Archive for the ‘spying’ Category

NSA to share data with other agencies without “minimizing” American information

January 16, 2017 Leave a comment

Rules opposed by civil liberties and privacy advocates.

On Thursday The New York Times reported that the Obama administration had recently finalized rules to give the National Security Agency (NSA) more leeway in sharing its vast trove of intercepted communications with the 15 other government agencies that make up the Intelligence Community.

Previously, agencies like the Drug Enforcement Agency and the Federal Bureau of Investigation would have to request information on a target from the NSA. The NSA, in turn, would retrieve communications pertaining to that target and scrub the documents of information that was considered irrelevant to the search, including the names of innocent Americans—a process called “minimization.” Now, that middle step has been cut out. The agencies need only get approval from the NSA to access its data, and agents from the agencies are expected to carry out minimization on their own.

As The New York Times puts it, “Essentially, the government is reducing the risk that the NSA will fail to recognize that a piece of information would be valuable to another agency, but increasing the risk that officials will see private information about innocent people.” Although the agency analysts who will have access to the NSA’s surveillance powers are directed to ignore and redact information pertaining to innocent Americans, if they see evidence of criminal acts in the data they access, they are directed to hand it over to the Justice Department.

The move has been anticipated for a yearThe New York Times reported on the draft proposal back in February 2016—but in mid-December Director of National Intelligence James Clapper approved the new rules, which will amend Reagan-era executive order 12333, and last week Attorney General Loretta Lynch finally signed off on them as well. Congressional approval was not necessary to implement the changes.

Several agencies already have access to the NSA’s raw data under the Foreign Intelligence Surveillance Act (FISA). These new rules don’t change who has access to FISA data, but they allow national security analysts to access communications made over satellite transmission, as well as phone calls, e-mails that cross international borders, and e-mails that are sent between foreigners that pass through American networks. Analysts from other agencies may “search the raw data using an American’s identifying information only for the purpose of foreign intelligence or counterintelligence investigations,” according to the Times.

The rules have been opposed by civil rights and privacy advocates as lacking protections to prevent abuse. In a statement, American Civil Liberties Union legislative counsel Neema Singh Guliani said, “The procedures released today allow more agencies to directly access information collected by the NSA without a warrant under procedures that are grossly inadequate. This raises serious concerns that agencies that have responsibilities such as prosecuting domestic crimes, regulating our financial policy, and enforcing our immigration laws will now have access to a wealth of personal information that could be misused. Congress needs to take action to regulate and provide oversight over these activities.”

Obama Gifts Donald Trump Expanded Surveillance Powers

January 14, 2017 Leave a comment


In its final days, the Obama administration has gifted the incoming Trump administration the power to intrusively invade the privacy of American citizens by lifting the limits on what NSA can do with collected data.

Newly approved procedures gives more surveillance powers to the intelligence community by allowing the National Security Agency (NSA) to share globally intercepted communications data with all other US intelligence agencies before applying privacy protections.

As NSA whistleblower Edward Snowden, whose only wish is not to see the U.S. turn into a totalitarian state, points out in a tweet Thursday: “Obama just unchained NSA from basic limits on passing raw intercepts to others.

Thanks Obama for saving us from the evil metadata that lurks on the internet and for locking them up for future determination by US intelligence agents.

Let’s just “hope” these agents and law enforcement authorities are intelligent enough to secure the servers and show some respect for people’s rights while passing around the family album among the community.

“Yes we can,” only hope.

AntiMedia reports:

The recent approval of new procedures for an existing executive order will allow the NSA to share the private data it collects with all 16 agencies of the United States intelligence community. The 23-page outline of the new procedures lifts previous limits placed on the way information was filtered before being disseminated to individual agencies.

As he hands the White House to Trump, Obama just unchained NSA from basic limits on passing raw intercepts to others,” NSA whistleblower Edward Snowden tweeted Thursday.

