The Cybersecurity Information Sharing Act

[Grizzly]

The Cybersecurity Information Sharing Act (CISA S. 2588 [113th Congress], S. 754. already subjects "US ALL" to spying and it is ok and nobody is taking that data collection to issue. This only had to do with which federal agency the NSA uses a front for destroying innovation.

But this says: https://www.govtrack.us/congress/bills/ ... 34/summary

The Federal Trade Commission maintains jurisdiction over most aspects of the Internet. But after the 2016 election during the lame-duck session, another Washington agency called the Federal Communications Commission issued new regulations related specifically to Internet service providers, also known as ISPs.

These new rules required all Internet browsing data, as well as data regarding app usage on mobile devices, be subject to the same privacy requirements as sensitive or private personal information. This overtook the previous rule by the FTC, the agency which previously had authority over regulating ISP’s and differentiated privacy requirements based upon the sensitivity of the information, with more stringent rules for such things as health information or Social Security numbers. The methods are also more invasive to the ISP companies, since the FCC also issues pre-emptive regulations while the FTC primarily conducted investigations

What it did was expand baseless data collection under the authority of the executive order. How can you (As an ISP) have different privacy requirements for different data without storing scanning and analyzing it? They cant. Letting the obama executive order was a slippery slope towards dictatorship. CISA structures the legal methods for bulk data collection and sharing without court orders.

If this passes I will be signing off ... for good.

[82_28]

Worry about it as far as precedent but don't worry about it too much for the time being. Just keep your ad blockers and privacy badger humming along and you'll be fine. Don't buy no shit online (I don't) also the main computer I use has multiple users with differing interests and shit. I just wonder what they are going to do as far as libraries and other nodes of wi-fi function. That is why I think this law/measure is stupid and largely a show of "force" to those who get afraid of this shit. I ain't no expert on nuthin', but I would not worry about it, ultimately.

[82_28]

I mean, track me. You're going to see I use Linux (which could be a red flag I suppose) but this guy here (me) checks out CNN and ESPN on a multi day by day basis. There is nothing of interest in what I do online.

[Grizzly]

Get it, before they take it down...
http://www.commonsenseevaluation.com/20 ... 9iBfb.dpbs

Excerpts From The Video

Serious allegations concerning the State Department,” the NBC anchor announced, before launching into the disturbing details that mainstream media would be unable to report on in 2017.

According to internal State Department memos the agency might have called off or intervened into investigations into possibly illegal, inappropriate behavior within it’s ranks allegedly to protect jobs and avoid scandals.

This concerns a time when Hillary Clinton was secretary of state.

“There is an old saying in Washington that the cover-up is worse than the crime. But in this case both parts of it are disturbing”, Chuck Todd continued.

Allegations of prostitution and pedophilia, and allegations that those crimes were somehow covered up or not looked into. So the State Department this morning is having to respond to those claims, and those investigations involve misconduct by State Department officials, including an Ambassador and security agents attached to then secretary of state, Hillary Clinton.

The allegations are that these investigations were whitewashed, quashed altogether, and that those orders came from high up.

NBC has obtained documents relating to ongoing investigations into some disturbing allegations involving State Department personnel and at least one ambassador. A State Department memo says, quote, “the Ambassador routinely ditched his protective security detail in order to solicit sexual favors from both prostitutes and minor children.

The memo also says a top State Department official directed State Department investigators to “cease the investigation” into the ambassador’s conduct.” It’s just one of what another document describes as “several examples of undue influence” from top State Department officials.


- See more at: http://www.commonsenseevaluation.com/20 ... 9iBfb.dpuf

[Grizzly]

MSNBC
Since the revelation earlier this week of allegations by two former employees of security firm Blackwater that its owner was complicit in murder in order to cover up the deliberate killing of Iraqi civilians, explosive charges have continued to emerge.

Perhaps the most shocking of those charges — quoted by MSNBCs Keith Olbermann on Thursday from the employees sworn declarations — is t More..hat Blackwater was guilty of using child prostitutes at its compound in Baghdads fortified Green Zone and that owner Erik Prince knew of this activity and did nothing to stop it.

The declarations describe Blackwater as having young girls provide oral sex to Enterprise members in the Blackwater Man Camp in exchange for one American dollar. They add even though Prince frequently visited this camp, he failed to stop the ongoing use of prostitutes, including child prostitutes, by his men.

One of the statements also charges that Princes North Carolina operations had an ongoing wife-swapping and sex ring, which was participated in by many of Mr. Princes top executives.

According to the two former employees, Blackwater supervisors in Iraq sometimes sent men back to the United States for wanting to kill ragheads, excessive drinking, steroid use, or failure to follow weapon safety procedures, but Mr. Prince and his executives would send them back with a reprimand to the supervisor for costing the firm money. Blackwater even fired those mental health professionals who were not willing to endorse deployments of unfit men.

The former employees additionally state that Prince was engaged in illegal arms dealing, money laundering, and tax evasion, that he created a web of companies in order to obscure wrong-doing, fraud, and other crimes, and that Blackwaters chief financial officer had resigned stating he was not willing to go to jail for Erik Prince.

