U.S. Senator demands answers from Amazon Ring over its police partnerships – gpgmail


Senator Edward J. Markey (D-Mass.) is looking for answers from Amazon about its doorbell camera Ring and the company’s relationships with law enforcement agencies around the U.S. In a letter published on Thursday, he writes to the technology giant how partnerships like Ring’s raise “serious privacy and civil liberties concerns,” and asks Amazon to further detail the size and scope of its numerous deals with police.

The Senator’s attention was drawn to the issue following a recent report by The Washington Post. The report revealed that Ring had entered into some 400 video-sharing partnerships with U.S. police forces, which granted the police access to the footage from the homeowners’ internet-connected video cameras.

The police cannot tap into live or on ongoing footage, and the homeowners can choose to decline police requests, the report also said.

However, the partnerships raised concerns from privacy advocates who believe the program could threaten civil liberties, turn residents into informants, and subject innocent people to greater surveillance and risk, The Washington Post noted.

The same kind of network of surveillance cameras would draw more scrutiny if the police or the government had installed it themselves, but by working with Ring they’re not directly involved.

In a letter (see below) dated Thursday, September 5, 2019, Senator Markey questions the use targeted language that encourages Ring owners to opt in to the video-sharing program with police, as well as the way Amazon actively courts law enforcement to increase its use of the Ring system. Sen. Markey additionally points out that Amazon seems to be increasingly working with U.S. police forces, like it did when marketing its facial recognition product, Rekognition.

“The scope and nature of Ring’s partnership with police forces raise additional civil liberties concerns. The integration of Ring’s network of cameras with law enforcement offices could easily create a surveillance network that places dangerous burdens on people of color and feeds racial anxieties in local communities,” Sen. Markey wrote. “I am particularly alarmed to learn that Ring is pursuing facial recognition technology with the potential to flag certain individuals as suspicious based on their biometric information,” he continued, referencing a patent Ring applied for last year that would catch “suspicious” people on camera.

“In light of evidence that existing facial recognition technology disproportionately misidentifies African Americans and Latinos, a product like this has the potential to catalyze racial profiling and harm people of color,” Markey said.

The Senator asks Amazon to detail how long it’s been asking users to share video footage with police, how those policies have changed, and which police departments it’s working with. He also asked for information about how this data was being stored, what safeguards are in place, whether the police are sharing that footage with other entities, whether Rekognition capabilities were coming to Ring, and more.

Markey also wants Ring to review its consent prompts for video-sharing with experts to make sure it’s not manipulating consumers into these agreements with police.

And he wants to know if Ring has worked with any experts in civil liberties, criminal justice or other relevant fields to review its doorbells and social network Neighbors to ensure they don’t present unique threats to people of color or other populations.

Ring would not be the first to create a home for racial profiling among neighbors, though its connection to cameras makes it more of an actionable threat than other networks, like Nextdoor or Facebook Groups.

Nextdoor, for example, became well-known for issues around racial profiling, and eventually rolled out tools to try to stem the problem in its app. Crime-tracking app Citizen also faced controversies for creating a state of paranoid hypervigilance among its users — something that has long-term effects on how people perceive their world and those they share it with. And anyone in a Facebook Group for their neighborhood knows there will at some point be a post about a “suspcious” person with little evidence of any wrongdoing.

Sen. Markey gave Amazon until September 26, 2019 to respond to his questions.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Ring Confirms It Works With More Than 400 Police Departments


This site may earn affiliate commissions from the links on this page. Terms of use.

Ring has come under fire in recent months for the way it partners with law enforcement and helps them obtain camera footage from customers without a warrant. Ring frames this as an initiative to keep neighborhoods safe, but privacy advocates worry about the development of a corporate-controlled surveillance state. The scale of Ring’s police partnership has only now become clear. It’s not a handful of police departments or even a few dozen — Ring works with more than 400 departments around the US. 

You can buy and use Ring cameras anyplace without interacting with law enforcement, but Ring is working hard to get people under the jurisdiction of partnered police departments to use its “Neighbors” app. That’s what connects your cameras to other nearby Ring cameras, allowing you to share video with neighbors. 

Ring’s contracts with police call for the direct promotion of Ring devices and services with the aim of increasing downloads of the Neighbors app. Police departments working with Ring get access to the Neighbors online community portal where they too can request footage. When investigating a crime, police can ask residents in Neighbors to share their video — Ring will even help police craft effective messages to get more footage. Ring (which is owned by Amazon) even provides police with credits toward free Ring cameras they can provide to residents. 

It’s not hard to see why police would like this. Officers can set up a Neighbors request and get access to video much more quickly than if they had to go through the legal system. On the flip side, they are getting access to a great deal of video that has little or nothing to do with investigating a crime. 