Gone are the already-flimsy privacy protections that required NSA analysts to review data before handing it over to other agencies like the CIA, DEA, DHS, or others. Whereas prior restrictions required analysts to shield the identities of innocent parties and other personal data before sharing only the information deemed pertinent, there are now no filters whatsoever.

All agencies will have the freedom to dig through “raw signals intelligence information” under the new procedures, which were signed by Attorney General Loretta E. Lynch. After evaluating the information, the agencies can apply rules “minimizing” violations of privacy. That’s correct — only after privacy has been violated can it be protected. That’s not exactly how it works, but it is now the law according to Section 2.3 of Executive Order 12333.

The document was originally signed on December 15, 2016, by the director of national intelligence, James R. Clapper Jr. According to Clapper’s general counsel, Robert S. Litt:

This is not expanding the substantive ability of law enforcement to get access to signals intelligence. It is simply widening the aperture for a larger number of analysts, who will be bound by the existing rules.

ACLU lawyer Pat Toomey disagrees, explaining:

Rather than dramatically expanding government access to so much personal data, we need much stronger rules to protect the privacy of Americans. Seventeen different government agencies shouldn’t be rooting through Americans’ emails with family members, friends and colleagues, all without ever obtaining a warrant.

The new procedures require agencies to submit written requests to the NSA describing the raw signals intelligence sought, how it will be used, how it will further its mission in a significant way, and why the information could not be obtained through other sources. While the purpose of Executive Order 12333 is to target foreign and counter-intelligence only, if an agency uncovers information that incriminates an American citizen, the agency is required to turn the evidence over to the Justice Department. Many of the requirements listed in the document for targeting American citizens have been redacted.

And if all else fails, any U.S. Intelligence Agency can legally obtain personal information on any citizen with no warrant under Section 702 of the FISA Amendments Act. However, with these new procedures in place, that may not be necessary anymore.

If Barack Obama is so concerned about a Trump presidency, why is he giving the future president such a terrifying amount of power?

The FBI Is Apparently Paying Geek Squad Members To Dig Around In Computers For Evidence Of Criminal Activity

January 11, 2017 Leave a comment

From the maybe-these-are-the-‘smart-people’-who-can-fix-Comey’s-encryption-&# dept

Source: Tech Dirt

Law enforcement has a number of informants working for it and the companies that already pay their paychecks, like UPS, for example. It also has a number of government employees working for the TSA, keeping their eyes peeled for “suspicious” amounts of cash it can swoop in and seize.

Unsurprisingly, the FBI also has a number of paid informants. Some of these informants apparently work at Best Buy — Geek Squad by day, government informants by… well, also by day.

According to court records, Geek Squad technician John “Trey” Westphal, an FBI informant, reported he accidentally located on Rettenmaier’s computer an image of “a fully nude, white prepubescent female on her hands and knees on a bed, with a brown choker-type collar around her neck.” Westphal notified his boss, Justin Meade, also an FBI informant, who alerted colleague Randall Ratliff, another FBI informant at Best Buy, as well as the FBI. Claiming the image met the definition of child pornography and was tied to a series of illicit pictures known as the “Jenny” shots, agent Tracey Riley seized the hard drive.

Not necessarily a problem, considering companies performing computer/electronic device repair are legally required to report discovered child porn to law enforcement. The difference here is the paycheck. This Geek Squad member had been paid $500 for digging around in customers’ computers and reporting his findings to the FBI. That changes the motivation from legal obligation to a chance to earn extra cash by digging around in files not essential to the repair work at hand.

More of a problem is the FBI’s tactics. While it possibly could have simply pointed to the legal obligation Best Buy has to report discovered child porn, it proactively destroyed this argument by apparently trying to cover up the origin of its investigation, as well as a couple of warrantless searches.

Setting aside the issue of whether the search of Rettenmaier’s computer constituted an illegal search by private individuals acting as government agents, the FBI undertook a series of dishonest measures in hopes of building a case, according to James D. Riddet, Rettenmaier’s San Clemente-based defense attorney. Riddet says agents conducted two additional searches of the computer without obtaining necessary warrants, lied to trick a federal magistrate judge into authorizing a search warrant, then tried to cover up their misdeeds by initially hiding records.