Prince has repeatedly insisted his company has done nothing wrong and Blackwater — now renamed Xe — continues to fulfill its contracts with the United States government

[Harvey]

Grizzly, thanks for being human and posting that stuff.

[DrEvil]

The Cybersecurity Information Sharing Act (CISA S. 2588 [113th Congress], S. 754. already subjects "US ALL" to spying and it is ok and nobody is taking that data collection to issue. This only had to do with which federal agency the NSA uses a front for destroying innovation.

But this says: https://www.govtrack.us/congress/bills/ ... 34/summary

The Federal Trade Commission maintains jurisdiction over most aspects of the Internet. But after the 2016 election during the lame-duck session, another Washington agency called the Federal Communications Commission issued new regulations related specifically to Internet service providers, also known as ISPs.

These new rules required all Internet browsing data, as well as data regarding app usage on mobile devices, be subject to the same privacy requirements as sensitive or private personal information. This overtook the previous rule by the FTC, the agency which previously had authority over regulating ISP’s and differentiated privacy requirements based upon the sensitivity of the information, with more stringent rules for such things as health information or Social Security numbers. The methods are also more invasive to the ISP companies, since the FCC also issues pre-emptive regulations while the FTC primarily conducted investigations

What it did was expand baseless data collection under the authority of the executive order. How can you (As an ISP) have different privacy requirements for different data without storing scanning and analyzing it? They cant. Letting the obama executive order was a slippery slope towards dictatorship. CISA structures the legal methods for bulk data collection and sharing without court orders.

If this passes I will be signing off ... for good.

Congress passed a bill to remove the FCC privacy requirements two days before you posted this.
ISPs are now free to sell your browsing history to whoever they like.
Google and Facebook track what you do on their services, ISPs track everything you do online.

For sale: Your private browsing history

Congress passes bill allowing ISPs to sell customer Web surfing data.
Jon Brodkin - 3/28/2017, 11:57 PM

The US House of Representatives voted Tuesday to eliminate ISP privacy rules, following the Senate vote to take the same action last week. The legislation to kill the rules now heads to President Donald Trump for his signature or veto.

The White House issued a statement today supporting the House's action, and saying that Trump's advisors will recommend that he sign the legislation. That would make the death of the Federal Communications Commission's privacy rules official.

The rules issued by the FCC last year would have required home Internet and mobile broadband providers to get consumers' opt-in consent before selling or sharing Web browsing history, app usage history, and other private information with advertisers and other companies. But lawmakers used their authority under the Congressional Review Act (CRA) to pass a joint resolution ensuring that the rules "shall have no force or effect" and that the FCC cannot issue similar regulations in the future.

CRA resolutions require the president's signature, and several Republican attempts to undo Obama administration regulations were vetoed by President Obama. But with both Congress and the White House now in Republican hands, Trump yesterday signed four resolutions to remove recently issued regulations.

Republicans argue that the Federal Trade Commission should regulate ISPs' privacy practices instead of the FCC. But the resolution passed today eliminates the FCC's privacy rules without any immediate action to return jurisdiction to the FTC, which is prohibited from regulating common carriers such as ISPs and phone companies.

If Trump signs the resolution to eliminate privacy rules, ISPs won't have to seek customer approval before sharing their browsing histories and other private information with advertisers.

The House vote was 215 to 205, with most Republicans voting to eliminate privacy rules and all Democrats voting to preserve them. Full vote results are available here. The Senate vote last week was 50-48, with lawmakers voting entirely along party lines.

“What the heck are you thinking?”

"I have a simple question: what the heck are you thinking?" Rep. Michael Capuano (D-Mass.) said in debate on the House floor. "What is in your mind? Why would you want to give up any of your personal information to a faceless corporation for the sole purpose of them selling it? Give me one good reason why Comcast should know my mother’s medical problems."

Capuano said that ISPs can discover customers' medical conditions by seeing what illnesses and drugs they search for on the Internet.

"Just last week I bought underwear on the Internet. Why should you know what size I take or the color?" Capuano said. ISPs could take that information and sell it to underwear companies who might show him advertisements, he said.

"These companies are not going broke. The Internet is not in jeopardy," Capuano said. "It’s none of their information, it’s none of their business."

Capuano challenged Republicans to "leave Capitol Hill for five minutes" and "find three people on the street" who want ISPs collecting and selling their browsing histories.

Rep. Mike Doyle (D-Penn.) said that "no company will even put its name behind this effort," instead relying on lobbyists. "Lobbyists make the bogus claim that having actual protections will confuse consumers, and that the only way to clear up this confusion is to have no rules at all," he said.

No consumers have supported getting rid of the privacy rules, Doyle said. The rules are not strict, since they don't prevent ISPs from tracking customers and serving up personalized advertising as long as they ask customers for consent first, he said. ISPs would simply have to "ask permission, protect people's data, and tell them if it gets stolen," he said.

While Republicans claim the rules would confuse customers, no actual consumers have come forward to say they're confused by the FCC's rules, said Rep. Frank Pallone (D-N.J.).

