national security – Techdirt (original) (raw)

Trump May Kill America’s Performative TikTok Ban For The Benefit Of His Billionaire Buddy

from the you-know,-for-freedom dept

We’ve noted more time than I can count how the U.S. ban of TikTok (yes, yes I know, it’s not a ban, it’s a forced divestment ByteDance was never going to agree with) was pointless fucking performance art.

Not only was it unconstitutional, it did nothing to actually address the privacy and national security issues it professed to fix. We’re a country too corrupt to pass even a baseline privacy law. We’re too corrupt to even regulate data brokers that routinely hoover up oceans of sensitive consumer data and then sell it to any nitwit with two nickels to rub together (including domestic extremists and foreign intelligence).

Hyperventilating about a single Chinese-app in an ocean of dodgy and unregulated consumer surveillance was always more about greed and protecting Facebook and U.S. tech companies from competition than it ever was about seriously addressing U.S. privacy, NatSec, or propaganda concerns.

With that as backdrop, Trump is telling his allies (for whatever that’s ultimately worth) that he wants to reverse the U.S. ban on TikTok. The law, passed last April, gave ByteDance until January 19 to find a U.S. buyer or face getting kicked out of the country.

“The president-elect has not yet announced a decision on if, or how to proceed, but some advisers expect him to intervene on TikTok’s behalf if necessary — including Conway and three others, who spoke on the condition of anonymity to discuss private conversations. Trump promised during the campaign to protect the app even though he also signed an executive order in his first term that would have effectively banned it: “I’m gonna save TikTok,” he said in one of his first videos on the app this June.”

Trump of course isn’t operating with any sort of genuine, good faith policy or intellectual curiosity here. He correctly believes TikTok can be useful for Republicans’ massive online propaganda efforts, and, like most feckless U.S. tech companies, ultimately bullied away from competently moderating right wing propaganda and race-baiting bile on the internet if it wants to keep doing business here.

It’s also just about money. In 2020, Trump wanted to ban TikTok when he thought there was a chance he could offload it to his buddies Larry Ellison and Safra Catz at Oracle. In 2024, Trump’s motivation is in cozying up to Jeffrey Yass, a major billionaire Trump donor creator of the conservative Club for Growth, who holds a 15% stake in TikTok’s Chinese parent company ByteDance.

A Trump reversal of a TikTok ban (which the Post explains won’t be easy) will result in all sorts of entertaining chaos among his bobble-headed brigadiers. Kellyanne Conway now works for Yass and Club For Growth defending TikTok in the press. In contrast, Trump’s likely FCC boss Brendan Carr has spent the last four years crying about TikTok to please Trump and get his face on cable TV.

As Conway’s quote to the Post makes clear, Yass and Trump want to frame this self-serving reversal as something profoundly more noble than it actually is, leveraging the fact that this ban was always a giant political turd for Democrats:

“He appreciates the breadth and reach of TikTok, which he used masterfully along with podcasts and new media entrants to win,” said Kellyanne Conway, who ran Trump’s first presidential campaign, served in the White House and remains close to him and now also advocates for TikTok. “There are many ways to hold China to account outside alienating 180 million U.S. users each month. Trump recognized early on that Democrats are the party of bans — gas-powered cars, menthol cigarettes, vapes, plastic straws and TikTok — and to let them own that draconian, anti-personal-choice space.”

Then of course you’ve got Mark Zuckerberg and Facebook, who, ahead of the ban, were caught seeding no limit of bogus moral panics in DC and among press outlets for anticompetitive reasons (which oddly gets omitted from most press coverage of this story).

Anybody who thinks any of these folks care about protecting consumer privacy or national security is deluding themselves. The U.S. refusal to regulate data brokers or pass a privacy law makes it repeatedly, painfully clear that this country has prioritized making money over consumer privacy and public safety. Any pretense we care about fighting propaganda is even more laughable in the wake of this election.

Another major reason the U.S. government doesn’t want to seriously tackle consumer privacy is because the dysfunctional and unaccountable data broker space allows them to spy on Americans without getting a pesky warrant. Banning Tiktok is a performance that distracted the public from our broader widespread failures on propaganda, surveillance, consumer protection, privacy, and national security.

There certainly are privacy, propaganda, and national security concerns related to TikTok. They’ll never be confused for an ethical company. But that’s never really been what any of this was about for this pit of self-serving vipers, who were primarily interested in using those issues (and xenophobia) as cover to prop up their varied and often conflicting financial ambitions.

Filed Under: donald trump, jeffrey yass, national security, privacy, propaganda, social media, surveillance, tiktok ban
Companies: bytedance, tiktok

Kaspersky Leaves U.S., Deletes Itself, Swaps Everybody’s Antivirus For Software Nobody Asked For

from the didn't-ask-for-this dept

Wed, Sep 25th 2024 05:26am - Karl Bode

Back in 2017, the Trump administration signed new rules banning Russian-based Kaspersky software on all government computers. Last June, the Biden administration took things further and banned distribution and sale of the software, stating that the company’s ties to the Russian government made its intimacy with U.S. consumer devices and data a national security threat.

While there are justifiable security concerns here, much like the ban of TikTok, the decision wasn’t absent of lobbying influence of domestic companies looking to dismantle a competitor. It’s relatively easy to get Congress heated up about national security concerns, because it tends to mask anti-competitive lobbying in a way you can brush aside non transparently for the greater good of the world [echoes].

Nor is a ban entirely consistently with broader U.S. policy, since U.S. government corruption prevents it from passing a meaningful privacy law, or regulating dodgy international data brokers that traffic in no limit of sensitive U.S. location and behavior data.

