Daily Archives: July 24, 2019

Google to Pay only $13 Million for sniffing passwords and emails over your wifi using Street View cars between 2007 – 2010

Posted on by

After nearly a decade in court, Google has agreed to pay $13 million in a class-action lawsuit alleging its Street View program collected people’s private data over wifi from 2007 to 2010. In addition to the moolah, the settlement—filed Friday in San Francisco—also calls for Google to destroy all the collected data and teach people how to encrypt their wifi networks.

A quick refresher. Back when Google started deploying its little Street View cars around our neighborhoods, the company also ended up collecting about 600 GB of emails, passwords, and other payload data from unencrypted wifi networks in over 30 countries. In a 2010 blog, Google said the data collection was a “mistake” after a German data protection group asked to audit the data collected by the cars.

[…]

The basis for the class-action lawsuit was that Google was basically infringing on federal wiretapping laws. Google had argued in a separate case on the same issue, Joffe vs Google, that its “mistake” was legal, as unencrypted wifi are a form of radio communication and thereby, readily accessible by the general public. The courts did not agree, and in 2013 ruled Google’s defense was bunk. And despite Google claiming the collection was a “mistake,” according to CNN, in this particular class-action lawsuit, investigators found that Google engineers created the software and embedded them into Street View cars intentionally.

[…]

If you thought Google would pay out the nose for this particular brand of evil, you’d be mistaken. The class-action netted $13 million, with punitive payments only going to the original 22 plaintiffs—additional class members won’t get anything. The remaining money will be then distributed to eight data privacy and consumer protection organizations. Similarly, another case brought by 38 states on yet again, the same issue, only netted a $7 million settlement.

Source: Google Set to Pay $13 Million in Street View Class-Action Suit

Big Tech faces broad U.S. Justice Department antitrust probe

Posted on by

The U.S. Justice Department said on Tuesday it was opening a broad investigation of major digital technology firms into whether they engage in anticompetitive practices, the strongest sign the Trump administration is stepping up its scrutiny of Big Tech.

The review will look into “whether and how market-leading online platforms have achieved market power and are engaging in practices that have reduced competition, stifled innovation, or otherwise harmed consumers,” the Justice Department said in a statement.

The Justice Department did not identify specific companies but said the review would consider concerns raised about “search, social media, and some retail services online” — an apparent reference to Alphabet Inc, Amazon.com Inc and Facebook Inc, and potentially Apple Inc.

[…]

Senator Richard Blumenthal, a Democrat, said the Justice Department “must now be bold and fearless in stopping Big Tech’s misuse of its monopolistic power. Too long absent and apathetic, enforcers now must prevent privacy abuse, anticompetitive tactics, innovation roadblocks, and other hallmarks of excessive market power.”

In June, Reuters reported the Trump administration was gearing up to investigate whether Amazon, Apple, Facebook and Alphabet’s Google misuse their massive market power, setting up what could be an unprecedented, wide-ranging probe of some of the world’s largest companies.

[…]

The Justice Department said the review “is to assess the competitive conditions in the online marketplace in an objective and fair-minded manner and to ensure Americans have access to free markets in which companies compete on the merits to provide services that users want.”

[…]

“There is growing consensus among venture capitalists and startups that there is a kill zone around Google, Amazon, Facebook and Apple that prevents new startups from entering the market with innovative products and services to challenge these incumbents,” said Representative David Cicilline, a Democrat who heads the subcommittee.

[…]

Senator Marsha Blackburn, a Republican, praised the investigation and said a Senate tech task force she chairs would be looking at how to “foster free markets and competition.”

Source: Big Tech faces broad U.S. Justice Department antitrust probe – Reuters

It’s good to hear that the arguments are not only founded on product pricing but are much more wider ranging and address what exactly makes a monopoly.

Tinder Bypasses Google Play, Revolt Against App Store “Fee” (30% monopolistic arm wrench)

Posted on by

Tinder joined a growing backlash against app store taxes by bypassing Google Play in a move that could shake up the billion-dollar industry dominated by Google and Apple Inc.

The online dating site launched a new default payment process that skips Google Play and forces users to enter their credit card details straight into Tinder’s app, according to new research by Macquarie analyst Ben Schachter. Once a user has entered their payment information, the app not only remembers it, but also removes the choice to swap back to Google Play for future purchases, he wrote.

