Tag: data

NSA spying is costing big business big money

US politicians are expected to retreat from their obsession with spying on citizens after it was revealed that the biggest losers were actually corporations.

Since the so-called Land of the Free overthrew its lawful king in a French backed terrorist coup, most of the country’s major decisions have been made to prop up businesses and corporate culture.

Snooping on citizens is more of a knee jerk reaction against terrorism which was, in itself, a smoke screen for poor economic performance by the last two presidents.

Now it seems that the snooping is getting in the way of the US’s number one priority of protecting big business from real life.

It turns out that the NSA surveillance programmes are very damaging for the American technology industry.

A report by the Information Technology and Innovation Foundation said that companies that provide cloud computing services stand to lose as much as $35 billion over the next three years unless Congress takes action to alleviate the fears of American people that they are being snooped on.

Cloud computing and storage companies are being seen as the saviour for business and the economy. The industry is growing fast and is expected to be a $207 billion business by 2016.

But, to the NSA, putting the material on the cloud is a bit like shoving all the personal information in one place where it can be easily collected. While that makes life easier for the spooks, it makes companies less likely to go with cloud stuff.

Big business is unhappy with the idea of being spied on as much as your Average Joe.

At the moment it is US companies that dominate the international cloud computing market. Normally that would mean that piles of foreign cash would be rolling into the US from foreign parts.

However, Daniel Castro of ITIF, is now warning that foreign companies are not trusting American cloud computer companies and he thinks that US cloud companies will lose anywhere from 10 percent to 20 percent of the market to international rivals.

This will represent a loss of $22 billion to $35 billion.

Already 10 percent of international companies surveyed have already cancelled a project that used a cloud computing service based in the US and 56 percent of companies surveyed are “less likely” to use a US based cloud computing service.

It also seems that 36 percent of US companies surveyed said they have found it “more difficult” to do business outside of the country because of NSA spying.

When you factor all that in, firms are almost certain to remind their sock puppets that this spying lark is going to have to stop – or at least have it toned down a little. It does not matter if occasionally someone blows something up in the name of their terror campaign, so long as US business is not harmed. 

NSA spied on thousands of Americans

A report published in the Washington Post  released some top secret documents about how the National Security Agency (NSA) illegally collects surveillance on Americans, thousands of times per year.

Most of the May 2012 audit is a catalogue of cock-ups where the NSA collected data by accident due to analyst and programming errors.

But in one case the phone records of more than 3,000 US citizens were stored despite the fact that the NSA had been ordered to shred them by a surveillance court.

All up, the audit reported 2,776 cases where the NSA broke its own privacy rules.

In one situation, the spooks mistook the US area code (202) for Washington, DC and the international dialling code for Egypt. As a result, they snooped on a “large number” of domestic American phone calls.

In another case, the NSA mixed US and foreign emails that it collected from tapping into a fibre-optic cable that passes through the United States. It wanted to keep the emails and told the Foreign Intelligence Surveillance Court (FISC) that it couldn’t filter out which emails belonged to Americans.

The court said that the email collection effort must stop and it was “deficient on statutory and constitutional grounds”.

The audit appears to have been provided to the paper a few months ago by former NSA contractor Edward Snowden. The report was only supposed to be seen by the NSA’s top brass and no politicians ever saw it.

More information is expected to be released soon. Glenn Greenwald, the Guardian reporter who has published the most information based on Snowden’s leaks, is still working on a pile of them and tweeted that he will be releasing them soon. 

NSA's Utah data centre capacity estimated

Every since the revelation that US spooks are spying on the internet activities of citizens around the world, the attention has focused on a new government database being built in Utah.

The site is supposed to be the place which will house and process data collected from telephone and ISPs, satellites, fiber-optic cables and bugs

When it opens in September it is supposed to hold “yottabytes” of data, according to Wired or five “zettabytes” according to NPR, in other words more data than puny human brains are really able to comprehend.

But Forbes has got its paws on the blueprints of the data centre and is starting to work out that the actual storage capacity is comparatively low. It’s still pretty big.

After all the administration buildings, power sources and back-up generators are factored out, spooks have room for 100,000 square feet of servers. Impressive, but perhaps not enough room for a yottabyte of data.

Brewster Kahle is the engineering genius behind the Internet Archive, and Kahle estimates that a space of that size could hold 10,000 racks of about a billion dollars’ worth of servers.

Kahle thinks each rack would be capable of storing 1.2 petabytes of data. Kahle says that voice recordings of all the phone calls made in the US in a year would take up about 272 petabytes, or just over 200 of those 10,000 racks. This means that the facility can potentially hold up to 12,000 petabytes, or 12 exabytes.

Internet infrastructure expert Paul Vixie told Forbes that Kahle’s calculations were a little on the high side.

Assuming larger 13 square feet racks would be used, factoring in space between the racks, and assuming a lower amount of data storage per rack, he came up with an estimate of less than 3 exabytes of data capacity for the facility.

This would limit the US spying to 24-hour recordings of what every one of Philadelphia’s 1.5 million residents was up to for a year.

The defence from the US government is that it is only collecting metadata. But this data can tell you a lot about people and all of their social connections and habits, like who they talk to and where they go. While it may be technically unlikely that the NSA is storing every communication exactly, it can help the state decide who, when and where to target before zooming in on them through other back doors.

As the numbers are speculation, to put it into perspective, the Utah facility would still hold a lot of data. Google uses multiple data centres for a single exabyte of info. 

US spy programme clearing House of Representatives

It appears that US law makers have no interest in curbing the PRISM spy programme.

According to Reuters, the House of Representatives voted 217-205 to defeat an amendment to the defence appropriations bill that would have limited the National Security Agency’s ability to collect electronic information, including phone call records.

Fighting the law was an unlikely alliance of libertarian Republicans and some Democrats in Congress. In fact 94 Republicans were in favour and 134 against, while 111 Democrats supported the amendment and 83 opposed it.

But the White House and senior intelligence officials opposed the amendment by Republican Representative Justin Amash of Michigan, which had been prompted by Edward Snowden’s revelations.

The lawmakers went on to approve $600 billion in Pentagon spending for the 2014 fiscal year, including the costs of the Afghanistan war.

Republican representative Tom Cotton said that there was nothing to worry about as the “metadata” being collected was a five-column spreadsheet containing the number called, the number of the caller, the date, the time and the duration of call. 

He insisted that the program has stopped dozens of terrorist attacks, and saved untold American lives. He did not say when these evens happened, in fact so far no one has ever cited any case where terrorists were pre-empted by PRISM.

But then Cotton is a former Army captain who served in Iraq and Afghanistan so he is not likely to call for anything that limits defence spending.

Amash, a conservative Republican, and other supporters of the amendment said the issue was whether the US government had the right to collect and retain the personal communications data of American citizens.

Ted Poe, a Texas Republican, said that the government has gone too far in the name of security. He called for a reining in of government invasion, the ending of dragnet operations, and the need to get a specific warrant based on probable cause or nothing at all. 

Ipsos denies selling PERSONAL EE user data to Met police

Ipsos Mori has denied that it offered to sell personally identifiable information from the call and text data of 27 million EE mobile network customers, but does not deny offering to sell anonymised information.

The research firm said it “absolutely refutes” accusations in the Sunday Times, which claimed that it had been offering EE call and text data to the police, as well as boasting that the data it had collated could be used to track individuals and their locations in and around 100 metres.

It is thought the police may have had an interest in the offer but backed out of the deal once it became public. The Metropolitan Police confirmed to the Sunday Times it had spoken with Ipsos Mori. 

Ipsos Mori did not deny it was offering information full stop, instead assuring EE customers that any data was thoroughly anonymised.

In a statement, Ipsos Mori said it “absolutely refuted the suggestion that it [was] offering access to individual personal data for sale”.

Instead it said its mobile analytics explored user volume, demographics and mobile web use from anonymised and aggregated groups of people.

“In conducting this research we only receive anonymised data without any personally identifiable information.

“We have taken every care to ensure it is being carried out in compliance with all relevant legal and regulatory requirements, including the Data Protection Act and Privacy and Electronic Communications (EC Directive) Regulations (both as amended),” it added.

As a result it said it could assure customers that it only received anonymised data without any personally identifiable information on any individual customers. The statement did not reveal exactly which demographics were up for sale.

“We do not have access to any names, personal address information, nor postcodes or phone numbers,” it said.

UK's 'anonymous' health records are wide open

Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, told MedConfidential’s crowd how proposed ‘anonymised’ data is anything but.

Data on databases and anonymised will be stored without names, per se, but will still retain the patients’ post code and age, meaning that it is actually pretty simple to identify patients and those with sensitive records, such as people who are HIV positive.

