• chevron_right

      French Police Will Be Able to Spy on People through Their Cell Phones

      news.movim.eu / Schneier · Wednesday, 12 July, 2023 - 20:23

    The French police are getting new surveillance powers :

    French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5.

    […]

    Covering laptops, cars and other connected objects as well as phones, the measure would allow the geolocation of suspects in crimes punishable by at least five years’ jail. Devices could also be remotely activated to record sound and images of people suspected of terror offenses, as well as delinquency and organized crime.

    […]

    During a debate on Wednesday, MPs in President Emmanuel Macron’s camp inserted an amendment limiting the use of remote spying to “when justified by the nature and seriousness of the crime” and “for a strictly proportional duration.” Any use of the provision must be approved by a judge, while the total duration of the surveillance cannot exceed six months. And sensitive professions including doctors, journalists, lawyers, judges and MPs would not be legitimate targets.

    Vidéosurveillance biométrique au JO de Paris : la victoire d’un lobby

    ... détecte, analyse et classe nos corps et comportements dans l’espace #public pour alerter les services de #police et faciliter le suivi des personnes.

    • chevron_right

      Une société italienne rattrapée par son logiciel espion

      news.movim.eu / Mediapart · Sunday, 28 August, 2022 - 06:30


    Alors que des auditions se déroulent au Parlement européen sur le groupe israélien NSO, une société d’espionnage italienne, Tykelab, propose, elle aussi, des technologies controversées.
    • chevron_right

      Amazon studio plans lighthearted show of Ring surveillance footage

      news.movim.eu / ArsTechnica · Thursday, 11 August, 2022 - 22:13

    Amazon's combining its endless reach with its constant surveillance—but for laughs.

    Enlarge / Amazon's combining its endless reach with its constant surveillance—but for laughs. (credit: Getty Images)

    For some people, the term "Ring Nation" might evoke a warrantless surveillance dystopia overseen by an omnipotent megacorp. To Amazon-owned MGM , Ring Nation is a clip show hosted by comedian Wanda Sykes, featuring dancing delivery people and adorable pets.

    Deadline reports that the show, due to debut on September 26, is "the latest example of corporate synergy at Amazon." Amazon owns household video security brand Ring, Hollywood studio MGM, and Big Fish, the producer of Ring Nation

    Viral videos captured by doorbell cameras have been hot for a while now. You can catch them on late-night talk shows, the r/CaughtOnRing subreddit, and on millions of TikTok users' For You page. Amazon's media properties, perhaps sensing an opportunity to capitalize and soften Ring's image, are sallying forth with an officially branded offering.

    Read 5 remaining paragraphs | Comments

    • chevron_right

      FTC aims to counter the “massive scale” of online data collection

      news.movim.eu / ArsTechnica · Thursday, 11 August, 2022 - 18:09 · 1 minute

    FTC Chair Lina Khan said the commission intends to act on commercial data collection, which happens at "a massive scale and in a stunning array of contexts."

    Enlarge / FTC Chair Lina Khan said the commission intends to act on commercial data collection, which happens at "a massive scale and in a stunning array of contexts." (credit: Getty Images)

    The Federal Trade Commission has kicked off the rulemaking process for privacy regulations that could restrict online surveillance and punish bad data-security practices. It's a move that some privacy advocates say is long overdue, as similar Congressional efforts face endless uncertainty.

    The Advanced Notice of Proposed Rulemaking , approved on a 3-2 vote along partisan lines, was spurred by commercial data collection, which occurs at "a massive scale and in a stunning array of contexts," FTC Chair Lina M. Khan said in a press release . Companies surveil online activity, friend networks, browsing and purchase history, location data, and other details; analyze it with opaque algorithms; and sell it through "the massive, opaque market for consumer data," Khan said.

    Companies can also fail to secure that data or use it to make services addictive to children. They can also potentially discriminate against customers based on legally protected statuses like race, gender, religion, and age, the FTC said. What's more, the release said, some companies make taking part in their "commercial surveillance" required for service or charge a premium to avoid it, employing dark patterns to keep the systems in place.

    Read 8 remaining paragraphs | Comments

    • chevron_right

      Ring Gives Videos to Police without a Warrant or User Consent

      news.movim.eu / Schneier · Monday, 1 August, 2022 - 08:16 · 1 minute

    Amazon has revealed that it gives police videos from its Ring doorbells without a warrant and without user consent.

    Ring recently revealed how often the answer to that question has been yes. The Amazon company responded to an inquiry from US Senator Ed Markey (D-Mass.), confirming that there have been 11 cases in 2022 where Ring complied with police “emergency” requests. In each case, Ring handed over private recordings, including video and audio, without letting users know that police had access to—and potentially downloaded—their data. This raises many concerns about increased police reliance on private surveillance, a practice that has long gone unregulated.

    EFF writes :

    Police are not the customers for Ring; the people who buy the devices are the customers. But Amazon’s long-standing relationships with police blur that line. For example, in the past Amazon has given coaching to police to tell residents to install the Ring app and purchase cameras for their homes—­an arrangement that made salespeople out of the police force. The LAPD launched an investigation into how Ring provided free devices to officers when people used their discount codes to purchase cameras.

