"Trust us" say increasing number of government and private organizations delving into your data. Talk Liberation - Your Worldwide INTERNET REPORT (Issue 5, 2021)

Apple and T-Mobile two latest examples of breaches of trust. Google expands data centers, Cloudflare uses biometrics, and US police lose heaps of data.

Homeland Security to contract private firms to monitor social media

Private companies may be hired by the Department of Homeland Security to screen public social media accounts, the Wall Street Journal reports. The private companies will then monitor social media to browse for warning signs of potential violence. This has sparked debate within the DHS about how to monitor online discourse while also protecting Americans’ civil liberties. 

Talk Liberation is committed to providing equal access for individuals with disabilities. To view an accessible version of this article, click here.

This effort comes in response to the January 6th event on Capitol Hill after some officials argued that the DHS needs to improve its abilities to detect future violence using social media. However, attorney for the Electronic Frontier Foundation (EFF), Adam Schwartz, warns that social media data collected could be stored forever and then used for other purposes in the future. In a statement to the Wall Street Journal, Schwartz says, “We do not support an expansion of social-media surveillance in the name of stopping the next attack on the Capitol.”

Meanwhile, a spokesperson for the DHS said the department is working alongside the White House to ensure civil rights and liberties are upheld. But one official acknowledged that the White House was not in agreement with some of the DHS efforts to do so.

UN official denied Twitter verification in error

Twitter’s verification system has been the subject of much criticism after it was re-implemented in June 2021. Twitter’s verification is intended to distinguish a public person involved in government, notable brands, non-profit organizations, news, entertainment, sports, etc. However, Professor Nils Melzer, the United Nations Special Rapporteur on Torture with the UN Human Rights Council, was initially denied verification despite meeting the criteria, according to a post by him on Twitter.

After appealing the decision, Melzer was eventually granted a blue badge.

It is worth noting that Nils Melzer is most well-known for his inquiry into the torture of imprisoned journalist Julian Assange. Melzer became a vocal advocate for the award-winning publisher in 2019 following Assange’s arrest. It remains unclear as to why Melzer was initially denied a blue badge.

T-Mobile hacked

T-Mobile confirms it was hacked after customer data was posted online to a known cybercriminal platform. According to TechCrunch, Vice reported that T-Mobile began investigating a possible hack after a seller claimed to have obtained millions of records. The seller claims to have had a significant amount of data including account names, phone numbers, social security numbers and driver’s license information, which is material the company collects in order to verify customers’ identity.

However, T-Mobile says that it is unaware if any personal data is involved and the investigation will continue.

T-Mobile has a history of data breaches and this is the fifth time it has been hacked in the past several years, TechCrunch reports. As recently as January the company admitted that hackers stole nearly 200,000 call records and other forms of data. 

Twitter experimental feature allows users to flag misinformation

Twitter introduced a new experimental feature that enables users to report misinformation on the social media site by reporting a tweet as “misleading.” The user can then specify if the tweet is misleading on “politics,” “health” or “something else.” The new feature will be available to users in Australia, South Korea and the United States. This is the latest attempt by Twitter to rely on its community of users to monitor content. 

Twitter already has policies to regulate what it considers Covid-19 and election misinformation. This new experimental system will work alongside Twitter’s existing mechanisms, which rely on human moderation and AI. Twitter will be monitoring how users on the platform interact with this experimental reporting feature and whether it is effective in identifying misinformation.

Cloudflare to establish biometric authentication

Cloudflare will now allow users to provide biometric data, including fingerprints, during authentication. Cloudflare claims this data is not uploaded to the system but is “kept on a device in a FIDO-style transaction.” Cloudflare will rely on hardware authentication, which differs from that used on Apple and Android devices. 

Additionally, Cloudflare says that it is taking measures to protect user privacy by “using a form of zero knowledge proofs.” Furthermore, Cloudflare states it will learn nothing about the user or the device and that the information will only be used as a valid security key.

Victory for California civil rights activists 

California civil rights activists achieved a legal victory against Thomson Reuters as a motion to dismiss a lawsuit on the illegal selling of data was denied. The plaintiffs’ claim Thomson Reuters’s CLEAR database collected and sold millions of records including criminal records, utility records, photographs and other material to private companies, law enforcement and US Immigration and Customs Enforcement (ICE).

US District Judge Edward M. Chen of the Northern District of California partially denied CLEAR’s motion to dismiss the case because he found that the harm to the plaintiffs was significant and that their data was sold without their knowledge or their consent. The lawsuit intends to prevent CLEAR from collecting and selling Californians’ data without their knowledge and seeks punitive damages for the plaintiffs.