Private browsing mode won't help

House Minority Leader Nancy Pelosi (D-Calif.) pointed out that ISPs can track customers' Web browsing even when they enable their browser's "private mode," which does not encrypt Internet traffic. Google, for example, says that Chrome's incognito mode prevents the Chrome browser itself from saving the sites that you visit, but does not stop ISPs and websites from seeing which websites you've visited.

"Americans' private browsing history should not be up for sale," Pelosi said. "Overwhelmingly the American people do not agree with the Republicans that this information should be sold," Pelosi also said.

ISPs can see every bit of data sent into and out of customers' homes, and "even when you use encryption, ISPs can still capture data about whom you're talking to or what sites you're visiting," said Rep. James Langevin (D-R.I.). "These data are sensitive and consumers have a right to decide whether or not they can be shared or monetized."

GOP: Rules "unfairly skew" advertising market

Rep. Michael Burgess (R-Texas) said the FCC rules "unfairly skew the market" toward social networks and search engines, which would have more ability to collect and use customer information for personalized advertising.

"The Federal Communications Commission privacy rule arbitrarily treats Internet service providers differently from the rest of the Internet," he said, calling the rules an example of "government intervention in the free market."

The FCC's privacy rules also include new data breach notification requirements. Burgess complained that this might result in "more frequent breach notifications" for "consumers who suffer from notification fatigue."

The resolutions to eliminate privacy rules were introduced in the Senate by Sen. Jeff Flake (R-Ariz.) and in the House by Rep. Marsha Blackburn (R-Tenn.).

Blackburn said the FCC rulemaking was "just another example of big government overreach." She also said that the FCC "unilaterally swiped jurisdiction from the Federal Trade Commission." This was a reference to the FCC's decision in February 2015 to reclassify home and mobile ISPs as common carriers. The reclassification allowed the FCC to impose net neutrality rules, but it also stripped the Federal Trade Commission of its authority over ISPs because the FTC's charter from Congress prohibits the agency from regulating common carriers.

Blackburn argued that the FCC can protect customer privacy on a case-by-case basis without specific privacy rules, because Title II of the Communications Act lets the FCC prevent common carriers from engaging in "unjust" or "unreasonable" behavior.

Rep. Greg Walden (R-Ore.) said that there should be one standard for Internet service providers and websites, enforced by the FTC. The FCC rules have the "potential to stifle one of the most innovative sectors of our nation’s economy and it’s consumers who will suffer," he said.

The FTC regulates Web companies like Google and Facebook, but action by the FCC or Congress would be needed to let the FTC regulate ISPs as well.

Eshoo: Republicans don't understand how Internet works

Burgess called the FCC's rulemaking a "duplicative regulation." But Rep. Anna Eshoo (D-Calif.) said the House's action "totally wipes out privacy protections for consumers on the Internet."

Because the FTC has no authority over ISPs, there are no "duplicative regulations" that will protect customers in the absence of the FCC's rules, she said.

"All the information that you give to your Internet service provider, whether it's Comcast, whether it's cable providers, Charter, AT&T, the one you pay a pretty big bill to, they can take all of the information that they have… and use that information to sell it to the highest bidder," Eshoo said.

Eshoo said Republicans may have a "lack of understanding at how the Internet works," and "how all our constituents benefit from these protections of our privacy."

Eliminating privacy rules would make ISPs "more powerful than Amazon and Google," Rep. Jared Polis (D-Col.) said. ISPs could sell customers' information as they see fit, "without restriction, without even requiring users to opt in."

"Internet service providers are a gateway to the Internet. They do not own the Internet," Polis said.

Polis also argued in favor of data breach notifications, saying they provide important alerts to customers whose information is exposed to hackers.

Polis said the CRA resolution would impose long-term harm because it prevents the FCC from issuing similar regulations in the future. It will essentially become "impossible" for the FCC to protect consumer privacy, he said.

Because Republicans haven't put forward any alternative privacy regulations, "this is repeal without replace," Eshoo said. "The message to Americans is clear: your privacy doesn't matter and your Web browsing should be available to anyone who is willing to pay for it."

Republicans argued that the FCC and FTC should work together to come up with a new set of privacy rules. That would essentially require the FCC to repeal the net neutrality order that relies on ISPs being classified as common carriers. Even in that case, a federal appeals court ruling in August 2016 casts doubt on whether the FTC can regulate AT&T and similar companies at all, unless Congress removes the prohibition on regulating common carriers.

Rep. Bob Latta (R-Ohio) said he has introduced legislation to let the FTC regulate the non-common carrier activities of common carriers, essentially solving the problem raised by the court ruling. But if this was passed, the FTC still wouldn't be able to regulate common carriage activities, so the agency would be powerless to regulate Internet service unless the FCC eliminates the common carrier classification that was used to impose net neutrality rules.

The Republican proposal would thus make it impossible to keep both the current net neutrality and privacy rules in place.

ISPs see virtually all your Internet activity

The opt-in rules weren't scheduled to take effect until at least December 4, 2017. But eliminating the rules now would let home Internet and mobile Internet providers know that they won't face any major restrictions as they expand into online advertising.