China and Russia don’t really need TikTok or AV software, they can simply buy access to your daily movement and browsing data from data brokers. Or, thanks to our lack of privacy laws or real accountability for lazy and bad actors, they can hack into any number of dodgy apps, software, or hardware with substandard security.

Regardless, this week Kaspersky Labs effectively left the U.S., but not before engaging in a practice that doesn’t exactly scream “high security standards.” The company effectively deleted its products from U.S. user computers without anybody’s consent, then replaced it with UltraAV’s antivirus solution — also without informing users.

Many users understandably saw this nonconsensual transaction take place and assumed they’d been hacked or infected with a virus:

“I woke up and saw this new antivirus system on my desktop and I tried opening kaspersky but it was gone. So I had to look up what happened because I was literally having a mini heart attack that my desktop somehow had a virus which uninstalled kaspersky somehow,” one user said.”

One problem is that Kaspersky had emailed customers just a few weeks ago, assuring them they would continue receiving “reliable cybersecurity protection.” They didn’t make any mention of the fact that this would involve deleting software and making installation choices consumers hadn’t approved of, suggesting that their exit from the security software industry won’t be all that big of a loss.

That said, it would be nice if U.S. consternation about consumer privacy were somewhat more… consistent.

The U.S. isn’t actually serious about U.S. consumer privacy because we make too much money off of the reckless collection and sale of said data to even pass baseline privacy laws. And the U.S. government has grown too comfortable being able to buy consumer data instead of getting a warrant. But we do like to put on a show that protecting consumer data is a top priority all the same.

Filed Under: antivirus, ban, consumers, national security, privacy, security, software
Companies: kaspersky

Australia’s Security Chief Says It’s Time To Start Forcing Companies To Break Chat Room Encryption

from the start-reviewing-your-exit-plans,-service-providers dept

More than a half-decade ago, the Australian government gave itself more powers. These new powers allowed the government to compel decryption — something far easier said than done, especially if existing encryption was expected to still protect everyone else but the government’s targets.

Shortly after the law was passed, Australia’s federal law enforcement and national security agencies started wielding it against service providers. The first wave was noticeable, but subsequent efforts have flown under the radar for the most part, whether due to extreme amounts of secrecy or the new powers not being quite as possible as the Australian government hoped.

Three years after the enactment of the law, the powers and their side effects were reviewed by federal overseers. The review came to a couple of unsurprising conclusions. First, the joint committee noted the program suffered from a lack of rigorous oversight, which is pretty ironic when the statement is being made by one of the program’s oversight bodies. Second, it said the law was great and had no downsides, a conclusion it reached by… simply stating there were no downsides.

“Agencies have made the case that these powers remain necessary to combat serious national security threats, and some of the worst fears held by industry at the time of passage have not been realised,” committee chair and Liberal Senator James Paterson said.

Really refreshing to see a government body declare an unprecedented expansion of powers to be a net benefit for all mankind. What’s hilarious is that there are actually downsides, but since not every outcome has been negative, the new powers are somehow an unmitigated success. The committee chair did not say “none” of the “worst fears” stated by the industry in opposition to these powers have come to pass. Senator James Patterson says only “some” have “not been realised,” which suggests others have been “realised.”

Apparently, getting its way isn’t sitting right with the current head of the Australian Security Intelligence Organisation (ASIO). Companies must be made to comply more often and more quickly. As Sarah Ferguson reports for Australia’s ABC News, ASIO believes it’s time to fully flex powers that have apparently only been partially flexed previously.

ASIO head, Mike Burgess, says he may soon use powers to compel tech companies to cooperate with warrants and unlock encrypted chats to aid in national security investigations.

“If you actually break the law or you’re a threat to security, you lose your right to privacy, and what I’ve been asking for those companies that build messaging apps (is to) respond to the lawful requests. So when I have a warrant you give me access to that communication,” Mr Burgess told 7.30.

Mr Burgess said ASIO is seeking targeted access to chat rooms hosted on encrypted platforms – which are increasingly used by bad actors to hide their communications.

“We’re not asking for mass surveillance. We need their cooperation,” he said.

“If they don’t cooperate, then there’s a private conversation I need to have with government about what we accept or what I need to do my job more effectively.”

This goes beyond simply breaking encryption to give intelligence and law enforcement agencies access to communications at rest. This is the ASIO amping things up to demand companies provide them access to ongoing communications in the form of message groups of chat rooms.

Obviously, this creates a much larger problem for non-targets of investigations. It’s one thing to give the government access to a single user’s communications. It’s quite another to break encryption on chat rooms or multi-person messaging groups, which means exposing everyone in these conversations to surveillance, even if they’re not actually targets of investigations.

On top of that, this means stripping encryption from entire communications platforms. It’s not like service providers can just bypass the encryption safeguarding one set of communications. To allow ASIO the access its boss is demanding, the entire platform must be deprived of its security.

And, once again, we have a supposed expert in the fields of law enforcement and surveillance completely misunderstanding what’s at stake and what he’s asking for. “Targeted access” is a meaningless term when doing so means depriving every user of these services of the protection encryption provides.

The more Mike Burgess says, the stupider he looks.

“I understand there are people who really need [encryption] in some countries, but in this country, we’re subject to the rule of law, and if you’re doing nothing wrong, you’ve got privacy because no one’s looking at it,” Mr Burgess said.

Nothing about this statement makes any sense. Encryption is acceptable for people in other countries? The rule of law concept is only present in Australia? Australians aren’t deserving of the security and privacy communication encryption provides?

And please do not give us another helping of this horseshit “nothing wrong/nothing to fear” platitude. If Burgess is given the access he wants, people who are “doing nothing wrong” can still have their privacy invaded if they happen to participate in chats/messages with people the government is targeting. Once the encryption is broken, it’s broken. Everyone’s communications can be seen, even if the government is only interested in a few chat room members. Worse, once the platform itself is compromised, people who aren’t even participating in chats/messages with government targets can be surveilled.

