Weekly Axis Of Easy #50
This issue contains nothing about Meghan Markle. It contains this:
- Google removes “Don’t be Evil” clause from Code of Conduct
- New European data privacy rules kick in this week
- Bell meets with CRTC to push FairPlay after denying same
- US cell carriers sell real time location data
- What Senator Pan’s “Online False Information Act” really says
- Thousands of Swedes get microchip implants
- Update on Efail/GPG security advisory
- BlackBerry’s Chen: personal data privacy should be paramount
Until June 30th, .STORE domains are slashed to $20/year.
Google has removed its famous motto “Don’t be Evil”, which used to be the very first thing in its Code of Conduct and reiterated twice more within the first few paragraphs has quietly replaced this simple phrase with generalized references to “ethical business conduct”. “Don’t be evil” is now only mentioned once in the 6,313 word document, toward the end, seemingly as an afterthought “And remember… don’t be evil, and if you see something that you think isn’t right – speak up!” (Emphasis added, ‘cause when you think about it, that’s exactly what got James Damore fired).
Further, as previously reported here, the internal revolt at Google over Project Maven, its JV with the US DoD to build military drones continues, with about a dozen employees quitting and over 4,000 signing a petition to cease the project.
The new European privacy rules kick in on May 25, 2018. The GDPR outlines a comprehensive set of data protection and data privacy rules whose impact affects all businesses globally doing anything in Europe or with European citizens. The big one for the online world is Whois, the database that contains all that domain name registration data. With days to go it’s still largely unknown what will happen since the GDPR rules put registrars in an uncomfortable sandwich: they are contractually obligated by ICANN to operate Whois servers which reveal registrant data, yet precluded under threat of severe penalties pursuant to GDPR from doing so for European registrants. What to do?
After briefly pondering a ban on all European users we’ve decided instead to simply withhold personal data from European registered domains in Whois until lCANN figures something out, which until now, they haven’t.
Bell Canada has denied that they met with CRTC officials in private to present their web content blocking proposal (“FairPlay”) before the initiative was publicly announced. However, documents obtained via Freedom of Information filings and the obtained documents show pretty plainly that they did. FairPlay is a proposal Bell is pushing to compel ISPs to block web content without due process.
A just plain weird set of revelations that four US cell carriers are selling your real-time location data to a company called “Securus”, which is a prison technology company of all things. The story started surfacing after Sen. Ron Wyden filed a letter asking why police forces can track any cellphone location “within seconds” without a warrant. Apparently Securus is originally intended to track inmates, but since their tech can also be used to track everybody else …why not? There is also this interesting comment on Hackernews from a purported telecom insider using a throwaway account blowing the whistle on the extent to which mobile carriers hawk your data.
Admittedly, I keep my finger on the pulse of the tin-foil-hat crew because, well frankly it’s never boring. So when I saw a story making the rounds that a senator had proposed legislation that “made questioning vaccinations a crime”, I had to dig deeper. TL,TR: that’s not what California Senator Richard Pan’s proposed “SB1424 Internet: social media: false information: strategic plan” says at all. In its original form it would require anybody who posted pretty well anything online to disclose, among other things: what algorithm decides what order items are displayed on a website (hello, Facebook, Twitter?), and how anything posted was fact checked.
However, it’s been amended, now it’s just a bill to require the State attorney general to convene a study on the matter no later than April 1, 2019. That’s it.
Swedes are starting to get microscopic implants, about the size of a grain of rice, into their hands which will supplant the need to carry credit cards, cash or even house keys. The program was launched in 2015 and has about 3,000 participants so far. In Sweden the sharing of personal information is held to be a sign of a transparent society. Coming soon to an open society near you, I’m sure. If only some enterprising governments can merge this with a social credit system like China’s, make it all compulsory, then everything will be aces and nothing bad will happen ever again. I for one can’t wait.
Last week we reported on Efail, which are a set of serious vulnerabilities in various helper libraries to PGP/GPG that various mail readers use to integrate GPG encryption. It is important to note that the problems reside in the helper apps and not within PGP/GPG itself.
To that end Protonmail has written a very detailed rundown of the issues worth a read. Depending on which helper app you use, you would also want to check out their respective statements and guidance on the Efail issue:
Some conspiracy minded types speculate that Blackberry (formerly Research In Motion) was taken down by the powers-that-be because they refused to play ball with intelligence services to put backdoors into Blackberry phones. After reading “Losing The Signal” last year, a very comprehensive history of the company I think it was just plain disruption in action. RIM didn’t wake up to the smartphone challenge soon enough or respond fast enough, and then it was too late.
All that said, it was refreshing to read current Blackberry CEO, John Chen’s op-ed in the Globe and Mail on the value proposition of businesses protecting their customers’ privacy and data rather than exploiting it. I was going to quote it at length here, but instead you should just go and read it:
Until June 30th, .STORE domains are slashed to $20/year. Click here to get yours