For more on how eliminating the rules affects Internet users and how you can hide your Internet traffic, see our recent article, "How ISPs can sell your Web history—and how to stop them."

Online ad industry giants like Google and Facebook can target advertising to specific customers based on a limited portion of their Web browsing history. But ISPs can identify every domain a customer visits and see all activity in unencrypted websites.

"According to the record, only three companies (Google, Facebook, and Twitter) have third party tracking capabilities across more than 10 percent of the top one million websites, and none of those have access to more than approximately 25 percent of web pages," the FCC said in its privacy rulemaking last year. "In contrast, a BIAS [broadband Internet access service] provider sees 100 percent of a customer’s unencrypted Internet traffic."

Internet users "have much more control over tracking by Web third parties than over tracking by BIAS providers," via browser extensions and other tools, the FCC said. The customer relationship with websites is also much different than with ISPs.

"For example, customers generally pay a fee for their broadband service, and therefore do not have reason to expect that their broadband service is being subsidized by advertising revenues as they do with other Internet ecosystem participants," the FCC said. "In addition, consumers have a choice in deciding each time whether to use—and thus reveal information—to an edge provider, such as a social network or a search engine, whereas that is not an option with respect to their BIAS provider when using the service."

Democrats today echoed that argument, saying that consumers generally have little or no choice of Internet providers, but can choose which websites to visit. Eshoo pointed out that customers often have to pay early termination fees to switch ISPs, if they even have such a choice. By contrast, using Google doesn't cost anything and customers can switch to other websites at no cost, she said.

The FCC rules were passed under former Chairman Tom Wheeler, a Democrat, but are opposed by current Chairman Ajit Pai, a Republican. Pai already took action to halt implementation of data security requirements that were part of the privacy rulemaking, and has argued that the FTC should be empowered to regulate ISPs.

The FTC recommends that companies obtain opt-in consent from customers before selling or sharing their most sensitive information, like Social Security numbers, the content of communications, financial and health information, information about children, and precise geo-location data. But the FTC says an opt-out system can be used for everything else, which would include Web browsing and app usage history. Under an opt-out system, ISPs could sell or share the information of all customers except those who take a specific action to opt out of the data sharing.

A group of small Internet service providers yesterday urged the House to keep the privacy rules in place. But large home Internet providers and mobile carriers have lobbied against the privacy rules through their trade groups.

Pelosi today wrote a letter to top Internet providers asking them to change course and support the privacy rules. Broadband lobbyist groups recently signed on to a voluntary set of privacy principles, pledging to follow the FTC's opt-in and opt-out guidance even though the FTC currently cannot regulate ISPs. The voluntary system would have no legal guarantees, and would still provide customers only an opt-out choice when it comes to using Web browsing history for "personalized third-party marketing."

https://arstechnica.com/tech-policy/201 ... g-history/

[seemslikeadream]

FACEBOOK FAILED TO PROTECT 30 MILLION USERS FROM HAVING THEIR DATA HARVESTED BY TRUMP CAMPAIGN AFFILIATE
Mattathias Schwartz
March 30 2017, 1:01 p.m.
IN 2014, TRACES of an unusual survey, connected to Facebook, began appearing on internet message boards. The boards were frequented by remote freelance workers who bid on “human intelligence tasks” in an online marketplace, called Mechanical Turk, controlled by Amazon. The “turkers,” as they’re known, tend to perform work that is rote and repetitive, like flagging pornographic images or digging through search engine results for email addresses. Most jobs pay between 1 and 15 cents. “Turking makes us our rent money and helps pay off debt,” one turker told The Intercept. Another turker has called the work “voluntary slave labor.”

The task posted by “Global Science Research” appeared ordinary, at least on the surface. The company offered turkers $1 or $2 to complete an online survey. But there were a couple of additional requirements as well. First, Global Science Research was only interested in American turkers. Second, the turkers had to download a Facebook app before they could collect payment. Global Science Research said the app would “download some information about you and your network … basic demographics and likes of categories, places, famous people, etc. from you and your friends.”

“Our terms of service clearly prohibit misuse,” said a spokesperson for Amazon Web Services, by email. “When we learned of this activity back in 2015, we suspended the requester for violating our terms of service.”

Although Facebook’s early growth was driven by closed, exclusive networks at college and universities, it has gradually herded users to agree to increasingly permissive terms of service. By 2014, anything a user’s friends could see was also potentially visible to the developers of any app that they chose to download. Some of the turkers noticed that the Global Science Research app appeared to be taking advantage of Facebook’s porousness. “Someone can learn everything about you by looking at hundreds of pics, messages, friends, and likes,” warned one, writing on a message board. “More than you realize.” Others were more blasé. “I don’t put any info on FB,” one wrote. “Not even my real name … it’s backwards that people put sooo much info on Facebook, and then complain when their privacy is violated.”

