being repeatedly told that the American election process is deeply corrupted.

In fact, Mr. Mastriano’s candidacy has from its inception been propelled by his role in disputing the 2020 presidential election lost by Mr. Trump.

county by county, but election experts say they do not reflect factors as benign as changes in addresses.

“They’re in search of solutions to a problem that doesn’t exist,” Kyle Miller, a Navy veteran and state representative for Protect Democracy, a national advocacy organization, said in an interview in Harrisburg. “They are basing this on faulty data and internet rumors.”

Some Republican lawmakers have leaned on false claims to call for changes to rules about mail-in ballots and other measures intended to make it easier for people to vote. Several counties have already reversed some of the decisions, including the number and location of drop boxes for ballots.

Mr. Miller, among others, warned that the flurry of false claims about balloting could be a trial run for challenging the results of the presidential election in 2024, in which Pennsylvania could again be a crucial swing state.

In Chester County, a largely white region that borders Delaware and Maryland that is roughly split between Republicans and Democrats, the effort to sow confusion came the old-fashioned way: in the mail.

Letters dated Sept. 12 began arriving in mailboxes across the county, warning people that their votes in the 2020 presidential election might not have counted. “Because you have a track record of consistently voting, we find it unusual that your record indicates that you did not vote,” the letter, which was unsigned, said.

The sender called itself “Data Insights,” based in the county seat of West Chester, though no known record of such a company exists, according to county officials. The letters did include copies of the recipients’ voting records. The letters urged recipients to write to the county commissioners or attend the commission’s meetings in the county seat of West Chester, in September and October. Dozens of recipients did.

The county administrator, Robert J. Kagel, tried to assure them that their votes were actually counted. He urged anyone concerned to contact the county’s voter services department.

Even so, at county meetings in September and October, speaker after speaker lined up to question the letter and the ballot process generally — and to air an array of grievances and conspiracy theories.

They included the discredited claims of the film “2000 Mules” that operatives have been stuffing boxes for mail-in ballots. One attendee warned that votes were being tabulated by the Communist Party of China or the World Economic Forum.

“I don’t know where my vote is,” another resident, Barbara Ellis of Berwyn, told the commissioners in October. “I don’t know if it was manipulated in the machines, in another country.”

As of Oct. 20, 59 people in Chester County had contacted officials with concerns raised in the letter, but in each case, it was determined that the voters’ ballots had been cast and counted, said Rebecca Brain, a county spokesman.

Who exactly sent the letters remains a mystery, which only fuels more conspiracy theories.

“It seems very official,” Charlotte Valyo, the chairwoman of the Democratic Party in the county, said of the letter. She described it as part of “an ongoing, constant campaign to undermine the confidence in our voting system.” The county’s Republican Party did not respond to a request for comment.

Disinformation may not be the only cause of the deepening partisan chasm in the state — or the nation — but it has undoubtedly worsened it. The danger, Ms. Valyo warned, was discouraging voting by sowing distrust in the ability of election officials to tally the votes.

“People might think, ‘Why bother, if they’re that messed up?’”

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

TikTok’s CEO Navigates the Limits of His Power

TikTok recently tried to tamp down concerns from U.S. lawmakers that it poses a national security threat because it is owned by the Chinese internet company ByteDance. The viral video app insisted it had an arm’s-length relationship with ByteDance and that its own executive was in charge.

“TikTok is led by its own global C.E.O., Shou Zi Chew, a Singaporean based in Singapore,” TikTok wrote in a June letter to U.S. lawmakers.

But in fact, Mr. Chew’s decision-making power over TikTok is limited, according to 12 former TikTok and ByteDance employees and executives.

Zhang Yiming, ByteDance’s founder, as well as by a top ByteDance strategy executive and the head of TikTok’s research and development team, said the people, who declined to be identified for fear of reprisals. TikTok’s growth and strategy, which are led by ByteDance teams, report not to Mr. Chew but to ByteDance’s office in Beijing, they said.

increasingly questioned TikTok’s data practices, reigniting a debate over how the United States should treat business relationships with foreign companies.

