Fed’s finding more ways to collect your data; Here’s the latest

Social Media on Phone

Important Takeaways:

  • The feds are buying mountains of your personal data and one day could use it against you
  • …a new report for the nation’s chief spymaster, Avril Haines.
  • The Fourth Amendment recognized Americans’ right “to be secure . . . against unreasonable searches and seizures.”
  • But Washington is mothballing that lofty standard for a new motto: “Those who have nothing to hide have nothing to fear.”
  • The latest federal surveillance tsunami is being spurred by purchases of commercially available information (CAI) that private companies vacuum up from data from smartphones, computers and other digital devices and trackers.
  • “CAI Increases the Power of the Government,” warns the Office of the Director of National Intelligence report. “The government would never have been permitted to compel billions of people to carry location tracking devices on their persons at all times, to log and track most of their social interactions, or to keep flawless records of all their reading habits.”
  • Yet that’s what happens nowadays.
  • Federal agencies have always been permitted to use publicly available information for investigations.
  • The Supreme Court ruled in 2018 that police need a search warrant to seize tracking data on a person’s car.
  • But government agencies can simply purchase the same information from data brokers.
  • Ron Wyden (D-Ore.) cautions, “If the government can buy its way around Fourth Amendment due-process, there will be few meaningful limits on government surveillance.”
  • [For example]
  • The Supreme Court ruled in 2018 that police need a search warrant to seize tracking data on a person’s car.
  • But government agencies can simply purchase the same information from data brokers.
  • Ron Wyden (D-Ore.) cautions, “If the government can buy its way around Fourth Amendment due-process, there will be few meaningful limits on government surveillance.”
  • The CAI rascality is only the latest federal surveillance scheme making mincemeat of Americans’ privacy:
    • Customs agents are entitled to seize and copy all the cellphone and laptop data from American citizens returning home from abroad. Any information vacuumed up is added to a massive database that the feds retain for 15 years.
    • The Department of Homeland Security browbeat money-transfer companies to surrender records of any transfer of more than $500 between any US state and 22 foreign nations, rifling a database of more than150 million cash transfers.
    • Drug Enforcement Administration launched an illegal scheme to treat anyone who purchased a money-counting machine like a drug dealer. That secret program blew up after a 2019 inspector general report.
  • How many other zany federal surveillance programs have we not heard about?
  • The answer is a secret.

Read the original article by clicking here.

Italy’s social security website hit by hacker attack

ROME (Reuters) – Computer hackers have attacked Italy’s social security website, forcing it to shut down on Wednesday just as people were starting to apply for coronavirus benefits, the head of the welfare agency said.

Pasquale Tridico said his INPS agency had received some 339,000 applications for the 600 euro ($655) so far, but that hackers had compromised access to the site.

“In the last few days we have suffered several hacker attacks that produced a major breakdown,” Tridico told state broadcaster RAI. “They continued today and we had to close the website.”

The government has imposed a nationwide lockdown to try to contain an outbreak of coronavirus that has killed almost 12,500 people in under six weeks.

The restrictions have brought much of the Italian business world to a halt, wreaking havoc with many peoples’ livelihoods.

In an initial response to the economic crisis, self-employed or seasonal workers can apply to INPS for the special, 600 euro payout.

However, users trying to log onto the INPS site earlier on Wednesday reported severe disruption. Some said personal data of other people were displayed on their screens as they tried to complete their requests.

Tridico said he had told the police of the cyberattack, which has raised doubts about the security of Italy’s digital infrastructure as it struggles with the coronavirus emergency. He did not mention a data breach.

The ruling Democratic Party (PD) party said the national security services should be tasked with finding those behind the hacks. “These jackals must be stopped immediately,” said PD deputy leader Andrea Orlando.

(Reporting by Angelo Amante; Editing by Crispian Balmer and Philippa Fletcher)

U.S. agency responsible for Trump’s secure communication suffered data breach: letter

By Christopher Bing

WASHINGTON (Reuters) – The U.S. defense agency responsible for secure White House communications said Social Security numbers and other personal data in its network may have been compromised, according to a letter seen by Reuters on Thursday that was sent to individuals whose data may have been taken.

The letter, dated Feb. 11, 2020, says that between May and July 2019, personal data may have been compromised “in a data breach” on a system hosted by the Defense Information Systems Agency.