Then there’s this, in which Burgess insists unicorns not only exist, but that tech companies are perfectly capable of generating all the unicorns the Australian government demands.

Mr Burgess says tech companies could design apps in a way that allows law enforcement and security agencies access when they request it without comprising the integrity of encryption.

Wrong! It simply does not work like that. There’s no magic switch that can be built in that the government can flip on and off when it wants to intercept or view communications. Either the encryption is solid or it’s broken. At best, the encryption is compromised, which means anyone with the means or willingness to do so can eavesdrop on communications or intercept/exfiltrate sensitive data. At worst, it means no one is protected from anything because encryption is simply no longer an option.

These are dangerous people. They’re the worst combination of powerful and stupid. And it doesn’t even matter to them that they’re wrong. They’re on the side of the “rule of law” and any incremental gains in law enforcement effectiveness will always outweigh the critical collateral damage these mandates will generate. The theoretical security of the nation is more important than the quantifiable security encryption provides to millions of Australians. No sacrifice is too great… just so long as it’s not the government making the sacrifice.

Filed Under: asio, australia, compelled decryption, encryption, encryption backdoors, mike burgess, national security

DC Appeals Court Says CIA Can Continue To Withhold 35-Year-Old Memo Already Published By Another Gov’t Agency

from the DC:-CIA-A-OK dept

Certain government agencies are of the opinion that records requesters shouldn’t even be able to pry the documents they’re seeking from their cold, dead fingers. Long after anyone could be affected and long after the people who’ve created the documents have passed on to the Great Bureaucracy in the Sky, agencies are still refusing to relinquish paperwork that’s long past its (and its creators’) expiration date.

The CIA has been battling a FOIA request in court, using the unlimited amount of time and money it has at its disposal. At the center of the battle is a single memo that was written in 1989, shortly after the fall of the Berlin Wall and the eventual collapse of the USSR. Somehow, this document is too sensitive to be released to the public even though it has _alread_y been (mostly) released to the public. (h/t Short Circuit)

Here’s the background on the document, as recounted by the DC Circuit Court of Appeals in its decision [PDF]:

In 1983, during the Cold War, Leonard H. Perroots, then an Assistant Chief of Staff for Intelligence in the United States Air Forces in Europe, allegedly recommended a course of action to his Commander in response to an elevated alert status demonstrated by the military forces of the Union of Soviet Socialist Republics (“Soviet Union”), which helped avert a nuclear crisis. Subsequently, in January 1989, Lieutenant General Perroots wrote an End of Tour Report Addendum (“Perroots Memo”) to detail the “chain of events” from 1983 to help the U.S. Intelligence Community learn lessons “as relates to our [Indications and Warning] capability and exercise planning.”

Thirty-two years later, the National Security Archive (which is not a government entity, despite its pretty official-sounding name) sent the CIA an FOIA request for the Perroots’ 1989 memo. The CIA refused to hand over the memo itself, but gave the National Security Archive the memo’s cover letter, which did not even come close to fulfilling the request, much less the Archive’s desire to obtain the memo. The Archive sued the CIA, leading to this appeal.

But between the creation of the memo (1989) and the Archive’s request and ensuing litigation (2021), the CIA made the Archive aware of the existence of this document by pretty much publishing the memo in full.

In February 2021, the United States Department of State (“DOS”) published a transcribed version of the Perroots Memo in a volume of the Foreign Relations of the United States (“FRUS”) series documenting 1981–1988.

In order to engage in this publication, the State Department needed to get it declassified by the CIA. Those are the rules, and by the “rules,” I mean federal law. The State Department published the transcription, accompanied by a citation to its CIA source, as well as a written “thank you” to CIA staff for assisting in the declassification review.

The obvious point of the Archive’s request was to compare the transcription published by the State Department with the original memo. There may have been zero difference between the two. But we’ll perhaps never know because the CIA (the agency that apparently assisted the State Dept. with a declassification review) claims the document mostly made public more than 32 years after it was written is still far too sensitive to be turned over to the National Security Archive.

You would think the presumption of disclosure, the prior publication of the declassified transcription, and the age of the document itself would weigh in favor of the Archive. But you’d be wrong. Some secrets get to remain secrets forever, even if they’re (1) barely secret, (2) old enough to start worrying about 401(k) contributions, and (3) of significant historical interest.

The lower court took a look at the Archive’s case and the CIA’s counterarguments and decided to give the government the benefit of the doubt. Nothing has improved by moving up the judicial ladder. The CIA will get to keep its secrets even if it’s extremely improbable there’s anything in there of national security value.

While the DC Appeals Court agrees the Archive suffered a “concrete injury” when the CIA refused to release the original memo, it says the transparency-focused entity will just have to walk it off. It says the official acknowledgement of the document doesn’t prevent the CIA from using FOIA exemptions related to executive orders to refuse to release it. Nor does its apparent cooperation with the State Department in the release of the memo transcription change the FOIA equation.

According to its own previous rulings (which have been largely shaped by litigation involving agencies like the CIA due to the DC Circuit being the most common forum for federal entity targeting FOIA lawsuits), the government can both make a document public and refuse to release pretty much the same document when hit with a FOIA request.

As we have emphasized in our precedent, the mere public disclosure of information does not eliminate potential risks posed by further disclosure to national security interests—and cannot overcome an otherwise valid FOIA exemption.