The “private search” issue is mentioned briefly in OC Weekly’s report, but should be examined more closely. Private searches are acceptable, but the introduction of cash payments, as well as the FBI having an official liaison with Best Buy suggests the searches aren’t really “private.” Instead, the FBI appears to be using private searches to route around warrant requirements. That’s not permissible and even the FBI’s belief that going after the “worst of worst” isn’t going to be enough to salvage these warrantless searches.

As Andrew Fleischman points out at Fault Lines, the government’s spin on the paid “private search” issue — that it’s “wild speculation” the Best Buy employee was acting as a paid informant when he discovered the child porn — doesn’t hold up if the situation is reversed. AUSA Anthony Brown’s defensive statement is nothing more than the noise of a double standard being erected.

Flipping the script for a minute, would an AUSA say it was “wild speculation” that a man was a drug dealer when phone records showed he regularly contacted a distributor, he was listed as a drug dealer in a special book of drug dealers, and he had received $500.00 for drugs? Sorry to break it to you, Mr. Brown, but once you start getting paid for something, it’s tough to argue you’re just doing it for the love of the game.

In addition to these problems, the file discovered by the Best Buy tech was in unallocated space… something that points to almost nothing, legally-speaking.

[I]n Rettenmaier’s case, the alleged “Jenny” image was found on unallocated “trash” space, meaning it could only be retrieved by “carving” with costly, highly sophisticated forensics tools. In other words, it’s arguable a computer’s owner wouldn’t know of its existence. (For example, malware can secretly implant files.) Worse for the FBI, a federal appellate court unequivocally declared in February 2011 (USA v. Andrew Flyer) that pictures found on unallocated space did not constitute knowing possession because it is impossible to determine when, why or who downloaded them.

This important detail was apparently glossed over in the FBI’s warrant application to search Rettenmaier’s home and personal devices.

In hopes of overcoming this obstacle, they performed a sleight-of-hand maneuver, according to Riddet. The agents simply didn’t alert Judge Marc Goldman that the image in question had been buried in unallocated space and, thus, secured deceitful authorization for a February 2012 raid on Rettenmaier’s Laguna Niguel residence.

Courts have shown an often-excessive amount of empathy for the government’s “outrageous” behavior when pursuing criminals. The fact that there’s child porn involved budges the needle in the government’s direction, but the obstacles the FBI has placed in its own way through its deceptive behavior may prevent it from salvaging this case.

The case is already on very shaky ground, with the presiding judge questioning agents’ “odd memory losses,” noting several discrepancies between the FBI’s reports and its testimony, and its “perplexing” opposition to turning over documents the defense has requested.

In any event, it appears the FBI has a vast network of informants — paid or otherwise — working for both private companies and the federal government. Considering the FBI is already the beneficiary of legal reporting requirements, this move seems ill-advised. It jeopardizes the legitimacy of the evidence, even before the FBI engages in the sort of self-sabotaging acts it appears to have done here.

Underneath it all is the perplexing and disturbing aversion to adhering to the Fourth Amendment we’ve seen time and time again from law enforcement agencies, both at local and federal levels. Anything that can be done to avoid seeking a warrant, and anything that creates an obfuscatory paper trail, is deployed to make sure the accused faces an even more uphill battle once they arrive in court.

The Surveillance State Did Not Disappear With The Trump Victory

January 9, 2017 Leave a comment

Surveillance photo

( One of the things Donald Trump has really done correctly is to assess his future arena in the areas of intelligence-gathering and operational security.  Trump wants to return to a “courier” method of transmitting sensitive information and classified documents for the purpose of reducing the amount of material that can be hacked or stolen.  There is a subtlety about this for a caveat, in case the compliment has bloomed flowers in your thoughts: the NSA $50 billion facility for collection and storage of data in Utah won’t be shutting down anytime soon.

