Facebook submits 229-page document to congress detailing data abuses.

Here is yet another chapter in the drama of the Cambridge Analytica / Facebook user data abuse scandal. This week we are talking about a document dated June 8th (last Friday) from Facebook and containing answers to the Senators formal questions asked of the company during the April 10,11 hearings. The document in it’s entirety can be read here.

It is a good read and I encourage anyone with even a fleeting interest in the case to do so but to summarize many of the revelations are to be expected like the amount of time spent on the site and the users buying activities but further reading details the massive scope and scale of data recording.

For example Facebook records your mouse movements and whether or not your browser window is in the foreground or background of your screen. This is done as a safeguard against bots.

Facebook records literally every scrap of operating system and hardware data it can get it’s hands on. Battery level, signal strength, storage space, even down to recording file names.

They also record every bit of data they can get about your carrier, Their name, the IP provided to you, any cookie data they can scoop up. They also record everything they can from any wireless client devices that may be connected to your machine such as Wifi and Bluetooth. FB records the Wifi signals in your area, it also collects data about the Bluetooth devices in your area.

And of course it tracks your location, but also records camera information and hoovers up any photos you take unless you explicitly opt-out. Oh yea and all your call logs and SMS messages too, they help themselves to it.

So yea, literally everything they can get they do. Why would anyone expect them not to? Remember this is one of those new companies with inverted business models where you are no longer the customer but the product to be sold. And just like an old farm cow, you care going to be milked for every drop of data you can be. To be solved this problem is going to require people to view their own data as having value, Facebook certainly does. If Facebook wants data from us they can buy it from us for a fair market value.

Microsoft develops app to teach young children the reality of their sad dystopian future.

Microsoft is doing its part to bring mass surveillance to children everywhere, Now children will have not only their locations tracked via smartphone but also will track the apps they use and the amount of time they spend using them. Sound terrible? Well, it’s not the NSA they’re doing it for this time, (as far as we know) it’s parents who they are giving control over this sort of surveillance to. They have developed an app called “Microsoft Launcher” that will allow parents to track their children’s every move via their smartphone. The app is currently in preview, It requires a parent to create a “family group” where all the families devices can be tracked. and on the child side will come with a kid-friendly portal to MSN-Kids, a new Microsoft owned and child sterilized news feed. And also will work in tandem with Microsoft Edge, allowing for parental control over their children’s browsing. Yes, that’s right, They are still doing everything they can think of to force people into using their crappy web browser.

I’m against this. But first I have a lot of questions about how exactly this operates which so far have gone unanswered. Just how much control over the Android operating system are you giving this app? This is just a third party app obviously, and I believe it would take a kernel rewrite to allow Microsoft the kind of controls over the phone’s operating system to allow this system to work in the intended way. If the child cannot access the data he wants in Edge, won’t he do the same thing the rest of us do and simply use Firefox or Chrome? I just can’t see a lot of scenarios where this ‘protection’ can be defeated by a kid with even a basic understanding of computer science.

But beyond that, I can also see a big issue with how much data you are handing over about your family, to Microsoft, and for free. I understand that they super double pinky swore that they wouldn’t abuse our data this time, but come on. How does that saying go? Fool me once, shame on you, fool me consistently since Windows 3.1… How many hacked data dumps and revelations about data abuse do we need to see before we demand some sort of GDPR regulation in America?

And beyond data protection and the actual viability of the idea. Let’s talk for a moment about child psychology. I’m pretty obviously not a child psychologist, but that being said I’m continually surprised by moments where I can tell how to handle situations where a child just wants attention or needs recognition, or similar when the other supposed adults around me are clueless.  So I’d like all of you to do that oh so hard thing in an adults life and try to remember what it was like being 6, or 8, or 12. When you barely have any control over your own life to begin with. When you just wish so badly you could talk to an adult without them seeing you as being a little child. Imagine the kind of impact on a young mind when you realize you are being watched electronically everywhere you go. Not only that but it is not being done by the NSA (again not that we know) who are usually happy to sit back and collect data unseen, this is being done by a parental figure who regularly acts on that information. How would that revelation effect you into your later life? Would it become normal eventually? Would you accept surveillance in all aspects of your life? Is that the whole point of this in the first place? and that is the best case scenario here. You are introducing something potentially traumatic to a child at an age where it could easily become part of their personality. A brick in the foundation of their lives.

Parents are far from perfect. So handing them what to a small child must seem like omnipotent power, is asking for it to be abused. Sometimes very outwardly, those people will eventually go up against child protective services. But also sometimes very subtly, those unfortunate children grow up to be the rest of us. Just traumatized enough to be a self conscious-mess but sane enough to live the life of your average, non-questioning drone in the USA workforce. Again maybe that is the whole point.

