Privacy SOS

Tech news 8-7-13

These tech news round-ups are edited by Anna Salem of the ACLU of Northern California.
"Late last month, the ACLU of Northern California broke the news that California utilities were turning over the smart meter data of large numbers of customers to third parties—with San Diego Gas & Electric (SDG&E) alone handing over the records of 4,062 customers in a single year. Based on SDG&E’s responses to follow-up questions from the California Public Utility Commission (CPUC), we have now learned that records for 4,000 of those customers were disclosed to the government without a warrant."
"Reversing course in a little-watched criminal case in Florida, the government conceded its obligation to notify defendants when prosecutors intend to use as evidence communications intercepted pursuant to the FISA Amendments Act (FAA), one of the laws authorizing the National Security Agency’s mass surveillance programs. But while the development in Florida is important, the government continues to take extraordinary efforts to conceal its use of the law from both Congress and the courts. As a result, the likelihood of any court reviewing the FAA’s constitutionality in the context of a criminal proceeding remains slim."
We need Big Tech to protect us from Big Brother [The Guardian – Jeff Jarvis]
"A hodgepodge alliance of US legislators is finally waking up to the need and opportunity to stand up for citizens' rights, but they will be slow and, don't we know, ineffective and often uninformed. The courts will be slower and jealous of their power. Diplomacy's the slowest route to reform yet, dealing in meaningless symbolism. So our strongest expectations must turn to the first tier above, the consumer internet platforms. They have the most to lose – in trust and thus value – in taking government's side against us."
See also, Why Christie Is Wrong [Wall Street Journal – Peggy Noonan]
"The cyberscare, like the redscare or the greenscare of the ’90′s, is already under way… Although no longer at the NSA’s helm, Hayden’s attitude suggests with disturbing honesty the potential manner in which the government will treat groups who fight for whistle-blowers like Snowden, who risk their lives to reveal the darker side of U.S.’s nexus of cyberpower."
"U.S. cloud providers have already lost business over the NSA leaks, but now the Information Technology and Innovation Foundation (ITIF) has a report putting a dollar amount on the short-term costs: $21.5 to $35 billion over the next three years."
Math Advances Raise the Prospect of an Internet Security Crisis [MIT Technology Review – Tom Simonite]
"'Our conclusion is there is a small but definite chance that RSA and classic Diffie-Hellman will not be usable for encryption purposes in four to five years,' said Stamos, referring to the two most commonly used encryption methods…Breaking RSA or Diffie-Hellman encryption today requires using vast computing resources for significant periods of time. However, it is possible that algorithms able to solve the discrete logarithm problem quickly could exist. 'We rely on that efficient algorithm not being found,” said Jarved Samuel, a cryptographer who works for security consultancy ISEC Partners and presented alongside Stamos. “If it is found the cryptosystem is broken.'"
Online abuse is not limited by gender [The Guardian – Glen Poole]
"If men who threaten women with rape are held accountable for their crimes, and Twitter takes action to make its community safer for women, then it sounds as if life online is about to get better for everyone who isn't a misogynistic rape apologist. So why are some people unhappy about the progress of such campaigns? First, there are those who are rightly concerned about how we navigate a sensible pathway between free speech and hate speech… Second, there is the issue of how we tackle violence and abuse full stop. Anyone following the debate about gender hate-speech on social media in recent months could be forgiven for thinking that online abuse is always perpetrated by men and suffered by women."
"In 1994, Congress enacted the Driver's Privacy Protection Act (the "DPPA")…Gordon primarily argues that Resellers should be held strictly liable for civil penalties based on Leifer's improper use of Gordon's personal information. We conclude that a strict liability standard is inconsistent with the DPPA as a whole and would frustrate its legislative aims…In light of the text, structure, and legislative history of the DPPA, we hold that resellers are subject to a duty of reasonable care before disclosing DPPA-protected personal information."

© 2021 ACLU of Massachusetts.