News digest | Open Society Information Program | Week ending 12 January 2018

News digest | Open Society Information Program | Week ending 12 January 2018

====================================================

The Information Program NEWS DIGEST, published the second and fourth Thursdays of each month, aims to update colleagues in the Open Society Foundations and friends further afield about the news, opinions and events the Program team have been watching this fortnight. The views expressed in these stories do not necessarily reflect those of the Information Program or the OSF. Prepared by Wendy M. Grossman.

Our staff, advisers and major grantees tweet at http://bit.ly/13j5fjq. Current and former grantees featured in this issue: EFF.

NEWS

=====

For breaking news stories, visit: http://pinboard.in/u:osi_info_program/t:news/

India: Newspaper finds Aadhaar number system access on sale for under $8

----------------------------------------------------------------------

The India-based Tribune reports that shortly after the Unique Identification Authority of India (UIDAI) claimed that the Aadhaar number system is safe and secure, the newspaper paid anonymous sellers on WhatsApp Rs500 ($7.90) for a service granting access to the details associated with any of the more than 1 billion Aadhaar numbers so far created. For another Rs300 ($4.75), the agent provided software to facilitate printing Aadhaar cards based on any individual's information. Based on its investigation, the newspaper believes the operation began about six months ago. The newspaper also reports that Jalandhar village-level entrepreneur Bgharat Bhushan Gupta tried to report the problem to the UIDAI at the end of December. When that attempt failed he turned to the newspaper, sparking their investigation. He is now being questioned by police.

http://www.tribuneindia.com/news/nation/rs-500-10-minutes-and-you-have-access-to-billion-aadhaar-details/523361.html

http://www.tribuneindia.com/news/nation/aadhaar-whistleblower-who-first-called-uidai/524050.html

EU: Court of Justice decides Uber is a taxi service

----------------------------------------------------------------------

Bloomberg reports that at the end of December the European Court of Justice ruled that Uber is not a technology platform or information service, as it claims, but a taxi service subject to transportation law. The case began in 2014, when the Barcelona-based Associación Profesional Elite Taxi accused Uber of unfair competition. The case creates a precedent that could place technology companies under regulation in many other sectors such as media (Facebook, Twitter, YouTube) and hotels (Airbnb).

https://www.bloomberg.com/view/articles/2017-12-20/european-ruling-buries-uber-s-platform-myth

Researchers find fundamental flaws in 20 years of processor designs

----------------------------------------------------------------------

At Lawfare, Nicholas Weaver reports that Google researchers have found flaws in the basic design of modern processors that open the way for two new attacks, which they've dubbed Meltdown and Spectre. Meltdown applies to all Intel processors made since 1995; Spectre requires a greater degree of technical sophistication but applies to processors from all vendors. Weaver's best immediate suggestion is to run an ad blocker to protect against these exploits. In an essay, Bruce Schneier argues that the best advice - to replace your hardware - wouldn't be viable for the billions of processors in use, even if there were unaffected replacements available. Schneier believes that further study will reveal worse vulnerabilities that haven't been discovered yet, and that these problems are trivial compared to the already-known risks of the growing Internet of Things. The Register reports that the Meltdown patch will slow Amazon cloud servers (among others).

https://www.lawfareblog.com/spectre-advertising-meltdown-what-you-need-know

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel_1.html

https://www.theregister.co.uk/2018/01/04/amazon_ec2_intel_meltdown_performance_hit/

US: California introduces network neutrality legislation

----------------------------------------------------------------------

The EFF reports that, only weeks after the Federal Communications Commission voted to terminate network neutrality rules, Democrats in California have introduced legislation to protect the free and open internet. Introduced by state Senator Scott Wiener, the bill, which is co-authored by ten state assembly and Senate Democrats, will require businesses operating within the state of California that rely on state infrastructure or funding in order to provide their service, to adhere to the network neutrality principles. Similar bills are in progress in the states of Washington and New York, and there is a competing California effort, introduced by state Senator Kevin de León.