As Snowden’s exposes clearly pointed out, the government has clearly followed Petraeus’ glowing “internet of things” yellow brick road to form an integrated, interconnected surveillance state.  All CCTV (closed circuit television) systems, all merchants with cameras, all law enforcement cameras…all of the camera surveillance systems everywhere are either tied into data collection immediately or can be accessed for use at a later time.

The latest “Jason Bourne” movie clearly illustrates how the government can utilize devices such as cellular telephones (especially the ones with cameras) to track movements, record conversations, and be a “piggyback” to relay information to a nearby computer or a camera.  This isn’t the future: this is now.

There is an older piece written by Michael Snyder in June of 2013 entitled 27 Edward Snowden Quotes About U.S. Government Spying That Should Send a Chill Up Your Spine.  The information in this article is directly from Edward Snowden that revealed exactly what the government has been doing regarding their total surveillance program…

H.R. 4919 Passes House Allowing Government to Microchip Citizens with “Mental Disabilities”

December 19, 2016 Leave a comment

Source: Q-TV

Though the bill only targets those with conditions such as Alzheimers and autism, critics say the bill’s passage will open a “pandora’s box” of invasive government surveillance.
H.R. 4919:
Nwo Report:

CLAIM: UBER Employees Secretly Tracked Celebs, Politicians, Ex-Spouses…

December 12, 2016 Leave a comment

Caption: Ward Spangenberg, who was hired by Uber in March 2015, says he frequently objected to what he believed were reckless and illegal practices. Spangenberg was fired and is now suing the ride-hailing behemoth.

For anyone who’s snagged a ride with Uber, Ward Spangenberg has a warning: Your personal information is not safe.

Internal Uber employees helped ex-boyfriends stalk their ex-girlfriends and searched for the trip information of celebrities such as Beyoncé, the company’s former forensic investigator said.

“Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses,” Spangenberg wrote in a court declaration, signed in October under penalty of perjury.

After news broke two years ago that executives were using the company’s “God View” feature to track customers in real time without their permission, Uber insisted it had strict policies that prohibited employees from accessing users’ trip information with limited exceptions.

But five former Uber security professionals told Reveal from The Center for Investigative Reporting that the company continued to allow broad access even after those assurances.

Thousands of employees throughout the company, they said, could get details of where and when each customer travels. Those revelations could be especially relevant now that Uber has begun collecting location information even after a trip ends.

Spangenberg is suing the San Francisco-based ride-hailing behemoth for age discrimination (he’s 45) and whistleblower retaliation. He has worked information security jobs for a variety of tech companies. Uber tasked him with helping develop security procedures and responding to problems from around the world.

In addition to the security vulnerabilities, Spangenberg said Uber deleted files it was legally obligated to keep. And during government raids of foreign Uber offices, he said the company remotely encrypted its computers to prevent authorities from gathering information.

After beginning in March 2015, Spangenberg said he frequently objected to what he believed were reckless and illegal practices, and Uber fired him 11 months later.

“I also reported that Uber’s lack of security, and allowing all employees to access this information (as opposed to a small security team) was resulting in a violation of governmental regulations regarding data protection and consumer privacy rights,” he stated in the declaration, referring to requirements that companies notify consumers of any breach of personal information.

Michael Sierchio, a tech industry veteran who was a senior security engineer at Uber from early 2015 until June of this year, agreed that Uber had particularly weak protections for private information.

“When I was at the company, you could stalk an ex or look up anyone’s ride with the flimsiest of justifications,” he said. “It didn’t require anyone’s approval.”

In a statement, Uber said it maintains strict policies to protect customer data and comply with legal proceedings. It acknowledged that it had fired employees for improper access, putting the number at “fewer than 10.”

“We have hundreds of security and privacy experts working around the clock to protect our data,” Uber said in a statement.

“This includes enforcing strict policies and technical controls to limit access to user data to authorized employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated,” the company said.

Uber would not give more details on its technical controls. In practice, the security sources said, Uber’s policy basically relies on the honor system. Employees must agree not to abuse their access. But the company doesn’t actually prevent employees from getting and misusing the private information in the first place, the security sources said.

