Things that caught our eye

Concerned about Artificial Intelligence? Microsoft chat robot goes nuts

24 Mar, 2016   | by:

A chat bot released by Microsoft this Wednesday, was taken down on Thursday because her self-learning capabilities had turned her into a racist and sex-loving robot who thought that ‘Hitler was right’.

How did that happen? Tay, the chat bot, learned from the conversations she had on Twitter, which apparently was a weakness in her programming. Elle Hunt from The Guardian writes:

“Tay in most cases was only repeating other users’ inflammatory statements, but the nature of AI means that it learns from those interactions. It’s therefore somewhat surprising that Microsoft didn’t factor in the Twitter community’s fondness for hijacking brands’ well-meaning attempts at engagement when writing Tay.”

Read on: The Guardian, ‘Tay, Microsoft’s AI chatbot, gets a crash course in racism from Twitter.’

, ,

Things that caught our eye

What has David Bowie got to do with Privacy?

13 Jan, 2016   | by:

Like all of you, our team here at theiii were devasted to hear about the passing of Bowie… However, without much ado we do not want to refrain from sharing this piece on the International Association of Privacy Professionals (IAPP)’s Website written by @JedBracy.

So check out “David Bowie just proved that privacy is not dead” to get the answer to our Question and read a heartwarming piece about David Bowie.

We’ll be back soon!

, , ,

Things that caught our eye

U.S. Supreme Court Strikes Down Los Angeles Law on Police Access to Hotel Registers

23 Jun, 2015   | by:

The U.S. Supreme Court ruled for consumer privacy 5-4 today in their opinion for California v. Patel. The Court found a Los Angeles law unconstitutional that required hotels to maintain a guest register subject to police inspection at any time – meaning without a warrant. The law was designed to crack down on human trafficking and related crimes. While the Supreme Court found the law overbroad in this instance, the majority opinion provided guidance on how the city could redraft the law within constitutional bounds. For example, “the city could issue administrative subpoenas for the registers, which a hotel could challenge before a ‘neutral decision maker.'”

Source: Supreme Court Strikes Down Los Angeles Law on Police Access to Hotel Registers – WSJ

Things that caught our eye

The end of anonymous domain registration?

23 Jun, 2015   | by:

The Internet Corporation for Assigned Names and Numbers (ICANN) is considering a change in policy concerning the way in which you can register a domain name. ICANN issued a report in 2013 in which it estimated that some 39% of all domain names is registered by a legal person, 33% by a natural person and some 20 % were registered using a privacy or proxy service. It is these latter 20% of registrations using a privacy service, which shields the personal information of the registrant, that the policy change will impact.

What does a privacy proxy service do?

When registering a domain name, the details provided by the registrar are published online for all to see. Anyone who types in a domain name on any whois service, can find out who registered the domain name, and how you can directly contact them (via telephone or postal address). This was particularly handy in the beginnings of the internet, when it was mainly universities and government agencies that were using this WHOIS database to contact one another, however, it has become a headache for some small and medium businesses and individuals these days who do not wish to have their information be published.

To shield this personal information from the public, privacy services or proxy services (the Service Provider) were created, which show the information of the Privacy Service as opposed to the person behind it (the Customer).

What are the proposed changes?

The changes proposed suggest (see in particular Annex E ) that a Service Provider may be required to disclose the information matters of a possible trademark infringer or copyright infringer, if they provide evidence of such alleged infringements. If a request for disclosure (by the Requester) is brought to the Service Provider, they must then promptly notify the Customer of the complaint and disclosure request. The Customer will then have 15 calendar days to respond. If the Customer considers there to be legitimate reason(s) to object to disclosure, they have to give these reasons to the Service Provider who will communicate these to the Requester. Disclosure cannot be refused any longer ‘solely for a lack of any of the following: (i) a court order; (ii) a subpoena; (iii) a pending civil action; (…) nor can refusal to disclose be solely based on the fact that the request is founded on alleged intellectual property infringement in content on a website associated with the domain name.’ The practice of requiring a court order for disclosing information the Privacy Service is protecting, is thus going to be curtailed by the proposed changes.

Public Comment – Consultation on proposed changes.

Not everyone is pleased with these proposals, and a group called ‘Save Domain Privacy’ set up a website where a petition is opened. The group plans on adding the signatures to their statement, which they’ll send in on 7 July 2015. This date is not chosen out of the blue, rather that is also the closing date for ICANN’s Public Comment on the proposal.