Supposedly, there are still some secrets in this mostly public document. The National Security Archive doesn’t know what those might be. Neither does the general public. We just have to take the court’s word for it, along with the assertions made by the CIA directly to the judge in the lower court, which weren’t even about the presence of any sensitive info:

We reject these contentions because the record, as observed by the district court, contains classified, supplemental, ex parte, and in camera declarations which establish that the CIA was not involved in the disclosure of the Perroots Memo.

That’s it. That’s all the CIA did. It told the lower court it did not actually help the State Department with a declassification review of the Perroots Memo. Because it (allegedly) did not assist in declassification, it could still consider the memo “classified” and avail itself of multiple FOIA exemptions. The fact that the CIA did nothing to prevent the State Department from publishing a transcription of the memo suggests it had nothing it needed to keep the public from seeing. But when asked for the same document, it played hardball and managed to obtain a ruling saying it can continue to blow off future requests for this memo in seeming perpetuity.

This is a ridiculous outcome. The only way this can be overturned is if the National Security Archive can convince the Supreme Court that’s something worth doing. Considering there’s only a single memo at stake here, it seems unlikely to be something the nation’s top court would be interested in resolving. As it stands now, the CIA is free to invoke FOIA exemptions to withhold documents that are not only decades old, but have been released publicly in one form or another previously. That’s a big win for completely pointless opacity, which seems to be the kind of opacity national security related agencies tend to prefer.

Filed Under: 1st amendment, cia, dc circuit court, foia, lawsuit, national security, state department

TikTok Law Threatening A Ban If The App Isn’t Sold Raises First Amendment Concerns

from the classic-prior-restraint dept

TikTok, the short-video company with Chinese roots, did the most American thing possible on May 7, 2024: It sued the U.S. government, in the person of Attorney General Merrick Garland, in federal court. The suit claims the federal law that took effect on April 24, 2024, banning TikTok unless it sells itself violates the U.S. Constitution.

The law names TikTok and its parent company, ByteDance Ltd., specifically. It also applies to other applications and websites reaching more than a million monthly users that allow people to share information and that have ownership of 20% or more from China, Russia, Iran or North Korea. If the president determines that such applications or websites “present a significant threat to the national security,” then those apps and websites, too, must either be sold or banned from the U.S.

TikTok’s suit says that the law violates the First Amendment by failing to provide evidence of the national security threat posed by the app and for failing to seek a less restrictive remedy. Despite legislators’ claims to the contrary, the law forcing the divestiture of TikTok – the Protecting Americans from Foreign Adversary Controlled Applications Act – implicates First Amendment interests. In our view, it does so in ways that ripple beyond this specific case.

As a company incorporated in the United States that provides an online publishing platform, TikTok has a right protected by the First Amendment to select what messages – in this case, user videos – it chooses to publish.

A ban appears to us, scholars who study law and technology, to be a massive prior restraint, which is generally barred by U.S. courts. Prior restraint is action by the government to prevent speech, typically some form of publication, before it occurs.The First Amendment limits what the government can do to censor speech.

Speech in the crosshairs

The law’s backers say that it is not a ban – all TikTok has to do is sell itself. These supporters describe the bill as a divestiture, a purely economic regulation that they say should insulate it from First Amendment challenge. After the sale, users could happily keep on using TikTok, not caring who owns the company. But the law seems to us an attempt to control speech by mandating a change in ownership.

Changing the speech content on the app is the express goal of some of the law’s backers. The principal author of the bill, former U.S. Rep. Mike Gallagher, who stepped down from office in April to join a venture capital firm partly backed by Microsoft, explained to The New York Times that he was principally concerned about the potential for the Chinese Communist Party to spread propaganda on the app. The Times and The Wall Street Journal have reported that Congress passed this bill in part because of unsubstantiated accusations that TikTok was unfairly promoting one side in the Israel-Hamas war.

Imagine if the government told Jeff Bezos that he had to sell The Washington Post because it was worried that he might push a particular agenda using his control of the newspaper. Or to use a digital analogy, what if the government told Elon Musk that he had to sell X, formerly Twitter, because it didn’t like his content moderation of legal speech? Those scenarios clearly have a connection to First Amendment protections.

Ownership matters

Transferring TikTok’s ownership from one company to another matters greatly for the purposes of First Amendment analysis.

Supreme Court Justice Elena Kagan observed during oral arguments in a case unrelated to TikTok’s ownership that ownership can make a difference in an app. She noted that the sale of Twitter to Elon Musk changed the character of the app. Kagan said, “Twitter users one day woke up and found themselves to be X users and the content rules had changed and their feeds changed, and all of a sudden they were getting a different online newspaper, so to speak, in a metaphorical sense every morning.”

Indeed, The Washington Post found a rightward tilt after Twitter changed hands.

By forcing the sale of TikTok to an entity without ties to the Chinese Communist Party, Congress’ intent with the law is to change the nature of the platform. That kind of government action implicates the core concerns that the First Amendment was designed to protect against: government interference in the speech of private parties.

U.S. Rep. Raja Krishnamoorthi, co-sponsor of the House bill on TikTok, pointed to another instance where the U.S. government ordered a Chinese company to sell a U.S. app. In 2019, the Committee on Foreign Investment in the United States ordered the new Chinese owners of Grindr to sell the dating app, which the Chinese owners did the following year. In that case, the foreign owners could not assert First Amendment rights in the United States, given that they were outside the U.S., and thus no court considered this issue.TikTok is claiming First Amendment protection against the law forcing its sale or ban.

National security claims

The government hasn’t disclosed to the public the national security concerns cited in the TikTok law. While such concerns, if accurate, might warrant some kind of intervention, some Americans are likely to decline to take claims of national security urgency on good faith. To address skepticism of secret government power, particularly when it involves speech rights, the government arguably needs to present its claims.