Uber has a history of data problems

As Uber has rapidly grown to more than 40 million users worldwide, the gig-economy giant has also been dogged by leaks, hacks and privacy scandals.

In 2014, BuzzFeed reported that an Uber official had tracked its reporter’s movements without her permission, around the same time another executive suggested digging up dirt on critical journalists. The controversy – and an entrepreneur’s claim that he was tracked as well – drew attention to the company’s internal God View tool, which provided a real-time aerial view of Uber cars in a city and details of who was inside of them.

It later came out that a data breach that year exposed the personal information of more than 100,000 drivers.

After the embarrassments of 2014, Uber hired chief security officer Joe Sullivan, a prominent tech figure who previously held that post at Facebook and used to be a federal prosecutor. His team drew heavily from Facebook, including chief information security officer John “Four” Flynn.

The Federal Trade Commission, the consumer protection agency, is investigating Uber’s information security practices and recently deposed Sullivan, according to security sources.

Spangenberg and Sierchio – as well as three other former Uber security professionals granted anonymity to confirm their accounts – describe a startup culture that pushed back against security protections in favor of unbridled growth.

“Early on, ‘growth at all costs’ was the mantra, so you can imagine that security was an afterthought,” said Sierchio, whose tech career includes designing video games for Atari in the early 1980s.

Even after Uber assembled a security team, the pushback continued when employees raised concerns, he said.

“One of the things I was told is, ‘It’s not a security company,’” Sierchio said. Spangenberg said he was told the same thing.

As disclosures about God View sizzled on the internet in 2014, the company posted a statement saying that, “Uber has a strict policy prohibiting all employees at every level from accessing a rider or driver’s data. The only exception to this policy is for a limited set of legitimate business purposes.”

Lawmakers, including Sen. Al Franken, D-Minnesota, demanded details about those “legitimate business purposes.” Franken later wrote he was “concerned about the surprising lack of detail in their response.”

Sierchio, who said he was pushed out in June, said the company’s policy limiting access was “never enforced.”

After an investigation by New York Attorney General Eric Schneiderman, Uber settled in January and promised to limit accessto real-time trip data “to designated employees with a legitimate business purpose.”

Even after the attorney general settlement, Spangenberg and Sierchio said thousands of employees could still search Uber’s database to get real-time ride information. The company said it complies with the settlement.

Uber did adopt some reforms. There was a pop-up message warning employees that their activity was being monitored, but few took it seriously, Spangenberg said. Another change flagged searches for customers considered “MVPs.” But that didn’t protect anyone not labeled an MVP, Spangenberg said.

It also changed the name of God View to Heaven View, Spangenberg said.

An internal audit team searched for abnormalities in all the database activity to nab employees tracking customer data illicitly, said Spangenberg, who assisted the investigations. Those they caught were referred to HR to be fired, he said.

“If you knew what you were doing, you could get away with it forever,” Spangenberg said. “The access is always there, so it was a matter of whether you got caught in the noise.”

Many employees, Uber said, need access for reasons such as providing customer refunds and investigating traffic accidents. The company added that it blocks some teams of employees from getting the data without approval, though it did not specify which teams or how the approval process works.

Drivers’ personal details, including Social Security numbers, were also available to all Uber employees, Spangenberg said in his declaration.

Spangenberg said he argued for shutting off access to sensitive data for those who didn’t need it.

“I would say, ‘We can’t keep this information, you can’t allow this information to be stored like this, you can’t leave it all connected like this,’” he said.

Uber, in its statement, said, “We have made significant investment in tightening our access controls during the past several years. Allegations that simply acknowledging our policy in a pop-up window would provide access to customer data for unauthorized employees are not correct in our current environment.”

According to his lawsuit, Uber told Spangenberg he was fired for violating a code of conduct and reformatting his computer, which erases everything on it. He said he deleted and began rebuilding his laptop because it had crashed, and that it was common practice.

