Archive for the ‘Internet Snooping’ Category

Read more uk_internet_censors.htm at MelonFarmers.co.uk

firefox logo Age verification for porn is pushing internet users into areas of the internet that provide more privacy, security and resistance to censorship.I’d have thought that security services would prefer that internet users to remain in the more open areas of the internet for easier snooping.

So I wonder if it protecting kids from stumbling across porn is worth the increased difficulty in monitoring terrorists and the like? Or perhaps GCHQ can already see through the encrypted internet.

RQ12: Privacy & Security for Firefox

Mozilla has an interest in potentially integrating more of Tor into Firefox, for the purposes of providing a Super Private Browsing (SPB) mode for our users.

Tor offers privacy and anonymity on the Web, features which are sorely needed in the modern era of mass surveillance, tracking and fingerprinting. However, enabling a large number of additional users to make use of the Tor network requires solving for inefficiencies currently present in Tor so as to make the protocol optimal to deploy at scale. Academic research is just getting started with regards to investigating alternative protocol architectures and route selection protocols, such as Tor-over-QUIC, employing DTLS, and Walking Onions.

What alternative protocol architectures and route selection protocols would offer acceptable gains in Tor performance? And would they preserve Tor properties? Is it truly possible to deploy Tor at scale? And what would the full integration of Tor and Firefox look like?

Advertisements
Read more uk_internet_censors.htm at MelonFarmers.co.uk

techdirt logo In an interesting article on the Government age verification and internet porn censorship scheme, technology website Techdirt reports on the ever slipping deadlines.Seemingly with detailed knowledge of government requirements for the scheme, Tim Cushing explains that up until recently the government has demand that age verification companies retain a site log presumably recording people’s porn viewing history. He writes:

The government refreshed its porn blockade late last year, softening a few mandates into suggestions. But the newly-crafted suggestions were backed by the implicit threat of heavier regulation. All the while, the government has ignored the hundreds of critics and experts who have pointed out the filtering plan’s numerous problems — not the least of which is a government-mandated collection of blackmail fodder.

The government is no longer demanding retention of site logs by sites performing age verification, but it’s also not telling companies they shouldn’t retain the data. Companies likely will retain this data anyway, if only to ensure they have it on hand when the government inevitably changes it mind.

Cushing concludes with a comment perhaps suggesting that the Government wants a far more invasive snooping regime than commercial operators are able or willing to provide. He notes:

Shortly. April 1st will come and go with no porn filter. The next best guess is around Easter (April 21st). But I’d wager that date comes and goes as well with zero new porn filters. The UK government only knows what it wants. It has no idea how to get it. I

And it seems that some age verification companies are getting wound up by negative internet and press coverage of the dangers inherent in their services. @glynmoody tweeted:

I see age verification companies that will create the biggest database of people’s porn preferences – perfect for blackmail – are now trying to smear people pointing out this is a stupid idea as deliberately creating a climate of fear and confusion about the technologies nope

Read more ow.htm at MelonFarmers.co.uk

ico ad snooping The ICO has commissioned research into consumers’ attitudes towards and awareness of personal data used in online advertising.

This research was commissioned by the Information Commissioner’s Office. Ofcom provided advice on the research design and analysis. The objective of this research was to understand the public’s awareness and perceptions of how online advertising is served to the public based on their personal data, choices and behaviour.

Advertising technology — known as adtech — refers to the different types of analytics and digital tools used to direct online advertising to individual people and audiences. It relies on collecting information about how individuals use the internet, such as search and browsing histories, and personal information, such as gender and year of birth, to decide which specific adverts are presented to a particular person. Websites also use adtech to sell advertising space in real-time.

The research finds that more than half (54%) of participants would rather see relevant online adverts. But while 63% of people initially thought it acceptable for websites to display adverts, in return for the website being free to access, this fell to 36% once it was explained how personal data might be used to target adverts.