U.S. Sens. Richard Blumenthal and Marsha Blackburn, both of whom supported the TikTok law and have seen the government’s secret evidence, called for the declassification of that information. We believe that’s a vital step for the public to properly consider the government’s claim that a ban is warranted in this instance. In any case, the courts will ultimately weigh the secret evidence in determining whether the government’s national security concerns justified this intrusion upon speech.

What seems likely to happen, absent judicial invalidation or legislative repeal of the law, is a world in which TikTok cannot effectively operate in the United States in a year’s time, with mobile app stores unable to push out updates to the software and Oracle Corp. unable to continue hosting the app and its U.S. user data on its servers. TikTok could go dark on Jan. 19, 2025, in the United States.

Anupam Chander, Professor of Law and Technology, Georgetown University and Gautam Hans, Associate Clinical Professor of Law, Cornell University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Filed Under: 1st amendment, divestiture, forced sale, free speech, national security, prior restraint, propaganda, tiktok ban
Companies: bytedance, tiktok

When It Comes To TikTok Hyperventilation, Financial Conflicts Of Interest Abound

from the I-am-entirely-objective-and-operating-in-good-faith dept

Thu, Mar 28th 2024 05:33am - Karl Bode

Earlier this month we noted how despite all of the sound, fury, and hyperventilation surrounding the push to ban TikTok, most Americans don’t actually support such a move (you know, the whole representative democracy thing). Support is particularly lacking among young Democrats, a demographic the Biden administration has struggled to connect with in the wake of the ongoing carnage in Gaza.

The fact that this Congress is too corrupt to agree on anything of substance (but was able to quickly get a TikTok ban through the House) already spoke pretty loudly to TikTok creators. But it probably speaks louder still given that data reveals the House Reps that voted for the ban personally own between 29millionand29 million and 29millionand126 million worth of stock in competing tech companies that directly stand to benefit.

Of the 352 members of the House of Representatives who voted “yes” on the bill, 44 reported they own shares of companies including Amazon, Google, Meta, Microsoft, and Snap. Tracking their exact stock ownership total is tricky, in part, because Congress successfully crushed efforts to make their financial disclosures more easily searchable, notes Quartz:

“Some members file their financial disclosures by hand, and that information isn’t present in the data set. There are several other caveats to consider. Members of Congress have to report stock transactions within 45 days and disclose their overall stock holdings annually. Because there’s a grace period in both cases, the most recent information dates back to earlier this year, before the TikTok vote. Officials also don’t have to report the exact value of these investments, but instead have to disclose a range ($15,001 to $50,000 of Microsoft stock, for example). The value of the stocks has also changed since reports were filed.”

A TikTok ban also benefits military contractors and tech companies keen on seeing greater and broader animosity between the United States and China in order to sell more weaponry, automation, and surveillance technology.

The Intercept, for example, notes that Jacob Helberg, an extremely vocal supporter of the ban TikTok movement, is both a former advisor to Google, a member of the U.S.–China Economic and Security Review Commission, and a current advisor at the military contractor Palantir.

Helberg’s rhetoric on TikTok is not subtle:

“TikTok is a scourge attacking our children and our social fabric, a threat to our national security, and likely the most extensive intelligence operation a foreign power has ever conducted against the United States.”

There’s a large segment of these folks who freak out about TikTok, but ignore not only the same type of abuses by U.S. companies, but the same kind of abuses from international companies where U.S. interests might financially tethered; including the vast data broker industry whose ethics-optional monetization of consumer location, behavior, and other data is the source of endless scandals.

Unfortunately it’s an era where even being marginally transparent about your financial conflicts of interest has become… passé:

“It is a clear conflict-of-interest to have an advisor to Palantir serve on a commission that is making sensitive recommendations about economic and security relations between the U.S. and China,” said Bill Hartung, a senior research fellow at the Quincy Institute for Responsible Statecraft and scholar of the U.S. defense industry. “From their perspective, China is a mortal adversary and the only way to ‘beat’ them is to further subsidize the tech sector so we can rapidly build next generation systems that can overwhelm China in a potential conflict — to the financial benefit of Palantir and its Silicon Valley allies.”

Getting the greater gerontocracy in DC agitated about China has long been trivial for lobbyists, as one such hill advisor noted back in 2012 during the sustained freak out about Huawei (a not insubstantial chunk of which was driven by telecom competitors like Cisco):

“What happens is you get competitors who are able to gin up lawmakers who are already wound up about China,” said one Hill staffer who was not authorized to speak publicly about the matter. “What they do is pull the string and see where the top spins.”

It’s also relatively trivial for these kinds of folks to publish various op-eds at outlets like The Hill without disclosing financial conflicts of interests. Lawyers working for law firms doing lobbying and policy work routinely publish missives under their own name, while doing lobbying work on the side. That their arguments frequently stem from an obvious financial conflict of interest is, apparently, of no note.

Facebook has seen success for several years seeding various moral panics about TikTok around DC with the help of policy and PR firms like Targeted Victory. It’s pretty clear Facebook’s interest isn’t in privacy or national security, but in using both concerns as bludgeons to eliminate a direct competitor the company has, so far, proven incapable of out-innovating in the short-form video space.

That’s not to say that there aren’t meaningful national security issues at play, or people in DC who pursue national security issues in good faith. But they’re certainly and clearly outnumbered.

It’s clear that if lawmakers really cared about national security, they wouldn’t be supporting a multiple-indictment facing NYC real estate con man for President. If Congress really cared about consumer privacy, they’d pass a privacy law that applies to all companies and regulate data brokers, who routinely sell U.S. consumer data to foreign intelligence agencies.

Instead you sort of get a sort of lobbyist-driven, vibes-based, legislative process where the public interest is a distant afterthought, and even the most rudimentary transparency is simply a bridge too far.