He also got in trouble for accessing emails that dealt with his own job performance review. Spangenberg said he was only testing out a program to search company emails. The whole thing was a pretext, he said, to get rid of him.

In court filings, Uber responded that it “generally denies each and every allegation” made by Spangenberg.

Lawsuit says Uber destroyed documents

Spangenberg accuses Uber of destroying information he believed it was obligated to preserve. “Uber routinely deleted files which were subject to litigation holds, which was another practice I objected to,” his declaration says.

A company can face legal penalties or be held in contempt of court for scrubbing evidence it was supposed to keep.

Among his duties, Spangenberg said he was also a point person when foreign government agencies raided company offices abroad.

“Uber would lock down the office and immediately cut all connectivity so that law enforcement could not access Uber’s information,” his declaration states.

In May 2015, for example, the tax agency Revenu Quebec raided Uber’s Montreal office to gather evidence of tax evasion. Spangenberg said he worked from San Francisco to encrypt the office’s computers.

“My job was to just make sure that any time a laptop was seized, the protocol locked the laptops up,” he said.

Indeed, Quebec investigators – armed with a warrant to copy information from Uber computers – went back to a judge to say the computers had been remotely restarted and apparently encrypted, according to court records. They got permission to take the computers with them, but the machines are of little value if the information on them stays encrypted.

Efforts to encrypt data once a government search is in process “raises red flags and serious concerns,” said Judith Germano, a cybersecurity expert and former federal prosecutor.

A company could argue it was protecting sensitive information, she said. But if a judge determined it was a deliberate effort to hide evidence, the judge could impose legal sanctions or fines, and order the company to decrypt the data.

In its statement, Uber said, “We’ve had robust litigation hold procedures in place from our very first lawsuit to prevent deletion of emails relevant to ongoing litigation.” Uber said it has an obligation to protect personal information and that “we cooperate with authorities when they come to us with appropriate legal process.”

Uber challenged the Quebec search warrants in court, but in May, a Canadian judge wrote in French that Uber’s actions had “all the characteristics of an attempt to obstruct justice,” suggesting that “Uber wanted to shield evidence of its illegal conduct.” Uber is still appealing.

Looking back, Spangenberg describes a tangle of questionable practices and gaping vulnerabilities.

“The only information, truthfully, that I ever felt was safe inside of Uber is your credit card information,” he said. “Because it’s not stored by Uber.”


These 2 toys are spying on your kids

December 11, 2016 2 comments

(WND) The Electronic Privacy Information Center previously has complained to the federal government about Web-linked devices that allow companies to spy on Americans.

It has raised concern about the “Internet of Things,” through which “always on” devices such as smartphones, DVR machines and televisions that respond to voice commands are interconnected.

Now it’s turning its attention to My Friend Cayla.

That’s a doll offered by Genesis Toys.

The company declined comment to WND, but it boasts on its website: “My Friend Cayla is a beautiful 18″ interactive doll that offers hours of imaginative play! Cayla can understand and respond to you in real-time about almost anything. Ask her questions about herself, people, places, and things. She’s the smartest friend you will ever have.”

eye photo

Photo by spiterek

The doll’s features prompted EPIC to file a landmark complaint Tuesday with the Federal Trade commission about “toys that spy.”

The allegation is that such toys put children under intense and constant surveillance, violating federal privacy law.

The group said Genesis Toys, and the company that monitors children’s comments, Nuance Communications, “unfairly and deceptively collect, use, and disclose audio files of children’s voices without providing adequate notice or obtaining verified parental consent in violation of the Children’s Online Privacy Protection Act … the COPPA Rule, and Section 5 of the Federal Trade Commission Act.”

“It is incumbent upon the Federal Trade Commission to take action in this matter, and to enjoin Genesis Toys and Nuance Communications from such unlawful activities.”

The complaint alleges the toys “are deployed in homes across the United States without any meangingful data protection standards.”

“They pose an imminent and immediate threat to the safety and security of children in the United States.”