On Wednesday, TikTok’s chief operating officer testified in Congress and downplayed the app’s China connections. On Thursday, President Biden signed an executive order to sharpen the federal government’s powers to block Chinese investment in tech in the United States and to limit its access to private data on citizens.

a March interview with the billionaire investor David Rubenstein, whose firm, the Carlyle Group, has a stake in the Chinese giant. Mr. Chew added that he had become familiar with TikTok as a “creator” and amassed “185,000 followers.” (He appeared to be referring to a corporate account that posted videos of him while he was an executive at Xiaomi, one of China’s largest phone manufacturers.)

Jinri Toutiao. The two built a rapport, and an investment vehicle associated with Mr. Milner led a $10 million financing in Mr. Zhang’s company that same year, three people with knowledge of the deal said.

The news aggregator eventually became ByteDance — now valued at around $360 billion, according to PitchBook — and owns TikTok; its Chinese sister app, Douyin; and various education and enterprise software ventures.

By 2015, Mr. Chew had joined Xiaomi as chief financial officer. He spearheaded the device maker’s 2018 initial public offering, led its international efforts and became an English-speaking face for the brand.

“Shou grew up with both American and Chinese language and culture surrounding him,” said Hugo Barra, a former Google executive who worked with Mr. Chew at Xiaomi. “He is objectively better positioned than anyone I’ve ever met in the China business world to be this incredible dual-edged executive in a Chinese company that wants to become a global powerhouse.”

In March 2021, Mr. Chew announced that he was joining ByteDance as chief financial officer, fueling speculation that the company would go public. (It remains privately held.)

appointed Mr. Chew as chief executive, with Mr. Zhang praising his “deep knowledge of the company and industry.” Late last year, Mr. Chew stepped down from his ByteDance role to focus on TikTok.

Kevin Mayer, a former Disney executive, left after the Trump administration’s effort to sunder the app from its Chinese parent. China was also cracking down on its domestic internet giants, with Mr. Zhang resigning from his official roles at ByteDance last year. Mr. Zhang remains involved in decision making, people with knowledge of ByteDance said.

Mr. Chew moved to establish himself as TikTok’s new head during visits to the app’s Los Angeles office in mid-2021. At a dinner with TikTok executives, he sought to build camaraderie by keeping a Culver City, Calif., restaurant open past closing time, three people with knowledge of the event said. He asked attendees if he should buy the establishment to keep it open longer, they said.

a TikTok NFT project involving the musical artists Lil Nas X and Bella Poarch. He reprimanded TikTok’s global head of marketing on a video call with Beijing-based leaders for ByteDance after some celebrities dropped out of the project, four people familiar with the meeting said. It showed that Mr. Chew answered to higher powers, they said.

Mr. Chew also ended a half-developed TikTok store off Melrose Avenue in Los Angeles, three people familiar with the initiative said. TikTok briefly explored obtaining the naming rights of the Los Angeles stadium formerly known as the Staples Center, they said.

He has also overseen layoffs of American managers, two people familiar with the decisions said, while building up teams related to trust and safety. In its U.S. marketing, the app has shifted its emphasis from a brand that starts trends and conversations toward its utility as a place where people can go to learn.

In May, Mr. Chew flew to Davos, Switzerland, for the World Economic Forum, speaking with European regulators and ministers from Saudi Arabia to discuss digital strategy.

June letter to U.S. lawmakers, he noted that ByteDance employees in China could gain access to the data of Americans when “subject to a series of robust cybersecurity controls.” But he said TikTok was in the process of separating and securing its U.S. user data under an initiative known as Project Texas, which has the app working with the American software giant Oracle.

“We know we’re among the most scrutinized platforms,” Mr. Chew wrote.

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Los Angeles Unified School District Targeted In Cyberattack

By Associated Press
September 6, 2022

The nation’s second-largest school district was hit with a ransomware attack that was “likely criminal in nature,” district officials said.

The huge Los Angeles Unified School District’s information technology systems were targeted by an external cyberattack during the Labor Day weekend, officials said.

