Pete Recommends – Weekly highlights on cyber security issues May 26, 2019

Subject: Photo of Woody Harrelson helps facial-recognition system catch beer thief
Source: Tribune Media Wire via WPMT FOX43

Clever police work—or an abuse of technology?

When a suspect who looked a lot like a long-haired Woody Harrelson was caught on camera stealing beer from a CVS and the NYPD’s facial-recognition system didn’t provide any matches, a detective used a photo of the actor, according to a report from Georgetown University’s Center on Privacy and Technology.

The study says that instead of the pixelated security footage of the suspect, the detective used a high-quality photo of Harrelson with long hair from 2012’s Hunger Games, and found 11 matches, including a man who was eventually arrested for the crime, the AP reports.

The report says detectives also used a photo of New York Knick JR Smith to search for a man wanted for a Brooklyn assault.

The Georgetown University report—titled “Garbage In, Garbage Out”—is highly critical of the practice of using celebrity photos to find lookalike suspects, as well as the use of artist’s sketches in facial recognition systems, the New York Post reports.

Subject: San Francisco Bans Facial Recognition Technology
Source: The New York Times

SAN FRANCISCO — San Francisco, long at the heart of the technology revolution, took a stand against potential abuse on Tuesday by banning the use of facial recognition software by the police and other agencies.

The action, which came in an 8-to-1 vote by the Board of Supervisors, makes San Francisco the first major American city to block a tool that many police forces are turning to in the search for both small-time criminal suspects and perpetrators of mass carnage.

The authorities used the technology to help identify the suspect in the mass shooting at an Annapolis, Md., newspaper last June. But civil liberty groups have expressed unease about the technology’s potential abuse by government amid fears that it may shove the United States in the direction of an overly oppressive surveillance state.

[Facial recognition technology has stoked controversy over the years. Here’s a look back.]

Aaron Peskin, the city supervisor who sponsored the bill, said that it sent a particularly strong message to the nation, coming from a city transformed by tech.

But critics said that rather than focusing on bans, the city should find ways to craft regulations that acknowledge the usefulness of face recognition. “It is ridiculous to deny the value of this technology in securing airports and border installations,” said Jonathan Turley, a constitutional law expert at George Washington University. “It is hard to deny that there is a public safety value to this technology.”

But there is a broader concern. “When you have the ability to track people in physical space, in effect everybody becomes subject to the surveillance of the government,” said Marc Rotenberg, the group’s executive director.

American civil liberties advocates warn that the ability of facial surveillance to identify people at a distance, or online, without their knowledge or consent presents unique risks — threatening Americans’ ability to freely attend political protests or simply go about their business anonymously in public. Last year, Bradford L. Smith, the president of Microsoft, warned that the technology was too risky for companies to police on their own and asked Congress to oversee its use.

[I only saw one reference to WRONG and none to FALSE /pmw1]

Subject: Ari Mahairas and Peter Beshar on AI and 5G security risks
Source: Business Insider

  • AI and 5G will lead to an explosion in cybersecurity risks, according to an FBI agent and the general counsel of $50 billion professional services firm Marsh & McLennan.
  • Ari Mahairas and Peter Beshar have built a relationship educating the public sector and industry about the risks of cyber attacks, as well as solutions to the threat.
  • New tech will make it easier for bad actors to attack things like internet-connected devices, potentially leading to catastrophic attacks on nuclear power plants, they said.
  • The pair also discussed protecting 5G networks and the growing demand for privacy regulation in Silicon Valley.

“We’re engaged in a race without a finish line,” Beshar says of the threat. “Cyber is a unique threat that poses a threat to both government and industry both sectors have been breached repeatedly. Neither one of us is immune.”

The pair also discussed protecting 5G networks, in the context of concerns over Chinese tech giant Huawei contributing to infrastructure, and the growing demand for privacy regulation in Silicon Valley.

Subject: Prince Harry beat paparazzi using GDPR law, new royal weapon vs. media
Source: Business Insider

  • Prince Harry won a legal dispute with Splash News, a photo agency which used a helicopter to take pictures inside his home.
  • As well as arguing that they invaded his privacy, the Duke of Sussex also based his case on the photographers having mishandled his personal data under Europe’s new GDPR law.
  • This is an unexpected application of data law, which is more commonly thought of as governing large online databases and spammy mailing lists.
  • It opens a new avenue in the royal family’s never-ending struggle to keep parts of their lives out of the public eye.

Subject: Airbnb scam hits some users, charges them for fake reservations
Source: USA Today

Airbnb users may want to check their accounts even if they aren’t planning a trip anytime soon – some fellow customers on the rental site have been scammed with reservations they didn’t make.

Account holders have been charged for non-refundable reservations at fake destination homes and in some cases, users report that money was taken from their bank and Paypal accounts.

Airbnb confirms that there have been some occurrences, but said in a statement sent to USA TODAY that “these are isolated incidents and at no point was the Airbnb platform compromised. We have robust systems in place to protect users’ accounts and our team of trust and safety experts work hard to constantly strengthen our defenses.”

Airbnb has resolved a case in which UK-based communications professional Alice Chautard had three non-refundable reservations made in Kiev, Ukraine on her account Saturday and then the hacker cancelled the reservations, and deleted the account that charged her “all within 2 minutes,” she posted on Twitter.