The White House did not immediately answer a request for comment and the letter provided few further details. For example, it did not indicate what specific part of DISA’s network had been breached or identify which other individuals may have had their data compromised.

The Defense Information Systems Agency, which calls itself a combat support agency of the Defense Department on its website, employs 8,000 military and civilian employees.

The agency says it “provides direct telecommunications and IT support to the president, vice president, their staff, and the U.S. Secret Service.”

The site also says the agency provides “direct support” to the chairman of the Joint Chiefs of Staff and senior members of the U.S. armed forces. Its field offices support U.S. military commanders abroad.

The agency’s letter said that it had no evidence any personal data possibly taken was misused but that it was required to notify individuals who may have had data taken.

(Reporting by Christopher Bing; Editing by Chizu Nomiyama, Jonathan Oatis and Howard Goller)

Privacy concerns pushing people to change online behaviour, poll shows

By Umberto Bacchi

TBILISI (Thomson Reuters Foundation) – Privacy concerns are pushing people to change their behaviour online, according to an international poll published on Wednesday that found one in three avoid specific search terms or web pages to elude tracking.

More than seven in 10 respondents to a survey of almost 10,000 people in nine countries said they were worried about how tech firms collected and used their personal data.

About half said they feared their online activity could reveal intimate information about their lives, according to the survey by rights group Amnesty International, which advocates for stronger rules on data protection.

“A clear majority of people are worried about the power Big Tech has over their lives,” said Tanya O’Carroll, director of Amnesty Tech, in a statement.

The Internet Association, a trade group representing tech firms including Facebook and Google, did not immediately respond to a request for comment.

Once seen as engines of growth and innovation, tech giants face accusations on both sides of the Atlantic of misusing their power and failing to protect users.

Social media companies have come under increased scrutiny on data privacy issues, fuelled by last year’s Cambridge Analytica scandal in which tens of millions of Facebook profiles were harvested without their users’ consent..

About half of those interviewed said they have since become more cautious about sharing online personal information such as age, gender and sexual orientation. More than 30% said they now used digital tools to limit online tracking.

The survey, conducted online in late October by British pollster YouGov in countries including Brazil, India, and the United States, did not say what terms people avoided.

Privacy groups have warned against using words that could identify users, potentially exposing them to identity theft, such as names, addresses and credit card numbers.

“People and authorities are waking up to the impact of data collection,” online privacy expert Paul-Olivier Dehaye, told the Thomson Reuters Foundation in an email.

In March, Google and Facebook said they were making changes to boost user privacy.

Leaders at both companies have said they take steps to protect user data while using it to help keep their services free or low-cost for billions of people.

Yet almost three in four respondents to the survey said governments should do more to regulate the tech sector.

“People want to see an end to tech companies trampling over our right to privacy,” said O’Carroll.

But Edin Omanovic, advocacy director at London-based group Privacy International, said new laws were not always the answer.

“In many cases the regulations are already there, the problem is they are just not enforced,” he said.

Of the nine countries surveyed, only Egypt has no specific data protection law, according to the French data watchdog, CNIL.

Germany, Denmark, Norway and France are covered by the European Union’s (EU) General Data Protection Regulation (GDPR), which came into force in 2018 and is widely considered a global benchmark for privacy regulations.

(Reporting by Umberto Bacchi @UmbertoBacchi, Editing by Claire Cozens.

British official urges more protection for children ‘datafied from birth’

A girl views a new iPad tablet computer at an Apple store during its UK launch in central London May 28, 2010. Diehard fans mobbed Apple Inc stores in Asia and Europe as the iPad tablet computer went on sale outside the United States for the first time on Friday. The device, a little smaller than a letter-size sheet and with a colour touchscreen, is designed for surfing the Web, watching movies and reading. It has been hailed by the publishing industry as a potential life-saver. REUTERS/Luke MacGregor (BRITAIN - Tags: BUSINESS SOCIETY SCI TECH) - LM1E65S12UK01

By Adela Suliman

LONDON (Thomson Reuters Foundation) – British children are having vast quantities of personal data collected from birth, according to a report released on Thursday that calls for more transparency and greater legal protection.

From proud parents sharing a photo of their newborn baby online to internet-based toys, smart speakers and location tracking gadgets, children’s every move is being tracked, the Children’s Commissioner for England warned in the report.

