Daily Digest (7/20)

Russia Conducted Widespread Surveillance During COVID Lockdown; German Authorities Have Too Much Access to Online Data, Top Court Rules; Israeli Ministry Admits Over 12,000 Mistakenly Quarantined by Phone Tracking; Amazon, Google, Microsoft Sued Over Photos in Facial-Recognition Database. Click “Continue reading” below.

Russia Conducted Widespread Surveillance During COVID Lockdown

Russian authorities organized unprecedented, large-scale surveillance on its citizens during the coronavirus pandemic, according to a report released last week by the human-rights group Agora.

Entitled “Surveillance Pandemic,” the report said the spying was carried out not only in violation of personal-data laws, but also by organizations that could not and should not be responsible for monitoring.

Authorities tracked citizen whereabouts through centralized processing of geolocation data from cellphones, the Meduza website in Riga reports.

Agora calculated that at the regional level, 61 of Russia’s federal subjects used additional surveillance technologies — with 24 regions introducing some form of digital passes, while 16 used analog passes in the form of certificates.

In addition, 12 regions used facial-recognition systems to identify quarantine violators.

Much of the data was improperly stored, which led to regular leaks, Agora said.

The report also noted that in the majority of Russia’s regions, a wide range of individuals — “from medical and emergency workers, to taxi drivers, people’s volunteer guards, and members of Cossack societies” — were granted the power to interfere in the private lives of citizens.

By law, only police and Russian Guard officers have the right to do this, according to the report.

Source (all sources external links):

German Authorities Have Too Much Access to Online Data, Top Court Rules

German police and intelligence access to personal data from cellphone and internet users is unconstitutional, the nation’s Constitutional Court ruled Friday.

The decision will make it more difficult for investigators to access private information held on digital devices and accounts, DW.com reports.

The Constitutional Court in Karlsruhe ruled that several regulations that allowed access to so-called “inventory data,” which included internet and mobile users’ names and birth dates, were unconstitutional.

The case was brought by two groups, one with more than 6,000 supporters, which argued that their rights were breached.

The court ruled that current law violated users’ “fundamental rights to informational self-determination and to the protection of telecommunications secrecy.”

While accessing such data is generally permissible under German constitutional law, the court said that “transmission and retrieval regulations must sufficiently limit the purposes for which the data is used,” DW.com reports.

The ruling means that Germany’s Telecommunications Act and several other laws will need to be revised.


Israeli Ministry Admits Over 12,000 Mistakenly Quarantined by Phone Tracking

As many as 12,000 Israelis were mistakenly forced into quarantine by a contact-tracing program that gave the Shin Bet security agency access to the cellphones of confirmed coronavirus carriers, a Knesset committee heard last week.

In the first week of the renewal of the Shin Bet tracing system last month, tens of thousands of people in Israel received text messages warning them that they had been in contact with a confirmed carrier of coronavirus.

Under Israeli law, those in contact with a confirmed carrier must quarantine for two weeks or face hefty fines or even jail time, The Times of Israel reports.

Thousands of Israelis sought appeals after the phone-tracking system identified them as needing to quarantine — and about half the appeals were upheld, Ayelet Grinbaum, a Health Ministry representative, told the Knesset Foreign Affairs and Defense Committee in a Tuesday hearing.

“We approved 54% of them to leave solitary confinement, close to 12,000 people,” she said.

Nearly all of the calls to a Health Ministry hotline were by people seeking to appeal the quarantine order, according to the report.


Amazon, Google, Microsoft Sued Over Photos in Facial-Recognition Database

Amazon, Google parent Alphabet and Microsoft used people’s photos to train their facial-recognition technologies without obtaining the subjects’ permission, in violation of an Illinois biometric privacy statute, three federal lawsuits filed last week alleged.

The photos were part of IBM’s Diversity in Faces database, which is designed to advance the study of fairness and accuracy in facial recognition by examining more than just skin tone, age and gender, CNET.com reports.

The data included 1 million images of human faces, annotated with tags such as face symmetry, nose length and forehead height.

Two Illinois residents who brought the lawsuits, Steven Vance and Tim Janecyk, alleged that their images were included in the data set without their permission, despite clearly identifying themselves as Illinois residents.

Collection, storage and use of biometric information is illegal in the state without written consent under the Biometric Information Privacy Act, passed by the Illinois legislature in 2008.

The defendants “chose to use and profit from biometric identifiers and information scanned from photographs that were uploaded from Illinois; managed via Illinois-based user accounts, computers and mobile devices, and-or created in Illinois,” the lawsuits say.

“In doing so, (defendants) exposed Illinois residents and citizens to ongoing privacy risks within Illinois, knowing that (their) conduct would injure those residents and citizens within Illinois.”

The lawsuits, filed in California and Washington state courts, where the companies are based, seek class-action status, as well as monetary damages and restraint of defendants’ activities pertaining to the database, CNET reports.

Microsoft said it had received the complaint and was reviewing it.

“We take privacy seriously, and we are committed to ensuring our AI technology is developed and used responsibly,” a Microsoft spokesperson told CNET.

Representatives for Amazon and Google did not immediately respond to requests for comment.


By DPN Staff