In late 2015, the turkers began reporting that the Global Science Research survey had abruptly shut down. The Guardian had published a report that exposed exactly who the turkers were working for. Their data was being collected by Aleksandr Kogan, a young lecturer at Cambridge University. Kogan founded Global Science Research in 2014, after the university’s psychology department refused to allow him to use its own pool of data for commercial purposes. The data collection that Kogan undertook independent of the university was done on behalf of a military contractor called Strategic Communication Laboratories, or SCL. The company’s election division claims to use “data-driven messaging” as part of “delivering electoral success.”

SCL has a growing U.S. spin-off, called Cambridge Analytica, which was paid millions of dollars by Donald Trump’s campaign. Much of the money came from committees funded by the hedge fund billionaire Robert Mercer, who reportedly has a large stake in Cambridge Analytica. For a time, one of Cambridge Analytica’s officers was Stephen K. Bannon, Trump’s senior adviser. Months after Bannon claimed to have severed ties with the company, checks from the Trump campaign for Cambridge Analytica’s services continued to show up at one of Bannon’s addresses in Los Angeles.

“You can say Mr. Mercer declined to comment,” said Jonathan Gasthalter, a spokesperson for Robert Mercer, by email.

FaceBook Elections signs stand in the media area at Quicken Loans Arena in Cleveland, Thursday, Aug. 6, 2015, before the first Republican presidential debate. (AP Photo/John Minchillo) Facebook Elections signs in the media area at Quicken Loans Arena in Cleveland, Aug. 6, 2015, before the first Republican presidential debate of the 2016 election. Photo: John Minchillo/AP
The Intercept interviewed five individuals familiar with Kogan’s work for SCL. All declined to be identified, citing concerns about an ongoing inquiry at Cambridge and fears of possible litigation. Two sources familiar with the SCL project told The Intercept that Kogan had arranged for more than 100,000 people to complete the Facebook survey and download an app. A third source with direct knowledge of the project said that Global Science Research obtained data from 185,000 survey participants as well as their Facebook friends. The source said that this group of 185,000 was recruited through a data company, not Mechanical Turk, and that it yielded 30 million usable profiles. No one in this larger group of 30 million knew that “likes” and demographic data from their Facebook profiles were being harvested by political operatives hired to influence American voters.

Kogan declined to comment. In late 2014, he gave a talk in Singapore in which he claimed to have “a sample of 50+ million individuals about whom we have the capacity to predict virtually any trait.” Global Science Research’s public filings for 2015 show the company holding 145,111 British pounds in its bank account. Kogan has since changed his name to Spectre. Writing online, he has said that he changed his name to Spectre after getting married. “My wife and I are both scientists and quite religious, and light is a strong symbol of both,” he explained.

The purpose of Kogan’s work was to develop an algorithm for the “national profiling capacity of American citizens” as part of SCL’s work on U.S. elections, according to an internal document signed by an SCL employee describing the research.

“We do not do any work with Facebook likes,” wrote Lindsey Platts, a spokesperson for Cambridge Analytica, in an email. The company currently “has no relationship with GSR,” Platts said.

“Cambridge Analytica does not comment on specific clients or projects,” she added when asked whether the company was involved with Global Science Research’s work in 2014 and 2015.

The Guardian, which was was the first to report on Cambridge Analytica’s work on U.S. elections, in late 2015, noted that the company drew on research “spanning tens of millions of Facebook users, harvested largely without their permission.” Kogan disputed this at the time, telling The Guardian that his turker surveys had collected no more than “a couple of thousand responses” for any one client. While it is unclear how many responses Global Science Research obtained through Mechanical Turk and how many it recruited through a data company, all five of the sources interviewed by The Intercept confirmed that Kogan’s work on behalf of SCL involved collecting data from survey participants’ networks of Facebook friends, individuals who had not themselves consented to give their data to Global Science Research and were not aware that they were the objects of Kogan’s study. In September 2016, Alexander Nix, Cambridge Analytica’s CEO, said that the company built a model based on “hundreds and hundreds of thousands of Americans” filling out personality surveys, generating a “model to predict the personality of every single adult in the United States of America.”

Shortly after The Guardian published its 2015 article, Facebook contacted Global Science Research and requested that it delete the data it had taken from Facebook users. Facebook’s policies give Facebook the right to delete data gathered by any app deemed to be “negatively impacting the Platform.” The company believes that Kogan and SCL complied with the request, which was made during the Republican primary, before Cambridge Analytica switched over from Ted Cruz’s campaign to Donald Trump’s. It remains unclear what was ultimately done with the Facebook data, or whether any models or algorithms derived from it wound up being used by the Trump campaign.

In public, Facebook continues to maintain that whatever happened during the run-up to the election was business as usual. “Our investigation to date has not uncovered anything that suggests wrongdoing,” a Facebook spokesperson told The Intercept.

Facebook appears not to have considered Global Science Research’s data collection to have been a serious ethical lapse. Joseph Chancellor, Kogan’s main collaborator on the SCL project and a former co-owner of Global Science Research, is now employed by Facebook Research. “The work that he did previously has no bearing on the work that he does at Facebook,” a Facebook spokesperson told The Intercept.

Chancellor declined to comment.

