The Terms of Service
Covert facial recognition, censored search engines, government mandated back doors
Facial Recognition Used to Identify Taylor Swift's Stalkers
Steve Knopper at Rolling Stone
Fans at a Taylor Swift concert in May were unaware that a kiosk showing rehearsal footage was also running their face through remote recognition software, in an attempt to identify known stalkers of the performer. Prevent Advisors, the security subsidiary of the arena and large event management agency, Oak View Group, coordinated the effort from a command post in Nashville.
Analysis
While the success or false-positive rates of the software were not divulged, it can be safely said that this technology will only improve and become more commonplace over time. Private property rights and terms of service agreements tied to ticket purchases mean that this use of mass facial recognition technology - not dissimilar to China's methodology - is perfectly legal in the United States.
Within the decade expect to have your face run through recognition software when entering any large, private event in a metropolitan area.
Action items
While there's not much you can do to stop someone from using cameras on their property, it's always a good practice to use physical webcam covers on your own devices. This will prevent someone who has gained control of your camera from making use of it.
Hypotheticals
I'm reminded of a friend who, while in his teens, received a lifetime ban from our local mall, because he physically defended himself against another teen who attacked him on the premises. He had to sue mall management for the ban to be lifted - a process that took several years.
I can only imagine the effect this would have on a teenager in a similar situation today, if facial recognition technology was used to deny him or her access to every location managed by the same company.
Google and Facebook End Secretive, Controversial Teams and Projects
Ryan Gallagher at the Intercept
The Intercept reports that Google has "effectively ended" its Dragonfly project, the censored version of the search engine for the Chinese market, after internal pressure from its privacy team and external pressure from privacy and democracy advocates. The project was reportedly in the phase of building a blacklist of sites which included information on democracy and human rights, in accordance with Chinese law.
Mashable reports that Facebook has "disbanded" its Building 8 team, responsible for researching and developing new hardware products, and has spread members among other teams. While the products the team created, including the Portal video conferencing device, aren't controversial on their own, they have received significant scrutiny due to Facebook's record in regards to data-mining and privacy.
Analysis
Whether Google is truly abandoning its censored search engine or just putting it on the back burner, this is a huge win for privacy and democracy advocates. Had Google gone forward unabated it would have set a precedent for Silicon Valley corporations building products at odds with the core ethics of western democracy.
Re-org is probably a better word for what Facebook has done, instead of Mashable's use of "disband". The Portal team is now overseeing other hardware development and Building 8's researchers have been moved to VR work. It's likely that this is more of a "shuffling of the deck" after Portal's luke warm reception.
Action items
There's a spectrum of things that can be done to minimize your contact with Google and Facebook data collection, the most extreme being getting off of their platforms completely. An easy first step is to install the Electronic Frontier Foundation's Privacy Badger browser extension which blocks tracking embeds in web pages.
Hypotheticals
If Google is willing to hide pro-democracy websites from the Chinese people, then it's fair to ask what their executives are willing to covertly do with the company’s main products in America and Europe.
Australia Passes Law Requiring Back Doors in Encrypted Software
The Australian Senate passed a bill that requires software companies to insert back doors into their products for law enforcement, after the Labor party abandoned it previous opposition. The legislation gives agencies the right to demand vulnerabilities "selectively introduced to one or more target technologies that are connected with a particular person".
Analysis
In layman's terms, for an encrypted messaging app like Signal to operate in Australia, it will now have to grant the government permission to decrypt individuals' messages on demand, negating the entire purpose of the service. More frightening is the prospect of non-government or other-government actors discovering intentionally placed back doors and exploiting them.
This bill is potentially the most egregious example of technical hubris from lawmakers to date. It may effectively kill the Australian software industry, as customers in other countries will not want to risk leaking their secrets through software with intentional security holes. It will be most interesting to see how this legislation affects the business of Sydney based Atlassian, developer of some of the most popular business software tools worldwide. There are many multinational corporations that store confidential information in Atlassian's project management software.
Action items
This is a tough one, and requires further monitoring of the execution of this law. If your company uses JIRA (Atlassian's most popular product), and you're concerned about third parties gaining access to what is stored there, then it may be worth vetting other project management suites - especially if you have government contracts. If your company sells hardware and/or software in Australia, then you should ask your legal team to perform an analysis.
Hypotheticals
Government mandated security holes aside, there has never been anything to stop a private company from building a back door into a system or allowing law enforcement covert access (other than the prospect of being caught).
The Big Brother of Things is compiled by Blake Callens.