that fail to remove "lawful but harmful" content. Defining abuse is politically subjective -- what is seen as accountability by some could be seen as abuse by others. Mark Francois, who is campaigning for the changes, said "while people in public life must remain open to legitimate criticism, they can no longer be vilified or their families subject to the most horrendous abuse." While there is no place for verbally violent, threatening or disturbing language, what can be defined as vilification versus illegitimate criticism is harder to judge... Friendly reminder: Slashdot continues to allow users to post comments and stories anonymously as an "Anonymous Coward." This is something that's been criticized since its inception, but it's something we think is important and plan to continue for the foreseeable future.

An anonymous reader quotes a report from Motherboard: A newly obtained document written by the FBI lays out in unusually granular detail how it and other law enforcement agencies can obtain location information of phones from telecommunication companies. Ryan Shapiro, executive director of nonprofit organization Property of the People, shared the document with Motherboard after obtaining it through a public record act request. Property of the People focuses on obtaining and publishing government records. The document, a 139 page slide presentation dated 2019, is written by the FBI's Cellular Analysis Survey Team (CAST). CAST supports the FBI as well as state, local, and tribal law enforcement investigations through the analysis of call data and tower information, the presentation adds. That can include obtaining the data from telecommunications companies in the first place; analyzing tower dumps that can show which phones were in an approximate location at a given time; providing expert witness testimony; and performing drive tests to verify the actual coverage of a cell tower.

"When necessary, CAST will utilize industry standard survey gear drive test equipment to determine the true geographical coverage breadth of a cell site sector," the presentation reads. The presentation highlights the legal process required to obtain information from a telecommunications company, such as a court order or search warrant. The LinkedIn profile of one CAST member Motherboard found says they have a "special emphasis in historical cell site analysis which is typically used for locating phones (and the individuals attached to those phones) for cases such as kidnappings, homicides, missing persons, and robberies." CAST provides its own cell phone data visualization tool to law enforcement officials around the country called CASTViz for free. "CASTViz has the ability to quickly plot call detail records and tower data for lead generation and investigative purposes," the presentation reads. The document includes images of and instructions for the CASTViz software itself.

The document also explains how data requests from Mobile Virtual Network Operators (MVNOs) such as Boost Mobile are handled, explains how to obtain location data from what the FBI describes as "burner phones," and how to obtain information from OnStar, General Motors' in-vehicle system. The document also provides the cost of some of this data for law enforcement to request. The presentation provides more recent figures on how long telecoms retain data for. AT&T holds onto data such as call records, cell site, and tower dumps for 7 years. T-Mobile holds similar information for 2 years, and Verizon holds it for 1 year. The slide also shows that AT&T retains "cloud storage internet/web browsing" data for 1 year. Another section that provides an overview of the different engineering and location datasets held by telecoms and potentially available to law enforcement agencies tells officials to use some AT&T data "cautiously." "AT&T does not validate results," the presentation reads. That section also mentioned that Verizon has a "new" location tool that law enforcement agencies can use. Rich Young, a Verizon spokesperson, told Motherboard in an email that "This is a tool that our security team uses in response to lawful warrants and emergency requests. For example, this tool would be used in response to cases involving armed fugitives or missing children. As a common industry practice, the tool uses network-based cell site location information. All other major providers use a similar approach."

The New York Times describes a six-year grass roots effort to fund historic preservation and natural resource conservation in Montana — and how it collided with Rae Grulkowski, a 56-year-old businesswoman who had never before been involved in politics, and her very influential Facebook group: Ms. Grulkowski had just heard about a years-in-the-making effort to designate her corner of central Montana a national heritage area, celebrating its role in the story of the American West. A small pot of federal matching money was there for the taking, to help draw more visitors and preserve underfunded local tourist attractions.

Ms. Grulkowski set about blowing up that effort with everything she had.