Cambridge Analytica has marketed itself as classifying voters using five personality traits known as OCEAN — Openness, Conscientiousness, Extroversion, Agreeableness, and Neuroticism — the same model used by University of Cambridge researchers for in-house, non-commercial research. The question of whether OCEAN made a difference in the presidential election remains unanswered. Some have argued that big data analytics is a magic bullet for drilling into the psychology of individual voters; others are more skeptical. The predictive power of Facebook likes is not in dispute. A 2013 study by three of Kogan’s former colleagues at the University of Cambridge showed that likes alone could predict race with 95 percent accuracy and political party with 85 percent accuracy. Less clear is their power as a tool for targeted persuasion; Cambridge Analytica has claimed that OCEAN scores can be used to drive voter and consumer behavior through “microtargeting,” meaning narrowly tailored messages. Nix has said that neurotic voters tend to be moved by “rational and fear-based” arguments, while introverted, agreeable voters are more susceptible to “tradition and habits and family and community.”

Dan Gillmor, director of the Knight Center at Arizona State University, said he was skeptical of the idea that the Trump campaign got a decisive edge from data analytics. But, he added, such techniques will likely become more effective in the future. “It’s reasonable to believe that sooner or later, we’re going to see widespread manipulation of people’s decision-making, including in elections, in ways that are more widespread and granular, but even less detectable than today,” he wrote in an email.

LOS ANGELES, CA - SEPTEMBER 15: Republican presidential candidate Donald Trump (L) throws a hat to supporters during a campaign rally aboard the USS Iowa on September 15, 2015 in Los Angeles, California. Donald Trump is campaigning in Los Angeles a day ahead of the CNN GOP debate that will be broadcast from the Ronald Reagan Presidential Library in Simi Valley. (Photo by Justin Sullivan/Getty Images) Donald Trump throws a hat to supporters during a campaign rally on Sept. 15, 2015, in Los Angeles. Photo: Justin Sullivan/Getty Images
Trump’s circle has been open about its use of Facebook to influence the vote. Joel Pollak, an editor at Breitbart, writes in his campaign memoir about Trump’s “armies of Facebook ‘friends,’ … bypassing the gatekeepers in the traditional media.” Roger Stone, a longtime Trump adviser, has written in his own campaign memoir about “geo-targeting” cities to deliver a debunked claim that Bill Clinton had fathered a child out of wedlock, and narrowing down the audience “based on preferences in music, age range, black culture, and other urban interests.”

Clinton, of course, had her own analytics effort, and digital market research is a normal part of any political campaign. But the quantity of data compiled on individuals during the run-up to the election is striking. Alexander Nix, head of Cambridge Analytica, has claimed to “have a massive database of 4-5,000 data points on every adult in America.” Immediately after the election, the company tried to take credit for the win, claiming that its data helped the Trump campaign set the candidate’s travel schedule and place online ads that were viewed 1.5 billion times. Since then, the company has been de-emphasizing its reliance on psychological profiling.

The Information Commissioner’s Office, an official privacy watchdog within the British government, is now looking into whether Cambridge Analytica and similar companies might pose a risk to voters’ rights. The British inquiry was triggered by reports in The Observer of ties between Robert Mercer, Cambridge Analytica, and the Leave.EU campaign, which worked to persuade British voters to leave the European Union. While Nix has previously talked about the firm’s work for Leave.EU, Cambridge Analytica now denies that it had any paid role in the campaign.

Twickenham, members of Leave EU and UKIP hand out leaflets<br /><br /><br /><br /> Grassroots Out action day on EU membership, London, Britain - 05 Mar 2016</p><br /><br /><br /> <p> (Rex Features via AP Images) Leave.EU signage is displayed in London on March 5, 2016. Photo: Rex Features/AP Images
In the U.S., where privacy laws are looser, there is no investigation. Cambridge Analytica is said to be pitching its products to several federal agencies, including the Joint Chiefs of Staff. SCL, its parent company, has new offices near the White House and has reportedly been advised by Gen. Michael Flynn, Trump’s former national security adviser, on how to increase its federal business. (A spokesperson for Flynn denied that he had done any work for SCL.)

Years before the arrival of Kogan’s turkers, Facebook founder Mark Zuckerberg tried to address privacy concerns around the company’s controversial Beacon program, which quietly funneled data from outside websites into Facebook, often without Facebook users being aware of the process. Reflecting on Beacon, Zuckerberg attributed part of Facebook’s success to giving “people control over what and how they share information.” He said that he regretted making Beacon an “opt-out system instead of opt-in … if someone forgot to decline to share something, Beacon went ahead and still shared it with their friends.”

Seven years later, Facebook appears to have made the same mistake, but with far greater consequences. In mid-2014, however, Facebook announced a new review process, where the company would make sure that new apps asked only for data they would actually use. “People want more control,” the company said at that time. “It’s going to make a huge difference with building trust with your app’s audience.” Existing apps were given a full year to switch over to have Facebook review how they handled user data. By that time, Global Science Research already had what it needed.
https://theintercept.com/2017/03/30/fac ... affiliate/

[DrEvil]

^^This is what's so scary about the new law: Facebook is a single service that you can (in theory at least) avoid if you don't want them harvesting and selling your data. That isn't possible when it's your ISP doing it.
Your only choice is not going online at all.