Despite the ransomware attack, schools in the nation’s second-largest district were scheduled to open as usual Tuesday morning, a statement said. Such attacks have become a growing threat to U.S. schools, with several high-profile incidents reported since last year as pandemic-forced reliance on technology increases the impact.

The district said the investigation and response involved the White House, the U.S. Department of Education, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Although the district characterized the cyberattack as a “significant disruption to our system’s infrastructure,” officials did not expect major issues with instruction or such services as transportation and food, but business operations might be delayed or modified.

A ransomware extortion attack in Albuquerque’s biggest school district forced schools to close for two days in January. At the time, the superintendent said virtual schooling in light of the pandemic offered more ways for hackers to access the district’s system.

Additional reporting by The Associated Press.

Source: newsy.com

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Chile Votes on Constitution That Would Enshrine Record Number of Rights

SANTIAGO, Chile — Voters in Chile on Sunday could transform what has long been one of Latin America’s most conservative countries into one of the world’s most left-leaning societies.

In a single ballot, Chileans will decide whether they want legal abortion; universal public health care; gender parity in government; empowered labor unions; greater autonomy for Indigenous groups; rights for animals and nature; and constitutional rights to housing, education, retirement benefits, internet access, clean air, water, sanitation and care “from birth to death.”

It is perhaps the most important vote in the 204-year history of this South American nation of 19 million — a mandatory, nationwide plebiscite on a written-from-scratch constitution that, if adopted, would be one of the world’s most expansive and transformational national charters.

legalized divorce only in 2004, would suddenly have more rights enshrined in its constitution than any other nation. If they reject it, Chile would have little to show for what had once been seen as a remarkable political revolution.

the new administration of President Gabriel Boric, a tattooed, 36-year-old former student-protest leader who took office in March, but has quickly faced plummeting approval ratings amid rising inflation and crime. The constitution would enable Mr. Boric to carry out his leftist vision, while rejection could mire his term in more political fighting about what to do next.

A year ago, most Chileans would have bet that the country would embrace the proposed constitution. There has long been widespread discontent with the current constitution, which has roots in the brutal dictatorship of Gen. Augusto Pinochet, who ruled from 1973 until 1990.

In 2019, nationwide protests that left 30 people dead led Chile’s political leadership to grant a referendum on the constitution. A year later, nearly four out of five Chileans voted to replace it.

banned all forms of abortion until 2017, when it legalized the procedure only in cases of rape, an unviable fetus or a threat to the mother’s life.

some of the most expansive rights for Indigenous people anywhere, according to experts.

protesting in a Pikachu costume. Seventeen seats also went to Indigenous people.

Leftists won more than two-thirds of the convention’s seats, putting them in full control of the process since a two-thirds majority was necessary to add measures.

The motley crew deciding Chile’s future drew unwanted attention at times. There was the woman who gave a speech bare-chested and the man who left his camera on while showering during a remote vote. Many voters felt that the convention was not taking the process seriously.

“The behavior of the convention members pushed people away the most,” said Patricio Fernández, a leftist writer who was a convention member.

In recent months, Chileans have been bombarded with marketing from the “apruebo” and “rechazo” campaigns, some of it misleading, including claims that the constitution would allow abortion in the ninth month of pregnancy and ban homeownership.

On Thursday night, each side held closing rallies. Hundreds of thousands of “apruebo” supporters packed downtown Santiago and watched concerts by famous Chilean music acts, from rap to Andean folk.

“I’ve already lived, but I want deep change for the children of Chile,” said María Veloso, 57, who runs a food stand.

In a wealthier part of town, in a hillside amphitheater named after the Chilean poet Pablo Neruda, a much smaller crowd gathered to mark their campaign to reject the leftist text. (Mr. Neruda, ironically, was a communist.) Hundreds of people waved Chilean flags and danced to an act impersonating the flamboyant Mexican singer Juan Gabriel.

“Here in Chile, they’re defending dogs more than babies,” said Sandra Cáceres Ríos, 50, an herb seller.

