Verizon and AT&T Want to Run Invasive Phone Ad-Tracking Networks

Smartphones today are essentially surveillance devices — perhaps the most intimate surveillance devices in general. If they’re left on (as is common), they know where people travel (it’s a necessity to keep a connection to phone towers and many apps track location), who they associate with (probably who they have sex with), what they do (seeing as they’re computers that people interact with on average for hours a day), and to top it all off, they can be turned into listening devices if the phone is hacked. Adding more intrusive surveillance to this (via more ad-tracking) would be horrible news for consumer privacy, and since privacy and security are so often intertwined today, it’ll end up being bad news for consumer security somehow too.

 

NSA Expands Mass Surveillance to Triple Its Collection of U.S. Phone Records

Mass surveillance is damaging to privacy generally and ineffective at preventing stateless terror attacks — its main effect is to increase repressive control.

The National Security Agency (NSA) collected over 530 million phone records of Americans in 2017—that’s three times the amount the spy agency sucked up in 2016.

The figures were released Friday in an annual report from the Office of the Director of National Intelligence (ODNI).

It shows that the number of “call detail records” the agency collected from telecommunications providers during Trump’s first year in office was 534 million, compared to 151 million the year prior.

“The intelligence community’s transparency has yet to extend to explaining dramatic increases in their collection,” said Robyn Greene, policy counsel at the Open Technology Institute.

The content of the calls itself is not collected but so-called “metadata,” which, as Gizmodo notes, “is supposedly anonymous, but it can easily be used to identify an individual. The information can also be paired with other publicly available information from social media and other sources to paint a surprisingly detailed picture of a person’s life.”

The report also revealed that the agency, using its controversial Section 702 authority, increased the number of foreign targets of warrantless surveillance. It was 129,080 in 2017 compared to 106,469 in 2016.

As digital rights group EFF noted earlier this year,

Under Section 702, the NSA collects billions of communications, including those belonging to innocent Americans who are not actually targeted. These communications are then placed in databases that other intelligence and law enforcement agencies can access—for purposes unrelated to national security—without a warrant or any judicial review.

“Overall,” Jake Laperruque, senior counsel at the Project On Government Oversight, said to ZDNet, “the numbers show that the scale of warrantless surveillance is growing at a significant rate, but ODNI still won’t tell Americans how much it affects them.”

U.S. Federal Government Set to Further Expand Mass Surveillance

It’s striking that the same congressional Democrats who verbally denounce the current president as a tyrant then vote to grant the executive branch extremely unjust surveillance authority. U.S. citizens, I encourage you to call the Senate and tell them to vote no on this mass surveillance bill. The Capitol Switchboard number is (202) 804-3305.

With the Senate set to cast its first votes on a bill that reauthorizes and expands the government’s already vast warrantless spying program in a matter of hours, civil libertarians on Tuesday launched a last-ditch effort to rally opposition to the legislation and demand that lawmakers protect Americans’ constitutional right to privacy.

Fight for the Future (FTF), one of many advocacy groups pressuring lawmakers to stop the mass surveillance bill in its tracks, notes that “just 41 senators can stop” the bill from passing.

“In the age of federal misconduct, every member of Congress must move right now to stop the government’s abuse of the internet to monitor everyone; they must safeguard our freedom and the U.S. Constitution,” FTF urged.

The FISA Amendments Reauthorization Act of 2017 (S.139)—passed by the House last week with the revealing but not surprising help of 65 Democrats—would renew Section 702 of FISA, set to expire this Friday.

As The Intercept‘s Glenn Greenwald notes, “numerous Senate Democrats are poised” to join their House colleagues in voting to re-up Section 702, thus violating “the privacy rights of everyone in the United States” and handing President Donald Trump and Attorney General Jeff Sessions sprawling spying powers.

The Senate’s first procedural vote on a cloture motion is expected at 5:30pm ET. If the motion is approved, the path will be clear for the bill to hit the Senate floor.