[Wombaticus Rex]

^^This is what's so scary about the new law: Facebook is a single service that you can (in theory at least) avoid if you don't want them harvesting and selling your data. That isn't possible when it's your ISP doing it.
Your only choice is not going online at all.

Beneath the political football aspects -- odd that Congresscritters would get quoted so much in press coverage about a technical issue, innit? -- I am more confused about how the nightmare outcome of this legislation hasn't already happened. Why wouldn't ISPs be selling your data? What would actually prevent them from this obviously beneficial transaction with willing customers? How many decades now have we been watching SV companies get caught doing this at scale -- often with user data they had specifically promised was "private" ?

Take this curious snippet:

Few consumers have any choice of Internet provider, said Sen. Ron Wyden (D-Ore.). Thus, their only choice may be between "giving up their browsing history for an Internet provider to sell to the highest bidder or having no Internet at all," he said.

Wyden also said that the FCC rules don't prevent ISPs from monetizing customer data—the rules simply require ISPs to inform consumers about how their data is used and get customer consent before selling the most sensitive data, he said.

Via: https://arstechnica.com/tech-policy/201 ... vertisers/

The GOP didn't tear a hole in the fabric of the internet, they're attempting to block the implementation of new FCC rules. The current state of affairs is a legacy system from the FTC, and it is a taxonomy of product, only protecting .gov assets like SSNs or anything subject to HIPAA. The new FCC rules were pretty soft in the teeth, too, essentially only granting the taxpayer the right to be notified via form email, once, that they're for sale. I'm aware there were provisions for "opting out" but this is something .gov cannot deliver, based on their track record so far.

TL;DR it doesn't get worse because it can't.

[bks]

TL;DR it doesn't get worse because it can't.

Right, more or less. We should all remember that while the privacy concerns get most of the attention, the vast majority of us will never suffer a privacy indignity of any measure form policies like these. You're not going to lose a job or a friend or etc etc because of the selling of your data (which really isn't even your data being sold - what's typically being sold is the right to target you w messages). It'll remain exceedingly rare unless something profound changes. And most of your key data is already available.

The BIG STORY is power, and the role data collection plays in making society into a laboratory run by folks you see you as a rat in a maze. Give people with enough processing power enough access to enough of your data, and the data of millions of others like you, and they'll learn what salary you'll accept in an interview, whether or not you're like to get pregnant or have a heart attack and thus be a bad risk for hire, how to price every single product and service to you to their advantage, whether or not you "should" be rented an apartment even if you have a perfect credit score, and literally everything else.

As I just read somewhere, "It was a side effect of the algorithm" will be the 21st century's version of "I was just following orders."

[Grizzly]

[Elvis]

Glenn Greenwald: Why privacy matters


https://www.youtube.com/watch?v=pcSlowAhvUk

[seemslikeadream]

APRIL 3, 2017 | BY AMUL KALIA
Here’s How to Protect Your Privacy From Your Internet Service Provider

We pay our monthly Internet bill to be able to access the Internet. We don’t pay it to give our Internet service provider (ISP) a chance to collect and sell our private data to make more money. This was apparently lost on congressional Republicans as they voted to strip their constituents of their privacy. Even though our elected representatives have failed us, there are technical measures we can take to protect our privacy from ISPs.

Bear in mind that these measures aren’t a replacement for the privacy rules that were repealed or would protect our privacy completely, but they will certainly help.

Pick an ISP that respects your privacy

It goes without saying: if privacy is a concern of yours, vote with your wallet and pick an ISP that respects your privacy. Here is a list of them.

Given the dismal state of ISP competition in the US, you may not have this luxury, so read on for other steps you can take.

Opt-out of supercookies and other ISP tracking

In 2014, Verizon was caught injecting cookie-like trackers into their users’ traffic, allowing websites and third-party ad networks to build profiles without users’ consent. Following criticism from US senators and FCC action, Verizon stopped auto-enrolling users and instead made it opt-in. Users now have a choice of whether to participate in this privacy-intrusive service.

You should check your account settings to see if your ISP allows you to opt-out of any tracking. It is generally found under the privacy, marketing, or ads settings. Your ISP doesn’t have to provide this opt-out, especially in light of the repeals of the privacy rules, but it can never hurt to check.

HTTPS Everywhere

EFF makes this browser extension so that users connect to a service securely using encryption. If a website or service offers a secure connection, then the ISP is generally not able to see what exactly you’re doing on the service. However, the ISP is still able to see that you’re connecting to a certain website. For example, if you were to visit https://www.eff.org/https-everywhere, your ISP wouldn’t be able to tell that you’re on the HTTPS Everywhere page, but would still be able to see that you’re connecting to EFF’s website at https://www.eff.org

While there are limitations of HTTPS Everywhere when it comes to your privacy, with the ISP being able to see what you’re connecting to, it’s still a valuable tool.

If you use a site that doesn't have HTTPS by default, email them and ask them to join the movement to encrypt the web.

