Daily Digest (5/4)

FBI Director, Now a Critic of Strong Encryption, Once Defended It; Mass. Senator Markey Questions Clearview AI’s COVID-19 Tracking Plans; Websites Leaking User Emails to Third Parties, Consulting Firm Says; Center for Democracy and Technology Creates Coronavirus Reference. Click “Continue Reading” below.

FBI Director, Now a Critic of Strong Encryption, Once Defended It

FBI Director Christopher Wray’s former law firm once advocated for strong encryption in a 2015 lawsuit representing Facebook Inc.’s WhatsApp in a case over use of the technology, according to a court filing unsealed last week.

Wray, who has been pushing tech companies to give authorities access to encrypted messages since heading the FBI in August 2017, was a partner at King & Spalding LLC during the case.

In a Justice Department filing, Facebook disclosed King & Spalding’s involvement in the December 2015 case. The filing was unsealed late Wednesday and first disclosed Thursday by The New York Times.

The firm’s work for WhatsApp had not been previously reported.

Wray and Attorney General William Barr have increasingly opposed efforts by the technology industry to provide end-to-end encryption, which scrambles messages to where they are unreadable, except by the messages’ senders and recipients.

The FBI said in a statement that Wray could not comment on his prior work for WhatsApp or any other client while he was in private practice.

“Like all other lawyers, his duty of loyalty was to his client, and he did not put his personal views ahead of his clients’ interests or allow them to affect the legal work he did for clients,” the agency said. “Today, as director of the FBI, his duty is to act in the best interests of the American people.”

Source: NY Times, The F.B.I.’s Director, a Critic of Strong Encryption, Once Defended It

Mass. Senator Markey Questions Clearview AI’s COVID-19 Tracking Plans

Sen. Edward Markey, D-Mass., has asked Clearview AI to name the government agencies it is in discussions with and to disclose any possible agreements to develop contact-tracing tools, as such devices cannot be “used as cover by companies like Clearview to build shadowy surveillance networks.”

In a Thursday letter, Markey also raised concerns around “accuracy and bias” in Clearview’s facial-recognition technology, saying “any plans to deploy it widely to fight the coronavirus could further increase Clearview’s threat to the public’s privacy.”

Clearview CEO Hoan Ton-That told NBC News last Monday that federal authorities and three states have discussed using the company’s technology to try to stop the spread of COVID-19.

But in a statement Friday, Ton-That confirmed to CNet.com that Clearview had received a letter from Markey and said the company would be “responding to him directly.”

Sources (external links):

Websites Leaking User Emails to Third Parties, Consulting Firm Says

Millions of user emails are being leaked from such popular websites as The Washington Post, Quibi and JetBlue to third-party advertisers and analytics companies, according to analytics consulting firm Victory Medium.

Zach Edwards, the company’s founder, said in an article for Medium that the sites used third-party analytics and advertising Javascript code and that his firm’s research found that the companies had “hundreds of millions of emails and real users between them.”

However, only three organizations — Wish.com, Mailchimp and the Post — “took this report on their user-email breaches seriously.

“Wish updated their email system within 72 hours of the report being sent, and the other two started taking actions relatively quickly,” Edwards said. “Many other organizations either didn’t respond or have failed to take any actions for weeks or months.”

“Organizations should be aware of this vulnerability and submit deletion requests to the third parties,” he said.

“Hopefully, organizations will start to take a more proactive approach to trying to stop this type of data-supply data breach, and a more responsible plan of action after being notified of significant problems.”

Medium.com, The 2020 URL Querystring Data Leaks — Millions of User Emails Leaking from Popular Websites to Advertising and Analytics Companies

Center for Democracy and Technology Creates Coronavirus Reference

The Center for Democracy and Technology has created a COVID-19 resources page that seeks to help countries uphold human rights, including privacy, during the pandemic.

“The world is moving rapidly to stem the spread of the novel coronavirus, COVID-19,” the center’s page said. “As government leaders, policymakers, and technology companies continue to make necessary decisions to stop the global pandemic, CDT is actively monitoring the latest responses and working to ensure they protect civil rights and liberties.

“Unfortunately,” the page continued, “the seeds of human-rights abuses are sometimes planted during active crises.

“Our policy teams help leaders craft solutions that balance the unique needs of the moment, while still respecting and upholding individual human rights.”

CDT.org, Novel Coronavirus Response

— By DPN Staff