“Every member of Congress is going to have to decide whether to protect Americans’ privacy, and shield vulnerable communities from unconstitutional targeting, or to leave unconstitutional spying authority in Trump’s—and Jeff Sessions’—hands,” the advocacy group Indivisible notes.

EU Privacy Shield Standard Should be Adopted by More Countries

Online privacy isn’t as appreciated as it should be, but that may change as exponentially more devices are connected to the Internet over the next several years.

If you’re ever expecting a child, Target wants to be one of the first to know. The company has invested in research to identify pregnant customers early on, based upon their purchasing behavior. Then, it targets them with ads for baby gear.

While companies such as Target mine data about products their customers purchase from them (like prenatal vitamins) to send them personalized ads, many also rely on information gathered about us on the web — like what we search for on Google or email our friends. That lets them realize we’re planning a vacation to the Grand Canyon, for instance, and send us ads for local hotels.

 Many people think that it’s an invasion of privacy for companies to gather sensitive data — such as information about our relationships and medical history — and exploit it for commercial purposes. It could also widen social divisions. For example, Facebook determines our political beliefs based upon the pages we like and preferences we list on our profiles. If algorithms peg us as conservative or liberal and we’re targeted with ads accordingly, we may end up never understanding what people of other political persuasions think. Internet activist and author Eli Pariser has argued that America is so politically polarized in part because social media sites leave us in “filter bubbles.” Targeted political advertising could have the same effect.

That’s part of the reason why, in May, a new regulation will go into effect into the European Union giving citizens the “right to object” to “processing of personal data” about them for marketing and other purposes. As Andrus Ansip, the European Commission vice president for the digital single market, tweeted, “Should I not be asked before my emails are accessed and used? Don’t you think the same?” The new law overcame serious opposition from the advertising industry, whose representatives argue that it will disrupt ad revenues needed by the media. Experts say that websites will have to provide more valuable content to users as an incentive for readers to allow them to use their data.

Here in the U.S., most ads are bought through exchanges that allow advertisers to target people based upon data about them. Companies can choose to buy ads that will be seen, for example, by women who live in a particular ZIP code and graduated from a certain school. But according to guidance established by the Digital Advertising Alliance — a consortium of industry trade associations including the American Association of Advertising Agencies, the Association of National Advertisers, and the Better Business Bureau — consumers should have “the ability to exercise choice with respect to the collection and use of data.” Two members of the alliance accept consumer complaints and do their own research to identify violations of the rule. They work with companies to help them fix problems and report violations to regulators. 1  

While the principle behind the new EU law could justify wide-ranging new regulations and restrictions on how companies throughout the world do business, James Ryseff, a former Google engineer, says it’s likely that initially it will simply allow users to opt out of the “cookies” that track internet users as they surf the web. Although this will reduce the amount of data that tech companies can collect, it doesn’t truly allow users to opt out of targeted advertising, since businesses can still use the information they gather through other techniques — such as in-store purchases — to classify and reach customers. That’s why, Ryseff says, Americans should have more sophisticated ways to determine exactly what advertisers learn about us.

First, for example, we should be able to decide whether companies are able to gather generic data about who we are (such as our age, gender and location) or information about what we’re doing (such as researching a medical condition) — or neither, or both. “In general, I think ‘What I do’ information has a greater ability to freak people out,” Ryseff says. “Used incorrectly, it makes you feel like Google is stalking you.”

Second, Americans should get to decide where and when our data is tracked. For example, some people might be more comfortable being tracked on a search engine that knows their buying behavior and can make recommendations accordingly, but less so on personal email which can identify private facts about their lives — or work email which might contain proprietary information. (Google previously used data from the content of users’ emails to target them with ads, but pledged in June to stop the practice.) And we might want to temporarily stop allowing search engines to track our activities when we’re looking up something private, like medical symptoms. 2

Third, we should get to decide whether we’re willing to be targeted with ads based upon our own behaviors or people algorithms have decided are like us.