Regardless of the vote’s outcome, there is more political negotiating ahead. In the case of approval, Chile’s Congress, which is ideologically split, will be tasked with figuring out how to implement many of the changes. Lawmakers could try to significantly limit the scope or impact of some policies, such as abortion or Indigenous rights, by passing laws interpreting the constitution’s language in a narrow way.

Ultimately, the real effect of many provisions would probably be determined by the courts.

If the text is rejected, Mr. Boric, Chile’s president, has said that he would like to see a new convention draft another proposed charter.

He would, in other words, like to try it all again.

Pascale Bonnefoy and Ana Lankes contributed reporting from Santiago, Chile.

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Changing Your Password Too Often Might Be Hurting Your Account Privacy

Patterns most humans use in changing their passwords could be leading to more predictable and easy-to-breach security.

Microsoft recently advised against longstanding, conventional cybersecurity logic on required password changes. It turns out forced switches made users select more predictable and easy-to-breach passwords.

“The pattern that humans use, particularly when they’re not using a password manager, is they come up with, sort of, this rubric,” said Pedro Canahuati, chief technology officer at 1Password. “If that’s really very complex, it makes it difficult for people to gain access to it. But the reality is, humans are not good at randomness.”

“The previous advice for people to rotate their passwords so frequently led to some really bad habits: people writing passwords down, only changing maybe the last digit,” said Lisa Plaggemier, executive director of the National Cybersecurity Alliance.

“Changing that one character at the end of your password is not enough when you’re up against a bot who’s just cycling away at different passwords and switching out letters and numbers.”

Humans are notoriously bad at passwords. NordPass’ research of commonly used passwords across 50 countries in 2021 found the most popular were strings of letters or numbers, like 123456 and qwerty or words like password. Most could be cracked in less than one second.

Still, if you search online for advice on how often you should change passwords, you’ll still find a lot of results saying you should change them routinely.

Newsy spoke to four cybersecurity experts about best rotation practices. While all noted that there are times when passwords should be changed — like when your data is implicated in a breach — there are other, more important security features that can be used to strengthen data protection.

“People just need to understand that passwords only go so far, and you need multifactor authentication,” said Ed Skoudis, president of SANS Technology Institute. “Password management organizations also have an obligation to keep their users secure and safe.”

“The simple solution at the end of the day is to use strong and unique passwords with a password manager because nobody can create them as strong as they can with the password manager,” said Craig Lurey, chief technology officer at Keeper Security. “This is hundreds of engineers, solely focused on protecting passwords in an encrypted vault that’s highly secure and protected from access, and all the years of implementation that went into that versus whatever you think you can do with your notepad.”

Source: newsy.com

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Musk Subpoenas Twitter Whistleblower In Bid To Rescind Acquisition

By Associated Press

and Newsy Staff
August 30, 2022

Twitter’s former head of security was subpoenaed after a whistleblower complaint alleged the platform misled U.S. regulators about fake accounts.

Tesla CEO Elon Musk and Twitter lobbed more accusations at each other Tuesday in the latest round of legal filings over Musk’s efforts to rescind his offer to buy the social media platform.

Musk filed more paperwork in his bid to terminate the deal, this time based on information in a whistleblower complaint filed by Twitter’s former head of security.

Twitter fired back by saying Musk’s attempt to back out is “invalid and wrongful.”

In a filing with the Securities and Exchange Commission, Musk said his legal team notified Twitter of “additional bases” for ending the deal on top of the ones given in the original termination notice issued in July.

Twitter has sued Musk, asking the Delaware Chancery Court to force him to go through with the $44 billion deal. A high-stakes trial is set to start the week of Oct. 17.

In a letter to Twitter Inc., which was included in the filing, Musk’s advisers cited the whistleblower report by former executive Peiter Zatko — also known by his hacker handle “Mudge.”

Zatko, who served as Twitter’s head of security until he was fired early this year, alleged in his complaint to U.S. officials that the company misled regulators about its poor cybersecurity defenses and its negligence in attempting to root out fake accounts that spread disinformation.

The Musk letter, addressed to Twitter’s Chief Legal Officer Vijaya Gadde, said Zatko’s allegations provide extra reasons to end the deal if the July termination notice “is determined to be invalid for any reason.”

