SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
privacy
CFPB Wants to Rein In Predatory Data Brokers—But Can't If Musk 'Deletes' Agency
"This rule would be a major win for the privacy rights of Americans and is the kind of bipartisan, commonsense action that should be protected and encouraged by politicians in both parties."
Dec 03, 2024
Considering billionaire entrepreneur Elon Musk's concerns about data privacy, advocates on Tuesday suggested he should welcome the Consumer Financial Protection Bureau's newly proposed rule that would stop data brokers from selling people's personal information.
"But they can't do it if you 'delete CFPB,'" grassroots group Demand Progress warned Musk in a post on social media, referring to his remark last week that the bureau is one of the "duplicative regulatory agencies" that he plans to dismantle as the head of a proposed government agency under President-elect Donald Trump.
Demand Progress applauded CFPB Director Rohit Chopra's announcement on Tuesday of a proposed rule that would limit the sale of personal information like Social Security numbers and phone numbers to ensure data brokers don't sell sensitive data to scammers.
Under the rule, the CFPB would clarify that when data brokers sell certain consumer data they are acting as "consumer reporting agencies" as defined by the Fair Credit Reporting Act (FCRA), which requires them to comply with accuracy requirements and maintain safeguards.
"Until now," said Demand Progress, "data brokers have been able to sell our personal information to the highest bidder—including scammers, blackmailers, and stalkers."
Emily Peterson-Cassin, corporate power director for Demand Progress Education Fund, said the agency "should be applauded for standing up to data brokers and working to rein in the sale of sensitive information about us, which can also end up in the hands of foreign governments."
"This groundbreaking rule offers a needed solution for Americans who are sick and tired of being inundated by scam texts, calls, and emails—often from fraudsters who have been able to buy our data for mere pennies," said Peterson-Cassin. "If finalized, this rule would be a major win for the privacy rights of Americans and is the kind of bipartisan, commonsense action that should be protected and encouraged by politicians in both parties."
Demand Progress was also among the groups that tied the announcement to a recent comment by Musk about a report that data brokers sell data about military personnel to unknown buyers for as little as 12 cents.
Musk called the report "concerning" in a Nov. 17 post on X.
"Good news, Elon!" said the organization, informing him of the proposed rule—before warning that Musk's own plan to gut the CFPB would embolden the very data brokers he expressed concern about.
"Guess which federal agency just proposed a rule cracking down on those data brokers selling the data of U.S. military personnel?" added the Electronic Privacy Information Center.
The CFPB said its proposal would also address other "critical threats from current data broker practices," including:
- The ability of countries such as China or Russia to purchase detailed data about government employees, enabling governments to create "detailed dossiers for potential espionage, surveillance, or blackmail operations";
- The targeting of vulnerable consumers like senior citizens and financially distressed people by identity thieves and scammers, who purchase detailed financial profile and use the data to steal retirement savings or commit fraud;
- Violence, stalking, and personal safety threats to domestic violence survivors, judges, or government employees, who can "face grave dangers when their current addresses and phone numbers are readily available for purchase through data brokers."
The CFPB introduced the rule after finding that "data brokers routinely sidestep the FCRA by claiming they aren't subject to its requirements."
U.S. Sen. Ron Wyden (D-Ore.), who for years has called on the CFPB to address the threats of data brokers, toldThe Washington Post that he has concerns the rule won't go into effect once Trump takes office.
"Unfortunately," said Wyden, "it will be up to Trump's CFPB to finalize this."
Bartlett Naylor, a financial policy advocate for Public Citizen, said the proposed protections would protect Americans from the $250 billion-per-year data sales business.
"All of us leave our financial fingerprints everywhere, every day, between credit card swipes, internet communications, and more. Thieves, loan sharks, stalkers, even foreign espionage agents can exploit gaping holes in credit reporting enforcement that the CFPB is rightly proposing to repair," said Naylor.
"A Republican-led congressional committee investigated this last year, a reminder that this isn't a partisan issue," Naylor added. "No one should side with data predators."
Keep ReadingShow Less
The Fight Against Fascism Starts on Campus
Colleges are ahead of the curve when it comes to surveillance creep, and the ivory panopticon will only get worse as surveillance technologies get more advanced.
Nov 17, 2024
With the significant red shift this election, led by a man who is described by many as a fascist, resisting and reversing fascist creep is more important now than ever. Even at our supposedly most liberal institutions, we have seen increasingly unreasonable overreactions to dissent dictated not through democratic means, but through authoritarian decree.
Take, for example, the University of Pennsylvania. Early in the morning on October 18, a dozen armed university police stormed an off-campus student house to issue a warrant related to the throwing of red paint on a campus statue on September 12 as part of pro-Palestinian protests—red paint that was pressure-washed off within hours. Would UPenn faculty agree that an armed raid is an appropriate response to their own students who are angry and feeling helpless against the injustice of tens of thousands killed in Gaza? Where is shared and democratic governance when it comes to protest response on campus?
Penn Students Against the Occupation announced the paint incident on Instagram as being done by an “autonomous group.” They included a grainy video clip of a masked individual (let’s call them Sam) throwing the paint, echoing protest tactics used for decades from PETA showing disgust in fur coats to Just Stop Oil activists highlighting the hypocrisy of the attention paid to art versus the climate. Sam, presumably a student, clearly did not want to be caught—most likely because they saw how UPenn responded to protests last academic year—with arrests and academic sanctions and increased rules that prohibit protest activities like chalking and civil disobedience, including interrupting a guest speaker. Students know that if they want to be heard but don’t want to risk expulsion, they need to turn to subterfuge. And on a residential university campus, this is particularly tricky.
For free expression, students and faculty need to feel safe in expressing their ideas that push the boundaries of their institution, and they won’t feel safe to do that with complete surveillance of their activities.
While we are all subject to daily state and corporate surveillance of our activities, college campuses are unique examples of Foucault’s panopticon. Colleges serve as internet service provider, landlord, doctor, corner store, laundromat, gym, department of public safety, and, oh right, educator. And they have access to data for all those services, all handily linked to a student ID, collected in one place densely covered by surveillance cameras. What is unique about colleges compared to the broader U.S. is that the surveillance data is held by one institution rather than many. U.S. colleges are also known to employ analytics on their surveillance data: automated license plate reading, social media monitoring, face recognition, device tracking. Sam would have been easily identifiable despite wearing a mask if their phone automatically connected to campus wifi or if they were caught on camera without a mask approaching the scene.
Universities will say this surveillance is for the students—for their safety, health, and success. Yes, campus shootings are real and scary, but surveillance measures have a very limited ability to stop them. Yes, our youth are experiencing a mental health crisis, but monitoring student’s online behavior hasn’t proven to help either. Visible security has been shown to not increase student success, and if we need to track students to make them go to class are we really legitimizing the existence of higher education? The level of surveillance that universities engage in is more reminiscent of that undertaken by fascist and other authoritarian systems than means to support education.
But perhaps universities simply are fascist. After all, they are led by appointment rather than election. They are capitalist, in competition with one another to accumulate enrollment bases. They have their own rules and policies including strict guidelines on student conduct, which in many instances go far beyond those of broader society. They are awash with unbridled nationalism school pride with a deep hatred of other schools’... colors. And sadly, they have resorted to police intimidation and violence against student protesters of university policies, or allowed truly violent opponents to do this on their behalf.
When, last spring, universities set up mobile surveillance units (MSUs), either rented from private companies or on loan from the Department of Homeland Security, around peaceful and non-destructive protest encampments, it became hard to view campus surveillance as anything but a tool to maintain the institutional status quo. Particularly when those MSUs likely didn’t have any capabilities beyond what the campuses already had. They only served to remind students and faculty that the university is watching, and it is watching because it doesn’t approve.
This all makes universities sound like the fascist institutions that Vice President-elect JD Vance wants and that Florida Gov. Ron DeSantis is building rather than bastions of academic freedom and liberalism run by shared governance.
From private schools like Brown and UPenn to publics like UCLA and UC Davis, universities grossly overreach in their responses to students protesting injustice. For faculty and students to have a stake in campus response to protest, they need to start with a say in campus surveillance. There is no academic freedom or freedom of expression without privacy. FERPA, the federal law that governs student privacy, really only keeps student information from leaving the ivory tower. Universities need privacy policies that govern how information is shared and used within campus.
Colleges are ahead of the curve when it comes to surveillance creep, and the ivory panopticon will only get worse as surveillance technologies get more advanced. For free expression, students and faculty need to feel safe in expressing their ideas that push the boundaries of their institution, and they won’t feel safe to do that with complete surveillance of their activities. Which means the subjects of surveillance need to have a say in the surveillance. Students and faculty ought to demand answers as to why their institutions collect the data they do. They ought to demand evidence that their data policies holistically support student safety, health, and success. They ought to demand clarity as to whether their institution is being run as a Vance-approved or a DeSantis-built campus or as a place for academic freedom and legitimate higher education.
But then, will they be able to make these demands without being expelled or fired?
Keep ReadingShow Less
Rights Advocates Demand Probe Into Reports That Israel Uses WhatsApp to Target Palestinians
"The Israeli Lavender system, supported by artificial intelligence, identifies Palestinians by tracking their communications via WhatsApp or the groups they join," said a Palestinian digital rights group.
May 18, 2024
The Palestinian digital rights group Sada Social on Saturday called for an investigation into Israel's alleged use of WhatsApp user data to target Palestinians with its AI system, Lavender.
The group, which is affiliated with the Al Jazeera Media Institute and Access Now, accused Meta, which owns WhatsApp, of fueling "the 'Lavender' artificial intelligence system used by the Israeli military to kill Palestinian individuals within the Gaza enclave."
As Common Dreamsreported in April, the Israel Defense Forces has relied on AI systems including Lavender to target people Israel believes to be Hamas members.
At +972 Magazine, Israeli journalist Yuval Abraham wrote that a current commander of an elite Israeli intelligence unit pushed for the use of AI to choose targets in Gaza. The commander wrote in a guide book to create the system that "hundreds and thousands" of features can be used to select targets, "such as being in a WhatsApp group with a known militant, changing cell phone every few months, and changing addresses frequently."
Sada Social asserted that it had found the Lavender system uses WhatsApp data to select targets.
"The reports monitored by the Sada Social Center indicate that one of the inputs to the 'Lavender' system relies on data collected from WhatsApp groups containing names of Palestinians or activists who are wanted by 'Israel,'" said the group in a press release. "The Israeli Lavender system, supported by artificial intelligence, identifies Palestinians by tracking their communications via WhatsApp or the groups they join."
The mention of Israel's use of WhatsApp data in Abraham's reporting also caught the attention last month of Paul Biggar, founder of Tech for Palestine.
"There's a lot wrong with this—I'm in plenty of WhatsApp groups with strangers, neighbors, and in the carnage in Gaza you bet people are making groups to connect," wrote Biggar. "But the part I want to focus on is whether they get this information from Meta. Meta has been promoting WhatsApp as a 'private' social network, including 'end-to-end' encryption of messages."
"Providing this data as input for Lavender undermines their claim that WhatsApp is a private messaging app," he wrote. "It is beyond obscene and makes Meta complicit in Israel's killings of 'pre-crime' targets and their families, in violation of international humanitarian law and Meta's publicly stated commitment to human rights. No social network should be providing this sort of information about its users to countries engaging in 'pre-crime.'"
Others have pointed out that Israel may have acquired WhatsApp data through means other than a leak by Meta.
Journalist Marc Owen Jones said the question of "Meta's potential role in this is important," but noted that informants, captured devices, and spyware could be used by Israel to gain Palestinian users' WhatsApp data.
Bahraini activist Esra'a Al Shafei, founder of Majal.org, told the Middle East Monitor that the reports that WhatsApp user data has been used by the IDF's AI machine demonstrate why privacy advocates warn against the collection and storage of metadata, "particularly for apps like WhatsApp, which falsely advertise their product as fully private."
"Even though WhatsApp is end-to-end encrypted, and claims to not have any backdoors to any government, the metadata alone is sufficient to expose detailed information about users, especially if the user's phone number is attached to other Meta products and related activities," Al Shafei said. "This is why the IDF could plausibly utilize metadata to track and locate WhatsApp users."
While Meta and WhatsApp may not necessarily be collaborating with Israel, she said, "by the very act of collecting this information, they're making themselves vulnerable to abuse and intrusive external surveillance."
In turn, "by using WhatsApp, people are risking their lives," she added.
A WhatsApp spokesperson told Anadolu last month that "WhatsApp has no backdoors and we do not provide bulk information to any government," adding that "Meta has provided consistent transparency reports and those include the limited circumstances when WhatsApp information has been requested."
Al Shafei said Meta must "fully investigate" how WhatsApp's metadata may be used "to track, harm, or kill its users throughout Palestine."
"WhatsApp is used by billions of people and these users have a right to know what the dangers are in using the app," she said, "or what WhatsApp and Meta will do to proactively protect them from such misuse."
Keep ReadingShow Less
Most Popular