Filed Under: apps, china, lobbying, national security, policy, tiktok ban, warhawk
Companies: tiktok

Auto, Tech Industries Falsely Claim ‘Right To Repair’ Reforms Are A Threat To National Security

from the you-are-not-serious-people dept

Thu, Mar 21st 2024 05:26am - Karl Bode

“Right to repair” reform (making it easier and more affordable to repair things you buy) is extremely popular among consumers across both sides of the aisle.

It’s obviously less popular among automakers, tractor builders, tech companies, and other corporations looking to monopolize repair and boost revenues by crushing independent repair shops under their bootheel. Said companies have spent years trying to claim that making it cheaper and easier to repair the things you own poses untold privacy and security threats to the American public.

The auto industry (falsely) claims reforms would result in stalkers getting hold of your private data (you’re to ignore that the auto industry is inherently one of the worst industries in America when it comes to consumer privacy and security standards). Apple claims that right to repair reforms would turn states into dangerous “hacker meccas” (which doesn’t sound all that bad to me, but what do I know).

A bipartisan FTC study found none of these claims were true, yet they’re pretty much all pervasive as auto, agriculture (John Deere is a notorious pest on this front), medical device makers, and tech sector giants try to fend off a rush of popular state and federal reform laws.

But there’s a new wrinkle in the lobbying mix: false claims that right to repair reforms are a threat to national security. That’s the claim being pushed by The Hill (which I won’t link to) by former Trump National Security Adviso_r Robert O’Brien._ The Hill has a long history of laundering dodgy corporate lobbying claims in their op-ed section under the guise of original thinking, and this one is no exception.

The key thrust is that making technology more open to consumers and independent repair shops would somehow (gasp) be a massive boon to foreign adversaries:

The Hill adores taking lobbying press releases and then publishing them in the op-ed section without disclosing author financial conflicts of interest. Usually by lawyers whose firms are doing lobbying and policy work for companies and organizations without being transparent about it.

Keep in mind, again, that the auto industry was just caught over-collecting consumer data and then selling it to insurers, and documentably has some of the worst security and privacy standards in all of technology. The reason they get away with it is because Congress is too corrupt to pass a meaningful privacy law or regulate data brokers. The result has been a huge parade of scandals and harm.

That corruption and apathy genuinely poses a national security threat, given lax privacy and security standards are abused by foreign governments (and our own officials looking to expand surveillance and dodge warrants). But you’ll note that, as you’re seeing with a lot of the performative hyperventilation about TikTok, the same folks whining about right to repair don’t really want to talk about that.

If these folks cared about national security they’d combat corruption. They’d pass a meaningful, well-crafted privacy law, ensuring base-level of overarching privacy and security standards. Guidelines imposing stiff penalties on corporations (and executives) that play fast and loose with consumer data, enforced by privacy regulators with the staff, authority, and resources to do their job.

They don’t support those things because they don’t actually care about consumer privacy and security, they (and I know this might come as a shock to some people), exclusively care about making money.

Surveys have generally shown that many people don’t understand what right to repair is, but once they do they very much support stuff like greater data collection transparency, limiting obnoxious software locks making parts replacement difficult or impossible, making parts, tools, and manuals more accessible, and just generally making repair easier and more affordable.

If you hadn’t noticed from the TikTok stuff, it’s trivial for lobbyists to get Congress ginned up about China and national security using little more than scary vibes. And as a growing roster of states sign off on right to repair reform laws, I suspect you’ll see companies leaning more and more on these false national security claims in a flimsy attempt to misinform the public and scuttle consensus.

Filed Under: automakers, china, consumer rights, independent repair shops, national security, reform, right to reform, security

A TikTok Ban Is A Pointless Political Turd For Democrats

from the election-season-seppuku dept

Fri, Mar 15th 2024 05:25am - Karl Bode

As you probably noticed, the House just passed the controversial ban on TikTok, with 352 Representatives in favor, and 65 opposed. The bill is now likely to be slow-walked to the Senate where its chance of passing is murky, but possible. Biden (which has been using the purportedly “dangerous national security threat” to campaign with) has stated he’ll sign the bill should it survive the trip.

The ban (technically a forced divestment, followed by a ban after ByteDance inevitably refuses to sell) passed through the house with more than a little help from Democrats:

Not talked much about in press coverage is the fact that the majority of constituents don’t actually support a ban (you know, the whole representative democracy thing). Support for a ban has been dropping for months, even among Republicans, and especially among the younger voters Democrats have already been struggling to connect with in the wake of the bloody shitshow in Gaza:

As the underlying Pew data makes clear, a lot of Americans aren’t sure what to think about the hysteria surrounding TikTok. And they’re not sure what to think, in part, because the collapsing U.S. tech press has done a largely abysmal job covering the story, either by parroting bad faith politician claims about the proposal and app, or omitting key important context.

Context like the fact the U.S. has been too corrupt to pass an internet privacy law, resulting in years of repeated scandal (with TikTok being arguably among the least of them). Congress has been lobbied into apathy by a massive coalition of cross-industry lobbyists with unlimited budgets. But the U.S. government is also disincentivized to act because it abuses the dysfunction to avoid having to get traditional warrants.

The press has also been generally terrible at explaining to the public that the ban doesn’t actually do what it claims to do.

Banning TikTok, but refusing to pass a useful privacy law or regulate the data broker industry is entirely decorative. The data broker industry routinely collects all manner of sensitive U.S. consumer location, demographic, and behavior data from a massive array of apps, telecom networks, services, vehicles, smart doorbells and devices (many of them *gasp* built in China), then sells access to detailed data profiles to any nitwit with two nickels to rub together, including Chinese, Russian, and Iranian intelligence.