In a statement posted to stopspying.org, plaintiff Cat Brooks said:

As an activist, it is extremely important to me to maintain control over the dissemination of personal information about me and my family. As a single mother who receives hate mail, it is terrifying to me that Thomson Reuters offers its customers extensive access to my personal information just so it can make a profit.

Apple faces scrutiny for new photo-scanning feature

Apple defends new iPhone photo-scanning features despite widespread privacy concerns. The company claims that it will have limited access to the images collected. Apple stated during a briefing that it will rely on outside groups from around the world to determine what images are questionable. The company reiterated that it will only examine images uploaded to iCloud and says that it will not comply with any requests from governments to scan for material other than images related to child sexual abuse.

However, privacy experts continue to raise a number of concerns. In an email to Talk Liberation, Caitlin Seeley George of Fight for the Future said:

“Apple is gaslighting digital rights groups by saying that they just don’t understand how the tech works, but the company cannot deny that this new scanning feature could be expanded to target other imagery and a much wider audience than its original intent. Apple says that it wouldn’t cave to governments that demand it expand scanning to look at other kinds of imagery, but the company already censors apps from the App Store in places like China in order to appease the government and protect its profits. Governments will force Apple to choose between its profits and surveilling people via this new backdoor — and Apple has already shown us its priorities. We hope Apple returns to its stance that puts the rights and safety of people around the world first by never creating a backdoor it can be forced to use in the first place.”

In the two weeks since Apple announced its photo-scanning technology, it has already been partially reverse-engineered. Secrets vital to the "NeuroHash" algorithm have been discovered in the latest version of iOS. This increases the likelihood that false positives will be generated that flag Apple's scanning system, revealing a serious flaw in the program before it is rolled out. In the words of cryptographer Matthew Green, "That was surprisingly fast.”

Law enforcement put legal cases into chaos

Dallas Police Department recently “lost” eight terabytes of data, Gizmodo reports. The Department announced that a city IT employee accidentally deleted the data, which now leaves many court cases with missing evidence. In a statement shared with Gizmodo, according to the DPD, an IT employee lost the data when failing to follow the proper procedure during a data migration dating back to April.

But that is not all. Dallas District Attorney’s Office said that initially 22 terabytes of data were lost but more than half of the data was eventually recovered. However, the remaining eight terabytes is considered unrecoverable — this includes photos, videos, audio recordings, and other material. District Attorney John Creuzot says that the people of Dallas deserve to know exactly what happened when this data was lost, especially given that some top city officials failed to appropriately report the incident.

The office is still examining the full scope of the data loss, and it is unclear how many cases will be affected by this loss of information. 

Google expands data centers

Mega corporation Google will invest $1 billion in data center expansion, which includes purchasing new land in New Albany, Ohio, near the state’s capital Columbus. The site is the home of the old Hartman Farm, according to Columbus Dispatch.

Google chose to expand its data centers because of the increase in use of the Internet. The Big Tech giant purchased 618 acres in New Albany and Lancaster and claims that this land will be used for the development of future data centers. Following this purchase, the corporation will then have 1,000 acres of land in the Columbus area. 

This announcement comes at a time when central Ohio is becoming a “cloud computing hub.” Governor Mike DeWine welcomes the expansion into Ohio and says that Ohio is becoming one of the country’s leading cloud computing locations. However, these investments do not lead to any significant job creation. In fact, the data center at the old Hartman Farm would only generate 20 jobs. 

In addition to the announcement, Google plans to “bring a Google Cloud region to Columbus,” which will allow for faster Internet service in the future.

That concludes Your Worldwide INTERNET REPORT for this week! 

Remember to SUBSCRIBE and spread the word about this amazing news service.

This issue of Your Worldwide INTERNET REPORT was written by Taylor Hudak; Edited by Suzie Dawson and Sean O’Brien; Graphics by Kimber Maddox; with production support by David Sutton.

Talk Liberation - Your Worldwide INTERNET REPORT was brought to you by panquake.com. We Don’t Hope, We Build! 

© Talk Liberation CIC Limited. The original content of this article is licensed under a Creative Commons Attribution-ShareAlike 4.0 International license. Please attribute copies of this work to “Talk Liberation” or talkliberation.com. Some of the work(s) that this program incorporates may be separately licensed. For further information or additional permissions, contact licensing@talkliberation.com