, ,

Things that caught our eye

The new privacy-friendly social network: Minds. But is it secure?

19 Jun, 2015   | by:

Yet another social network: Minds. The network is powered by “software that respects your freedom & privacy.” One of its privacy-friendly features is that it allows for end-to-end encrypted private messaging. However, there are some critical vulnerabilities in the social network’s website that need to be fixed before it can really be privacy-friendly.

The network is clearly taking aim at Facebook. Minds founder Bill Otmann told Business Insider that “Our stance is the users deserve the control of social media in every sense”. The Minds team has also opted for a transparent ranking algorithm, which sharply contrasts with Facebook’s timeline ‘black box’.

“For every mobile vote, comment, remind, swipe and upload you earn points which can be exchanged for views on posts of your choice. It’s a new web paradigm that gives everyone a voice” (Wired).

The network seems to have attracted the attention of activist group Anonymous. An Anonymous-affiliated page, ‘ART of Revolution’, put out a call to support the site: “Let us collaborate to help build and other open-source, encrypted networks to co-create a top site of the people, by the people and for the people”.

Interestingly, security company VoidSec put the website of the new social network to the test and found critical vulnerabilities. Some elements, such as the site’s search box, make it possible to inject malicious code into the page that can be used for phishing attacks. According to VoidSec’s report, public messages can easily be deleted. Furthermore, all file-types can be uploaded to the network, making it vulnerable to malware distribution. Although Minds is still in ‘alpha’, these and other issues mentioned in the report quickly need to be fixed before we can take Minds seriously as a privacy-friendly social network.

Update June 19, 2015, 9 AM

Apparently, security company VoidSec reported about the vulnerabilities without giving Minds a chance to actually fix the issues. The company’s Vulnerability Disclosure Policy describes a detailed workflow of how the company deals with vulnerabilities they find. An essential step in the workflow is contacting the developer about the vulnerabilities in order to allow him to fix the issues.

On Twitter, Minds claims that VoidSec has not informed Minds about the vulnerabilities:


Two days ago, VoidSec did mention on a Bugs group page within Minds that there were issues. However, one wonders whether this is the appropriate way to contact Minds about security issues.


Screen Shot 2015-06-19 at 10.04.14





It seems that VoidSec has sought publicity a bit too quickly. After realizing that, I started a Twitter discussion with Voidsec about the discrepancy between their official disclosure policy and the way they dealt with the situation.

The story ends with some good news as Minds has fixed the issues, and both parties have expressed their will to cooperate in the future.

Things that caught our eye

“Revenge porn: Chrissy Chambers and the Search for Justice”

5 Jun, 2015   | by:

A mini-documentary about YouTube-star Chrissy Chambers who became a victim of revenge porn.

You can find the accompanying The Guardian article here.

Things that caught our eye

Of prostitutes, former presidents for motorsports (FIA) and forgetting in the internet

21 May, 2015   | by:

Max Mosley is is the former president of the Fédération Internationale de l’Automobile (FIA) and has been fighting Google for a couple of years now. He has been trying to sue Google for displaying unfortunate pictures of himself at – let’s call it –  a”sex party”. According to Anya Proops, on Panopticon, the question Mosley brought to court against Google

“is an important issue for those data subjects who garner significant public attention within the online environment, as was the case with Mr Mosley. The difficulty for such individuals is that online stories or comments about them can proliferate on the internet at such a rate that they cannot practicably achieve the online amnesia they crave.”

On the other hand, public figures like Mosley will always be in the spotlight and of public interest which is why they probably should refrain from taking part in orgies or alike, just saying…

Just last year, a court in Hamburg decided that Google was no longer allowed to display these unflattering and possibly damaging (to Mosley’s reputation) photos. And last week, Mosley finally settled with Google and everyone is hoping that this is the last we hear about Mosley v Google. It is definitely not the last time we will be discussing the European “Right to be Forgotten”!



, , , , ,

Things that caught our eye

Amazon Kicks Ass: Patent for Prime Air Delivery System Published!