She collected addresses from a list of voters and spent $1,300 sending a packet denouncing the proposed heritage area to 1,498 farmers and ranchers. She told them the designation would forbid landowners to build sheds, drill wells or use fertilizers and pesticides. It would alter water rights, give tourists access to private property, create a new taxation district and prohibit new septic systems and burials on private land, she said.

None of this was true.

Yet it soon became accepted as truth by enough people to persuade Montana's leading Republican figures and conservative organizations, including the farm bureau, Gov. Greg Gianforte and Senator Steve Daines, to oppose the proposal and enact a state law forbidding the federal government to create any heritage area in Montana.

It is a ban that the state has no authority to enforce.
Some comments on the episode (via the New York Times):

• Ellen Sievert, retired historic preservation officer for Cascade County:
  "We've run into the uneducable. I don't know how we get through that."

• Bob Kelly, the mayor of Great Falls:
  "Misinformation is the new playbook. You don't like something? Create alternative facts and figures as a way to undermine reality." (In fact, it's now become an issue in the mayor's race.)

The episode was especially distressing for Richard Ecke, who spent 38 years at the town's local newspaper until being laid off in 2016 — and is also vice chairman of the proposed heritage area's board. The Times reports that "In the paper's place, information and misinformation about the heritage area spread on Facebook and in local outlets that parroted Ms. Grulkowski."

And meanwhile, "Ms. Grulkowski now has ambitions beyond Montana. She wants to push Congress not to renew heritage areas that already exist." [There are 55 of them, in 34 different states.]

Finally the Times interviewed Ed Bandel, who'd led the Montana Farm Bureau's opposition to the Montana heritage area. When asked for his supporting evidence, "Mr. Bandel said he trusted Ms. Grulkowski."

And when asked about the argument that it in fact posed no threat to property rights, Bandel remained unconvinced. "They say, 'Don't worry, we're going to do it right. Don't worry, we'll take care of you. I think Adolf Hitler said that, too, didn't he...?"

Tech billionaire Peter Thiel "believes that people should be more worried about 'surveillance AI' rather than artificial general intelligences," reports CNBC: The venture capitalist, who co-founded big data firm Palantir, said at an event in Miami on Wednesday that on the path to AGI, you get surveillance AI, which he described as a "communist totalitarian technology." Those that are worried about AGI aren't actually "paying attention to the thing that really matters," Thiel said, adding that governments will use AI-powered facial recognition technology to control people.

His comments come three years after Bloomberg reported that "Palantir knows everything about you." Thiel has also invested in facial recognition company Clearview AI and surveillance start-up Anduril. Palantir, which has a market value of $48 billion, has developed data trawling technology that intelligence agencies and governments use for surveillance and to spot suspicious patterns in public and private databases. Customers reportedly include the CIA, FBI, and the U.S. Army....

Thiel, a well-known libertarian who also co-founded PayPal and holds a board seat at Facebook, said Silicon Valley isn't talking about AGI as much today as it was six or seven years ago... In the same talk, Thiel pitted AI against cryptocurrencies, saying that he'd prefer to see the latter one succeed. "If we say crypto is libertarian and that it is fundamentally a force for decentralization, then I think we should also be willing to say that AI, especially in the low-tech surveillance form, is essentially communist."

"If you want to frame it as a technological race ... I want the crypto decentralized world to work," he said.

America's Federal Bureau of Investigation "refrained for almost three weeks from helping to unlock the computers of hundreds of businesses and institutions hobbled by a major ransomware attack this summer," reports the Washington Post, "even though the bureau had secretly obtained the digital key needed to do so, according to several current and former U.S. officials." The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack. Deploying it immediately could have helped the victims, including schools and hospitals, avoid what analysts estimate was millions of dollars in recovery costs. But the FBI held on to the key, with the agreement of other agencies, in part because it was planning to carry out an operation to disrupt the hackers, a group known as REvil, and the bureau did not want to tip them off. Also, a government assessment found the harm was not as severe as initially feared.