In short, I think this is a terrible application of technology. And I’m usually the person who defends children against people who complain about the quantity of screen time they get on tablets and game consoles. A violent video game will never do the kind of damage that a legitimate reason to be paranoid can do to a child.

Your Internet rights are being decided today.

Thats right. Another big net neutrality vote. Luckily today it is about restoring the original rules and not breaking the system more. I’m sure a lot of you are sick of hearing about this. Trust me I sympathize. I try as a rule to keep politics out of this website. It just turns into a big pissing match that nobody wins. But when I’m asked to give up existing rights that is a big problem. Essentially the net neutrality repeal is a big cash handout to the telcom providers at huge expense of everybody else, in terms of both money and freedom.

Fight the privacy fatigue and please pay attention to this one, both for me and yourselves. Thanks

Net neutrality is getting a big vote in the Senate today. Here’s what to expect.

Senate lawmakers are expected to vote Wednesday on a resolution that aims to undo a sweeping act of deregulation undertaken last year by the Federal Communications Commission – and issue a rebuke to the Trump administration, which supported the FCC’s move. The resolution targets the FCC’s vote in December to repeal its net neutrality rules for Internet providers.

The gas station beer data racket

Anyone who really knows me knows that the exfiltration of my personal data by organizations that have no business having it is a massive pet peeve of mine. It is an exhausting quirk to have in the world today. Our access to data has grown too fast for our laws to protect it, and the net result is that instead of having to fear one ‘big brother’ vacuuming up all of our data, we have to deal with several ‘little brothers’ in the corporations we associate with that are desperate for marketing data. On top of that standard big brothers still exist, the major governments, who gladly allow it all to happen because it means they can simply extort all that data from the companies you do business with. So to summarize we have every company under the sun sucking up all the data they can get. Who then distribute it to governments (through intimidation), and for that matter everyone else too (through hacks and leaks).

So it is in this world that my story begins. Inevitably I wind up buying things that require ID, typically beer, but this also occasionally tobacco products, pseudoephedrine, canned air, lottery tickets, mature-rated video games or any other consumer good with an applicable law attached. This always leads to an ID check. Now from the beginning of time until very recently, this involved a clerk looking at the ID, checking the details written on it, checking the picture for a match with the face standing in front of them, and probably checking some anti-counterfeiting measures on the ID itself. I accept and fully support this process. If you want to buy something that requires a valid ID you should have to present it. The problem though is that somewhere along the line someone decided to take all the data contained in the document and digitize it into a scannable code on the back. The retailers have, one by one, taken to scanning this data under the guise of ‘verifying’ the license. The logic (if they can be believed) is this, If the system requires a cashier to require a license scan on every purchase with an age requirement, and if they have that scan on record. Then the ABC will have no recourse to come after the retailer for policy violations. That does make a lot of sense for the retailer, and if there was any sort of guarantee that the data wouldn’t be abused then I would support the practice. But far beyond simply not having a guarantee, there is a long list of corporate data breaches that proves these companies have no respect for the security of this data. And why should they? It’s not their data. Ask yourself what do they stand to lose by having it breached? Sure companies have lost consumer trust through data breaches but let’s be honest, there have been so many in recent months that they are hard to keep track of, and even if they can protect it from external actors that data is just too juicy not to be used by the company itself for marketing purposes.

Ok, so solutions. Well, I have taken to using my passport card or passport itself as my primary ID. Both of which can be scanned but only by the TSA. Passports also do not contain your address or any other identifying characteristics than what is absolutely necessary for a foreign government to determine if your status is sufficient to allow access to their country. Real passports work better in this vein than the passport card since most people have not seen it before. The only reason I mention it at all is that I have noticed my real passport is getting frayed from daily use. If you do not have a passport any kind of military or federal ID works in a similar fashion. You want something that is obscure but still clearly valid.

This is not always a workable solution. Some retailers have taken to the habit of only accepting drivers licenses. I’m not sure of the specific legality here but I’m pretty sure it violates some kind of laws. Specifically calling a federal ID invalid only on the basis of it not being scannable. If there are any paralegals or similar that can prove or disprove this statement please comment. The retailers must feel the same way because several of them now tell me that it is simply ‘company policy’ this sidestepping the legal issue. If this is the case The only other protection is to physically cover your scan code with tape or better yet a label that specifically states that you do not consent to uploads of your personal data to private servers and that if that is a problem you will gladly shop elsewhere. That whole concept might be hard to fit onto a piece of tape but you get the idea. Put up a physical barrier and be clear about your intentions.

That, of course, leads me to the final recourse available. Vote with your feet. If there is a retailer that really gives you that much of a hard time about scanning your identification after you have clearly proven it, then there is not much else you can do. Besides launching a massive class-action lawsuit, in which case sign me up too!