June 16, 2020

Surveilled — Issue 51

Surveilled

Issue 51

A weekly summary of what I've found interesting at the intersection of economics, finance and technology.

Headlines

Norway Pulls Its Covid-19 Contact Tracing App after Privacy Watchdog’s Warning — The low adoption rate faced by these contact-tracing apps is fascinating. It is abundantly clear of course that using these apps involves giving up a degree of privacy, but there seems to be a diffuse sense amid the public that they are too invasive. This seems to considerably weaken trite assertions such as “privacy is dead.” When it is clear that we will be giving up privacy, we seem to be significantly more reluctant. Whatever the cause, faced with this low adoption and with doubts as to their effectiveness, the future may not in fact belong to contact tracing—or exposure notification—apps. Read (TechCrunch)

Videoconferencing Service Zoom Disabled the Accounts of US-based Chinese Dissidents — They were participating in a call with China-based activists commemorating the Tiananmen Square massacre. Zoom invoked the need to “obey to local laws,” but of course it’s not clear why Chinese law should affect US users. I’m always inclined to conclude that this kind of thing is the result of incompetence rather than malice, but it seems clear that Zoom’s company culture is not ready to deal with the issues and demands that come with their explosive growth over the last few months. It feels a bit like a compressed timeline of what happened to Facebook. Read (FT)

Facebook Funded a Zero-Day Exploit in a Privacy-Oriented OS To Catch a Criminal — The OS in question is called Tails and is built to protect users’ privacy, for example by routing web browsing through the Tor network. It was being used by a child porn trafficker grooming minors on Facebook, so the company placed a full-time employee on the case and paid a consultant to help develop a zero-day exploit in Tails to help with his capture. Obviously this is a prime example of the end justifying the means, but the approach—specifically engineering an exploit in an operating system used by others to perfectly lawful ends—raises all sorts of questions. Read (Schneier on Security)

The Eu Privacy Watchdog Thinks Facial Recognition Company Clearview AI Is Illegal — This is a) not surprising, and b), a good thing. Read (The Next Web)

Amazon Decides to Stop Selling Its Facial Recognition to Police, but Only for a Year — Supposedly this is to give time to the US Congress to enact legislation to regulate the technology’s use, but on the whole it sounds more like “privacy washing.” Read (FT)

TikTok’s Parent Company Plans To Enter Digital Banking in Singapore — ByteDance partnered with the family behind one of the largest banks in the city-state. Not necessarily unexpected, but shows ByteDance’s big ambition. Read (FT)

Several European Countries Launched GAIA-X, a Cloud Infrastructure Provider To Compete with US Companies — “Digital sovereignty” has been a theme for a while in Europe, most recently seen with the spat over contact-tracing apps. And while I understand and sympathise with the animus behind it, such top-down directed competitors to organically grown alternatives are practically bound to fail. Read (GAIA-X)

New Vulnerability in Intel CPU Hardware Discovered — A few years ago there was a panic over a similar set of exploits, known as Meltdown and Spectre. The problem here is that these cannot be fixed through software, so if bad enough they require replacing all the affected machines. On the other hand, they usually require physical access, which drastically reduces their applicability. The precise mechanics of this vulnerability read like a sci-fi novel, worth your time. Read (Schneier on Security)

Context

One of the journalists who worked on the initial stories after Edward Snowden’s leak of NSA documents recounts how all his devices came under attack from different intelligence services, fascinating read. Read (The Atlantic)

Speaking of sci-fi novels, scientists found a way to eavesdrop on conversations using the vibrations of a lightbulb in the room. Not quite ready for practical use yet, but another illustration that it’s practically impossible to protect oneself against a really determined (and deep-pocketed) actor. Read (Wired)

That's it for this week's edition. As always, thanks for reading and please forward this to anyone who you think might be interested, it would be much appreciated.