https://www.eff.org/deeplinks/2018/01/california-introduces-its-own-bill-protect-net-neutrality

Facebook deletes accounts to orders from the Israeli and US governments

----------------------------------------------------------------------

At The Intercept, Glenn Greenwald reports that Facebook is deleting accounts at the direction of the US and Israeli governments. Following a meeting of Facebook and Israeli government representatives last September, Facebook began "a censorship rampage" against Palestinian protesters. It's an especial problem because 96% of Palestinians say their primary use of Facebook is to follow news. Now, Greenwald wrote on December 30, the company appears to be admitting it will follow censorship orders from the US government, beginning with the Facebook and Instagram accounts of Chechen leader Ramzan Kadyrov, who had 4 million followers across the two accounts. Facebook's stated reason for deleting the account was not that Kadyrov is a mass murderer but that he had been added to a US sanctions list that the company was legally obliged to follow.

https://theintercept.com/2017/12/30/facebook-says-it-is-deleting-accounts-at-the-direction-of-the-u-s-and-israeli-governments/

US: Kansas man killed in hoax "SWATting" attack

----------------------------------------------------------------------

Security journalist Brian Krebs reports that a 28-year-old man in Kansas was shot and killed by police officers after someone fraudulently reported to police that there was an ongoing hostage situation at his home. The false report is an example of "SWATting", the practice of making such reports with the goal of getting the authorities to respond with deadly force. In this case, the hoax was prompted by a dispute over a $1.50 wager in the online game Call of Duty, though the man who was killed was not party to the dispute. Krebs studies the progress of the dispute, which began and was continuously reported on Twitter. Krebs, himself the victim of such an attack in 2013, believes that as this increasingly common practice needs to be made a felony in all 50 US states, and that police need to become more accountable as well. Often the perpetrators are minors, and even when they are caught the consequences are few.
https://krebsonsecurity.com/2017/12/kansas-man-killed-in-swatting-attack/

FEATURES AND ANALYSIS

====================

For more features and analysis selected by the Program team, visit:

http://pinboard.in/u:osi_info_program/t:oped/

Tech's terrible 2017

----------------------------------------------------------------------

In this article at the Guardian, Olivia Solon reviews Silicon Valley's 2017 and the many scandals she says have led the world to turn against it and demand greater social responsibility. Russian fake news operations, Uber, YouTube's profiting from ads running inside extremist videos, and the increased consolidation of power into the hands of a few companies have all led to public distaste. Venture capitalist Om Malik believes regulation is inevitable; the five largest tech companies are now trying to avoid such a future by deploying twice as many lobbyists to Washington as Wall Street.

https://www.theguardian.com/technology/2017/dec/22/tech-year-in-review-2017

US: The rising numbers of Customs searches of electronic devices

----------------------------------------------------------------------

In this article at the Washington Post, Nick Miroff discusses statistics newly released by the US Customs and Border Patrol (CBP) showing that border searches of phones and laptops rose by 60% during the US government's fiscal 2017, which ended September 30. The agency says in that time it searched 30,200 devices - or 0.007% of travelers arriving from abroad, including US citizens and claims such searches are essential and justified. At Papers Please, travel privacy specialist Edward Hasbrouck discusses CBP's new policy, which claims the agency has the right to demand passwords and conduct warrantless and suspicionless searches at the border, effectively claiming an exemption to the Fourth Amendment. Hasbrouck argues that existing laws and court precedents prohibit such a policy, and offers practical advice for travelers facing such demands.

https://www.washingtonpost.com/world/national-security/us-customs-agents-are-searching-more-cellphones--including-those-belonging-to-americans/2018/01/05/0a236202-f247-11e7-b3bf-ab90a706e175_story.html
https://papersplease.org/wp/2018/01/05/new-dhs-policy-on-demands-for-passwords-to-travelers-electronic-devices/#more-12071