Ring stresses that police can’t see live feeds from cameras, and they don’t technically know who is and is not providing video footage. Although, it’s not hard to figure out which houses with Ring doorbells aren’t supplying video as requested. Ring seems conscious of how uncomfortable this could make people, so it’s trying to get ahead of the critics by making its full list of law enforcement partners public. The map above shows all 405 departments that work with Ring. The company promises to update the map regularly, too. 

The map probably won’t do much to calm those who are already concerned — it really drives home the incredible scale of the program. Almost all the departments listed joined the program in just the last few months. Still, the map is a step in the right direction. It will allow at least some public accountability going forward.

Now read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Kaspersky Products Leak Everything You Do Online, Straight Through Incognito Mode


This site may earn affiliate commissions from the links on this page. Terms of use.

Kaspersky Labs does not enjoy the best reputation. The company has been linked to Russian intelligence, the Department of Homeland Security has banned its use in government computers, and Best Buy will not sell its products. In 2017, news broke that the Israelis had observed Russian intelligence operatives using Kaspersky software to spy on the United States. Now, an investigation of the company’s antivirus software has uncovered a major data leak that goes back to 2015.

According to German publication C’t, Kaspersky antivirus injects a Universally Unique Identifier (UUID) into the source code of every single website that you visit. This UUID value is unique to the computer and the installation of the software. The value injected into each and every website never changes, even if you use a different browser or access the internet using a browser’s Incognito Mode.

C’t found the injection because one of their antivirus software evaluators came across the same line of source code in multiple websites. Installing the application on different systems resulted in the creation of different UUID values. Assigned UUIDs didn’t change over time, indicating that they were static. And because these values are injected into the source code of every single website that you visit, it means that the sites you track can track you back. As C’t writes:

Other scripts running in the context of the website domain can access the entire HTML source any time, which means they can read the Kaspersky ID.

In other words, any website can read the user’s Kaspersky ID and use it for tracking. If the same Universally Unique Identifier comes back, or appears on another website of the same operator, they can see that the same computer is being used.

After building a proof-of-concept and testing that users with Kaspersky antivirus installed could indeed be tracked straight through incognito mode, C’t contacted Kaspersky. The flaw now has a formal name: CVE-2019-8286. Kaspersky has argued that it’s a fairly minimal problem that would require advanced techniques to exploit. Kaspersky has patched its software so that it now only injects information about which version of a Kaspersky product you use into each and every website you visit, not a unique identifier specific to your personal machine. C’t is not happy with this fix and believes it still constitutes a security risk.

C’t’s proof of concept. Image by C’t.

A bug that identifies a computer to a website that knows how to listen for that information is potentially quite valuable. Even if Kaspersky has no external database associating UUIDs with specific installations, broadcasting a UUID straight through incognito mode means that a webserver logs a visit from a specific computer. If that machine is associated with a specific individual, you’ve established a link.

Is it possible that Kaspersky simply made a terrible security decision when it implemented its antivirus software? Absolutely. The fact that a bug exists doesn’t automatically mean that someone nefarious was using it. But these types of coincidences are interesting, to say the least. Broadcasting a UUID as part of antivirus software operation is not the kind of attack avenue most of us would expect. It’s the type of fingerprinting method that an intelligence agency might be very interested in using to track who was accessing very specific websites, but not the kind of thing that a regular malware operation would have much interest in. Of course, one could also argue that this is why the bug snuck in to start with. Kaspersky’s flaw, in this reading, isn’t deliberate nefariousness; it’s an accident that reflects the company’s chief focus on stopping ordinary malware, not state actors.

I don’t know which perception is right. But I would at least suggest investigating an antivirus provider with fewer allegations of foreign intelligence cooperation if this sort of issue is a concern to you.

Now Read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Facebook could face billions in potential damages as court rules facial recognition lawsuit can proceed – gpgmail


Facebook is facing exposure to billions of dollars in potential damages as a federal appeals court on Thursday rejected Facebook’s arguments to halt a class action lawsuit claiming it illegally collected and stored the biometric data of millions of users.

The class action lawsuit has been working its way through the courts since 2015, when Illinois Facebook users sued the company for alleged violations of the state’s Biometric Information Privacy Act by automatically collecting and identifying people in photographs posted to the service.

Now, thanks to an unanimous decision from the 9th U.S. Circuit Court of Appeals in San Francisco, the lawsuit can proceed.

The most significant language from the decision from the circuit court seems to be this:

 We conclude that the development of face template using facial-recognition technology without consent (as alleged here) invades an individual’s private affairs and concrete interests. Similar conduct is actionable at common law.

The American Civil Liberties Union came out in favor of the court’s ruling.

