Time to reset the Facebook clock.
After the fallout (TNB) of being mixed up with the Cambridge Analytica scandal, followed by the announcement in late September (NYT) about an “attack on its computer network had exposed the personal information of nearly 50 million users” which allowed “a feature in Facebook’s code to gain access to user accounts and potentially take control of them” to be exploited, Facebook is once again facing more Troubles.
Reset the “days since the last Facebook privacy scandal” counter, as Facebook has just revealed a Photo API bug gave app developers too much access to the photos of up to 5.6 million users. The bug allowed apps users had approved to pull their timeline photos to also receive their Facebook Stories, Marketplace photos, and most worryingly, photos they’d uploaded to Facebook but never shared. Facebook says the bug ran for 12 days from September 13th to September 25th. Facebook tells TechCrunch it discovered the breach on September 25th, and informed the European Union’s privacy watchdog the Office Of The Data Protection Commissioner (IDPC) on November 22nd. The IDPC has begun a statuatory inquiry into the breach.TechCrunch
CNN Business – Facebook could face billion dollar fine for data breaches
The European General Data Protection Regulation (GDPR) – went into effect in May 2018. GDPR “is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas.”
Because Facebook’s European headquarters is in Dublin, it must under GDPR inform the Irish data regulator within 72 hours of discovering a breach.
Companies found to have run afoul of GDPR could face a maximum fine of $23 million or 4% of their annual worldwide revenue, whichever is higher.
In Facebook’s case, the company had revenue of almost $40 billion in 2017, which means the company could face a fine of up to $1.6 billion if its revenue for 2018 remains roughly the same.CNN Business
For further reading: How to See if Your Photos Were Exposed By Facebook’s Latest Bug; LifeHacker
This facial recognition program is so good, not even the original faces are real. All the images are generated by their generator.
The paper, published on preprint repository Arxiv (PDF), describes a new architecture for generating and blending images, particularly human faces, that “leads to better interpolation properties, and also better disentangles the latent factors of variation.”TechCrunch.com
In recent months, pressure has been mounting for major tech firms to develop strong policies regarding facial recognition. Microsoft has helped lead the way on that front, promising to put in place stricter policies, calling for greater regulation and asking fellow companies to follow suit.
Hidden toward the end of a blog post about using artificial intelligence to benefit health clinics in Asia, Google SVP Kent Walker affirmed the company’s commitment not to sell facial recognition APIs. The executive cites concerns over how the technology could be abused.
Google is also backing out of bidding for the Pentagon’s “winner-take-all” contract for providing cloud service.
Google backed out from the bid in October, citing a lack of certifications and fears that the contract may contradict its AI Principles – a code of conduct written by the company after employees criticized its involvement in Project Maven, a secret Google Cloud product for the US military aiming to use Google’s image recognition technology in DoD drones.Data Center Dynamics
An update to this TNB story, Project Dragonfly: The Censorship Search Engine That Google Built.
“GOOGLE HAS BEEN forced to shut down a data analysis system it was using to develop a censored search engine for China after members of the company’s privacy team raised internal complaints that it had been kept secret from them.” [The Intercept]
With the news (TNB) of the newly released Senate report on Russian interference and meddling in the year(s) leading up to and including the 2016 presidential election and beyond, in case you missed it, like I did, Google CEO Sundar Pichai was on Capitol Hill last week.
Full testimony: Google CEO Sundar Pichai complete opening statement (C-SPAN – YouTube)
For further reading, this may be one to add to the list of must reads for a matter of shoring up your own defenses.
“For David Sherratt, like so many teenagers, far-right radicalization began with video game tutorials on YouTube. He was 15 years old and loosely liberal, mostly interested in “Call of Duty” clips. Then YouTube’s recommendations led him elsewhere.”
Chaslot, the former YouTube engineer, said he suggested the company let users opt out of the recommendation algorithm, but claims Google was not interested.
Google’s chief executive officer, Sundar Pichai, paid lip service to the problem during a congressional hearing last week. When questioned about a particularly noxious conspiracy theory about Hillary Clinton that appears high in searches for unrelated videos, the CEO made no promise to act.
“It’s an area we acknowledge there’s more work to be done, and we’ll definitely continue doing that,” Pichai said. “But I want to acknowledge there is more work to be done. With our growth comes more responsibility. And we are committed to doing better as we invest more in this area.”DailyBeast
3D-printed heads let hackers – and cops – unlock your phone (TechCrunch)
“Those cheering on the “death of the password” might want to think again. They’re still the only thing that’s keeping your data safe from the law.”
It is not necessarily feasible, nor practical, but it is doable. They only need a warrant to use your data, but not to access your data.
It’s no secret that biometrics — your fingerprints and your face — aren’t protected under the Fifth Amendment. That means police can’t compel you to give up your passcode, but they can forcibly depress your fingerprint to unlock your phone, or hold it to your face while you’re looking at it. And the police know it — it happens more often than you might realize.TechCrunch.com