“We’re all datafied but the difference for children is … they’re datafied from birth,” the report’s author Simone Vibert, told the Thomson Reuters Foundation.

“I think we should be concerned because we don’t know what the consequences of all this information about children will be in the future.”

Vibert said parents should stop and think before sharing information online about their children, whose online data footprints could one day put them at greater risk of identity theft or limit their job and university prospects.

Last year, a popular children’s toy, CloudPets, was found to have breached data laws after gathering and storing online about two million personal messages shared between children and their family members.

About 79 percent of five to seven year olds in Britain go online every week, mostly using a tablet, this jumps to 99 percent of 12 to 15 years olds, according to a 2017 report by Britain’s communications regulator, Ofcom.

Children aged 11 to 16 post on social media on average 26 times a day, which means by the age of 18 they are likely to have posted 70,000 times, the report found.

It said that while personal information in the wrong hands could pose an immediate threat to children’s safety, there is less understanding of how personal data gathered in childhood shape people’s prospects in the long term.

Children’s Commissioner Anne Longfield called on the government to urgently refine existing data protection legislation.

The report said her office would draft a law outlining the statutory duty of care governing the relationship between social media companies and their audiences.

It also urged companies to be more transparent about their collection and use of children’s data and recommended safeguards including improved education in schools on social media use.

Asked to respond, the government said it was “determined to make Britain the safest place to be online”.

“Parents need to have confidence their children are protected,” a spokeswoman for Britain’s Department for Digital, Culture, Media & Sport told the Thomson Reuters Foundation.

(Reporting by Adela Suliman; Editing by Claire Cozens. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers humanitarian news, women’s rights, trafficking, property rights, climate change and resilience. Visit http://news.trust.org)

Cyber-attack on Singapore health database steals details of 1.5 million, including PM

Singapore Prime Minister Lee Hsien Loong in Manila, Philippines November 14, 2017. REUTERS/Aaron Favila/Pool

By Jack Kim

SINGAPORE (Reuters) – A major cyber attack on Singapore’s government health database stole the personal information of about 1.5 million people, including Prime Minister Lee Hsien Loong, the government said on Friday.

The attack, which the government called “the most serious breach of personal data” that the country has experienced, comes as the highly wired and digitalized state has made cybersecurity a top priority for the ASEAN bloc and for itself.

Singapore is this year’s chair of the 10-member Association of Southeast Asian Nations (ASEAN) group.

“Investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHiS)confirmed that this was a deliberate, targeted and well-planned cyberattack,” a government statement said.

“It was not the work of casual hackers or criminal gangs,” the joint statement by the Health Ministry and the Ministry of Communications and Information said.

About 1.5 million patients who visited clinics between May 2015 and July 4 this year have had their non-medical personal particulars illegally accessed and copied, the statement said.

“The attackers specifically and repeatedly targeted Prime Minister Lee Hsien Loong’s personal particulars and information on his outpatient dispensed medicines,” it said.

A Committee of Inquiry will be established and immediate action will be taken to strengthen government systems against cyber attacks, the Ministry of Communications said in a separate statement.

It did not provide details about what entity or individuals may have been behind the attack.

Lee, in a Facebook post following the announcement, said the breach of his personal medical data was not incidental and he did not know what information the attackers were hoping to find.

“My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it,” he said.

(Reporting by Jack Kim; Editing by Clarence Fernandez and Michael Perry)

TruNews: Charges In Massive Cyberattacks against JPMorgan Chase & Co

TRUNEWS – Prosecutors have announced criminal charges for three men accused of helping to run a series of hacking and fraud schemes, including an attack in 2014 against JPMorgan Chase & Co that generated hundreds of millions of dollars in illegal profit.

Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein are named in a 23-count indictment, the three are accused of crimes involving at least nine financial services companies and media outlets, as well as online casinos, payment processing for criminals, and an illegal bitcoin exchange.

A fourth man, Anthony Murgio, is also named in the bitcoin exchange scam.

The charges are the first to be connected to the attack on JPMorgan, in which 83 million customers had their personal data accessed; prosecutors are calling it the largest theft of customer data from a US financial institution.

Other companies who were affected include E Trade  Financial, which says it’s contacted some 31,000 customers who may have been affected.

JPMorgan says it continues to work with authorities in an effort to fight further cybercrimes.