“This decision is a strong recognition of the dangers of unfettered use of face surveillance technology,” said Nathan Freed Wessler, staff attorney with the ACLU Speech, Privacy, and Technology Project, in a statement. “The capability to instantaneously identify and track people based on their faces raises chilling potential for privacy violations at an unprecedented scale. Both corporations and the government are now on notice that this technology poses unique risks to people’s privacy and safety.”

As April Glaser noted in “Slate”, Facebook already may have the world’s largest database of faces, and that’s something that should concern regulators and privacy advocates.

“Facebook wants to be able to certify identity in a variety of areas of life just as it has been trying to corner the market on identify verification on the web,” Siva Vaidhyanathan told Slate in an interview. “The payoff for Facebook is to have a bigger and broader sense of everybody’s preferences, both individually and collectively. That helps it not only target ads but target and develop services, too.”

That could apply to facial recognition technologies as well. Facebook, thankfully, doesn’t sell its facial recognition data to other people, but it does allow companies to use its data to target certain populations. It also allows people to use its information for research and to develop new services that could target Facebooks billion-strong population of users.

As our own Josh Constine noted in an article about the company’s planned cryptocurrency wallet, the developer community poses as much of a risk to how Facebook’s products and services are used and abused as Facebook itself.

Facebook has said that it plans to appeal the decision. “We have always disclosed our use of face recognition technology and that people can turn it on or off at any time,” a spokesman said in an email to “Reuters”.

Now, the lawsuit will go back to the court of U.S. District Judge James Donato in San Francisco who approved the class action lawsuit last April for a possible trial.

Under the privacy law in Illinois, negligent violations could be subject to damages of up to $1,000 and intentional violations of privacy are subject to up to $5,000 in penalties. For the potential 7 million Facebook users that could be included in the lawsuit those figures could amount to real money.

“BIPA’s innovative protections for biometric information are now enforceable in federal court,” added Rebecca Glenberg, senior staff attorney at the ACLU of Illinois. “If a corporation violates a statute by taking your personal information without your consent, you do not have to wait until your data is stolen or misused to go to court. As our General Assembly understood when it enacted BIPA, a strong enforcement mechanism is crucial to hold companies accountable when they violate our privacy laws. Corporations that misuse Illinoisans sensitive biometric data now do so at their own peril.”

These civil damages could come on top of fines that Facebook has already paid to the U.S. government for violating its agreement with the Federal Trade Commission over its handling of private user data. That resulted in one of the single largest penalties levied against a U.S. technology company. Facebook is potentially on the hook for a $5 billion payout to the U.S. government. That penalty is still subject to approval by the Justice Department.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Ring Is Helping Police Convince People to Hand Over Video Footage Without a Warrant


This site may earn affiliate commissions from the links on this page. Terms of use.

Ring’s close alliance with police departments continues to be a headache for the company with each new revelation. Amazon-owned Ring expends great effort to get its customers to use its Neighbors video sharing app, to which it gives police access. Thanks to newly leaked emails, we know Ring is actually coaching officers in ways to convince users to provide video footage without a warrant. 

Installing a Ring camera doesn’t automatically make your videos available to police, but Ring works hard to get people to download and use the Neighbors app. That connects to an online community portal where you can share video with other users. In cities where police have partnered with Ring (and push Ring products), officers can also send out requests for video. Ring even gives police free cameras to distribute to the community based on how many Neighbors downloads they can deliver. 

When police ask for video footage in Neighbors, they don’t have to go through the hassle of getting a warrant. That makes it an appealing prospect for police, but users are often hesitant to share their camera footage. In several email exchanges obtained by Motherboard, Ring “Partner Success Associates” explain how police can obtain higher compliance. Unsurprisingly, many of the techniques involve getting more people to download Ring’s app. 

Ring told police that departments with higher levels of Neighbors opt-ins have better results. That fits nicely with Ring’s mission to get as many people as possible using Neighbors. The company has been criticized for stoking fear with the Neighbors app. Ring even has news editors who post unverified details of 911 calls in Neighbors. 

Ring coaching New Jersey police on how to obtain more video footage.

Ring has also provided police with templates for footage requests, hoping to get more users to respond favorably. It also suggests departments remain active on social media, which is not altogether bad advice. However, Ring, of course, frames this as a way to drive downloads of the Neighbors app. Ring also instructs police to post public messages in Neighbors to encourage the community to provide video when asked. 

Activists have called on police departments to stop partnering with Ring, citing the unregulated public-private partnership to create a video surveillance dragnet. Ring is far from the only consumer security camera provider, but it’s the only one with an aggressive campaign to get people using a scaremongering “community” app that helps police circumvent normal evidence gathering.

