Month: April 2020

PRG 4/29 News Notes

The Israeli High Court of Justice issued a ruling that the internal service’s contact tracing must be done through means set in law by the legislature. They had not disclosed their methods previously, so the ruling strikes down their current practice. (Haaretz)

The ACLU was suing to enjoin “WAMI” program, currently a pilot program in Baltimore. The program involves surveillance planes equipped with cameras constantly flying over the city. A District Court judge denied the ACLU’s request for a temporary injunction. The ACLU is appealing the ruling. (Baltimore Magazine)

The UK is opting out of Google/Apple’s Bluetooth COVID tracing. Plans on building their own app with a private developer. (BBC)

The French government also pushed back on Apple/Google, requesting the companies disclose more info as part of API. (MacRumors.com)

The U.S. Supreme Court asked the company hiQ to respond to Linkedin’s motion to intervene in an ongoing case, which indicates that the Court is interested in/reviewing the case and may grant cert. The case concerns data scraping and could have major implications for biometrics and companies like Clearview. (MediaPost.com)

Congress put out a call for engineers to modernize governmental procedures – move to online/tech versions of systems currently done in paper, spurred by COVID-19. (Tech Congress)

The Colorado Supreme Court ruled that a search warrant requesting all contents of a cell phone was overbroad, thus violating the Fourth Amendment’s particularity doctrine. (Justia)

A large number of Americans are unable or unwilling to use Apple/Google’s COVID system. (Washington Post)

Germany changed their stance on the Apple/Google COVID initiative after resisting for a while. (DW.com)

China arrested several internet users who uploaded records of the coronavirus outbreak to Github. (QZ)

• France urged Google and Apple to ease their privacy protections because the current protocols wouldn’t permit the French contact tracing plan. (The Guardian)
• ILI Fellow Salome Viljoen wrote an op-ed with Jake Goldenfein and Ben Green about the discourse and narrative around protecting public health vs. protecting privacy, arguing that the privacy/health trade-off is a false one. (Jacobin)
• A group of privacy academics, researchers, and professionals in Europe called DP-3T has proposed a privacy-preserving contact tracing app as an alternative to PEPP-PT. The app, unlike PEPP-PT, is decentralized. (New Statesmen) (Github)
• A number of state supreme courts have adopted Facebook Live as their new way to stream proceedings and hearings. One or two have switched to YouTube. (Florida Supreme Court) (Vermont Supreme Court) (Michigan Supreme Court)
• The Microsoft policy team send out an email yesterday supporting the idea of an “open data opportunity,” trying to change their attitude toward the data they collect and how they share it with other actors. One feature that was interesting was their idea of “spectrum of open data” — trying to differentiate between non-sensitive data, commercially sensitive data, and personal data. (Youtube Explainer)

• PRG member Genevieve Fried wrote a piece with Rashida Richardson focusing on individual privacy while evaluating the merits of contact tracing ignores important qs about whether contact tracing works. It is not published yet. She has also been doing a lot of mapping work around contact tracing technology.
• Stevie Bergman posted a 5-part podcast she made at the end of last year about AI and human rights at a Princeton conference. (Soundcloud)
• Co-opting AI: A GDPR conversation featuring our own Ira Rubinstein. (Youtube)

(compiled by student fellow Tom McBrien)

On April 15, 2020, the PRG student fellows led a discussion about privacy and the ongoing coronavirus pandemic. Please see the slides here.

Zoom continues to face backlash over its privacy and security practices. In particular, concerns have been raised regarding the lack of end-to-end encryption, the prevalence of “zoombombing” (when uninvited participants join an ongoing Zoom meeting), and the fact that the company was apparently sending user information to Facebook. While many of these issues have been addressed by the company, they have also already led to at least two class actionlawsuits. In response to concerns, Zoom’s CEO has stated that the company is working on reevaluating and tweaking some features.  

HuffPost published an article highlighting the connections between Clearview AI, the facial recognition technology firm which has significant partnerships with law enforcement agencies, and the far-right movement in the United States.

A group of over 130 European scientists, technologists and experts has founded the Pan European Privacy Protecting Proximity Tracking organization. Its mission is to supply a technological solution to the COVID-19 crisis which adheres to European privacy and data protection laws and principles. The group is currently working on an app which would generate only temporary IDs and use Bluetooth technology to track interactions between individuals.

(Compiled by student fellow Stav Zeitouni)

• The CDC is collecting data on citizens’ locations and movements from cell phones, social media, and airline passenger manifests — and doing so without judicial oversight. (Daily Beast; Surveillance Technology Oversight Project)

• Zoom for Windows software has a vulnerability that allows attackers to steal users’ operating system credentials. (Ars Technica)

• Zoom uses a preinstallation script in order to install itself without the user’s final consent. Instead, a highly misleading prompt is used to gain root privileges. (Twitter)

• Cloudflare launched 1.1.1.1 for Families, a secure, fast, privacy-first DNS resolver that can block “adult” content (and malware.) However, there are concerns as to how the block-list was created and what is on this list. (Cloudflare)

• As mass surveillance proliferates in cities, some privacy activists are developing “stealth streetwear,” clothes and wearable items that help protects wearers’ anonymity.  (New Yorker)

(Compiled by Student Fellow Ginny Kozemczak)