The planned takedown never occurred because in mid-July REvil's platform went offline — without U.S. government intervention — and the hackers disappeared before the FBI had a chance to execute its plan, according to the current and former officials... The FBI finally shared the key with Kaseya, the IT company whose software was infected with malware, on July 21 — 19 days after it was hit. Kaseya asked New Zealand-based security firm Emsisoft to create a fresh decryption tool, which Kaseya released the following day. By then, it was too late for some victims...

On Tuesday, FBI Director Christopher A. Wray, testifying before Congress, indicated the delay stemmed in part from working jointly with allies and other agencies. "We make the decisions as a group, not unilaterally," he said, noting that he had to constrain his remarks because the investigation was ongoing... He also suggested that "testing and validating" the decryption key contributed to the delay. "There's a lot of engineering that's required to develop a tool" that can be used by victims, he said at a Senate Homeland Security Committee hearing.

Emsisoft, however, was able to act quickly. It extracted the key from what the FBI provided Kaseya, created a new decryptor and tested it — all within 10 minutes, according to Fabian Wosar, Emsisoft chief technology officer. The process was speedy because the firm was familiar with REvil's ransomware. "If we had to go from scratch," Wosar said, "it would have taken about four hours."

"Facebook has filed a lawsuit on Friday against a Ukrainian national for allegedly scraping its website and selling the personal data of more than 178 million users on an underground cybercrime forum," reports the Record. According to court documents filed Friday, the man was identified as Alexander Alexandrovich Solonchenko, a resident of Kirovograd, Ukraine. Facebook alleges that Solonchenko abused a feature part of the Facebook Messenger service called Contact Importer. The feature allowed users to synchronize their phone address books and see which contacts had a Facebook account in order to allow users to reach out to their friends via Facebook Messenger. Between January 2018 and September 2019, Facebook said that Solonchenko used an automated tool to pose as Android devices in order to feed Facebook servers with millions of random phone numbers. As Facebook servers returned information for which phone numbers had an account on the site, Solonchenko collected the data, which he later collected and offered for sale on December 1, 2020, in a post on RaidForums, a notorious cybercrime forum and marketplace for stolen data.
The article also notes that Facebook's court documents say Solonchenko scraped data from some of the largest companies in the Ukraine, including its largest commercial bank and largest private delivery service.

And the Record points out that he's not the only person known to have this hole to scrape Facebook's user data and then sell it on the forum.) Days after another incident in April involving 533 leaked phone numbers of Facebook user, Facebook "revealed that it retired the Messenger Contact Importer feature back in September 2019 after it discovered Solonchenko and other threat actors abusing it."

Big data "has big designs on a big cloud," reports NBC News: A steady drumbeat from some of the most influential executives in the technology industry has emerged in recent months to push the idea that the U.S. government should invest in a "national research cloud" — a hub for U.S. research into artificial intelligence where researchers from academia and smaller tech companies could share data sets and other resources.

It's an idea that has been backed by a government commission led by ex-Google CEO Eric Schmidt and including executives from Amazon, Microsoft and Oracle, which recommended that the Biden administration create a hub for U.S. research into artificial intelligence. The White House has warmed up to the idea, ordering another report on it due next year with an eye toward competing with China on the development of artificial intelligence. "We should be able to stay ahead of China. We estimated that we are one to two years ahead of China, broadly speaking, in this area. I hope that's true," Schmidt said in an interview with NBC News. "Investments that are targeted in research — new algorithms — should be able to keep us ahead," he said.

The stakes could be enormous. Some experts in artificial intelligence believe it has the potential to transform the economy — automating some jobs, while creating new ones — and the potential military applications have spurred investment by the Pentagon.