Read more awwb.htm at MelonFarmers.co.uk

uk department of health 0300x0201 0297x0198 logo People’s medical records will be combined with social and smartphone surveillance to predict who will pick up bad habits and stop them getting ill, under radical government proposals.

Matt Hancock, the health secretary, is planning a system of predictive prevention, in which algorithms will trawl data on individuals to send targeted health nags to those flagged as having propensities to health problems, such as taking up smoking or becoming obese.

The creepy plans have already attracted privacy concerns among doctors and campaigners, who say that the project risks backfiring by scaring people or being seen to be abusing public trust in NHS handling of sensitive information.

Read more me_asa.htm at MelonFarmers.co.uk

ASA logo Online adverts placed by Scottish companies are to be trawled by automated bots to proactively seek out commercials which break censorship rules.The automated technology is part of a new strategy to be unveiled next month by the Advertising Standards Authority, which will use the software to identify adverts and social media posts which could potentially be in breach of official standards. They will then be assessed by humans and a decision made as to whether action should be taken.

ASA chief executive Guy Parker told Scotland on Sunday that Scottish companies and organisations were likely to be specifically targeted under the new, UK-wide strategy. Parker regurgitated the old trope that the innocent have nothing to fear saying:

I don’t think responsible Scottish companies have anything to fear — on the contrary, they will welcome better online regulation.

We want to make more adverts responsible online than we have at the moment. We are looking at how we can responsibly automate something that would flag up things that we would then want humans to review. We want to be in a position by 2023 where we are an organisation that is using this technology in a way that makes adverts more responsible.

It seems that Scotland was chosen as the Guinea-pig for the new system as ASA says that Scots historically don’t complain much about adverts, although there was an upturn last year. Parker notes that the most complaints UK-wide come from “better off, middle class people in London and the southeast of England”.

Read more awwb.htm at MelonFarmers.co.uk

canada cannabis flag The Canadian government is seeking a company that will scour social media and the dark web for data on Canadians’ use of cannabis. The request comes a few weeks before recreational pot use becomes legalized on October 17.

According to a tender posted by Public Safety Canada this week, the government wants a company to algorithmically scan Twitter, Tumblr, Facebook, Instagram, and other relevant microblogging platforms for information on Canadians’ attitudes towards legal pot and their behaviours.

The initiative will look for self-reported usage patterns (how much, what kind, and where) and activities such as buying and selling weed. The government will also be scanning social media for criminal activities associated with cannabis use–driving under the influence, for example. The initiative will also capture metadata, such as self-reported location and demographics, but according to the tender the data must exclude individual unique identifiers.

Motherboard asked Public Safety Canada spokesperson Karine Martel about the project but she did not comment on whether information on cannabis-related crimes collected from social media will be shared with law enforcement, but noted that the work will be conducted in compliance with the Tri-Council Policy Statement which notes that: research focusing on topics that include illegal activities depends on promises of strong confidentiality to participants.

According to a second tender the feds are also looking to keep track of Canadians buying and selling weed on so-called dark web markets. Both projects are slated to conclude on April 30, 2019.

Read more gcnews.htm at MelonFarmers.co.uk

European court buildings The European Court of Human Rights (ECtHR) has found that the UK’s mass surveillance programmes, revealed by NSA whistleblower Edward Snowden, did not meet the quality of law requirement and were incapable of keeping the interference to what is necessary in a democratic society.

The landmark judgment marks the Court’s first ruling on UK mass surveillance programmes revealed by Mr Snowden. The case was started in 2013 by campaign groups Big Brother Watch, English PEN, Open Rights Group and computer science expert Dr Constanze Kurz following Mr Snowden’s revelation of GCHQ mass spying.

Documents provided by Mr Snowden revealed that the UK intelligence agency GCHQ were conducting population-scale interception, capturing the communications of millions of innocent people. The mass spying programmes included TEMPORA, a bulk data store of all internet traffic; KARMA POLICE, a catalogue including a web browsing profile for every visible user on the internet; and BLACK HOLE, a repository of over 1 trillion events including internet histories, email and instant messenger records, search engine queries and social media activity.