Anderson pointed out that it doesn’t take much more than one family member or friend with access to patient records to get to that data, either. Considering how many people the NHS employs there are a lot of potential weak links. The emergency care system in Scotland allowed access to the health records of prominent political figures like Gordon Brown and Alex Salmond. The culprit was not prosecuted – as it was not ‘in the public interest’ – however, it could also be an embarrassing metric of the open nature of supposedly anonymised health records.

Although British Prime Minister David Cameron has promised health records will be anonymised, the anonymisation process seems like a cop out as it is still possible to access very private information. There is indeed an opt out, however, it is “like Facebook” – the defaults are wrong, the privacy mechanisms are “obscure” and they get changed whenever a lot of people learn to use them.  Efforts to exempt medical data from European data protection regulation are also underway thanks to the health market lobby.

Anderson concluded that a national system holding 50,000,000 records is too big a target, will be cumbersome, fragile and unsafe, and failures to properly protect privacy will have real costs in safety and access – particularly for the most vulnerable or at risk sections of societies.

Anderson also pointed out that hard data ‘thinks’ about people in a different way – it doesn’t take into account measured human behaviour, and can “look at you in a different, unmoderated way”. According to Anderson, for example, it can take just four Facebook ‘likes’ to determine the sexuality of a user. 

Airlines will charge you for data privacy

After a couple of years mulling the merits of making you pay for a mile up Nintendo, the airlines are considering charging passengers who refused to hand over personal data.

Global distribution systems that supply flight and fare data to travel agents and online ticketing services like Orbitz and Expedia, are complaining that airlines are stinging them for fee information in a way that lets them make it handy for consumers trying to find the best deal.

Simon Gros, chairman of the Travel Technology Association, told AP that airlines are want to make sure that a customer does not know how much their ticket will cost until after check out.

Now the Department of Transportation is considering whether to require airlines to provide fee information to everyone with whom they have agreements to sell their tickets. While that deal is being hatched out some airlines are asking the Supreme Court to reverse an appeals court ruling forcing them to include taxes in their advertised fares. They claim that that telling customers how much they have to pay violates their free-speech rights.

According to AP, it is all because the airlines are copying Apple and have come up with a model where punters don’t just buy a ticket, they have a locked in “travel experience”. Airlines want to mine personal data about customers in order to sell them tailored services. They want to use the data to build a walled garden of delights where the customer’s trip is locked in to partners.

If airlines have their way, passengers looking for ticket prices may have to tell the airlines their age, marital status, gender, nationality, travel history and why they are flying.

This would make comparison shopping for the cheapest air fares a thing of the past and if customers don’t hand over the data they could be hit by the sort of fines you get when you have an extra bag containing your sandwiches on Ryan Air.

Perry Flint, a spokesman for the international airline association, said that it was up to individual airlines whether they price fares differently for travellers who don’t provide personal information. However it is starting to look like airlines really want passangers to go by car or train. 

Parents overwhelmingly oppose collecting kid's data online

Parents in the USA have expressed strong concerns about the sharing of children’s personal data over the internet

In a survey, released just before law makers decide on a proposal to strengthen child privacy laws, almost all – nine out of 10 – of 2,000 adults said advertisers had an obligation to get the go-ahead before collecting the name, address or any other personal data of a user under 13.

They have also said businesses should refrain from asking a for a child’s location or information about friends.
 
Currently the water is murky when it comes to how far regulators can go with the privacy of children. The argument is too much regulation can stifle the growing web, media and mobile industries, which often rely on sharing – and storing – information to grow their businesses.

There are also no firm regulations on what can or cannot be done. But this is set to change with the Federal Trade Commission planning to vote this month on revisions to a 1998 law written before the mobile computing boom.

New updates would require permission from parents to track children online with cookies and other tools used by advertisers to create user profiles.

The FTC also wants an update to ensure social networking sites such as Facebook and Zynga are responsible when their partner sites take data on kids. For example, if a child presses Facebook’s “like” button on a news or game site, Facebook would be equally responsible for the handling of that user’s data.

Facebook has rubbished these rules, arguing that it would not be feasible to do this, and it’s easy to see why, with the company monetising on third partner apps and games within the site that are unintentionally or intentionally aimed at younger children.

Back in August it was criticised by mothers after allowing a partner to promote a gambling game, which was brightly coloured and full of cartoon characters.

Although it was stated the game, published by JackPotJoy, was not suitable for minors, parents told us the design of the game could lull kids into gambling by offering them what “blatantly” looked like a game for children.

Facebook for its part said third-party apps liable for privacy violations of their partner sites “raised First Amendment concerns”.