The complaint says that, by design, the toys “record and collect the private conversations of young children without any limitations on collection, use, or disclosure of this personal information.”

Joining EPIC in the request were the Campaign for a Commercial Free Childhood, the Center for Digital Democracy, the Consumer’s Union and the Institute for Public Representation.

The complaint also names the toy maker’s i-QUE Intelligent Robot.

The companion paperwork for My Friend Cayla requests permission to access the hardware, storage, microphone, Wi-Fi connections and Bluetooth on users’ devices, but it fails to disclose to the user the significance of obtaining the permission, said the complaint, which seeks a court order to stop the privacy invasion.

“After establishing a Bluetooth connection with the Cayla and/or i-Que doll, the mobile application connects the doll to the Internet. The Cayla and i-Que applications record and collect conversations between the dolls and children. A child’s statements are converted into text, which is then used by the application to retrieve answers using Google Search, Wikipedia and Weather Underground.”

Some of the pre-programming includes promotions for Disney, such as Cayla telling children her favorite movie is “The Little Mermaid” and her favorite song is “Let it Go” from the movie “Frozen.”

It also is pre-programmed to tell children stories and play games.

Among the details it seeks during signup are the child’s name, parents’ names, favorite program and meal, location of school, favorite toy and “the place I live in.”

Nuance openly admits in its terms of service: “We may use the information that we collect for our internal purposes to develop, tune, enhance, and improve our products and services, and for advertising and marketing consistent with this privacy policy. By using Nuance products and services, you acknowledge, consent and agree that Nuance may collect, process, and use the information that you provide to us and that such information shall only be used by Nuance or third parties acting under the direction of Nuance, pursuant to confidentiality agreements, to develop, tune, enhance, and improve Nuance services and products.”

EPIC noted, however that Nuance services and products also “include biometric solutions sold to military, intelligence and law enforcement agencies.”

“The failure to employ basic security measures to protect children’s private conversations from covert eavesdropping by unauthorized parties and strangers creates a substantial risk of harm because children may be subject to predatory stalking or physical danger,” the complaint warns. “This injury could not reasonably be avoided because children and parents receive no indication that the doll is connected to a device via Bluetooth.

“This failure to employ basic security measures to prevent unauthorized Bluetooth connections is not outweighed by countervailing benefits to consumers or to competition. Therefore, Genesis’ inadequate security measures with respect to My Friend Cayla and i-Que’s Bluetooth technology constitutes unfair acts or practices in violation of [federal law],” it said.

WND previously reported when the FTC said developers of applications for smart phones need to tell consumers their spy software can monitor them.

“These apps were capable of listening in the background and collecting information about consumers without notifying them,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection at that time. “Companies should tell people what information is collected, how it is collected, and who it’s shared with.”

The FTC said its letters “warn the app developers that if their statements or user interface state or imply that the apps in question are not collecting and transmitting television viewing data when in fact they do, that the app developers could be in violation of Section 5 of the FTC Act.”

Previously, the group spotlighted Mattel’s “Hello Barbie,” a WiFi-connected doll with a built-in microphone.

“Hello Barbie records and transmits children’s conversations to Mattel, where they are analyzed to determine ‘all the child’s likes and dislikes.’ … Kids using ‘Hello Barbie’ won’t only be talking to a doll, they’ll be talking directly to a toy conglomerate whose only interest in them is financial,” EPIC said.

Samsung’s Internet-connected SmartTV also has a built-in mic that always is on and “routinely intercepts and records the private communications of consumers in their homes.”

“When the voice recognition feature is enabled, everything a user says in front of the Samsung SmartTV is recorded and transmitted over the Internet to a third party regardless whether it is related to the provision of the service.”

Then there’s Microsoft. Its voice and motion recorder called Kinect “is now installed in Xbox video-game consoles.”

“The Kinect sensor tracks and records users’ voice and hand gestures when users say the word ‘Xbox’ followed by various permissible command options.”

Source:  World Net Daily

%d bloggers like this: