Privacy SOS

Technology News You Can Use

CFPB SCALES BACK EQUIFAX INVESTIGATION AND WARREN SLAMS BACK 

From Vox: Elizabeth Warren warns Equifax could “wiggle off the hook” for users’ credit data getting hacked

On Wednesday, Senator Elizabeth Warren released a report condemning Equifax for a lackluster response to its historic data breach last year. In September, the company revealed that it had suffered a massive breach in which customers’ personal information including Social Security numbers and addresses was compromised. Equifax management waited six weeks to inform consumers of the breach, and during that time executives sold almost $2 million of the company’s shares. After the company finally fessed up, the Consumer Financial Protection Bureau launched an investigation into Equifax’s failure to protect its customers. But a recent report revealed the CFPB will limit its probe. As of yet, the CFPB has not issued subpoenas or heard testimony from Equifax executives, and it no longer plans to test the company’s data protection practices.

Warren’s report criticizes Equifax for knowingly maintaining inadequate security measures before the breach, as well as its lack of transparency and initiative afterward. The company only told its consumers that their information was “accessed” and not stolen. It tried to force consumers to sign arbitration clauses. Despite its conduct, the firm won a $7.2 million contract from the IRS to help the agency detect fraud. Though that contract has been suspended, Warren believes Equifax is still out to profit from it. “Equifax may end up making money off of this deal, and that means their incentives are not aligned properly to ensure that they take care of the data they have,” Warren said.

 

PROBLEMS AT THE FBI?

From Vox: Trump says new FBI texts are a “bombshell.” They’re not.

Text messages between FBI lawyer Lisa Page and agent Peter Strzok have become the latest fuel for conservatives’ charges of a deep state conspiracy against Trump. Back in December texts in which Strzok called Trump a “douche” and “utter idiot” were released. The texts show Strzok expressed that Hillary Clinton “just had to win” the election. In another message to Page, he said, “I want to believe the path you threw out for consideration in Andy’s office—that there’s no way [Trump] gets elected – but I’m afraid we can’t take that risk. It’s like an insurance policy in the unlikely event you die before you’re 40.” After the messages were released, Robert Mueller removed Strzok from the Special Prosecutor’s Russia investigation. Conservatives pounced on the texts as even more evidence of a conspiracy against Trump.

On Wednesday, Senator Ron Johnson, the chairman of the Senate Homeland Security and Governmental Affairs Committee, released another round of Strzok and Page’s texts.

Much of the press and punditry attention has focused on whether the texts reveal an FBI conspiracy, but Strzok’s comments on the current state of the FBI’s cyber division are at least as newsworthy. In December 2015, he described the FBI’s cyber office as “wildly dysfunctional” and “really bad.” In September 2016 he wrote, “Their division is incapable of pulling its head out of its ass.” He also said that “no one … is willing to say: cyber is f—– up. Cyber needs to fix itself. Cybers [sic] way of doing business is unacceptable.” A month later, he texted, “Is it going to take some f—— 9/11-type event for everybody to stop saying, just coordinate better, have lots of meetings, figure it out?” The problems with the federal government’s cyber capabilities extend beyond the Bureau, according to critics. Congressman Jim Langevin, co-founder and co-chair of the Congressional Cybersecurity Caucus wrote, “The Trump Administration has moved far too slowly to fill vital cybersecurity roles across government.”

 

CITIES ARE TAKING A STAND AGAINST ICE

From Verge: ICE contract sparks license plate reader backlash from cities

In a huge victory for local resistance to the Trump administration, on Tuesday the city council of Alameda, California voted down a proposal to purchase fixed-license plate readers that would have endangered immigrants. The surveillance technology would have sent information to a database owned by Vigilant Solutions, a private surveillance corporation that maintains a license plate tracking database containing over six billion records. Vigilant has partnered with 3,000 plus law-enforcement agencies, many of which contribute license plate reader data to the corporate database, enabling the nationwide tracking of cars and their drivers. Last month, we learned Vigilant has contracted with ICE, allowing agents to use the enormous database to track and target immigrants for arrest and deportation. Facing pressure from advocates at the ACLU and other privacy and immigrant rights groups, Alameda decided not to partner with the firm. Vice Mayor Malia Vella explained why: “Even my colleagues who were very clearly in support of license plate readers still didn’t like the idea of contracting with Vigilant. It’s a problem how they share this information.”

 

FACEBOOK MAY BE IN TROUBLE FOR ITS POLITICAL ADS

From Verge: Seattle says Facebook has violated its political ad transparency law           

According to Seattle state law, companies that post political advertising during a campaign must have on hand “the names and addresses of the people it accepted the ads from, the exact nature and extent of the advertising, and the ‘consideration and the manner of paying.’” After a Seattle newspaper was unable to obtain state election advertisement information from Facebook, the Seattle Ethics and Elections Commission ordered the company to release the information. Though Facebook eventually did turn in a spreadsheet, executive director of the Ethics and Elections Commission Wayne Barnett says the disclosure is insufficient. Facebook’s information doesn’t match candidates’ disclosure filings; for one candidate, the company reported providing $4,535 worth of ads, though the candidate reported spending over $55,000. If it’s determined that Facebook violated the law, it could be charged $5,000 per violation—a paltry sum for the rich social media giant.

 

TECHNOLOGY IS TARGETING THE POOR

From Vox: How big data is helping states kick poor people off welfare

In her new book Automating Inequality, University of Albany political science professor Virginia Eubanks details how the use of automation in government services has made it even more difficult for low-income people and the poor to get by. Eubanks explains how purchases made on EBT cards, essentially debit cards for welfare money, are monitored by social workers. In 2014, Maine governor Paul LePage obtained EBT purchase history records and used them as “evidence” to show that welfare funds are misused and should be limited. Eubanks argues that the government’s mistreatment of the poor is not a new phenomenon, but it is facilitated and exacerbated by technological innovations and automation.

By Iqra Asghar, intern with the ACLU of Massachusetts Technology for Liberty Program

© 2018 ACLU of Massachusetts.