“This is a huge difference,” Schachter said in an interview. “It’s an incredibly high-margin business for Google bringing in billions of dollars,” he said

The shares of Tinder’s parent company, Match Group Inc., spiked 5% when Schachter’s note was published on Thursday. Shares of Google parent Alphabet Inc. were little changed.

Apple and Google launched their app stores in 2008, and they soon grew into powerful marketplaces that matched the creations of millions of independent developers with billions of smartphone users. In exchange, the companies take as much as 30% of revenue. The app economy is expected to grow to $157 billion in 2022, according to App Annie projections.

As the market expands, a growing revolt has been gaining steam over the past year. Spotify Technology SA filed an antitrust complaint with the European Commission earlier this year, claiming the cut Apple takes amounts to a tax on competitors. Netflix Inc. has recently stopped letting Apple users subscribe via the App Store and Epic Games Inc. said last year it wouldn’t distribute Fortnite, one of the world’s most popular video games, through Google Play.

Source: Tinder (MTCH) Bypasses Google Play, Revolt Against App Store Fee – Bloomberg

Microsoft Bribes U.S. gov with $25 Million to End U.S. Probe Into Bribery Overseas

Posted on by

Microsoft Corp. agreed to pay $25 million to settle U.S. government investigations into alleged bribery by former employees in Hungary.

The software maker’s Hungarian subsidiary entered into a non-prosecution agreement with the U.S. Department of Justice and a cease-and-desist order with the Securities and Exchange Commission, Microsoft said in an email to employees from Chief Legal Officer Brad Smith that was posted Monday on the company’s web site. The case concerned violations of the Foreign Corrupt Practices Act, according to an SEC filing

The Justice Department concluded that between 2013 and June 2015 “a senior executive and some other employees at Microsoft Hungary participated in a scheme to inflate margins in the Microsoft sales channel, which were used to fund improper payments under the FCPA,” Smith wrote in the email.

Microsoft sold software to partners at a discount and the partners then resold the products to the Hungarian government at a higher price. The difference went to fund kickbacks to government officials, the Wall Street Journal reported in 2018. The company fired the employees involved, Smith noted.

[…]

The SEC noted that some Microsoft employees violated the law by engaging in unscrupulous sales practices in Saudi Arabia, Turkey and Thailand.

[…]

The U.S. uses the FCPA to police bribe-paying around the world, in what officials have said is an effort to even the playing field. Since 2005, the government has collected billions of dollars in fines from foreign companies and U.S. firms found to be in violation of the law.

Source: Microsoft Pays $25 Million to End U.S. Probe Into Bribery Overseas – Bloomberg

UK cops want years of data from victims phones for no real reason, but it is being misused

Posted on by

A report (PDF), released today by Big Brother Watch and eight other civil rights groups, has argued that complainants are being subjected to “suspicion-less, far-reaching digital interrogations when they report crimes to police”.

It added: “Our research shows that these digital interrogations have been used almost exclusively for complainants of rape and serious sexual offences so far. But since police chiefs formalised this new approach to victims’ data through a national policy in April 2019, they claim they can also be used for victims and witnesses of potentially any crime.”

The policy referred to relates to the Digital Processing Notices instituted by forces earlier this year, which victims of crime are asked to sign, allowing police to download large amounts of data, potentially spanning years, from their phones. You can see what one of the forms looks like here (PDF).

[…]

The form is 9 pages long and states ‘if you refused permission… it may not be possible for the investigation or prosecution to continue’. Someone in a vulnerable position is unlikely to feel that they have any real choice. This does not constitute informed consent either.

Rape cases dropped over cops’ demands for search

The report described how “Kent Police gave the entire contents of a victim’s phone to the alleged perpetrator’s solicitor, which was then handed to the defendant”. It also outlined a situation where a 12-year-old rape survivor’s phone was trawled, despite a confession from the perpetrator. The child’s case was delayed for months while the Crown Prosecution Service “insisted on an extensive digital review of his personal mobile phone data”.

Another case mentioned related to a complainant who reported being attacked by a group of strangers. “Despite being willing to hand over relevant information, police asked for seven years’ worth of phone data, and her case was then dropped after she refused.”