Now read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Trueface raises $3.7M to recognise that gun, as it’s being pulled, in real time – gpgmail


Globally, millions of cameras are in deployed by companies and organizations every year. All you have to do is look up. Yes, there they are! But the petabytes of data collected by these cameras really only become useful after something untoward has occurred. They can very rarely influence an action in “real-time”.

Trueface is a US-based computer vision company that turns camera data into so-called ‘actionable data’ using machine learning and AI by employing partners who can perform facial recognition, threat detection, age and ethnicity detection, license plate recognition, emotion analysis as well as object detection. That means, for instance, recognising a gun, as it’s pulled in a dime store. Yes folks, welcome to your brave new world.

The company has now raised $3.7M from Lavrock Ventures, Scout Ventures, and Advantage Ventures to scale the team growing partnerships and market share.

Trueface claims it can identify enterprises’ employees for access to a building, detect a weapon as it’s being wielded, or stop fraudulent spoofing attempts. Quite some claims.

However, it’s good enough for the US Air Force as it recently partnered with them to enhance base security.

Originally embedded in a hardware access control device, Trueface’s computer vision software inside one of the first ‘intelligent doorbell’, Chui which was covered by gpgmail’s Anthony Ha in 2014.

Trueface has multiple solutions to run on an array of clients’ infrastructures including a dockerized container, SDKs that partners can use to build their own solutions with, and a plug and play solution that requires no code to get up and running.

The solution can be deployed in various scenarios such as fintech, healthcare, retail to humanitarian aid, age verification, digital identity verification and threat detection. Shaun Moore and Nezare Chafni are the cofounders and CEO and CTO, respectively.

The computer vision market was valued at USD 9.28 billion in 2017 and is now set to reach a valuation of USD 48.32 billion by the end of 2023.

Facial recognition was banned by agency use in the city of San Francisco recently. There are daily news stories about privacy concerns of facial recognition, especially in regards to how China is using computer vision technology.

However, Truface is only deployed ‘on-premise’ and includes features like ‘fleeting data’ and blurring for people who have not opted-in. It’s good to see a company building in such controls, from the word go.

However, it’s then it’s up to the company you work for not to require you to sign a statement saying you are happy to have your face recognized. Interesting times, huh?

And if you want that job, well, that’s a whole other story, as I’m sure you can imagine.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

UK High Court rejects human rights challenge to bulk snooping powers – gpgmail


Civil liberties campaign group Liberty has lost its latest challenge to controversial U.K. surveillance powers that allow state agencies to intercept and retain data in bulk.

The challenge fixed on the presence of so-called “bulk” powers in the 2016 Investigatory Powers Act (IPA): A controversial capability that allows intelligence agencies to legally collect and retain large amounts of data, instead of having to operate via targeted intercepts.

The law even allows for state agents to hack into devices en masse, without per-device grounds for individual suspicion.

Liberty, which was supported in the legal action by the National Union of Journalists, argued that bulk powers are incompatible with European human rights law on the grounds that the IPA contains insufficient safeguards against abuse of these powers.

Two months ago it published examples of what it described as shocking failures by U.K. state agencies — such as not observing the timely destruction of material; and data being discovered to have been copied and stored in “ungoverned spaces” without the necessary controls — which it said showed MI5 had failed to comply with safeguards requirements since the IPA came into effect.

However the judges disagreed that the examples of serious flaws in spy agency MI5’s “handling procedures” — which the documents also show triggering intervention by the Investigatory Powers Commissioner — sum to a conclusion that the Act itself is incompatible with human rights law.

Rejecting the argument in their July 29 ruling, they found that oversight mechanisms the government baked into the legislation (such as the creation of the office of the Investigatory Powers Commissioner to conduct independent oversight of spy agencies’ use of the powers) provide sufficient checks on the risk of abuse, dubbing the regime as “a suite of inter-locking safeguards.”

Liberty expressed disappointment with the ruling — and has said it will appeal.

In a statement the group told the BBC: “This disappointing judgment allows the government to continue to spy on every one of us, violating our rights to privacy and free expression.

“We will challenge this judgment in the courts, and keep fighting for a targeted surveillance regime that respects our rights. These bulk surveillance powers allow the state to Hoover up the messages, calls and web history of hordes of ordinary people who are not suspected of any wrongdoing.”

This is just one of several challenges brought against the IPA.

A separate challenge to bulk collection was lodged by Liberty, Big Brother Watch and others with the European Court of Human Rights (ECHR).

A hearing took place two years ago and the court subsequently found that the U.K.’s historical regime of bulk interception had violated human rights law. However, it did not rule against bulk surveillance powers in principle — which the U.K. judges note in their judgement, writing that consequently: “There is no requirement for there to be reasonable grounds for suspicion in the case of any individual.”

Earlier this year Liberty et al were granted leave to appeal their case to the ECHR’s highest court. That case is still pending before the Grand Chamber.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something