US courts tackle 3D-printed guns

----------------------------------------------------------------------

In a pair of postings at Lawfare, David Kimball-Stanley describes and discusses Defense Distributed v. State Department, a case involving the practice of 3D printing firearms. The Supreme Court is considering whether to hear the case, which began when the US State Department invoked the International Traffic in Arms Regulations and instructed Defense Distributed to remove files from its website that allowed users to print parts for guns such as an AR-15 rifle. Defense Distributed claims the order violated the First, Second, and Fifth Amendments. Kimball-Stanley argues that if the Supreme Court opts to hear the case it will have to confront ground-breaking issues surrounding the kind of protection granted to computer files that create tangible objects. If it declines, the case may continue in the Texas district court, which will likely have to consider the constitutional issues.

https://www.lawfareblog.com/3d-printed-guns-hit-courts

https://www.lawfareblog.com/3-d-printed-guns-may-be-headed-supreme-court-update

Inside the world of Brazil's social media cyborgs

----------------------------------------------------------------------

In this article at the BBC, Juliana Gragnani interviews a young man who worked during the 2014 general election as a "cyborg" - that is, someone paid to run fake social media accounts in order to influence public opinion. "Pedro" told Gragnani that he was paid $360 a month by a PR company to run 20 fake accounts on Facebook and Twitter to promote its clients, which include a number of leading politicians. These workers call themselves "cyborgs" because they build personal posting histories and interactions that make the accounts harder to detect as fake.
http://www.bbc.co.uk/news/world-latin-america-42322064?intlink_from_url=http://www.bbc.co.uk/news/topics/cmj34zmw77wt/brazil&link_location=live-reporting-story

The smart home battle front

----------------------------------------------------------------------

In this article at Forbes, Kalev Leetaru discusses the fragility of smart home designs in the light of a letter, first reported at TorrentFreak, that a relatively small US ISP sent one of its customers warning them that further complaints about copyright infringement would result in their bandwidth being throttled and that reducing the service level might cost the subscriber "the ability to control your thermostat remotely" and monitor security cameras. Leetaru is seeing "local-only" control die off as people get used to operating smart devices over the internet. The risks with such a large attack surface are considerable - a hacker could hold a smart house hostage via ransomware, law enforcement could demand access, or a hostile terrorist or criminal organization could turn it into a weapon. Designers, Leetaru concludes, need to think ahead. TorrentFreak's original report focuses more on the prospective disproportionate consequences of copyright infringement-related disconnection.

https://www.forbes.com/sites/kalevleetaru/2017/12/29/the-smart-home-battle-front-and-can-our-isp-interfere-with-our-heat/

https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/

Dude, you broke the future

----------------------------------------------------------------------

In this video and written text, taken from his keynote speech at the 34th Chaos Computer Congress, science fiction writer Charlie Stross discusses the looming consequences of today's advances in artificial intelligence and the hidden agendas of their corporate owners. Imagine, he suggests, "a geolocation-aware, social media-scraping, deep learning application that uses a gamified, competitive interface to reward players for joining in acts of mob violence against whomever the app developer hates" - women seeking abortions, for example, or gay men seeking partners or political activists. In Stross's not-unlikely-enough future, that app developer won't be a nation-state or a group of extremists but just a machine operating as it's been optimized to do.

http://www.antipope.org/charlie/blog-static/2018/01/dude-you-broke-the-future.html

https://www.youtube.com/watch?v=RmIgJ64z6Y4

***

DIARY

==============

To see more events recommended by the Information Program team, visit:

https://pinboard.in/u:osi_info_program/t:events/. If you would like your event listed in this mail, email info.digest@opensocietyfoundations.org.

