Category: The Authorities

Child Abuse Protection Online

Facebook, Twitter, Microsoft, Google and other tech companies agreed to British government demands that they do more to keep young people safe on their online services.

This is a set of voluntary guidelines created by the UK, the U.S., Australia, Canada and New Zealand and it includes measures to stop new and existing child abuse photos and films appearing online.

The guidance also specifies that the companies must prevent streaming of such material and to work with Police to identify offenders and further develop their technology to stay ahead of offender’s behaviour online.

The countries have been clear that if the voluntary guidelines do not work then legislation will follow.

This is a big step forward – shame it has taken the tech companies so long to reach this point.

Do enter your email address and click on the subscribe button on top right to keep up to date with new

Fightback Ninja Signature

DMCA Takedown

www.dmca.com

The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization.

It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works (commonly known as digital rights management or DRM).

They are the guardians online of copyright material and are best known for being able to take-down websites where people have copied other’s content and not removed it when ordered to.

A “DMCA Takedown” is when content is removed from a website at the request of the owner of the content or the owner of the copyright of the content. It is a well established, accepted, internet standard followed by website owners and internet service providers.

Any owner of content has the right to process a takedown notice against a website owner and/or an Online Service Provider (e.g. ISP, hosting company etc.) if the content owner’s property is found online without their permission.

There is list of takedown conditions:

  • when copyright infringing content is removed or “taken down” from a website, by the website owner, upon receipt of a DMCA Takedown Notice from their ISP / Hosting company. This notice is generated by the, or on behalf of, the illegally published content owner, distributor, publisher etc.
  • when copyright infringing content is removed or “taken down” from a website by the website owner upon receipt of a DMCA Takedown Notice from the, or on behalf of, the content owner,distributor, publisher etc.
  • when copyright infringing content is removed or “taken down” from a website by the by the ISP or Hosting company of the website that is publishing the infringing content. This occurs because the website owner has not voluntarily complied with a DMCA Notice and the ISP or Hosting company must comply with the Takedown notice.
  • when an infringing website is taken down or “offline” by it’s ISP or Hosting company. This occurs because the website owner does not voluntarily comply with a Takedown notice as described above.

These Takedown actions occur upon receipt of a DMCA Takedown Notice which uses stipulations laid out in the Digital Millennium Copyright Act. (DMCA). This Act directly addresses the take down of (copyright) infringed content from a website which is publishing content in violation of copyright protection act or content being used without permission or not in accordance to the sworn statement of the content owner.

If you have needed to get a DMCA Take-down, do let me know, by email.

Fightback Ninja Signature

CIA Tricks Governments

The Swiss firm Crypto AG made millions of dollars selling encryption equipment to more than 120 countries from the 1950s through to 2018.

It sold equipment to many governments including Iran, Latin America, India and Pakistan.

The customers didn’t know that Crypto AG was secretly owned by the CIA and West German intelligence. These spy agencies ensured the equipment and software was designed so they could crack the encryption.

This secret of the Cold War, is exposed in a classified, comprehensive CIA history of the operation obtained by The Washington Post and ZDF, a German public broadcaster, in a joint reporting project.

The report states that it was the intelligence coup of the century. “Foreign governments were paying good money to the U.S. and West Germany for the privilege of having their most secret communications read by at least two (and possibly as many as five or six) foreign countries.”

From 1970 on, the CIA and its code-breaking ally, the National Security Agency, controlled nearly every aspect of Crypto’s operations —designing its technology to include flaws in the algorithms.

They monitored Iran’s mullahs during the 1979 hostage crisis, fed intelligence about Argentina’s military to Britain during the Falklands War, tracked the assassination campaigns of South American dictators and caught Libyan officials congratulating themselves on the 1986 bombing of a Berlin disco.

The German spy agency, the BND, came to believe the risk of exposure was too great and left the operation in the early 1990s. But the CIA bought the Germans’ stake and kept going, wringing Crypto for all its espionage worth until 2018, when the agency sold off the company’s assets.

The company’s importance to the global security market had fallen by then, squeezed by the spread of online encryption technology.

At times, including in the 1980s, Crypto accounted for roughly 40 percent of the diplomatic cables and other transmissions by foreign governments that cryptanalysts at the NSA decoded and mined for intelligence.

Crypto’s products are still in use in more than a dozen countries around the world, but the company was broken up in 2018, liquidated by shareholders whose identities have been permanently shielded by the laws of Liechtenstein.

Crypto AG brand and international business was sold to Crypto International and the remainder was a management buyout and became Crypto Security.

Both companies insist that they have no ongoing connection to any intelligence service,

The Swiss government announced that it was launching an investigation of Crypto AG’s ties to the CIA and BND and they also revoked Crypto International’s export license.

Do the CIA deserve congratulations for such a daring and successful means of intercepting secret messages sent by governments unfriendly to the West or they deserve condemnation for such deceit at an international level?

You decide.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Grand Committee For Disinformation

Jim Balsillie addressed the International Grand Committee on Disinformation and Fake News in Dublin and raised lot of points of concern and some possible solutions.

Jim believes that the current business model of the tech giants Is the root cause of the problem. That the data they have on us gives technology unprecedented power and has serious consequences when improperly used.

Whistle blowers inside platform companies told the committee “the dynamics of the attention economy are structurally set up to undermine the human will.” That is why we need to outlaw the current business model and re-introduce responsible monetization, such as subscription-based models. Strategic regulations are needed to cut off the head of this snake says Jim.