20 May, 2015   | by:

In 2013, Amazon announced that they would start delivering products directly to their customers via drones – Amazon Prime Air. Purchasers would no longer have to wait for days until their order arrived, but could choose the speedy option and drones would deliver everything within hours to their doorstep. “Convenience” was the buzzword pushing forward this project but back then nobody was sure if that would be legal as according to the FAA drones were not allowed to be used for commercial purposes. Here’s Amazon’s letter to the FAA pleading for exemption from this clause. In March this year, the FAA finally allowed Amazon to test their new delivery system which is a big step forward…

And just last week more good news, Amazon’s  patent for their Prime Air Delivery System was published the U.S. Patent and Trademark Office. Is it just a matter of time now, that goods aren’t just purchasable at our fingertips but also deliverable within the hour? Stay tuned, we will be following the developments closely.

For further information on the Prime Air patent click here.

, ,

Things that caught our eye

An algorithm to translate to Emoji

19 May, 2015   | by:

I just came across the “The Emoji Translation Project” on Kickstarter. The project’s aim is to build an emoji translation engine. How do you build such an engine?

“There’s plenty of content around the web in English, but there’s not that much in emoji. Thats why we’re raising money on Kickstarter: we want to pay people to translate sentences into emoji.”

“The end result will be an algorithm capable of translating any phrase from English to emoji (and back, we hope). Along with sharing the data, we’ll make the trained engine publicly available online for anyone to use, just like Google Translate. Just think of something you want to express in emoji, and press “Translate!”

“We will then use those sentences to train a translation engine powered by statistics and machine learning. This method goes beyond a simple find-and-replace system, and actually models how ideas are represented in emoji, and then how simple ideas are composed to communicate complex ideas.”

Below is an example of a translated text that reminds of the movie Lost in Translation.


The project will only be funded if at least $15.000 is pledged by May 21st. As of writing, a little under $6.000 has been pledged, so there is little chance the translation engine will actually see the light of day. After reading Robbie Fordyce’s latest piece on Facebook Stickers, I wonder if Facebook could be interested in the technology. Only 48 hours left to invest!

Check out the project on Kickstarter

Things that caught our eye

Dear Google, tell us what you’re forgetting.

14 May, 2015   | by:

Today marks the one year anniversary of the Google Spain ruling on the ‘right to be forgotten’, or perhaps more accurately ‘the right to delist’. A cohort of 80 (internet) scholars and researchers led by Ellen P. Goodman and Julia Powles have penned an open letter to Google requesting the release of more specific data on their compliance with the ruling. The letter is published in the Guardian today.

They state:

Beyond anecdote, we know very little about what kind and quantity of information is being delisted from search results, what sources are being delisted and on what scale, what kinds of requests fail and in what proportion, and what are Google’s guidelines in striking the balance between individual privacy and freedom of expression interests.

In order to remedy this lack of information, the scholars present a 13 points long list in which they lay down the specifics of their request. Some of their points overlap with the guidelines published by the Article 29 Working Party on the Right to be Forgotten, though not all.

Read the letter to Google in full here.

Full disclosure: one of our own contributors (Stefan Kulk) is one of the undersigned.


Things that caught our eye

Privacy community to Dutch government: Please develop a vision on privacy (with us)

2 Apr, 2015   | by:

A broad coalition of privacy advocates has sent an open letter to the Dutch Minister of Security and Justice today, asking to suspend any activity on bills that: ‘lead to tracking of citizens without any specific and concrete suspicion against them,’ until the government has developed a ‘vision’ about privacy protection of citizens in the Dutch information society. This vision should then be the subject of a public debate facilitated by the Dutch Government, so that the Dutch people may have the fundamental discussion about privacy and technological development it never had. Preferably the debate would be held not only in Parliament, but also outside of Parliament.

The current bills of which they would like to see legislative action suspended until the public debate has taken place are:

  • The bill on Data Retention (a revised bill of the Act that was recently struck down)
  • The bill that would allow automatic numberplate recognition more extensively
  • The bill that would extend the ‘massive and unspecified internet tapping’ to be accessed by the Dutch Secret Service
  • The bill that would allow the police to hack, in the Act on Computercriminality III.
  • The proposed revision of the postal secret laid down in article 13 of the Dutch Constitution, and
  • The bills on source protection in free gathering of news.

This open letter is signed by a large group of privacy researchers, interest groups and groups such as Amnesty International (Netherlands), Bits of Freedom (the Dutch equivalent of the EFF), Dutch Association of Criminal Lawyers, Dutch Association of Journalists, Privacy First Foundation and many others. There is also a website where individuals may sign the letter.

Some of the aforementioned groups were also a party to the recent interim proceedings in which the Dutch Data Retention Act was struck down, (for more on that see our earlier post, with a translation of the ruling attached).