The applicants argued that the mass interception programmes infringed UK citizens’ rights to privacy protected by Article 8 of the European Convention on Human Rights as the population-level surveillance was effectively indiscriminate, without basic safeguards and oversight, and lacked a sufficient legal basis in the Regulation of Investigatory Powers Act (RIPA).

In its judgment, the ECtHR acknowledged that bulk interception is by definition untargeted ; that there was a lack of oversight of the entire selection process, and that safeguards were not sufficiently robust to provide adequate guarantees against abuse.

In particular, the Court noted concern that the intelligence services can search and examine “related communications data” apparently without restriction — data that identifies senders and recipients of communications, their location, email headers, web browsing information, IP addresses, and more. The Court expressed concern that such unrestricted snooping could be capable of painting an intimate picture of a person through the mapping of social networks, location tracking, Internet browsing tracking, mapping of communication patterns, and insight into who a person interacted with.

The Court acknowledged the importance of applying safeguards to a surveillance regime, stating:

In view of the risk that a system of secret surveillance set up to protect national security may undermine or even destroy democracy under the cloak of defending it, the Court must be satisfied that there are adequate and effective guarantees against abuse.’

The Government passed the Investigatory Powers Act (IPA) in November 2016, replacing the contested RIPA powers and controversially putting mass surveillance powers on a statutory footing.

However, today’s judgment that indiscriminate spying breaches rights protected by the ECHR is likely to provoke serious questions as to the lawfulness of bulk powers in the IPA.

Jim Killock, Executive Director of Open Rights Group said:

Viewers of the BBC drama, the Bodyguard, may be shocked to know that the UK actually has the most extreme surveillance powers in a democracy. Since we brought this case in 2013, the UK has actually increased its powers to indiscriminately surveil our communications whether or not we are suspected of any criminal activity.

In light of today’s judgment, it is even clearer that these powers do not meet the criteria for proportionate surveillance and that the UK Government is continuing to breach our right to privacy.

Silkie Carlo, director of Big Brother Watch said:

This landmark judgment confirming that the UK’s mass spying breached fundamental rights vindicates Mr Snowden’s courageous whistleblowing and the tireless work of Big Brother Watch and others in our pursuit for justice.

Under the guise of counter-terrorism, the UK has adopted the most authoritarian surveillance regime of any Western state, corroding democracy itself and the rights of the British public. This judgment is a vital step towards protecting millions of law-abiding citizens from unjustified intrusion. However, since the new Investigatory Powers Act arguably poses an ever greater threat to civil liberties, our work is far from over.

Antonia Byatt, director of English PEN said:

This judgment confirms that the British government’s surveillance practices have violated not only our right to privacy, but our right to freedom of expression too. Excessive surveillance discourages whistle-blowing and discourages investigative journalism. The government must now take action to guarantee our freedom to write and to read freely online.

Dr Constanze Kurz, computer scientist, internet activist and spokeswoman of the German Chaos Computer Club said:

What is at stake is the future of mass surveillance of European citizens, not only by UK secret services. The lack of accountability is not acceptable when the GCHQ penetrates Europe’s communication data with their mass surveillance techniques. We all have to demand now that our human rights and more respect of the privacy of millions of Europeans will be acknowledged by the UK government and also by all European countries.

Dan Carey of Deighton Pierce Glynn, the solicitor representing the applicants, stated as follows:

The Court has put down a marker that the UK government does not have a free hand with the public’s communications and that in several key respects the UK’s laws and surveillance practices have failed. In particular, there needs to be much greater control over the search terms that the government is using to sift our communications. The pressure of this litigation has already contributed to some reforms in the UK and this judgment will require the UK government to look again at its practices in this most critical of areas.