Often without securing or encrypting the data. And routinely under the false pretense that this is all ok because the underlying data has been “anonymized” (a completely meaningless term). The harm of this regulation-optional surveillance free-for-all has been obvious for decades, but has been made even more obvious post-Roe. Congress has chosen, time and time again, to ignore all of this.

Banning TikTok, but doing absolutely nothing about the broader regulatory capture and corruption that fostered TikTok’s (and every other companies’) disdain for privacy or consumer rights, isn’t actually fixing the problem. In fact, as Mike has noted, the ban creates entirely new problems, from potential constitutional free speech violations, to its harmful impact on online academic research.

I’ve mentioned more than a few times that I think the ongoing quest to ban TikTok is mostly a flimsy attempt to transfer TikTok’s fat revenues to Microsoft, Google, Twitter, Oracle, or Facebook under the pretense of national security and privacy, two things our comically corrupt, do-nothing Congress has repeatedly demonstrated in vivid detail they don’t have any genuine interest in.

TikTok creators seem to understand this better than the gerontocracy or the U.S. tech press:

None of this is to say that TikTok doesn’t actually pose some privacy or national security problems.

But if Congress were really serious about privacy, they’d pass a privacy law or regulate data brokers.

If Congress were serious about national security, they’d meaningfully fight corruption, and certainly wouldn’t support a multi-indictment facing authoritarian NYC real estate con man with a fourth-grade reading level for fucking President.

If Congress were serious about combating propaganda (foreign, domestic, corporate, or otherwise) they’d impose more meaningful updated education standards, fight harmful consolidation in local TV broadcast “news,” and protect and finance academic and journalistic institutions under relentless assault by authoritarians, AI-wielding hedge fund bozos, and incompetent brunchlords.

So when Congress pops up to claim it’s taking aim at a single popular app because it’s suddenly super concerned about consumer privacy, propaganda, and national security, skeptics are right to steeply arch an eyebrow. You realize we can see your voting histories and policy priorities, right?

Xenophobia, Protectionism and Information Warfare

The GOP motivation for a TikTok ban has long been obvious: they believe TikTok’s growing ad revenues technically belong, by divine right, to white-owned U.S. companies. But the GOP also sees TikTok as an existential threat to their ever-evolving online propaganda efforts, which have become a strategic cornerstone of an increasingly extremist, authoritarian party whose policies are broadly unpopular.

The GOP is fine with rampant privacy abuses and propaganda — provided they’re the ones violating privacy or slinging political propaganda. You’ll recall Trump’s big original fix for the “TikTok problem” (before a right wing investor in TikTok recently changed his mind, for now) was a cronyistic transfer of ownership of TikTok to his Republican friends at Walmart and Oracle.

Former Trump Treasury Secretary Steve Mnuchin and his Saudi-funded Liberty Strategic Capital is already hard at work putting investors together to buy the app. If the GOP (or a proxy) manages to buy TikTok, they’ll engage in every last abuse they’ve accused the Chinese government of. TikTok will be converted, like Twitter, into a right wing surveillance and propaganda echoplex, where race-baiting authoritarian propaganda is not only unmoderated, but encouraged.

All under the pretense of “protecting free speech,” “antitrust reform,” or whatever latest flimsy pretense authoritarians are currently using to convince a gullible and lazy U.S. press that they’re operating in good faith.

Why Democrats would support any of this remains an open question. The ban would likely aid GOP propaganda efforts, piss off young voters, and advertise the party (which had actually been faster to embrace TikTok than the GOP) as woefully out of touch. All while not actually protecting consumer privacy or national security in any meaningful way. And creating entirely new problems.

Democratic support for a ban seems largely motivated by lobbying pressure from Facebook/Meta, which has been using the same knobs the GOP and telecom industry used to destroy net neutrality to seed little moral panics around DC for several years. Facebook/Meta is, if it’s not clear, exclusively interested in having the government destroy a competitor it hasn’t been able to out-innovate.

National security, consumer privacy, or good faith worries about propaganda don’t enter into it.

Some Democratic Reps, like Ro Khanna, Alexandria Ocasio-Cortez and Sara Jacobs seem to understand the trap, keeping the focus on a need for a federal privacy law that reins in the privacy and surveillance abuses of all companies that do business in the U.S., foreign or domestic. Some senators, like Ron Wyden, have worked hard to ensure equal attention is paid toward rampant data broker abuses.

But 155 House Democrats voted for the ban, either because they’re corrupt, or they have absolutely no idea how any of this actually works. Pissing off your constituents by ruining an app used by 150+ million (mostly young) Americans during an election season is certainly a choice, especially given negligible constituent support–and growing evidence it likely creates more problems than it professes to solve.

Filed Under: disinformation, information warfare, national security, politics, privacy, propaganda, republicans, security, social media, tiktok ban

Biden EO Restricts Sale Of Consumer Data To ‘Countries Of Concern’ (But We Still Need A Privacy Law And To Regulate Data Brokers)

from the doing-the-bare-minimum dept

Fri, Mar 1st 2024 05:32am - Karl Bode

So we’ve noted for a long while that the fixation on China and TikTok specifically has often been used by some lazy thinkers (like the FCC’s Brendan Carr) as a giant distraction from the fact the U.S. has proven too corrupt to regulate data brokers, or even to pass a baseline privacy law for the internet era. The cost of this corruption, misdirection, and distraction has been fairly obvious.

Enter the Biden administration, which this week announced that Biden was signing a new executive order that would restrict the sale of sensitive behavioral, location, financial, or other data to “countries of concern,” including Russia and China. At a speech, a senior administration official stated the new restrictions would shore up national security:

“Our current policies and laws leave open access to vast amounts of American sensitive personal data. Buying data through data brokers is currently legal in the United States, and that reflects a gap in our national security toolkit that we are working to fill with this program.”

