At a glance.
- Monitoring remote workers.
- Child protection or slippery slope?
- Including social media in wiretap warrants.
- Data breach in the New York City public schools.
- Unemployment benefits in Florida affected by attempted account hijacking.
- Vaccine passports and privacy.
Keeping an eye on remote workers.
Teleperformance, one of the largest call center companies in the world, plans to deploy camera surveillance in the homes of Colombian remote workers, NBC News reports. Teleperformance employees say a new contract outlines the use of AI-powered cameras, voice analytics, and even the collection of data from employee family members, including children. As the pandemic has led to a massive shift to remote work, many employers are exploring new ways to keep tabs on workers who’ve traded the boardroom for the living room. MENAFN explains that businesses must also find new cybersecurity solutions to protect the data handled by these teleworkers: “The pandemic, widespread remote work, and the adoption of new technologies have brought in changes that traditional network architectures cannot deal with. The existing paradigm where the security stack is located within the corporate network is no longer sufficient to protect these teleworkers.”
More on Apple’s child safety tech controversy.
The debate surrounding Apple’s new child privacy protections continues to unfold. Apple released a factsheet on its website explaining that the new features, aimed at shielding child users from sexual predators and reducing the dissemination of Child Sexual Abuse Material (CSAM), employ on-device machine learning and cryptography technology to detect explicit content. If the tools are used as intended, it’s clearly a positive change, but privacy advocates’ concerns hinge on that “if.” As Daring Fireball notes, some experts fear the image detection technology could be abused by militant regimes seeking to suss out dissidents by searching their devices for incriminating content.
An open letter arguing against Apple’s new policies has already been signed by activist groups like Freedom of the Press Foundation, tech companies like Gigahost, and even the New York Public Library. “While child exploitation is a serious problem, and while efforts to combat it are almost unquestionably well-intentioned, Apple's proposal introduces a backdoor that threatens to undermine fundamental privacy protections for all users of Apple products,” the letter states.
The Wall Street Journal reports that messaging giant WhatsApp has expressed its opposition to the new features, saying the technology amounts to surveillance. “This approach introduces something very concerning into the world,” head of WhatsApp Will Cathcart, stated. “We will not adopt it at WhatsApp.” Industry expert Alex Stamos, formerly of WhatsApp’s parent company Facebook and now at the Stanford Internet Observatory, summed up the debate on Twitter: “In my opinion, there are no easy answers here. I find myself constantly torn between wanting everybody to have access to cryptographic privacy and the reality of the scale and depth of harm that has been enabled by modern comms technologies.”
Maryland police wiretap suspect’s Facebook account.
The Baltimore Sun reports that police in the US state of Maryland's Harford County secured a Circuit Court judge’s authorization to deploy a wiretap on a suspected drug trafficker’s Facebook audio calls. The case is one of only nine times Maryland authorities have used a digital wiretap for an investigation, the first time occurring in 2018. Aaron Mackey, senior staff attorney for the Electronic Frontier Foundation, stated, “I think there’s a reality that when you have a system that allows for users to create content to message others, it will be a valuable source of investigative leads for law enforcement.” Wiretaps can only be used on platforms without end-to-end encryption, which means apps like WhatsApp and FaceTime cannot be used for such surveillance, and Facebook Messenger and Instagram are set to be encrypted next year.
New York City public schools data breach.
The personal data of over three thousand public school students and staff in the US state of New York were exposed when a New York City public schools education department Google Drive database was inadvertently shared with unauthorized individuals. While details are murky, education department spokesperson Sarah Casasnovas told Chalkbeat New York, “We have no indication that anyone’s information was further shared or misused at this time, but we implemented aggressive measures to prevent this from happening again...” These measures include mandatory employee security training and improved file monitoring tools.
Attempted hijacking of Florida unemployment benefits accounts.
WKMG reports that a cyberattack targeting the Department of Economic Opportunity (DEO) in the US state of Florida resulted in the lockdown of the accounts of thousands of residents seeking unemployment benefits. The DEO intentionally shut down nearly 58,000 accounts as a security measure after hackers attempted to hijack the DEO’s Connect system. As a result of the unprecedented number of password reset requests, some users claim the wait to regain access was over forty-eight hours.
Survey says US and UK adults view vaccine passport as a privacy threat.
Health IT Security reports that, after surveying over two thousand Americans and one thousand British individuals, an Anomali/Harris poll shows that 75% of Americans and Brits fear a digital vaccination card could be a threat to their privacy. Concerns include identity theft, smartphone hacking, and data breaches. When asked about potential attackers, Americans were most concerned about nation-state threat actors from countries like Russia and China, while most British respondents felt organized cybercrime groups would be the perpetrators. Less than half of Americans surveyed felt confident the government or businesses could adequately protect consumers against such an attack, and 32% of Americans and 21% of Brits said they were not likely to use a digital vaccine card.