Canada Bans WeChat and Kaspersky Over Spying Concerns

Citing privacy and security concerns, Canada has banned the usage of WeChat, a Chinese messaging app, and Kaspersky, a Russian antivirus software, on government-issued mobile devices. The ban came into effect on October 30, 2023, encompassing smartphones, tablets, and laptops. The decision was made after an assessment by Canada’s chief information officer concluded that both WeChat and Kaspersky pose an unacceptable level of risk to privacy and security.

Canada’s ban has faced criticism from the Chinese government, which deemed it “unreasonable and discriminatory.” Tencent, the owner of WeChat, has expressed its commitment to safeguarding the privacy and security of its users. Similarly, Kaspersky has denied any involvement in wrongdoing.

This ban on WeChat and Kaspersky marks a significant milestone with far-reaching implications for the global technology industry. It also reflects the growing concerns of Western governments regarding the potential misuse of Chinese and Russian technology companies for malicious activities.

Read: https://www.hackread.com/canada-bans-wechat-kaspersky-spying-concerns/

Berlin Regional Court Bans LinkedIn from Ignoring “Do Not Track” Signals

The Berlin Regional Court has ruled against the professional networking platform LinkedIn, prohibiting some of its data practices. The lawsuit was brought by the Federation of German Consumer Organizations (vzby).

The court found that LinkedIn cannot ignore “Do Not Track” signals sent by users’ browsers. These signals allow internet users to opt out of having their online activities tracked. Despite receiving these signals, LinkedIn announced that its website still engages in tracking for analysis and marketing purposes. According to the court, this communication is misleading, as LinkedIn is legally required to respect the Do Not Track requests.

The court also banned LinkedIn from automatically making users’ profiles publicly visible when they first create an account. This “Profile Visibility” default setting published users’ information without their consent, violating data protection regulations. Users must expressly agree before their profiles can be visible to non-members.

Vzbv called the decision a victory for consumers: “When people activate ‘Do Not Track,’ it sends a clear message that they don’t want their online activities spied on. Website operators have to respect that.” The group said the ruling confirms internet users have control over their personal data.

Read: https://stackdiary.com/german-court-bans-linkedin-from-ignoring-do-not-track-signals/

Canadian House Ethics Committee Pushes to Punish Online Platforms that Allow “Misinformation” to Spread

The Canadian Parliament has become the latest global player in a widening tug-of-war geared towards constraining the tide of “misinformation” seeping into the digital landscape. The House Ethics Committee in the Canadian capital, Ottawa, is calling for the imposing of stringent repercussions on tech giants whom they claim are complicit in disseminating “unverified” or “deceptive” content online.

The Committee’s directives come after an exhaustive ten-month investigation focused primarily on the mounting concern of foreign interference, particularly from powerhouse nations such as China and Russia. It held eight separate public consultation sessions throughout its investigatory period, featuring input from 23 key witnesses.

Vice-chair of the Committee, Bloc Quebecois MP Rene Villemure, emphasized the urgent need for decisive action, mirroring similar controversial legislative combat seen by the European Union, which has imposed significant online regulations to control the spread of digital falsehoods.
“At some point companies will have to understand that they’re actors and they’re not the government,” Villemure said.

Read: https://reclaimthenet.org/canadian-lawmakers-want-to-punish-online-platforms-for-allowing-misinformation-spread

Congress members Introduce Bill to Regulate Use of Facial Recognition Technology by Law Enforcement Agencies

Congressman Ted W. Lieu (D-Los Angeles County), Judiciary Crime Subcommittee Ranking Member Sheila Jackson Lee (D-TX), Congresswoman Yvette D. Clarke (D-NY), Congressman Jimmy Gomez (D-CA), Congressman Glenn Ivey (D-MD), and Congressman Marc Veasey (D-TX) introduced the Facial Recognition Act today, a bill to place strong limits on law enforcement use of Facial Recognition Technology (FRT). FRT is a powerful surveillance tool used by law enforcement agencies to fight crime, but a lack of transparency and reasonable limits on its use threatens Americans’ civil liberties.

Law enforcement has deployed the invasive and sometimes flawed technology to identify peaceful protesters, investigate minor crimes, and arrest people based solely on a single FRT match. The technology’s algorithms suffer from discriminatory bias, and as a result, individuals have been misidentified through the use of FRT, especially people of color.

The Members’ legislation places strong limits on law enforcement use of FRT, provides transparency, and requires annual assessments and reporting on the deployment of the technology to protect individuals’ rights. Specifically, the bill requires that a warrant be obtained that shows probable cause for an individual to have committed a severe and violent felony before FRT is deployed.

“I’m pleased to work with Ranking Member Jackson Lee and Representatives Clarke, Gomez, Ivey, and Veasey to re-introduce this bill to rein in law enforcement’s use of facial recognition technology,” said Congressman Lieu. “Our bill puts forth sensible guardrails that will protect the privacy of Americans against a flawed, unregulated, and at times discriminatory technology. I’m glad our approach has received broad support from civil liberties groups and former law enforcement officers.”

Read: https://lieu.house.gov/media-center/press-releases/reps-lieu-jackson-lee-clarke-gomez-ivey-and-veasey-introduce-bill

UK’s Surveillance Shift from Biometrics Safeguards to Facial Recognition

The UK government is set to expand its use of live facial recognition (LFR) technologies despite widespread concerns about its potential impact. This move is in stark contrast to the EU Parliament and some US cities, which have voted for a blanket ban on the use of LFR in public spaces. The government’s new Data Protection and Digital Information Act seeks to abolish the roles of the Biometrics and Surveillance Camera Commission (BSCC), an independent advisory board that was helping to hold the public sector accountable for its use of AI.

Critics argue that using biometric surveillance could impinge on a person’s “freedom of expression” and deter people from protesting. The government is also considering handing over full management of the National Health Service’s federated data platform to Palantir, a US tech giant with intimate ties to the defense, intelligence, and security industries around the world.

Unfortunately, most Western countries, including the UK, are experiencing a drift towards tech-enabled authoritarianism and centralized technocracy. This shift has been driven by governments attempting to use technology to monitor, control, and manipulate citizens. These measures are often justified in the name of public safety, but the lack of transparency and accountability raises serious ethical questions.

Read: https://www.nakedcapitalism.com/2023/10/big-brother-unchained-uk-government-plans-to-abolish-biometrics-safeguards-as-it-embraces-sweeping-facial-recognition-surveillance.html

Elsewhere online: 

In X (Twitter) post, Pseudonymous Researcher ZachXBT Reports the Theft of of $4.4M in Crypto due to LastPass Breach
Read: https://cointelegraph.com/news/lastpass-breach-hacker-steals-millions-crypto-wallets-zachxbt

Cybersecurity and Infrastructure Security Agency (CISA) Encourages Users to review VMware Advisory Notice
Read: https://www.cisa.gov/news-events/alerts/2023/10/30/vmware-releases-advisory-vmware-tools-vulnerabilities

GitHub Campaign Exposes AWS Cloud Keys in ‘Elektra-Leak’ Attack
Read: https://www.darkreading.com/cloud/elektra-leak-attackers-harvest-aws-cloud-keys-github-campaign

Atlassian Issues Warning on Critical Confluence Vulnerability Endangering Data
Read: https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html

New Threat: Pro-Hamas Hacktivists Launch Wiper Malware Targeting Israeli Entities
Read: https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html

Previously on #AxisOfEasy