VPNs

In the wake of the privacy rules repeal, the advice to use a Virtual Private Network (VPN) to protect your privacy has dominated the conversation. However, while VPNs can be useful, they carry their own unique privacy risk. When using a VPN, you’re making your Internet traffic pass through the VPN provider’s servers before reaching your destination on the Internet. Your ISP will see that you’re connecting to a VPN provider, but won’t be able to see what you’re ultimately connecting to. This is important to understand because you’re exposing your entire Internet activity to the VPN provider and shifting your trust from the ISP to the VPN.

In other words, you should be damn sure you trust your VPN provider to not do the shady things that you don’t want your ISP to do.

VPNs can see, modify, and log your Internet traffic. Many VPN providers make promises to not log your traffic and to take other privacy protective measures, but it can be hard to verify this independently since these services are built on closed platforms. For example, a recent study found that up to 38% of VPN apps available for Android contained some form of malware or spyware.

Below, we detail some factors that should be considered when selecting a VPN provider. Keep in mind that these are considerations for someone who is interested in preventing their ISP from snooping on their Internet traffic, and not meant for someone who is interested in protecting their information from the government—a whistleblower, for instance. As with all things security and privacy-related, it’s important to consider your threat model.

Is your VPN service dirt-cheap or free? Does the service cost $20 for a lifetime service? There’s probably a reason for that and your browsing history may be the actual product that the company is selling to others.

How long has your VPN provider been around? If it is relatively new and without a reliable history, you’d have to trust the provider a great deal in order to use such a service.

Does the VPN provider log your traffic? If yes, what kind of information is logged? You should look for one that explicitly promises to not log your Internet traffic and how active the VPN provider is in advocating for user privacy.

Does the VPN provider use encryption in providing the service? It’s generally recommended to use services that support a well-vetted open source protocol like OpenVPN or IPSec. Utilizing these protocols ensures best security available.

If your VPN provider uses encryption, but has a single shared password for all of the users, it’s not sufficient encryption.

Do you need to use the VPN provider’s proprietary client to use the service? You should avoid these and look for services that you can use with an open source client. There are many clients that support the above-mentioned OpenVPN or IPSec protocols.

Would using the VPN service still leak your DNS queries to your ISP?

Does the VPN support IPv6? As the Internet transitions from IPv4 to the IPv6 protocol, some VPN providers may not support it. Consequently, if your digital device is trying to reach a destination that has an IPv6 address using a VPN connection that only supports IPv4, the old protocol, it may attempt to do so outside of the VPN connection. This can enable the ISP to see what you’re connecting to since the traffic would be outside of the encrypted VPN traffic.

Now that you know what to look for in a VPN provider, you can use these two guides as your starting point for research. Though keep in mind that a lot of the information in the guides is derived from or given by the provider, so again, it requires us to trust their assertions.

Tor

If you are trying to protect your privacy from your Internet company, Tor Browser perhaps offers the most robust protection. Your ISP will only see that you are connecting to the Tor network, and not your ultimate destination, similar to VPNs.

Keep in mind that with Tor, exit node operators can spy on your ultimate destination in the same way a VPN can, but Tor does attempt to hide your real IP address, which can improve anonymity relative to a VPN.

Users should be aware that some websites may not work in the Tor browser because of the protections built in. Additionally, maintaining privacy on Tor does require users to alter their browsing habits a little. See this for more information.

It’s a shame that our elected representatives decided to prioritize corporate interests over our privacy rights. We shouldn’t have to take extraordinary steps to limit how our personal information can be used, but that is clearly something that we are all forced to do now. EFF will continue to advocate for Internet users’ privacy and will work to fix this in the future.
https://www.eff.org/deeplinks/2017/04/h ... e-provider

[DrEvil]

TL;DR it doesn't get worse because it can't.

Right, more or less. We should all remember that while the privacy concerns get most of the attention, the vast majority of us will never suffer a privacy indignity of any measure form policies like these. You're not going to lose a job or a friend or etc etc because of the selling of your data (which really isn't even your data being sold - what's typically being sold is the right to target you w messages). It'll remain exceedingly rare unless something profound changes. And most of your key data is already available.

The BIG STORY is power, and the role data collection plays in making society into a laboratory run by folks you see you as a rat in a maze. Give people with enough processing power enough access to enough of your data, and the data of millions of others like you, and they'll learn what salary you'll accept in an interview, whether or not you're like to get pregnant or have a heart attack and thus be a bad risk for hire, how to price every single product and service to you to their advantage, whether or not you "should" be rented an apartment even if you have a perfect credit score, and literally everything else.

As I just read somewhere, "It was a side effect of the algorithm" will be the 21st century's version of "I was just following orders."

There's already been a case of advertisers targeting a 16 year old girl based on her online history, with the result that they informed her parents (by sending targeted advertising in the mail) that she was pregnant before she told them herself. We'll probably see a lot more of this.

Wombat: You're probably right, it's just infuriating to see how they're not even pretending to care about people anymore. They're explicitly saying that it's fine to sell everyone's data without asking.