Yet another individual said police had demanded her mobile phone after she was raped by a stranger eight years ago, even after they had identified the attacker using DNA evidence.

Source: UK cops blasted over ‘disproportionate’ slurp of years of data from crime victims’ phones • The Register

Researchers Reveal That Anonymized Data Is Easy To Reverse Engineer

Posted on by

Researchers at Imperial College London published a paper in Nature Communications on Tuesday that explored how inadequate current techniques to anonymize datasets are. Before a company shares a dataset, they will remove identifying information such as names and email addresses, but the researchers were able to game this system.

Using a machine learning model and datasets that included up to 15 identifiable characteristics—such as age, gender, and marital status—the researchers were able to accurately reidentify 99.98 percent of Americans in an anonymized dataset, according to the study. For their analyses, the researchers used 210 different data sets that were gathered from five sources including the U.S. government that featured information on more than 11 million individuals. Specifically, the researchers define their findings as a successful effort to propose and validate “a statistical model to quantify the likelihood for a re-identification attempt to be successful, even if the disclosed dataset is heavily incomplete.”

[…]Even the hypothetical illustrated by the researchers in the study isn’t a distant fiction. In June of this year, a patient at the University of Chicago Medical Center filed a class-action lawsuit against both the private research university and Google for the former sharing his data with the latter without his consent. The medical center allegedly de-identified the dataset, but still gave Google records with the patient’s height, weight, vital signs, information on diseases they have, medical procedures they’ve undergone, medications they are on, and date stamps. The complaint pointed out that aside from the breach of privacy in sharing intimate data without a patient’s consent, that even if it was in some way anonymized, the tools available to a powerful tech corporation make it pretty easy for them to reverse engineer that information and identify a patient.

“Companies and governments have downplayed the risk of re-identication by arguing that the datasets they sell are always incomplete,” de Montjoye said in a statement. “Our findings contradict this and demonstrate that an attacker could easily and accurately estimate the likelihood that the record they found belongs to the person they are looking for.”

Source: Researchers Reveal That Anonymized Data Is Easy To Reverse Engineer

IBM gives cancer-killing drug AI projects to the open source community

Posted on by

Researchers from IBM’s Computational Systems Biology group in Zurich are working on AI and machine learning (ML) approaches to “help to accelerate our understanding of the leading drivers and molecular mechanisms of these complex diseases,” as well as methods to improve our knowledge of tumor composition.

“Our goal is to deepen our understanding of cancer to equip industries and academia with the knowledge that could potentially one day help fuel new treatments and therapies,” IBM says.

The first project, dubbed PaccMann — not to be confused with the popular Pac-Man computer game — is described as the “Prediction of anticancer compound sensitivity with Multi-modal attention-based neural networks.”

[…]

The ML algorithm exploits data on gene expression as well as the molecular structures of chemical compounds. IBM says that by identifying potential anti-cancer compounds earlier, this can cut the costs associated with drug development.

[…]

The second project is called “Interaction Network infErence from vectoR representATions of words,” otherwise known as INtERAcT. This tool is a particularly interesting one given its automatic extraction of data from valuable scientific papers related to our understanding of cancer.

With roughly 17,000 papers published every year in the field of cancer research, it can be difficult — if not impossible — for researchers to keep up with every small step we make in our understanding.

[…]

INtERAcT aims to make the academic side of research less of a burden by automatically extracting information from these papers. At the moment, the tool is being tested on extracting data related to protein-protein interactions — an area of study which has been marked as a potential cause of the disruption of biological processes in diseases including cancer.

[…]

The third and final project is “pathway-induced multiple kernel learning,” or PIMKL. This algorithm utilizes datasets describing what we currently know when it comes to molecular interactions in order to predict the progression of cancer and potential relapses in patients.

PIMKL uses what is known as multiple kernel learning to identify molecular pathways crucial for categorizing patients, giving healthcare professionals an opportunity to individualize and tailor treatment plans.

PaccMann and INtERAcT‘s code has been released and are available on the projects’ websites. PIMKL has been deployed on the IBM Cloud and the source code has also been released.

Source: IBM gives cancer-killing drug AI project to the open source community | ZDNet

But  now the big question: will they maintain it?