ILI Student Blog

Month: November 2016

  • PRG News Roundup: November 16th

    By Eliana Pfeffer

    Security contractors recently discovered preinstalled software in some Android phones that monitors where users go, whom they talk to and what they write in text messages. The American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence. http://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html?_r=0

    In an order released last week, the Eleventh Circuit temporarily delayed enforcement of the Federal Trade Commission’s (FTC) order in the LabMD case. http://www.natlawreview.com/article/eleventh-circuit-court-stays-enforcement-ftc-s-labmd-order

    On Monday, both Google and Facebook altered their advertising policies to explicitly prohibit sites that traffic in fake news from making money off lies. http://www.nytimes.com/2016/11/17/technology/social-medias-globe-shaking-power.html

    By collecting and analyzing data points from social media, MogIA correctly predicted the last three US election results. http://www.techrepublic.com/article/ai-tool-successfully-predicted-trump-win-still-ai-experts-are-skeptical/

    The Department of Homeland Security (DHS) has released guidelines for internet of things cybersecurity, the second federal agency to do so on Tuesday. http://thehill.com/policy/cybersecurity/306171-dhs-offers-guide-to-internet-of-things-security

    In an open letter to President Elect Donald Trump, IBM chief executive Ginni Rometty outlined several bi-partisan steps she thinks the new administration could employ to help create jobs. http://fortune.com/2016/11/15/ibm-ceo-letter-to-trump/

    Los Angeles Police Chief Charlie Beck said Monday that he has no plans to change the LAPD’s stance on immigration enforcement, despite President-elect Donald Trump’s pledge to toughen federal immigration laws and deport millions of people upon taking office. http://www.latimes.com/local/lanow/la-me-ln-los-angeles-police-immigration-20161114-story.html Similarly, Mayor de Blasio last week suggested that New York City would fight to prevent the future president from accessing ID-related data, which contains personal information on undocumented immigrants. http://www.theverge.com/2016/11/15/13640344/trump-president-immigration-data-idnyc-new-york-city

    France plans to create a single, unified database holding the biometric data from the passports and identity cards of 60 million citizens. http://arstechnica.co.uk/tech-policy/2016/11/france-id-database-biometric-data-60-million-citizens/

  • PRG News Roundup: November 2nd

    By Caroline Alewaerts

    The news of the discovery of new e-mails potentially relevant to Hillary Clinton’s private server investigation is all over the media. The fact that these e-mails have been discovered as part of an unrelated investigation raises an important question regarding compliance with the 4th Amendment. An interesting article discussing on the issue is available here.

    Recent publications reveal that Facebook advertising platform may allow advertisers to discriminate based on race and other constitutionally protected basis, by letting them target their audience based on criteria that include, e.g., gender, financial status, political affiliation and ethnic affinity. See notably The Atlantic and ProPublica.

    On the other hand, Facebook has blocked a UK-based insurance company from using Facebook status and likes to build up profiles and risk assessments regarding users’ driving style. The insurance company had planned to offer car insurance discounts to those considered likely to drive safely. Facebook declared that this violated its privacy policies.

    The EU-US Privacy Shield already faces legal challenges. Two privacy groups (Irish and French) have filed an action for annulment against it before the EU General Court. The EU-US Privacy Shield was adopted earlier this year after the ECJ struck down its predecessor, the Safe Harbor Program, and more than 500 companies are already self-certified under it, including Facebook, Google, and Microsoft.

    The FCC adopted new broadband consumer privacy rules last Thursday. They establish a framework for increased choice, transparency, and security of consumer personal data, and notably require broadband ISPs to collect their consumer’s consent in order to use and share their data.

    The industry points out that this new regulation will have consequences on telecom companies’ efforts to develop their presence in the sphere of targeted advertising, and already raises concerns regarding the risk of double standards since web companies such as Google or Facebook are not subject to the FCC jurisdiction (but fall under the FTC one).

    Regarding this last issue and on a similar note, Daniel Solove discusses in this article the serious implications for consumer privacy laws of the FTC v. AT&T decision of last August (holding that FTC lacks jurisdiction over companies that engage in common carrier activity). An amicus brief has been filed with the US Court of Appeals for the 9th Circuit asking for a re-hearing of the case.

  • With the Launch of Zcash, Speculators Consider the Potential of an Untraceable Cryptocurrency

    By Eli Siems

    A new digital currency was launched last Friday (28 Oct.) that threatens to give Bitcoin a run for its virtual money. It’s called Zcash. But there’s one major distinction between the two so-called cryptocurrencies that Zcash believes will give it an edge in the digital market. The currency’s official website puts it this way: “If Bitcoin is like http for money, Zcash is https.” In other words, this new cryptocurrency is designed to be secure, private, and virtually untraceable by anyone but the parties to a transaction.

    Interest and speculation is high. On Monday, the New York Times reported that “investors were paying over $1000 for a single unit of Zcash.” The currency launched with a ton of buzz and with the support of computer scientists at Johns Hopkins and MIT, privacy activists, and electronic currency traders, speculators, and aficionados.

    While it’s far too early to say if the currency will take off, its core principles and technology are already shaping conversations on the future of data privacy.

    The difference between Zcash and other, less private cryptocurrencies is its handling of an essential component known as a blockchain, a permanent ledger that tracks coins. The blockchain is key to maintaining the integrity of the currency and proving no counterfeiting or interference has taken place. For Bitcoin, the blockchain is public and can be accessed to analyze the flow of currency, which has raised more than a few eyebrows across the spectrum of potential Bitcoin users. As The Economist reports, “This is a serious barrier for banks: blockchains could reveal their trading strategies and information about their customers”

    But Zcash is fundamentally different. Using a “zero-knowledge proof construction called a zk-SNARK,” the Zcash team has managed to create a secure ledger that keeps the identities of parties to a transaction and the amounts transferred undisclosed. Beyond cryptocurrency, the encryption technology is making waves on all shores of digital privacy and cryptography.

    Aside from potential benefits to large players like banks, Zcash markets itself on its privacy protection for every user. But such a currency, readily accessible and exchangeable, will bring with it huge and probably obvious law enforcement concerns. Back in 2013, when the idea that became Zcash was first proposed by Johns Hopkins researchers, Global Financial Integrity voiced strong opinions that a currency like Zcoin would do little more than facilitate a wide range of illicit transactions and cripple hard-won law enforcement tools. Monero, a similarly private but less anticipated cryptocurrency, has already shown up in countless illicit transactions.

    On the other side, Zcash founder Zooko Wilcox insists that Zcoin has a different purpose: “All of the conversations I’ve had with businesses, banks, regulators and law enforcement have been about the need for data security for commercial applications.”

    Matthew Green of Johns Hopkins, an originator of the Zcoin concept, frames it differently: “The basic story is that we have been gradually losing our privacy in a whole bunch of ways that people don’t appreciate,” Zcash being a way to take back that privacy in at least one area.

    Whatever your opinion is on the utilities or dangers of an untraceable cryptocurrency, one thing is quite clear: Zcash is here and is bringing back longstanding debates about privacy and law enforcement in the digital age with renewed immediacy.