Blogging for the 5th of July Foundation on Security, Privacy and Liberty
Over the past couple of years, Roombas haven’t just been picking up dust and chauffeuring cats around, they’ve also been mapping the layout of your home. Now, Colin Angle, the chief executive of Roomba maker iRobot, has said he wants to share the data from these maps in order to improve the future of smart home technology.
The Verge: Roombas have been busy mapping our homes, and now that data could be shared »
We already knew U.S. voting systems had security flaws ― the federal government put that nail in the coffin when it repeatedly confirmed that Russian hackers breached systems in at least 21 states during the election last year.
But on Friday, hackers stateside showed us just how easily some of the electronic voting machines can be cracked.
Those who attended DEF CON, a 25-year-old hacking convention held in Las Vegas, were given physical and remote access to voting machines procured from eBay and government auctions.
Yahoo News: Hackers Crack Voting Machines Within Minutes At DEF CON In Vegas »
The Chinese government’s crackdown on the internet continues with the news that Apple has removed all major VPN apps, which help internet users overcome the country’s censorship system, from the App Store in China.
Techcrunch: Apple removes VPN apps from the App Store in China »
Tense nervous headache? Perhaps your name is Tim Cook. For poor Tim has woken up this Sunday morning with a giant headache, and its name is China.
Techcrunch: Apple’s capitulation to China’s VPN crack-down will return to haunt it at home »
It’s going to be much harder to view the full web in Russia before the year is out. President Putin has signed a law that, as of November 1st, bans technology which lets you access banned websites, including virtual private networks and proxies. Internet providers will have to block websites hosting these tools. The measure is ostensibly meant to curb extremist content, but that’s just pretext — this is really about preventing Russians from seeing content that might be critical of Putin, not to mention communicating in secret.
• Engadget: Russian censorship law bans proxies and VPNs »
• TorrentFreak: Russia Bans ‘Uncensored’ VPNs, Proxies and TOR »
Since 2003, hundreds of new top-level domains have come onto the market, and there has never been more choice for domain name registrants. But apart from choosing a name that sounds right and is easy to remember, a domain name registrant should also consider the policies of the registry that operates the domain, and those of the registrar that sells it to them.
EFF: How Threats Against Domain Names Are Used to Censor Content »
The EU Court of Justice ruled this morning that the agreement on the transfer of passenger data (PNR) between the EU and Canada is incompatible with EU law. (…)
Sophie in ‘t Veld MEP, ALDE Group first vice-president, commented today:
“Two and a half years after the European Parliament raised serious concerns, the Court has made it crystal clear that the EU Canada agreement cannot be adopted in its current form. The agreement provides insufficient protection and safeguards for Europeans. The use of personal data is not rejected as such, but sensitive data relating to, for example, religious beliefs, cannot be collected without suspicion. Additionally, the data cannot be accessed without judicial authorisation and has to be deleted after the passenger has left Canadian territory.”
ALDE: EU Court rejects passenger data deal with Canada as it violates EU law »
The law cannot be upheld by breaking the law, said Joe McNamee, Executive Director of European Digital Rights. Reckless data retention and profiling have no place in a democratic, law-based society. Literally every independent body that has spoken out on the subject supports this analysis. The European Commission and EU Member States must now, at long last, take all necessary steps to abandon all illegal data retention laws and practices.
EDRi: EU Court rules that draft EU/Canada air passenger data deal is unacceptable »
On 5 April 2017, the Norwegian government proposed an amendment to the Norwegian code of criminal proceedings to allow the police to compel the use of biometric authentication. After two quick debates, the Norwegian Parliament passed the proposition into law on 21 June. (…)
The lack of specificity of an “electronic system” means this law has an extremely wide scope. We can, for example, envision that access to a personal device such as a mobile phone, which stores the access credentials to several cloud storage services, essentially gives away a more or less complete description of a person’s life. To entrust such decision to a single police officer with no due process means that an act with very far reaching consequences may be performed in a matter of seconds. (…)
There is also no reference to proportionality of the use of force. Although there is no reason to suspect this would be used in a disproportionate way, the lack of such a limitation means that we don’t know how far the use force might be taken.
In Xinjiang, China, citizens are being forced to install a targeted surveillance mobile app called Jingwang. Additionally, the government has set up random checkpoints on the streets to check whether the spyware is properly installed on your smartphone. On July 10th, mobile phone users in the region received a notification letting them know that they had 10 days to download and install the Jingwang spyware. Failure to install the app is punishable by up to 10 days imprisonment, according to the notice. According to the government, the spyware app has benign functions.
Under the CULT “compromise amendments”, it would no longer be possible to store legally acquired music recordings video files or any other copyrighted content on European cloud storage services. This is despite the fact that Europeans already pay hundreds of millions every year in levies (3,2 billion euro in the first half of this decade) to compensate rightsholders for making copies of legally obtained copyrighted works. Despite this, European cloud services would have to install filters to either block uploads or pay “fair” licenses for any copyrighted material that was uploaded. (Non-European services, on the contrary, would have nothing to worry about.)
EDRi: No, you can’t enjoy the music you paid for, says EU Parliament Committee »
For example, the “snippet tax” would require commercial sites that quote even tiny portions of online press publications to pay a licensing fee for each one. Given the way social networks constantly quote and cross-link information, that’s clearly absurd. And yet the Industry, Research and Energy (ITRE) committee of the European Parliament has come up with a cunning plan to make it even worse. It wants the snippet tax to apply to physical publications as well as digital ones. (…)
Just as the ITRE committee wants to make the snippet tax even worse, so the Culture and Education (CULT) committee of EU politicians has come up with a way to make the upload filter dramatically more ridiculous. If the CULT committee’s amendments are adopted in the final law, EU citizens will no longer be able to upload copies of copyright material to the cloud, even if they have acquired them legally.
Glyn Moody @ PNI: EU copyright reform goes from bad to worse »
EFF: Do Last Week’s European Copyright Votes Show Publishers Have Captured European Politics? »