Billionaire Musk has spent months alleging that the company he agreed to acquire undercounted its fake and spam accounts, which means he doesn’t have to go through with the deal.

In a separate SEC filing, Twitter responded to what it called Musk’s latest “purported termination,” saying it’s “based solely on statements made by a third party that, as Twitter has previously stated, are riddled with inconsistencies and inaccuracies and lack important context.”

Zatko received a subpoena Saturday from Musk’s team compelling him to testify in what Zatko’s lawyers emphasized would be an “involuntary” deposition ahead of the coming courtroom battle between Twitter and Musk.

“He did not make his whistleblower disclosures to the appropriate governmental bodies to benefit Musk or to harm Twitter, but rather to protect the American public and Twitter shareholders,” Zatko’s lawyers wrote in a prepared statement.

Twitter is likely to amend its lawsuit to include Zatko’s allegations, so the court can decide on both the bot and cybersecurity issues. 

The court will have to decide whether the bot or cybersecurity issues are a “material adverse effect” that will harm Twitter’s business for years.

Additional reporting by The Associated Press.

Source: newsy.com

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Former Twitter Security Chief Files Whistleblower Complaints

By Associated Press
August 23, 2022

One of the allegations is also at the core of the attempted withdrawal of a $44 billion takeover bid for Twitter by billionaire Elon Musk.

A former head of security at Twitter has filed whistleblower complaints with U.S. officials, alleging that the company misled regulators about its cybersecurity defenses and its problems with fake accounts, according to reports by The Washington Post and CNN.

Peiter Zatko, Twitter’s security chief until he was fired early this year, filed the complaints last month with the U.S. Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice.

The Post, which obtained the complaint, reported that among the most serious accusations is that Twitter violated the terms of an FTC settlement by falsely claiming that it had a strong security plan.

Zatko also accuses the company of deceptions involving its handling of “spam” or fake accounts, an allegation that is at the core of the attempted withdrawal of a $44 billion takeover bid for Twitter by billionaire Elon Musk.

Shares of Twitter Inc. slid 4% Tuesday.

Zatko didn’t immediately respond to a request for comment Tuesday but told the Post he “felt ethically bound” to come forward.

Zatko, better known as Mudge, is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google. He joined Twitter at the urging of then-CEO Jack Dorsey in late 2020, the same year the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities and tech moguls, including Musk, in an attempt to scam their followers out of Bitcoin.

Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and that the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders.”

“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context,” the company said.

The legal nonprofit Whistleblower Aid, which is representing Zatko, confirmed the authenticity of the document Tuesday, but said it is legally precluded from sharing it. The same group worked with former Facebook employee Frances Haugen, who testified to Congress last year after leaking internal documents and accusing the social media giant of choosing profit over safety.

A spokesperson for the U.S. Senate’s intelligence committee, Rachel Cohen, said the committee has received Zatko’s complaint and “is in the process of setting up a meeting to discuss the allegations in further detail. We take this matter seriously.”

Sen. Dick Durbin, an Illinois Democrat, said in a prepared statement that if the claims are accurate, “they may show dangerous data privacy and security risks for Twitter users around the world.”

Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company payroll where they had “direct unsupervised access to the company’s systems and user data.”

A 2011 FTC complaint noted that Twitter’s systems were full of highly sensitive data that could allow a hostile government to find precise geo-location data for a specific user or group and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing along sensitive Twitter user data to royal family members in Saudi Arabia in exchange for bribes.

The complaint said Twitter was also heavily reliant on funding by Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would enable them to learn the identify and sensitive information of Chinese users who secretly use Twitter, which is officially banned in China.

Zatko also describes “deliberate ignorance” by Twitter executives on counting the millions of accounts that are automated “spam bots” or otherwise have no value to advertisers because there is no person behind them.

Alex Spiro, an attorney representing Musk in his effort to back out of the deal to buy Twitter, said lawyers have issued a subpoena for Zatko. “We found his exit and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday.

Additional reporting by the Associated Press.