 

Jim submitted the following six recommendations for consideration by the committee:

  1. Eliminate tax deductibility for personalized online ads: Taxes create powerful incentives. We need to zero in on the core problem: the attention-based advertisement-driven business model. Subscription business models are much less prone to poisonous manipulation, so tax incentives must encourage responsible business models. This approach will weaken the incentive for political leaders to protect social media companies for the purposes of political gain.

 

2. Ban personalized political advertising: Online platforms continue to master behaviour modification. We are dealing with the largest, most centralized form of attention control in human history. This kind of tool for manipulation should not be for sale to the highest bidder during elections.

 

3. Implement strict data governance regulations for political parties: We must apply comprehensive privacy regulations to political parties regarding personally identifiable information. Further, we should require transparency of all commercial and technical relationships between political parties and social media companies.

 

4. Provide effective whistle blower protections: Some of the most valuable information the public has learned about the abuse of data has come from brave whistle blowers. Today’s technology companies are the most secretive businesses in the world with unprecedented and aggressive non-disclosure agreements for their workforce. Make sure whistle blower protection extends to both private sector and governmental activities.

 

5. Add explicit personal liability alongside corporate responsibility to affect executive and board of director decision-making: We must require annual signed certifications from chief executives and board members, similar to what is required for Sarbanes-Oxley compliance. This 2002 act was designed to better protect investors by improving the accuracy and reliability of corporate disclosures in the wake of various accounting scandals. When a senior executive or board member must affix their name to a document that has personal liability, this immediately changes behaviour to one of greater prudence and caution. Explicit personal liability will also help with tech executives who lie to or deliberately confuse lawmakers.

 

6. Create a new institution for like-minded nations to address digital cooperation and stability: The data-driven economy’s effects cannot be contained within national borders. New approaches to international coordination and enforcement are critical as policymakers develop new frameworks to preserve competitive markets and democratic systems that evolved over centuries under profoundly different technological conditions. We have arrived at a new Bretton Woods moment. We need new or reformed rules of the road for digitally mediated global commerce — a World Trade Organization 2.0. In the aftermath of the 2008 financial crisis, the Financial Stability Board was created to foster global financial cooperation and stability. A similar global institution, a Digital Stability Board, is needed to deal with the challenges posed by digital transformation.

 

Would these plans create a fairer environment for both online platforms and their customers and not concentrate the power in a few hands?

That’s hard to answer but something needs to be done and quickly.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Government Cyber Security Centre

The National Cyber Security Centre (NCSC) is part of the United Kingdom Government and provides advice and support for the public and private sector in how to avoid computer security threats. It became operational in October 2016, and its parent organisation is GCHQ.

“Helping to make the UK the safest place to live and work online”.

“NCSC support the most critical organisations in the UK, the wider public sector, industry, SMEs as well as the general public. When incidents do occur, we provide effective incident response to minimise harm to the UK, help with recovery, and learn lessons for the future”.

More specifically, the NCSC:

  • understands cyber security, and distils this knowledge into practical guidance made available to all
  • responds to cyber security incidents to reduce the harm caused to organisations and the wider UK
  • uses industry and academic expertise to nurture the UK’s cyber security capability
  • reduces risks to the UK by securing public and private sector networks

 

Year Three Highlight Statistics

  • Handled 658 incidents
  • Provided support to almost 900 victim organisations
  • Produced 154 threat assessments
  • Took down 177,335 phishing URLs, 62.4% of which were removed within 24 hours
  • 8 million visitors to the NCSC’s website
  • Added more than 5,000 new members onto the Cyber Security Information Sharing Partnership
  • Produced 108,411 physical items for 170 customers through the UK Key Production Authority
  • Produced 34 pieces of guidance and 69 blogs
  • Awarded 14,234 Cyber
    Essentials certificates
  • Enabled 2,886 small businesses across the UK to do simulated cyber exercising for themselves
  • Challenged 11,802 girls in the 2019 CyberFirst Girls Competition
  • Engaged with 2,614 students on the NCSC’s CyberFirst courses
  • Supported 250 extra teaching hours of computer science across 4 schools through Cyber Schools Hub activities
  • Delivered, along with sector and law enforcement partners, cyber security awareness and training sessions to more than 2,700 charities 20 countries visited by the NCSC Welcomed visiting delegations from 56 countries Hosted 197 events, with more than 9,000 attendees

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

 

ICO Protect Children’s Privacy

The Information Commissioner’s Office (ICO) published the Age Appropriate Design Code – a set of 15 standards that online services should meet to protect children’s privacy.

The code sets out the standards expected of those responsible for designing, developing or providing online services like apps, connected toys, social media platforms, online games, educational websites and streaming services. It covers services likely to be accessed by children.

The code requires digital services to automatically provide children with a built-in baseline of data protection whenever they download a new app, game or visit a website.

That means

  • Privacy settings should be set to high by default.
  • Location settings that allow the world to see where a child is, should also be switched off by default.
  • Data collection and sharing should be minimised
  • Profiling that can allow children to be served up targeted content should be switched off by default.

The code standard is based on the General Data Protection Regulation (GDPR) and the code was introduced by the Data Protection Act 2018. Organisations will have 12 months to update their practices before the code comes into full effect which is expected to be by autumn 2021.

The code is the first of its kind, but it reflects the global direction of travel with similar reform being considered in the USA, Europe and globally by the Organisation for Economic Co-operation and Development (OECD).

The regulator has powers to take action against organisations that break the law including tough sanctions like orders to stop processing data and fines of up to £17 million or 4% of global turnover.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature