'Tesco probably knows more about me than GCHQ': Infosec boffins on surveillance capitalism

Cambridge Uni powwow broods on Facebook, Wannacry

Privacy of medical data and the machinations of surveillance capitalism were under the spotlight at a Cambridge University symposium last week.

Much of the day-long event, marking the 20th anniversary of think tank the Foundation for Information Policy Research (FIPR), was spent debating state-backed surveillance in its many forms from bulk data interception to equipment interference. But the discussions also touched upon how privacy was affected by large internet giants.

The systematic data collection by intel agencies has been facilitated by the business models of companies like Facebook and Google. The internet habits of hundreds of millions are collected by these firms in the interests of targeting ads and this data also provides a high source of intelligence for governments as well as presenting a privacy risk in its own right.

"Tesco probably knows more about me than GCHQ," as one delegate put it.

There was little appetite among speakers, who took a generally libertarian view, for tighter regulation against the likes of Facebook, much less dismemberment of the privacy-chaffing social network.

Guy Herbert, the privacy campaigner behind the successful No2ID campaign, said advocates need to think "long and hard" about what concerns individuals about the use of their data.

"What is being collected and how it is being used are distinct things from the point of view of a consumer and people may not be able to take that extra step," Herbert said. "What is interesting is simply trying to get them [the public] to obtain their data as a public information thing."

An audience member pointed out that there was a "lively grass-roots movement" geared towards helping individuals make Subject Access Requests to organisations that hold their data. Online forums have sprung up to make such requests under GDPR.

Journalist Wendy Grossman pointed out that data downloads from Facebook only include information that people have given directly.

She argued that getting people off Facebook isn't a terribly good idea because not being able to volunteer a social media profile can make someone the subject of suspicion in countries such as the US. This makes leaving Facebook problematic for mainstream consumers.

backdoor_648. Pic via Shutterstock

GCHQ bod tells privacy advocates: Most of our work is making sure we operate within the law


The ongoing controversy over the alleged abuse of Facebook data to run an influence and misinformation campaign targeting the 2016 US presidential election has driven the issue up the political agenda.

Anthony Finkelstein, UK government chief scientific adviser for national security and a chair in software systems engineering at University College London, petitioned for research and greater investment in privacy technologies.

"We also need to increase our investment into understanding how complex networks of data interplay," Finkelstein said.

The comments were made during a panel called From personalised ads to personalised warfare?, which closed the event.

An earlier session focused on privacy in health and social care. A doctor attending stressed its importance by referencing historic work she had done on how the Millennium Bug might have affected insulin-dependant diabetics. In the worst case, she said the research suggested diabetics would "all be dead within three to six months" as supplies dried up and labs stopped producing shipments of vital medical supplies.

The growing use of IT technologies in the last 20 years underlines the need to patch or maintain medical devices. The WannaCry outbreak is just one example highlighting healthcare's dependence on IT. Some speakers, including journalist Erich Möchel, argued that the NSA bears a large portion of blame because it created the leaked exploit that WannaCry abused.

But Ian Levy, technical director of the National Cyber Security centre, the defensive arm of GCHQ, argued that there have been hundreds of SMB vulnerabilities and hacks over the years, and the Eternal Blue exploit abused by WannaCry was just another.

"We need to get away from calling these things cyber-weapons and start talking about the impact of these attacks instead," Levy said. "We need to design systems that fail in predictable and safe ways. That will make us much better prepared the deal with things when they do go wrong."

FIPR launched in May 1998 ahead of the UK's Regulation of Investigatory Powers Act (2000). Its work helped the curb some of the most privacy-threatening aspects of the surveillance legislation.

FIPR head Ross Anderson said it isn't a campaigning organisation as such but a think tank that provides the ammunition for others to use.

As well as organising conferences on surveillance, FIPR has researched myriad issues involving privacy, digital rights and cybercrime, and acted as midwife to UK health data privacy advocate medConfidential. ®

Other stories you might like

  • North Korea pulled in $400m in cryptocurrency heists last year – report

    Plus: FIFA 22 players lose their identity and Texas gets phony QR codes

    In brief Thieves operating for the North Korean government made off with almost $400m in digicash last year in a concerted attack to steal and launder as much currency as they could.

    A report from blockchain biz Chainalysis found that attackers were going after investment houses and currency exchanges in a bid to purloin funds and send them back to the Glorious Leader's coffers. They then use mixing software to make masses of micropayments to new wallets, before consolidating them all again into a new account and moving the funds.

    Bitcoin used to be a top target but Ether is now the most stolen currency, say the researchers, accounting for 58 per cent of the funds filched. Bitcoin accounted for just 20 per cent, a fall of more than 50 per cent since 2019 - although part of the reason might be that they are now so valuable people are taking more care with them.

    Continue reading
  • Tesla Full Self-Driving videos prompt California's DMV to rethink policy on accidents

    Plus: AI systems can identify different chess players by their moves and more

    In brief California’s Department of Motor Vehicles said it’s “revisiting” its opinion of whether Tesla’s so-called Full Self-Driving feature needs more oversight after a series of videos demonstrate how the technology can be dangerous.

    “Recent software updates, videos showing dangerous use of that technology, open investigations by the National Highway Traffic Safety Administration, and the opinions of other experts in this space,” have made the DMV think twice about Tesla, according to a letter sent to California’s Senator Lena Gonzalez (D-Long Beach), chair of the Senate’s transportation committee, and first reported by the LA Times.

    Tesla isn’t required to report the number of crashes to California’s DMV unlike other self-driving car companies like Waymo or Cruise because it operates at lower levels of autonomy and requires human supervision. But that may change after videos like drivers having to take over to avoid accidentally swerving into pedestrians crossing the road or failing to detect a truck in the middle of the road continue circulating.

    Continue reading
  • Alien life on Super-Earth can survive longer than us due to long-lasting protection from cosmic rays

    Laser experiments show their magnetic fields shielding their surfaces from radiation last longer

    Life on Super-Earths may have more time to develop and evolve, thanks to their long-lasting magnetic fields protecting them against harmful cosmic rays, according to new research published in Science.

    Space is a hazardous environment. Streams of charged particles traveling at the speed of light, ejected from stars and distant galaxies, bombard planets. The intense radiation can strip atmospheres and cause oceans on planetary surfaces to dry up over time, leaving them arid and incapable of supporting habitable life. Cosmic rays, however, are deflected away from Earth, however, since it’s shielded by its magnetic field.

    Now, a team of researchers led by the Lawrence Livermore National Laboratory (LLNL) believe that Super-Earths - planets that are more massive than Earth but less than Neptune - may have magnetic fields too. Their defensive bubbles, in fact, are estimated to stay intact for longer than the one around Earth, meaning life on their surfaces will have more time to develop and survive.

    Continue reading

Biting the hand that feeds IT © 1998–2022