Source: newsy.com

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

FBI’s Wray Denounces Threats Following Search Of Trump Home

By Associated Press

and Newsy Staff
August 11, 2022

Threats and calls to arms have been posted in corners of the internet favored by right-wing extremists.

The director of the FBI had strong words Wednesday for supporters of former President Donald Trump who have been using violent rhetoric in the wake of his agency’s search of Trump’s Mar-a-Lago home.

Christopher Wray, who was appointed as the agency’s director in 2017 by Trump, called threats circulating online against federal agents and the Justice Department “deplorable and dangerous.”

“I’m always concerned about threats to law enforcement,” Wray said. “Violence against law enforcement is not the answer, no matter who you’re upset with.”

Wray made the remarks following a news conference during a long-planned visit to the agency’s field office in Omaha, Nebraska, where he discussed the FBI’s focus on cybersecurity. He declined to answer questions about the hours-long search Monday by FBI agents of Trump’s Palm Beach, Florida resort.

It has been easy to find the threats and a call to arms in those corners of the internet favored by right-wing extremists since Trump himself announced the search of his Florida home. Reactions included the ubiquitous “Lock and load” and calls for federal agents and even U.S. Attorney General Merrick Garland to be assassinated.

On Gab — a social media site popular with White supremacists and antisemites — one poster going by the name of Stephen said he was awaiting “the call” to mount an armed revolution.

“All it takes is one call. And millions will arm up and take back this country. It will be over in less than 2 weeks,” the post said.

Another Gab poster implored others: “Lets get this started! This unelected, illegitimate regime crossed the line with their GESTAPO raid! It is long past time the lib socialist filth were cleansed from American society!”

The search of Trump’s residence Monday is part of an investigation into whether Trump took classified records from the White House to his Florida residence, according to people familiar with the matter. The Justice Department has been investigating the potential mishandling of classified information since the National Archives and Records Administration said it had received from Mar-a-Lago 15 boxes of White House records, including documents containing classified information, earlier this year.

Additional reporting by The Associated Press.

Source: newsy.com

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Political Campaigns Have More Data On You Than You Might Think

Technology and social media have increased digital footprints, meaning campaigns can know a lot about a person before they even contact them.

It’s now midterm election season, and millions of voters are getting tons of emails, texts and phone calls they might not have even signed up for.

Political calls, texts and emails are spamming voters everywhere, and it’s getting easier and easier for political campaigns and causes to know exactly who they should reach out to.

While robocalls have been used in politics for decades, the growth of tech and social media giants — and an ever-increasing data footprint — means campaigns can know a ton about a person before they even call.

When someone registers to vote, they get a voter file. That includes their address, phone number and usually their email. Most states allow political campaigns to access that info.

University at Buffalo professor and political communications expert Jacob Neiheisel says many political campaigns build and grow lists, and those often snowball over time and get passed down — or sold — from one campaign to another.

“If you don’t have a lot of resources as a candidate or as a campaign, you usually are going to have access to the voter file,” Neiheisel said. “A lot of your targeting from is just the voter file. If you are somewhat better resourced or you can draw upon the resources of your political party, you’re going to have access to things that the party has collected internally, and also you’re going to have access to, again, resource and party dependent data from private firms.”

Those private firms take things a step further. They’re able to find out a ton of other things about people from legal, relatively public sources like credit bureaus and IP addresses.

“You are able to reach out to them on the campaign side and then give these organizations hundreds of fields of demographics from race and ethnicity, age, to things like income, education, level, hobby and interest gun ownership, whether they’re a veteran or not,” said Paul Westcott, L2 execuitive vice president. “Then models — are they likely to be supportive or against around 120 different issues?”

Westcott, from the nonpartisan political data firm L2, says a lot of this information may feel individual and personal, but that campaigns are often using it as part of broader efforts to reach certain kinds of voters.

“This voter, Jean Smith, is at 123 Main Street, and therefore is at this cookie, at this IP address, and this is their device ID,” Westcott said. “So therefore, they are a voter. Let’s say they’re a high propensity Democratic primary voter, and you really want to talk to that person on election day to turn out the vote. What the campaign is going to do is going to use L2 to target not just that individual, but thousands or tens of thousands or maybe millions of people who look like that person and then be able to target them for digital advertising.”

