Hello again everyone, I hope you are all well. Just a quick newsletter this time with no main story. I’ll be back next week with another longer piece.
Thanks again to everyone who has read and subscribed. Please consider sharing this post with someone else if you find this newsletter useful.
This Week’s News
1: New York’s Surveillance Overhaul
The New York City Council passed a bill this week requiring police to disclose their use of drones and other surveillance equipment.
The bill, called the Public Oversight of Surveillance Technology (POST) Act, was first drafted three years ago but gained renewed attention following recent protests.
The bill, which passed on Thursday by a vote of 44-6, will require the descriptions of information collected by drones, license plate readers, cameras, cell-site simulators (stingrays), and other monitoring devices.
In addition to the disclosures, the bill also requires the NYPD to develop new policies on how it uses and deploys these tools in the future.
The passage of the POST Act is a direct response to the recent worldwide protests over police violence.
Recent media reports found a flurry of surveillance technologies may have been used to track and monitor Black Lives Matter protestors.
Dozens of civil liberty groups, including the ACLU, expressed support for the bill.
70 of these civil liberties groups sent a joint letter to New York’s city council last year warning of the police department’s “highly invasive” use of surveillance.
While advocates had tried to push the bill forward in the past, it was routinely met with stark opposition from local politicians.
New York mayor Bill de Blasio, and other prominent local politicians, have long opposed the bill but abruptly changed their tune, presumably due to the recent protests.
Many of those opposed to the bill, including representatives of law enforcement agencies, have argued that disclosing surveillance methods would give criminals a tactical advantage and hinder police work.
Alan Feuer, The New York Times, Kyle Wiggers, Venture Beat
2: Malicious Google Chrome Extensions Spied on Millions of Users
Researchers discovered a gaggle of Google Chrome extensions loaded with spyware that was download at least 32 million times.
The researchers, from Awake Security, found at least 70 different infected Chrome extensions which, once downloaded, would surreptitiously collect troves of personal information.
Many of the extensions, according to Reuters, pretended to warn users about insecure websites or offered free file conversions. In reality, the apps were secretly sucking up browsing history and personal information that could be used to break into accounts.
The extensions were reportedly designed to sneak past anti-virus software.
It’s unclear who was behind the coordinated attack, but it scale suggests the possibility of nation-state involvement.
All of the 15,000 compromised domain names were reportedly purchased from a small register in Israel.
Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organized crime,” former National Security Agency engineer Ben Johnson told Reuters.
Google lauds Chrome as a simple but secure browser, but the attack may make some reconsider the company’s commitment to security.
“This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains,” Gary Golomb one of the lead researchers said.
Google said it removed the more than 70 malicious apps after they received word from the researchers.
This disclosure represents the most far-reaching Chrome attack to date, based on the number of downloads.
3: Zoom Implicated in Chinese Censorship
The video conferencing platform confirmed reports this week that it had shut down the accounts of US and Hong Kong advocates who spoke critically of the Chinese government.
The suspended accounts reportedly included an online commemoration of the Tienneament Square massacre. Zoom admitted to censoring the context at the request of the Chinese government in a blog post this week.
Representatives from the Chinese government contested the meeting violated Chinese law and demanded Zoom remove them, however, later reports found that none of the three shut down meetings were actually conducted by Chinese users.
Two of the meetings reportedly belonged to US activists and the third was hosted by a user in Hong Kong.
Zoom has faced several months of repeated privacy woes.
The company saw a mammoth surge in users during the coronavirus pandemic with millions of people suddenly finding themselves in need of the work from home solutions.
Many flocked to Zoom only to find it was insecure. Zoombombing plagued the platform for weeks before being address and additional reporting found that the company was less than honest about who it sold personal user data to.
Zoom is currently fighting a class-action lawsuit over its alleged misuse of personal data.
In response to the censorship news, a bipartisan group of US senators penned a letter to Eric Yuan, the company’s CEO.
"Your company has admitted that it did so [issue the shut downs] at the request of the Chinese government to comply with the laws of the People's Republic of China (PRC), because some of the participants resided inside the PRC,” the senators wrote. “Zoom's millions of daily users across the world who support and demand basic freedoms deserve answers.”
The bottom line: There are many video conferencing solutions out there and it’s becoming more and more clear Zoom is compromised on multiple levels. If you are still using it, now’s the time to jump ship.
4: Amazon Warehouse Workers Are One Step Closer to Going Full Cyborg
Workers at Amazon fulfillment centers will soon be constantly monitored by cameras and software that can determine whether or not they are practicing social distancing.
The decision comes after months of complaints from workers who have claimed they have felt unsafe while working in the facilities during the pandemic.
The camera systems, which the company calls “Distance Assistants,” will flash red when a worker walk past to it to alert them that they are less than six feet away from a co-worker.
The cameras are hooked up to a 50-inch monitor and a local computing device loaded with Amazon software
According to MSNBC, the cameras and monitors will be rolled out primarily in high traffic areas such as the warehouse floors and entrances and exits.
In addition to the cameras, Amazon is also reportedly testing out a wearable bracelet that lights up if they are too close to another worker.
Only a few warehouses are currently using the cameras, but the company plans to roll the system out to hundred of facilities in the coming weeks. While the monitoring is meant as a practical way to continue working safely during a global pandemic, it’s omnipresent uses raises some privacy concerns.
Amazon workers already wear bracelets that use directional vibrations to point their hands towards objects and in 2016 the company patented (but has since abandoned) what amounts to a “cage” to transport workers.
5: Russia’s New “Orwellian” School Surveillance System
Russia’s rolling out a massive school surveillance system and it’s called … Orwell
The new security system, first reported by The Moscow Times, will reportedly track students and attempt to determine if there are unauthorized people on campus.
Students and faculty are monitored by cameras equipped with thermal imaging and algorithms developed by tech firm Elvees Neotech.
In what was presumably meant to be a joke, the surveillance system is named after George Orwell, whose last name has become an adjective synonymous with mass surveillance.
“Orwell,” has reportedly been set up in 1,608 schools so far and will expand to 43,000 more.
Long Reads/Food for Thought
A long overdue curb on NYPD spying
By Albert Fox Chan and Zachary Silver for the New York Daily News
How to Spot Police Surveillance Tools
By Kristina Libby for Popular Mechanics
Tech Firms Are Spying on You. In a Pandemic, Governments Say That’s OK.
By Sam Schechner, Kirsten Grind, and Patience Haggin for The Wall Street Journal.
Thoughts? I want to know what you think! This newsletter is a living, evolving, work and it is meant to be a helpful resource to keep you informed and engaged with the ways emerging technologies are impacting daily life. Please send all comments, questions, corrections, criticism, and hate (lemme have it) to thestateofsurveillance@gmail.com.
If you found this newsletter beneficial, you can help keep it going by sharing it online or (better yet) telling a friend about it. To help support the newsletter in more tangible ways you can make a donation of any amount to my Venmo account below. Any and all support is greatly appreciated.
Follow the State of Surveillance on Twitter @state_of_spies
Follow me on Twitter @mackdegeurin
Support this newsletter with a Venmo donation to @Mack-DeGeurin