    Ring, like other surveillance companies that sell directly to the general public, continues to provide free services to the police, even though they don’t have to. Ring could build a device, sold straight to residents, that ensures police come to the user’s door if they are interested in footage—­but Ring instead has decided it would rather continue making money from residents while providing services to police.

    CNet has a good explainer .

    Slashdot thread .

    • chevron_right

      San Francisco Police Want Real-Time Access to Private Surveillance Cameras

      news.movim.eu / Schneier · Friday, 15 July, 2022 - 02:51 · 1 minute

    Surely no one could have predicted this :

    The new proposal—championed by Mayor London Breed after November’s wild weekend of orchestrated burglaries and theft in the San Francisco Bay Area—would authorize the police department to use non-city-owned security cameras and camera networks to live monitor “significant events with public safety concerns” and ongoing felony or misdemeanor violations.

    Currently, the police can only request historical footage from private cameras related to specific times and locations, rather than blanket monitoring. Mayor Breed also complained the police can only use real-time feeds in emergencies involving “imminent danger of death or serious physical injury.”

    If approved, the draft ordinance would also allow SFPD to collect historical video footage to help conduct criminal investigations and those related to officer misconduct. The draft law currently stands as the following, which indicates the cops can broadly ask for and/or get access to live real-time video streams:

    The proposed Surveillance Technology Policy would authorize the Police Department to use surveillance cameras and surveillance camera networks owned, leased, managed, or operated by non-City entities to: (1) temporarily live monitor activity during exigent circumstances, significant events with public safety concerns, and investigations relating to active misdemeanor and felony violations; (2) gather and review historical video footage for the purposes of conducting a criminal investigation; and (3) gather and review historical video footage for the purposes of an internal investigation regarding officer misconduct.

    • chevron_right

      Post-Roe Privacy

      news.movim.eu / Schneier · Tuesday, 12 July, 2022 - 20:03 · 2 minutes

    This is an excellent essay outlining the post-Roe privacy threat model. (Summary: period tracking apps are largely a red herring.)

    Taken together, this means the primary digital threat for people who take abortion pills is the actual evidence of intention stored on your phone, in the form of texts, emails, and search/web history. Cynthia Conti-Cook’s incredible article “ Surveilling the Digital Abortion Diary details what we know now about how digital evidence has been used to prosecute women who have been pregnant. That evidence includes search engine history, as in the case of the prosecution of Latice Fisher in Mississippi. As Conti-Cook says, Ms. Fisher “conduct[ed] internet searches, including how to induce a miscarriage, ‘buy abortion pills, mifepristone online, misoprostol online,’ and ‘buy misoprostol abortion pill online,'” and then purchased misoprostol online. Those searches were the evidence that she intentionally induced a miscarriage. Text messages are also often used in prosecutions, as they were in the prosecution of Purvi Patel, also discussed in Conti-Cook’s article.

    These examples are why advice from reproductive access experts like Kate Bertash focuses on securing text messages (use Signal and auto-set messages to disappear) and securing search queries (use a privacy-focused web browser, and use DuckDuckGo or turn Google search history off). After someone alerts police, digital evidence has been used to corroborate or show intent. But so far, we have not seen digital evidence be a first port of call for prosecutors or cops looking for people who may have self-managed an abortion. We can be vigilant in looking for any indications that this policing practice may change, but we can also be careful to ensure we’re focusing on mitigating the risks we know are indeed already being used to prosecute abortion-seekers.

    […]

    As we’ve discussed above, just tracking your period doesn’t necessarily put you at additional risk of prosecution, and would only be relevant should you both become (or be suspected of becoming) pregnant, and then become the target of an investigation. Period tracking is also extremely useful if you need to determine how pregnant you might be, especially if you need to evaluate the relative access and legal risks for your abortion options.

    It’s important to remember that if an investigation occurs, information from period trackers is probably less legally relevant than other information from your phone.

    See also EFF’s privacy guide for those seeking an abortion.

    • chevron_right

      Ubiquitous Surveillance by ICE

      news.movim.eu / Schneier · Thursday, 7 July, 2022 - 18:18 · 1 minute

    Report by Georgetown’s Center on Privacy and Technology published a comprehensive report on the surprising amount of mass surveillance conducted by Immigration and Customs Enforcement (ICE).

    Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contracting and procurement records, reveals that ICE now operates as a domestic surveillance agency. Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives. By reaching into the digital records of state and local governments and buying databases with billions of data points from private companies, ICE has created a surveillance infrastructure that enables it to pull detailed dossiers on nearly anyone, seemingly at any time. In its efforts to arrest and deport, ICE has ­ without any judicial, legislative or public oversight ­ reached into datasets containing personal information about the vast majority of people living in the U.S., whose records can end up in the hands of immigration enforcement simply because they apply for driver’s licenses; drive on the roads; or sign up with their local utilities to get access to heat, water and electricity.

    ICE has built its dragnet surveillance system by crossing legal and ethical lines, leveraging the trust that people place in state agencies and essential service providers, and exploiting the vulnerability of people who volunteer their information to reunite with their families. Despite the incredible scope and evident civil rights implications of ICE’s surveillance practices, the agency has managed to shroud those practices in near-total secrecy, evading enforcement of even the handful of laws and policies that could be invoked to impose limitations. Federal and state lawmakers, for the most part, have yet to confront this reality.