It’s a big guessing game that ties back to a revolution in data and targeted marketing. Online tech giants like Facebook and Google are able to use data on what individuals search, react to, and watch to develop a much more detailed profile about you.

Laura Edelson, a postdoctoral researcher in computer science and co-director of the New York University’s project Cybersecurity for Democracy, has seen this come up in her research.

“If you wanted to run a broadcast TV ad and you had to advertise to everyone who was watching ‘Friends’ or the nightly news or whatever, but platforms like Facebook introduced really narrow targeting parameters where advertisers could target people based on their interest in dogs or or in pickup trucks,” Edelson said. 

There are some limits here. In 2019, the Federal Trade Commission issued a $5 billion fine against Facebook for privacy violations relating to data improperly accessed by the data firm Cambridge Analytica. The firm provided data to Republican presidential candidates Ted Cruz and Donald Trump in 2016.

But most accessing of this data is totally legal, and it’s led to a push for more oversight or regulations on your personal info.

“These are very powerful tools, and in the hands of the wrong person, a very powerful tool becomes a weapon,” Edelson said. “I think that’s why we do need the ad platforms to be a little bit more careful about who they allow to use their platform and in what way they allow them to be used.”

But for all of this work to gather data and reach out, it’s worth noting this may only swing a small number of people, which could make a big difference. 

“So much of what goes on in a campaign, particularly a big national campaign, is kind of baked in,” Neiheisel said. “The reason why these operations are so sophisticated is that there’s so very, very little room to maneuver, and so you were really looking at the margins here. So we’re putting a lot of resources into finding little tiny advantages that may or may not exist out there. You look for any little advantage you can find, and this is where the data operations come in.”

So, what can a person do to protect themselves here? Edelson says she thinks this shouldn’t be an individual responsibility issue and that policy changes can offer a solution.

“Consumers shouldn’t have to do so much,” Edelson said. “The onus shouldn’t be on them, so I think one thing that we all can do is contact our elected representatives and tell them that we support a national privacy law that would give consumers a little bit more protection from having this data gathered about them in the first place.”

But in the meantime, the options are pretty limited. If a political campaign is using a larger data provider or if the message a person got actually ties to a campaign, it’s probable they can unsubscribe.

Westcott says L2 has an opt-out system but that even if a person doesn’t get messages from their affiliates, they’re probably not out of the woods yet, especially as election day is getting close. 

“There’s data everywhere, and people, if you’ve ever donated to a campaign, and certainly if you are a high propensity voter, you are going to get calls and texts, and they’re going to come from many, many, many different sources, even if you opt out,” Westcott said.

So, to get out of the woods and freed from unwanted calls and mail, a person may have to go into the woods… literally. 

“How do I stop the phone calls?” Neiheisel said. “Basically, it boils down to… advice you would give people going off the grid.”

Source: newsy.com

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

A Cyberattack Illuminates the Shaky State of Student Privacy

The software that many school districts use to track students’ progress can record extremely confidential information on children: “Intellectual disability.” “Emotional Disturbance.” “Homeless.” “Disruptive.” “Defiance.” “Perpetrator.” “Excessive Talking.” “Should attend tutoring.”

Now these systems are coming under heightened scrutiny after a recent cyberattack on Illuminate Education, a leading provider of student-tracking software, which affected the personal information of more than a million current and former students across dozens of districts — including in New York City and Los Angeles, the nation’s largest public school systems.

Officials said in some districts the data included the names, dates of birth, races or ethnicities and test scores of students. At least one district said the data included more intimate information like student tardiness rates, migrant status, behavior incidents and descriptions of disabilities.

Chicago Public Schools, the nation’s third-largest district.

Now some cybersecurity and privacy experts say that the cyberattack on Illuminate Education amounts to a warning for industry and government regulators. Although it was not the largest hack on an ed tech company, these experts say they are troubled by the nature and scope of the data breach — which, in some cases, involved delicate personal details about students or student data dating back more than a decade. At a moment when some education technology companies have amassed sensitive information on millions of school children, they say, safeguards for student data seem wholly inadequate.

“There has really been an epic failure,” said Hector Balderas, the attorney general of New Mexico, whose office has sued tech companies for violating the privacy of children and students.

In a recent interview, Mr. Balderas said that Congress had failed to enact modern, meaningful data protections for students while regulators had failed to hold ed tech firms accountable for flouting student data privacy and security.

outpacing protections for students’ personal information. Lawmakers rushed to respond.

Since 2014, California, Colorado and dozens of other states have passed student data privacy and security laws. In 2014, dozens of K-12 ed tech providers signed on to a national Student Privacy Pledge, promising to maintain a “comprehensive security program.”

Supporters of the pledge said the Federal Trade Commission, which polices deceptive privacy practices, would be able to hold companies to their commitments. President Obama endorsed the pledge, praising participating companies in a major privacy speech at the F.T.C. in 2015.

The F.T.C. has a long history of fining companies for violating children’s privacy on consumer services like YouTube and TikTok. Despite numerous reports of ed tech companies with problematic privacy and security practices, however, the agency has yet to enforce the industry’s student privacy pledge.

In May, the F.T.C. announced that regulators intended to crack down on ed tech companies that violate a federal law — the Children’s Online Privacy Protection Act — which requires online services aimed at children under 13 to safeguard their personal data. The agency is pursuing a number of nonpublic investigations into ed tech companies, said Juliana Gruenwald Henderson, an F.T.C. spokeswoman.

company’s site says its services reach more than 17 million students in 5,200 school districts. Popular products include an attendance-taking system and an online grade book as well as a school platform, called eduCLIMBER, that enables educators to record students’ “social-emotional behavior” and color-code children as green (“on track”) or red (“not on track”).

Illuminate has promoted its cybersecurity. In 2016, the company announced that it had signed on to the industry pledge to show its “support for safeguarding” student data.

Concerns about a cyberattack emerged in January after some teachers in New York City schools discovered that their online attendance and grade book systems had stopped working. Illuminate said it temporarily took those systems offline after it became aware of “suspicious activity” on part of its network.

On March 25, Illuminate notified the district that certain company databases had been subject to unauthorized access, said Nathaniel Styer, the press secretary for New York City Public Schools. The incident, he said, affected about 800,000 current and former students across roughly 700 local schools.

For the affected New York City students, data included first and last names, school name and student ID number as well as at least two of the following: birth date, gender, race or ethnicity, home language and class information like teacher name. In some cases, students’ disability status — that is, whether or not they received special education services — was also affected.

said they were outraged. In 2020, Illuminate signed a strict data agreement with the district requiring the company to safeguard student data and promptly notify district officials in the event of a data breach.

kept student data on the Amazon Web Services online storage system. Cybersecurity experts said many companies had inadvertently made their A.W.S. storage buckets easy for hackers to find — by naming databases after company platforms or products.

a spate of cyberattacks on both ed tech companies and public schools, education officials said it was time for Washington to intervene to protect students.

“Changes at the federal level are overdue and could have an immediate and nationwide impact,” said Mr. Styer, the New York City schools spokesman. Congress, for instance, could amend federal education privacy rules to impose data security requirements on school vendors, he said. That would enable federal agencies to levy fines on companies that failed to comply.

One agency has already cracked down — but not on behalf of students.

Last year, the Securities and Exchange Commission charged Pearson, a major provider of assessment software for schools, with misleading investors about a cyberattack in which the birth dates and email addresses of millions of students were stolen. Pearson agreed to pay $1 million to settle the charges.

Mr. Balderas, the attorney general, said he was infuriated that financial regulators had acted to protect investors in the Pearson case — even as privacy regulators failed to step up for schoolchildren who were victims of cybercrime.

“My concern is there will be bad actors who will exploit a public school setting, especially when they think that the technology protocols are not very robust,” Mr. Balderas said. “And I don’t know why Congress isn’t terrified yet.”

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<