ShmooCon

----------------------------------------

January 19-21, 2018

Washington, DC

ShmooCon is an annual east coast hacker convention offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It, and Bring It On.

http://bit.ly/2j4hXAX

Privacy Camp

----------------------------------------

January 23, 2018

Brussels, Belgium

Privacy Camp brings together civil society, policy-makers and academia to discuss existing and looming problems for human rights in the digital environment. In the face of a "shrinking civic space" for collective action, the event aims to provide a platform for actors from across these domains to discuss and develop shared principles to address key challenges for digital rights and freedoms of individuals. The theme for 2018 is "speech, settings and [in]security by design".

http://bit.ly/2lho8Cb

Computers, Privacy, and Data Protection

----------------------------------------

January 24-26, 2018

Brussels, Belgium

The theme of the 11th edition of CPDP is the "Internet of Bodies". Data collection increasingly focuses on the physical body. Bodies are increasingly connected, digitized, and informatized. In turn, the data extracted is reassembled in ways that give rise to significant questions - challenging fundamental assumptions about where the corporeal ends and the informational begins. Biometrics, genetic data processing and the quantified self are only some of the trends and technologies reaching into the depths of our bodies. Emerging technologies such as human enhancement, neural implants, and brain wave technology look likely to soon become a daily reality.

http://bit.ly/2sSQ02x

Fairness, Accountability, and Transparency

----------------------------------------

February 23-24, 2018

New York, NY, USA

FAT* is an international and interdisciplinary peer-reviewed conference that seeks to publish and present work examining the fairness, accountability, and transparency of algorithmic systems. The FAT* conference solicits work from a wide variety of disciplines, including computer science, statistics, the humanities, and law. It intends to bring together the community that has grown through a number of workshops at other conferences.

http://bit.ly/2iHQTUX

ICANN61

----------------------------------------

March 10-15, 2018

San Juan, Puerto Rico

ICANN's Community Forum for 2018 will be focused on outreach, capacity building, and showcasing ICANN's work to a broader global audience.

https://go.icann.org/2zwpDBV

We Robot 2018

----------------------------------------

April 12-14, 2018

Palo Alto, California, USA

This conference is the annual gathering of academics, policy makers, roboticists, economists, ethicists, entrepreneurs, and lawyers who care about robots and the future of robot law and policy. We Robot fosters conversations between the people designing, building, and deploying robots, and the people who design or influence the legal and social structures in which robots operate.

http://stanford.io/2juk94u

TRILCON18

April 25, 2018

Winchester, UK

The fifth interdisciplinary Winchester conference on Trust, Risk, Information and the Law has as its overall theme "Public Law, Politics and the Constitution: A new battleground between the Law and Technology?"

http://bit.ly/2A1DwrU

Tomorrow's Transactions Forum

----------------------------------------

April 24-25, 2018

London, UK

The 21st edition of Tomorrow's Transactions will provide an opportunity to look back at the lessons that have been learned across the past decades and cast an eye toward the future to ask, where will technology and regulation, take our world of transactions? For 2018, topics will include AI, futures, open banking, and conversational and contextual commerce.

http://bit.ly/1Qc84Fx

Internet Freedom Forum

----------------------------------------

April 24-26, 2018

Abuja, Nigeria

The sixth edition of the Internet Freedom Forum will present a unique platform for discussions and engagement around current trends and emerging issues affecting internet freedom in Africa. Participants at IFF include civil society organizations, policy actors/makers, legal/policy experts, academics, advocates, tech enthusiasts, industry representatives and active citizens among others.

http://bit.ly/2Aoj0Tr

Open Knowledge Summit 2018

----------------------------------------

May 3-6, 2018

Thessaloniki, Greece

For 2018, the Open Knowledge Foundation has replaced the OKFestival with a summit intended to gather the Open Knowledge network to collaboratively build the future of the Open Knowledge Network. The format and programming will be developed as a collaboration between Open Knowledge International, Open Knowledge Greece, and all other groups in the network.

http://bit.ly/2iISyJb

RightsCon

----------------------------------------

May 16-18, 2018

Toronto, Ontario, Canada

RightsCon has become one of the world's largest gatherings on human rights and technology, and it's people like you that make it an engine for change. The 2018 event is staged in Canada for a conversation built on the principles of diversity, inclusion, and respect.

http://bit.ly/2rR0IX3

Workshop on Technology and Consumer Protection

----------------------------------------

May 24, 2018

San Francisco, CA, USA

ConPro #18 will explore computer science topics with an impact on consumers. This workshop has a strong security and privacy emphasis, with an overall focus on ways in which computer science can prevent, detect, or address the potential for technology to deceive or unfairly harm consumers. Participants will consist heavily of academic and industry researchers but are also expected to include researchers from the Federal Trade Commission - the U.S. government's primary consumer protection body - and other government agencies with a consumer protection mission.

http://bit.ly/2iCUt5r

Privacy Law Scholars

----------------------------------------

May 30-31

Washington, DC, USA

PLSC is a paper workshop with the goal of improving and providing support for in-progress scholarship. To achieve this, PLSC assembles a wide array of privacy law scholars and practitioners from around the world to discuss the papers. Scholars from many disciplines (psychology/economics, sociology, philosophy, political science, computer science, and even math) also participate.

http://bit.ly/2zgypRQ

LIBER Annual Conference

----------------------------------------

July 4-6, 2018

Lille, France

The 47th annual conference of the Association of European Research Libraries (LIBER) will include plenary sessions with top international speakers, presentations on current research, posters, and an exhibition of products and services for the library sector, as well as a comprehensive social programme.

http://bit.ly/2zFcbbU

The Circle of HOPE

----------------------------------------

July 20-22, 2018

New York, NY, USA

Organized by 2600 Magazine, the 12th biennial Hackers on Planet Earth conference celebrates the hacker spirit. Talks typically feature new ways of examining and dissecting technology to reveal inconvenient truths.

http://bit.ly/2BbzJpM

Defcon

----------------------------------------

August 9-12, 2018

Las Vegas, NV, USA

The heart of the DEF CON 26 theme is the concept of the counterfuture. The counterfuture is the open-source alternative to totalitarian dystopia; a world where we use tech and ingenuity for empowerment and connection rather than isolation and control.

http://bit.ly/2A2ojUE

World Library and Information Congress

----------------------------------------

August 24-30, 2018

Kuala Lumpur, Malaysia

The 84th edition of the World Library and Information Congress has the theme, "Transform Libraries, Transform Societies" with the additional tagline, "Reaching out to the hard to reach", which was chosen in recognition of the critical role played by libraries in the development of a nation, particularly in their ability to transform societies.

https://2018.ifla.org/greetings-from-nc-malaysia

International Conference of Data Protection and Privacy Commissioners

----------------------------------------

October 22-26, 2018

Brussels, Belgium

The 40th version of this event will be hosted by the European Data Protection Supervisor (EDPS), Giovanni Buttarelli and the chair of the Commission for Personal Data Protection of the Republic of Bulgaria, Ventsislav Karadjov. The conference is expected to focus on the recently launched international debate on the ethical dimension of data protection in the digital era. Accompanying conference events will also take place in Bulgaria.

http://bit.ly/2B1bX38

***

Hear more from the Information Program!

================================

If you want to hear more from the Information Program team each week, consider subscribing to our shared bookmarks on delicious using this RSS feed:

http://feeds.pinboard.in/rss/secret:95194ab804ccccac713b/u:osi_info_program/

You can also read more about our work on the Open Society Foundations website: http://www.opensocietyfoundations.org/about/programs/information-program

Hear less from the Information Program!

================================

If you wish to unsubscribe from this weekly digest, please send an email with the subject line "Unsubscribe" to info.digest@opensocietyfoundations.org.

This digest operates under the OSF privacy policy: http://www.opensocietyfoundations.org/about/policies/privacy

Additionally, it uses the bit.ly URL shortening service, which operates under the following privacy policy: http://bit.ly/pages/privacy/

This work is licensed under a Creative Commons Attribution 3.0

License: http://creativecommons.org/licenses/by/3.0/us/

Open Society Foundation, part of the Open Society Foundations, is a company limited by guarantee registered in England and Wales (company number 4571628) and a registered charity (charity number 1105069). Its registered office address is 7th Floor, Millbank Tower, 21-24 Millbank, London SW1P 4QP