But this month, the idea began getting fresh pushback. Research groups including New York University's AI Now Institute and Data & Society, a nonprofit technology research group based in New York, say the very tech companies pushing this idea stand to profit from it, because the national hub would likely be housed in the same companies' commercial cloud computing services. They say that's a conflict, and little more than a cash grab by what's effectively the next generation of military contractors. The plan also could entrench the very same tech companies that President Joe Biden's antitrust enforcers are working to rein in, these critics say.

76-year-old John Gilmore co-founded the EFF in 1990, and in the 31 years since he's "provided leadership and guidance on many of the most important digital rights issues we advocate for today," the EFF said in a statement Friday.

"But in recent years, we have not seen eye-to-eye on how to best communicate and work together," they add, announcing "we have been unable to agree on a way forward with Gilmore in a governance role." That is why the EFF Board of Directors has recently made the difficult decision to vote to remove Gilmore from the Board.

We are deeply grateful for the many years Gilmore gave to EFF as a leader and advocate, and the Board has elected him to the role of Board Member Emeritus moving forward. "I am so proud of the impact that EFF has had in retaining and expanding individual rights and freedoms as the world has adapted to major technological changes," Gilmore said. "My departure will leave a strong board and an even stronger staff who care deeply about these issues."

John Gilmore co-founded EFF in 1990 alongside John Perry Barlow, Steve Wozniak and Mitch Kapor, and provided significant financial support critical to the organization's survival and growth over many years. Since then, Gilmore has worked closely with EFF's staff, board, and lawyers on privacy, free speech, security, encryption, and more. In the 1990s, Gilmore found the government documents that confirmed the First Amendment problem with the government's export controls over encryption, and helped initiate the filing of Bernstein v DOJ, which resulted in a court ruling that software source code was speech protected by the First Amendment and the government's regulations preventing its publication were unconstitutional. The decision made it legal in 1999 for web browsers, websites, and software like PGP and Signal to use the encryption of their choice.

Gilmore also led EFF's effort to design and build the DES Cracker, which was regarded as a fundamental breakthrough in how we evaluate computer security and the public policies that control its use. At the time, the 1970s Data Encryption Standard (DES) was embedded in ATM machines and banking networks, as well as in popular software around the world. U.S. government officials proclaimed that DES was secure, while secretly being able to wiretap it themselves. The EFF DES Cracker publicly showed that DES was in fact so weak that it could be broken in one week with an investment of less than $350,000. This catalyzed the international creation and adoption of the much stronger Advanced Encryption Standard (AES), now widely used to secure information worldwide....

EFF has always valued and appreciated Gilmore's opinions, even when we disagree. It is no overstatement to say that EFF would not exist without him. We look forward to continuing to benefit from his institutional knowledge and guidance in his new role of Board Member Emeritus.
Gilmore also created the alt* hierarchy on Usenet, co-founded the Cypherpunks mailing list, and was one of the founders of Cygnus Solutions (according to his page on Wikipedia).

He's also apparently Slashdot user #35,813 (though he hasn't posted a comment since 2004).

"License plate readers are rapidly reshaping private security in American neighborhoods," reports the Washington Post, as aggressively-marketed $2,500-a-year "safety-as-a-service" packages "spread to cover practically everywhere anyone chooses to live in the United States" and "bringing police surveillance tools to the masses with an automated watchdog that records 24 hours a day." Flock Safety, the industry leader, says its systems have been installed in 1,400 cities across 40 states and now capture data from more than a billion cars and trucks every month. "This is not just for million-dollar homes," Flock's founder, Garrett Langley, said. "This is America at its core..."

Its solar-powered, motion-sensing camera can snap a dozen photos of a single plate in less than a second — even in the dark, in the rain, of a car driving 100 mph up to 75 feet away, as Flock's marketing materials say. Piped into a neighborhood's private Flock database, the photos are made available for the homeowners to search, filter or peruse. Machine-learning software categorizes each vehicle based on two dozen attributes, including its color, make and model; what state its plates came from; and whether it had bumper stickers or a roof rack. Each "vehicle fingerprint" is pinpointed on a map and tracked by how often it had been spotted in the past month. The plates are also run against law enforcement watch lists for abducted children, stolen cars, missing people and wanted fugitives; if there's a match, the system alerts the nearest police force with details on how to track it down...