Google Collecting the Location of Android Users Even When Location Services are Disabled

Google’s latest disrespect for personal privacy follows their censorship of many left-wing media outlets. Google has cooperated too much (see the U.S. PRISM program) with various governments in providing information on innocent people in the past, and it would be unwise to always expect them to do the same in the future.

Many people realize that smartphones track their locations. But what if you actively turn off location services, haven’t used any apps, and haven’t even inserted a carrier SIM card?

Even if you take all of those precautions, phones running Android software gather data about your location and send it back to Google when they’re connected to the internet, a Quartz investigation has revealed.

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.

Quartz observed the data collection occur and contacted Google, which confirmed the practice.

The cell tower addresses have been included in information sent to the system Google uses to manage push notifications and messages on Android phones for the past 11 months, according to a Google spokesperson. They were never used or stored, the spokesperson said, and the company is now taking steps to end the practice after being contacted by Quartz. By the end of November, the company said, Android phones will no longer send cell-tower location data to Google, at least as part of this particular service, which consumers cannot disable.

[…]

The practice is troubling for people who’d prefer they weren’t tracked, especially for those such as law-enforcement officials or victims of domestic abuse who turn off location services thinking they’re fully concealing their whereabouts. Although the data sent to Google is encrypted, it could potentially be sent to a third party if the phone had been compromised with spyware or other methods of hacking. Each phone has a unique ID number, with which the location data can be associated.

The revelation comes as Google and other internet companies are under fire from lawmakers and regulators, including for the extent to which they vacuum up data about users. Such personal data, ranging from users’ political views to their purchase histories to their locations, are foundational to the business successes of companies like Facebook and Alphabet, built on targeted advertising and personalization and together valued at over $1.2 trillion by investors.

Chilling Chinese Social Credit Blacklist

I mainly criticize the corrupt activities of the U.S. government and the corporations originating there, but I occasionally devote energy to criticizing other states if it’s significant enough. Chinese repressions such as its heavily authoritarian, state-sanctioned system of discrimination fall into that category.

Apple CEO Tim Cook looks forward to a “common future in cyberspace” with China, he told the Chinese government’s World Internet Conference earlier this month. This was an embarrassing gesture toward a state that aggressively censors the internet and envisions a dystopian future online.

The experience of lawyer Li Xiaolin may give a taste of what that future looks like. During a 2016 work trip inside China, he tried to use his national identity card to purchase a plane ticket. To his surprise, the online system rejected it, saying he had been blacklisted by China’s top court. Mr. Li checked the court’s website: His name was on a list of “untrustworthy” people for having failed to carry out a court order in 2015. He thought he had resolved the issue, but now he was stranded more than 1,200 miles from home.

Mr. Li’s dilemma was due to the Chinese government’s ambitious “social credit system.” Launched by the government in 2012, it vows to “make trustworthy people benefit everywhere and untrustworthy people restricted everywhere” by the time it is fully implemented in 2020.

This is no anodyne credit score. By rating citizens on a range of behaviors from shopping habits to online speech, the government intends to manufacture a problem-free society. Those with low scores will face obstacles in everything from getting government jobs to placing their children in desired schools. It remains unclear exactly who will run the system, whether or how one could dispute scores, or even whether the system is legal.

[…]

Chinese government authorities clearly hope to create a reality in which bureaucratic pettiness could significantly limit people’s rights. As President Xi Jinping’s power grows, and as the system approaches full implementation, more abuses will come.

Video on China’s Disturbing Surveillance State

No rational human being would ideally want to live in a society with this much mass surveillance. It presents all sorts of problems and has a major repressive effect.

Mass surveillance has never been about security too. It’s about population control. More people will realize this as time goes on.

China has been building what it calls “the world’s biggest camera surveillance network”. Across the country, 170 million CCTV cameras are already in place and an estimated 400 million new ones will be installed in the next three years.

Many of the cameras are fitted with artificial intelligence, including facial recognition technology. The BBC’s John Sudworth has been given rare access to one of the new hi-tech police control rooms.