We will update this post with the response of the Government.

Read the open letter in Dutch here.


Things that caught our eye

Oakland coughs up 4.6M license plate scan privacy hairball

24 Mar, 2015   | by:

Ars Technica lets us know that one FOIA request from the cops later  they know where you’ve been. And that means sometimes what you’ve been up to. Here’s looking at you Oakland.

Things that caught our eye

Dutch Data Retention Act is Gone

11 Mar, 2015   | by:

Today the District Court of The Hague ruled the Dutch Data Retention Act inoperable in summary proceedings. You can find the Dutch judgment here. And for those not reading Dutch, we have made a quick unofficial (!) English translation of the judgment, which you can download here.

For many EU Member States it was clear that since the EU Court of Justice on 8 April 2014 had ruled the Data Retention Directive invalid, with retroactive effect, the national implementation laws would also be invalid. The Dutch government opted for a different strategy. It retained (pun intended) the law as is, while thinking about amending the law in the future.

This was deemed an unacceptable course of action by Privacy First, The Dutch Lawyers Committee on Human Rights, The Dutch Association of Journalists and three companies that are providers of telecommunication services and public telecommunication networks. They sued the Dutch State, and today they won.  More…

Things that caught our eye

The Perils of Cyberbullying Legislation

11 Mar, 2015   | by:

Cyberbullying is a term that is commonly used in the media to denote cases that would not necessarily be classified by academics as “cyberbullying.” And “cyberbullying” laws are sometimes enacted in the wake of  “moral panic” around children’s use of technology.  The reach of these laws can extend far beyond addressing child conflict, and has implications for civil liberties. Such comments have been made before in reference to the Canadian province of Nova Scotia’s cyberbullying law. This article by a Canadian privacy and technology lawyer explains why.

Nova Scotia’s cyber bullying law is a disaster.

Things that caught our eye

Drones catching Drones

1 Mar, 2015   | by:

The BBC has a piece describing how to catch a drone. One of the options is to use another drone with a net to catch the intruding drone. A simple but brilliant technology. In the video below you can see a French “interceptor drone” at work.


Things that caught our eye

‘Global Intellectual Property Center’ sends love letter to Trans-Pacific Partnership

24 Feb, 2015   | by:

“Roses are red
Violets are blue
I love the TPP
And so should you”

That’s how the Global Intellectual Property Center’s open love letter to the Trans-Pacific Partnership (TPP) starts off.  The Global Intellectual Property Center is part of the U.S. Chamber of Commerce, which confusingly is not a government agency, but an ordinary lobbying group.

The Center is deeply in love with all aspects of the Trans-Pacific Partnership, including its chapter on intellectual property enforcement: “My creative and innovative talents need your protection. Without trade agreements like you, it would be a long, hard journey to jumpstart our economies.”

As of now, there are no signs the Center will have its heart broken.  The Obama administration is seeking “fast track” authority, or “trade promotion authority”, to further negotiate the TPP without much intervention by the U.S. Congress. It’s now up to Congress to decide whether it will grant that authority. Discussions in Congress have already started.

Hat tip to EFF.

, , ,

Things that caught our eye

Transcript: NSA Director Mike Rogers vs. Yahoo!

24 Feb, 2015   | by:

“Thank you, Admiral. My name is Alex Stamos, I’m the CISO for Yahoo!. … So it sounds like you agree with Director Comey that we should be building defects into the encryption in our products…”

NSA Director Admiral Mike Rogers: “I think we can work through this.”

Transcript: NSA Director Mike Rogers vs. Yahoo! on Encryption Back Doors | Just Security.


Things that caught our eye

Can you hear me now?

20 Feb, 2015   | by:

SIM card makers hacked by NSA and GCHQ leaving cell networks wide open | Ars Technica.

“Using a fake cell tower and holding SIM encryption keys, spies are able to listen into conversations over mobile networks without asking the courts for permission for a wiretap. The method is also difficult to trace, so risk of discovery is low.”

Things that caught our eye

AAPL apps: pot yes, guns not so much

13 Feb, 2015   | by:

Apple’s walled garden is good for ganja, but doesn’t like firearms in promo material. “Designed in California” indeed.

Specifically, this week Apple allowed apps focussed on Marijuana on the App store and and geo-restricted them to US states where sale and consumption is legal.

At the same time, reports from multiple developers suggest that Apple is censoring pictures of firearms from apps’ promotional material and icons.