Flock's customer base has roughly quadrupled since 2019, with police agencies and homeowners associations in more than 1,400 cities today, and the company has hired sales representatives in 30 states to court customers with promises of a safer, more-monitored life. Company officials have also attended town hall meetings and papered homeowners associations with glossy marketing materials declaring its system "the most user-friendly, least invasive way for communities to stop crime": a network of cameras "that see like a detective," "protect home values" and "automate [the] neighborhood watch ... while you sleep." Along the way, the Atlanta-based company has become an unlikely darling of American tech. The company said in July it had raised $150 million from prominent venture capital firms such as Andreessen Horowitz, which said Flock was pursuing "a massive opportunity in shaping the future...."

Flock deletes the footage every 30 days by default and encourages customers to search only when investigating crime. But the company otherwise lets customers set their own rules: In some neighborhoods, all the homeowners can access the images for themselves...

Camera opponents didn't want the neighborhood's leaders to anoint themselves gatekeepers, choosing who does and doesn't belong. And they worried that if someone's car was broken into, but no one knew exactly when, the system could lead to hundreds of drivers, virtually all of them innocent, coming under suspicion for the crime. They also worried about the consequences of the cameras getting it wrong. In San Francisco, police had handcuffed a woman at gunpoint in 2009 after a camera garbled her plate number; another family was similarly detained last year because a thief had swiped their tag before committing a crime. And last year in Aurora, 30 miles from Paradise Hills, police handcuffed a mother and her children at gunpoint after a license plate reader flagged their SUV as stolen. The actual stolen vehicle, a motorcycle, had the same plate number from another state. Police officials have said racial profiling did not play a role, though the drivers in all three cases were Black. (The license plate readers in these cases were not Flock devices, and the company said its systems would have shown more accurate results...)

The Paradise Hills opponents were right to be skeptical about a local crime wave. According to Jefferson County sheriff's records shared with The Post, the only crime reports written up since September 2020 included two damaged mailboxes, a fraudulent unemployment claim and some stuff stolen out of three parked cars, two of which had been left unlocked. "I wouldn't exactly say it's a hot spot," patrol commander Dan Aten told The Post...

The cameras clicked on in August, a board member said. In the weeks since, the neighborhood hasn't seen any reports of crime. The local sheriff's office said it hasn't used the Flock data to crack any cases, nor has it found the need to ask.
Flock's founder, Garrett Langley, nonetheless tells the Washington Post, "There are 17,000 cities in America.

"Until we have them all, we're not done."

"The BBC is reporting that Facebook has been fined a record £50 million by the UK's Competition and Markets Authority," writes long-time Slashdot reader Hope Thelps, "for deliberately failing to provide required information" (pertaining to Facebook's 2020 acquisition of Gif-sharing service Giphy).

The BBC reports: The £50m fine the CMA handed Facebook is more than 150 times higher than the previous record handed down for similar offences, at £325,000.

Speaking about its decision to fine the social media giant, the CMA said in a statement: "This is the first time a company has been found by the CMA to have breached an [order] by consciously refusing to report all the required information."

Giphy is widely used by Facebook's competitors to power animated Gif images used in social media apps, on mobile keyboards, and elsewhere online. That led to potential competition concerns. The CMA issued something called an "initial enforcement order", which limits how companies that are merging, but under investigation, operate. It is designed to keep the entities semi-separate and in competition with each other until the investigation is over. Facebook is obliged to provide updates and information to make clear how it is complying with the order.

"Given the multiple warnings it gave Facebook, the CMA considers that Facebook's failure to comply was deliberate," the CMA said.

That "fundamentally undermined its ability to prevent, monitor and put right any issues".

The fine for that offence is £50m. Separately, the CMA announced a £500,000 fine for Facebook changing its chief compliance officer — twice — "without seeking consent first".

Suppliers to Chinese telecoms giant Huawei and China's top chipmaker SMIC got billions of dollars worth of licenses from November through April to sell them goods and technology despite their being on a U.S. trade blacklist, documents released by Congress showed on Thursday. Reuters reports: According to the documents, first obtained by Reuters, 113 export licenses worth $61 billion were approved for suppliers to ship products to Huawei while another 188 licenses valued at nearly $42 billion were greenlighted for Semiconductor Manufacturing International Corp (SMIC). The data also showed that more than 9 out of 10 license applications were granted to SMIC suppliers while 69% of requests to ship to Huawei were approved over the same period.

[T]he Commerce Department said that the release of an "arbitrary snapshot" of license approvals "risks politicizing the licensing process and misrepresenting the national security determinations" made by the government. It also stressed that approved license applications do not represent actual shipments and around half of all licenses are used. It added that license applications involving Huawei and SMIC are processed under policies developed by the Trump administration and maintained by the Biden administration.

A former senior Commerce Department official in the Trump administration who declined to be named echoed the agency's view. "This very small period of license activity is not an accurate window into the Huawei and SMIC license process," he said, noting that the goal of preventing the companies from obtaining leading edge technology without unnecessarily harming U.S. exports of other goods had been successful. "This [document release] seems designed to mislead people and generate headlines," he added.

According to a survey from Reviews.org, Amazon's Alexa collects more data from users than any of the other digital assistants analyzed, which included the Google Assistant, Siri, Bixby, and Cortana. PCMag reports: All five services collect your name, phone number, device location, and IP address; the names and numbers of your contacts; your interaction history; and the apps you use. If you don't like that information being stored, you probably shouldn't use a voice assistant. In the survey, 60% of respondents were concerned about someone listening to their voice recordings, which is a real fear, since Google and Apple have both been caught doing just that. While Google Assistant and Siri now need your permission to record your interactions, the other options record you by default.

Which option is the most invasive? Analysis by Reviews.org found that Alexa collects 37 of the 48 possible data points, the most data out of any other. Samsung's Bixby collected 34 points of data, and Cortana collects 32 data points. Meanwhile, Siri collects just 30, and Google's smart assistant takes only 28, making them the least invasive. While 76% of Americans report that they use smart assistants, 61% are concerned that these programs and devices are always listening to them in the background. And people have had a hard time alleviating those fearsâ"only 45% of users have tried to disable their smart assistant, with 38% reporting they couldn't figure out how.

An anonymous reader shares a report: Over the last few years the justified fixation on the bad behavior of Google, Amazon, Facebook and other Silicon Valley giants has let the abuses of the telecom sector fly under the radar. But a new FTC report showcases how when it comes to consumer privacy, broadband providers are every bit as terrible as you thought they were. The new FTC report studied the privacy practices of six unnamed broadband ISPs and their advertising arms, and found that the companies routinely collect an ocean of consumer location, browsing, and behavioral data. They then share this data with dodgy middlemen via elaborate business arrangements that often aren't adequately disclosed to broadband consumers.

"Even though several of the ISPs promise not to sell consumers personal data, they allow it to be used, transferred, and monetized by others and hide disclosures about such practices in fine print of their privacy policies," the FTC report said. The FTC also found that while many ISPs provide consumers tools allowing them to opt out of granular data collection, those tools are cumbersome to use -- when they work at all. "Many of the ISPs also claim to offer consumers choices about how their data is used and allow them to access such data," the FTC said. "The FTC found, however, that many of these companies often make it difficult for consumers to exercise such choices and sometimes even nudge them to share even more information." ISPs often provide privacy-specific website portals proclaiming to provide users with a wide variety of opt out options but these choices are often "illusory," the FTC found.