“I travel internationally a lot as a speaker and have loved Airbnb in the past,” she said. But “after this, I’m done with Airbnb not because I was hacked but because it was so difficult to get in touch with anyone, the response I got was subpar and there was no ownership of the issue. I had a credit card on my profile but what about all of the people who have their debit cards linked? Their cash is gone.”

Subject: Age of fraud: Are seniors more vulnerable to financial scams?
Source: Marketplace via WHYY

Not only are older people heavily targeted by scammers, but surprising data suggest that, as we get older, we become more vulnerable to fraud in so many of its forms.

The part that especially floored me is this: Doctors are studying older people who are on the ball, A-OK. People who — when tested — seem to have no diagnosable cognitive impairment, but who may still be at special risk from those who want to take their money, be it strangers or family.

There is brain research about this. In some cases, it’s like a person’s radar for scams goes dark.

Lachs and his colleagues have put a label on what they see as an all-too common condition: “age-associated financial vulnerability.”

“We are learning that there are changes in the aging brain, even in the absence of diseases like Alzheimer’s disease or other neurodegenerative illnesses, that may render older adults vulnerable to financial exploitation.”

In an award-winning paper published by the Brookings Institution, researchers identified a peak age for handling money matters: on average, 53 years old. That astonishing number personally gave me pause now that I am past that summit and, according to that finding, hiking the downward slope myself.

Lawyer and elder rights advocate Marie-Therese Connolly is working on a book about elder abuse to be called “Aging Dangerously”, and worked closely on the drafting and passage, in 2010, of the Elder Justice Act.

A new federal law, the 2017 Elder Abuse Prevention and Prosecution Act, appointed what are called “elder justice coordinators” at U.S. Justice Department offices around the country.

In Florida, a new legal tool makes it much easier for the state’s vulnerable older victims to file paperwork — in the absence of an attorney — to quickly freeze their scammed money without notifying the scammer, a kind of “pause button.”

Subject: DHS warns of ‘strong concerns’ that Chinese-made drones are stealing data
Source: CNNPolitics

Washington (CNN)Chinese-made drones may be sending sensitive flight data to their manufacturers in China, where it can be accessed by the government there, the US Department of Homeland Security warned in an alert issued Monday obtained by CNN.

The drones are a “potential risk to an organization’s information,” the alert from DHS’s Cybersecurity and Infrastructure Security Agency states. The products “contain components that can compromise your data and share your information on a server accessed beyond the company itself.”

Subject: Concern Growing Over ‘Nefarious’ Website Offering Individuals’ Personal Information, Reputation Rating
Source: KDKA via CBS Pittsburgh

PITTSBURGH (KDKA) — Ever Googled yourself?

Were you surprised by what you found?

There are all kinds of websites that try to profit from your personal information.

But there is growing concern over one in particular called

The California-based website sets itself apart by offering many of those details for free, as well as rating people’s reputations.

In this case, it’s a reputation that you have no say in building. Rather, it’s an arbitrary score assigned to you by the website.

MyLife feeds off the idea that reputation matters.

So how do you remove your profile from MyLife?

Click here for a complete in-depth step-by-step tutorial.

[also other aggregators /pmw1]

KDKA reached out to MyLife for comment, but so far we have not received a response.

NB some more info

Subject: Finland is winning the war on fake news. Other nations want the blueprint
Source: CNN Special Report

Helsinki, Finland (CNN) On a recent afternoon in Helsinki, a group of students gathered to hear a lecture on a subject that is far from a staple in most community college curriculums.

Standing in front of the classroom at Espoo Adult Education Centre, Jussi Toivanen worked his way through his PowerPoint presentation. A slide titled “Have you been hit by the Russian troll army?” included a checklist of methods used to deceive readers on social media: image and video manipulations, half-truths, intimidation and false profiles.

The course is part of an anti-fake news initiative launched by Finland’s government in 2014 – two years before Russia meddled in the US elections – aimed at teaching residents, students, journalists and politicians how to counter false information designed to sow division.

The initiative is just one layer of a multi-pronged, cross-sector approach the country is taking to prepare citizens of all ages for the complex digital landscape of today – and tomorrow. The Nordic country, which shares an 832-mile border with Russia, is acutely aware of what’s at stake if it doesn’t.

As the trolling ramped up in 2015, President Sauli Niinisto called on every Finn to take responsibility for the fight against false information. A year later, Finland brought in American experts to advise officials on how to recognize fake news, understand why it goes viral and develop strategies to fight it. The education system was also reformed to emphasize critical thinking.

Subject: Comcast building Amazon Echo-like device, with focus on health care
Source:  CNBC via Philadelphia Business Journal

Instead of being able to ask for the definition of a word, to control a smart device or to set reminders, the device will work as a kind of guardian monitoring users’ activities. The report said it would be marketed to people who may need more health assistance, like people with disabilities or senior citizens. Sensors would be able to tell if users are taking more bathroom trips, for example, or sleeping more than normal. Fall detection and emergency phone calls are also planned features, and it will include a personality-like interface like Alexa.

Like many tech-focused corporations, Comcast has shown an increased interest in the health care space, most recently with a joint venture with Independence Health Group. Named Quil, the digital health partnership has built a cloud-based platform aimed at providing both patients and caregivers with personalized content and information related to their individual health care needs. Pilots are set to begin later this year.

Posted in: AI, Civil Liberties, Cybercrime, Cyberlaw, Cybersecurity, Elder Law, Public Records, Technology Trends