Under the proposed changes, web companies would also have to gain permission from parents to ask for information that pinpoints the location of young users.

The survey seems to suggest that parents are in favour of this, with 80 percent opposed to allowing advertisers to collect and use information about a child’s activities online, even in cases where advertisers do not know the actual name and address of a child.

However, in the eyes of such sites, this could impose on their profits as it would prevent them selling the data to advertisers who could use this to send on voucher codes and coupons as well as suggesting similar games.

Kathryn C. Montgomery, Ph.D, professor of communication at American University and one of the leaders of the campaign to pass COPPA during the 1990s, said that children should be able to reap the benefits of the participatory media culture without being subjected to techniques that take advantage of their developmental vulnerabilities.

“We must ensure that the COPPA rules are updated effectively so that the generation of young people growing up online today will be treated fairly in the growing digital marketplace,” Montgomery said.

One parent said, speaking with TechEye, said it’s bad enough there aren’t secure controls on these sites to stop young children getting on, but then taking advantage of this and their habits is something else.

“It’s clear these sites let minors on because they are set to make some sort of revenue from their data through advertisers, but the morals are all wrong,” the parent said. “I want to be asked what data on my child can be collected, that’s the least these sites can do.

Metamaterial tech threatens the end for power cables

Oxford University research into metamaterials could help the public do away with the masses of wires that connect computing devices.

Isis Innovation, the research commercialisation arm of the university, has come up with new technology that allows devices to both charge up batteries and transit data without the need for any cables.

It is already possible to charge devices using inductive charging, with devices from electric toothbrushes, but the team have struck on a new way to deliver power and data.

Using engineered metamaterials, the team says it is possible to connect devices with a patterned conductive layer that can be added to pretty much any surface. This means it is possible to use a carpet to provide power to a lamp, for example, and the same should apply to all manner of devices.  

Dr Chris Stevens, one of the researchers, said: “You could have a truly active, cable-free, batteryless desktop that can power and link your laptop or PC, monitor, keyboard, mouse, phone and camera.” 

This could mean putting the technology behind a computer monitor’s screen to transfer digital files to and from a USB stick “simply by tapping the flash drive against an on-screen icon”, with touted transfer speeds of 3.5 gigabits per second.

In the future it could be possible to have your stereo, TV, DVD and satellite box all powered through the carpet and wallpaper. An electric car could also be charged via a mat, for instance.

By doing away with power cables components could be easier to recycle. As it stands, devices are soldered or wired together and so are difficult to recycle. Stevens claimed that by getting rid of wires and connecting components by putting them on a sealed circuit board it will be a lot easier to take them apart without desoldering or using heat treatments which could potentially damage components.

“High spec computers can be sent back to the manufacturer when the next model comes out and the processors can be reused for lower spec home computers,” he said.  “Eventually those same processors can end up in TVs and washing machines – dramatically increasing the lifecycle of electronics”

Isis touts wearable, wireless charging and data transfer

Isis Innovation has announced what it claims is a simple, safe and inexpensive technology to power and charge everyday electrical devices whilst simultaneously exchanging data without the need for cables.

The technology, developed in Oxford, is said to allow users to wirelessly power and exchange data over distance using simple and inexpensive engineering.

This has been done through metamaterials recently discovering properties of artificial magnetic resonators that support magneto-inductive waves. Isis said this allowed the rapid transfer of power and data between electronic devices without the use of conventional, limiting technologies.

Benefits include no wires or cables as well as a cheap and simple manufacturing process. Researchers also claim there is no limit to the number of connected devices and no
vulnerable connectors to disconnect.

The technology is said to be weatherproof, can be woven into flexible materials and integrated into furniture, walls and flooring. One way to do this is by  incorporating the technology behind the screen of a computer monitor, digital files, photos and music, which could be transferred to and from a USB stick simply by tapping the flash drive against an appropriate on-screen icon.

Laptops, mobile phones, cameras, printers and media devices can all charge and communicate with one another from a table top integrated with the Oxford metamaterial.
Limitless operation.

This technology, the company says, could prove essential in offices, homes, consumer electronics, medical devices and social outlets.
      
The theory is the architecture of computers and other electrical devices requiring microprocessors and circuit boards connected to peripheral devices can be entirely reengineered using infinitely interchangeable – and therefore recyclable – components manufactured as self-contained units.

This will increase product life while reducing cost, carbon footprint and wastage. The company is currently in the process of discussing licensing the technology.