The EO fact sheet is vague, but states the Biden administration will ask the The Departments of Justice, Homeland Security, Health and Human Services, Defense, and Veterans Affairs, to all work in concert to ensure problematic countries aren’t able to buy “large scale” data repositories filled with U.S. consumer data, and to pass new rules and regulations tightening up the flow of data broker information.

We’ve noted for a long, long time that our corrupt failure to pass a privacy law or regulate data brokers was not only a frontal assault on consumer privacy, it was easily exploitable by foreign intelligence agencies looking to build massive surveillance databases on American citizens.

It’s why it was bizarre to see lawmakers myopically fixated on banning TikTok, while ignoring the fact that our corrupt policy failures had made TikTok’s privacy issues possible in the first place.

You could ban TikTok tomorrow with a giant patriotic flourish to “fix privacy,” but if you’re not willing to rein in the hundreds of sleazy international data brokers doing the same thing (or in some cases much worse at even bigger scale), you haven’t actually accomplished much beyond posturing to get on TV.

The EO sounds at least like a first step (depending entirely on the implementation), but is filled with some flowery and revisionist language. This bit, for example:

“These actions not only align with the U.S.’ longstanding support for the trusted free flow of data, but also are consistent with U.S.’ commitment to an open Internet with strong and effective protections for individuals’ privacy and measures to preserve governments’ abilities to enforce laws and advance policies in the public interest.”

Again, we don’t have a privacy law for the internet era in 2024 not because it was too hard to write one, but because Congress is too corrupt to pass one. We have, repeatedly, made the decision to prioritize the profits of an interconnected array of extractive industries over the public welfare, public safety, and even national security.

The result has been a massive, interconnected, hyper-surveillance market that hoovers up data on your every fart down to the millimeter, bundles that data up in vast profiles, and monetizes it across the globe with very little if any real concern for exploitation and abuse. All under the pretense that because much of this data was “anonymized” (a meaningless, gibberish term), there could be no possible harm.

The result has been just a rotating crop of ugly scandals that have gotten progressively worse. All while we (mostly) sat on our hands whining about TikTok.

The FTC has been cracking down on some location data brokers, but generally lacks the resources (by design) to tackle the problem at the scale it’s occurring. They lack the resources because the over-arching policy of the U.S. government for the better part of the last generation has been to defund and defang regulators under the simplistic pretense this unleashes untold innovation (with no downside).

This myopic view of how government works is all pervasive in America, and has resulted in most corporate oversight in the U.S. having the structural integrity of damp cardboard. And it’s all about to get significantly worse courtesy of a handful of looming Supreme Court rulings aimed at eroding regulatory independence even further. There’s a very real cost for this approach, and the check has been, and will be, increasingly coming due in a wide variety of very obvious and spectacular ways.

But we also don’t have a privacy law and refuse to regulate data brokers because the U.S. government benefits from the dysfunction, having realized long ago that the barely regulated data broker market is a great way to purchase data you’d otherwise need to get a warrant to obtain. Data broker location data is now tethered tightly to all manner of U.S. government operations, including military targeting.

The press has also played a role in failing to educate the public about the real risks of failing to regulate data brokers or pass a privacy law. Just 23 percent of the U.S. public even knows the government has failed to pass a privacy law for the internet era. And when the U.S. press does cover privacy, the fact that rank corruption is at the heart of the dysfunction is routinely never mentioned.

So yes, it’s great that we’re starting to see some growing awareness about the real world costs of our corrupt failures on privacy policy. Senator Ron Wyden, in particular, has been doing an amazing job sounding the alarm on how this failure is being exploited by not just a diverse array of self-serving companies, but a surging authoritarian movement in the post-Roe era.

But it’s going to take a hell of a lot more than an EO to course correct. It’s going to take shaking Congress out of its corrupt apathy. And the only thing I think will accomplish that will be a privacy scandal so massive and unprecedented (potentially including mass fatalities or the leaking of powerful figures’ data at unprecedented scale), that elected officials have absolutely no choice but do do their fucking job.

Filed Under: data brokers, executive order, ftc, joe biden, location data, national security, privacy, russia, security, surveillance

The Republican Push To Ban TikTok Has Very Little (And Dwindling) Real World Support

from the you-are-not-serious-people dept

Tue, Dec 26th 2023 05:32am - Karl Bode

We’ve noted repeatedly how the Republican obsession with TikTok is a hollow performance. This is a party that refuses to pass a useful privacy law (or to regulate data brokers). This is a party that generally couldn’t care less about widespread corruption, or its impact on national security.

Yet over the last three years, the press narrative has been that the Republican party supports a TikTok ban because they’re just that concerned about privacy and national security. Time after time, folks like Marsha Blackburn or FCC Commissioner Brendan Carr have enjoyed being portrayed on cable TV news segments as good faith privacy reformers.

It’s absolute gibberish. In reality, the Republican motivation to ban TikTok is a multi-tendrilled, bad faith affair.

Some of it is driven by racism and a desire to animate the similarly xenophobic base. Some of it is anti-competitive nonsense ginned up by Facebook, which doesn’t want to compete with an app they clearly haven’t been able to out-compete or out-innovate.

And some of it is just worry that the increasingly-authoritarian GOP, which has long embraced propaganda in the absence of popular or cogent policies, can’t control TikTok (or bully them away from moderating race-baiting political propaganda like they did with Google and Facebook).

The real GOP motivation for banning TikTok is lousy, and the implementation has been lousier. Most of the GOP bans on TikTok (which require endless billable legal hours to craft) so far have been bypassed by children in all of thirty seconds. Many of the bans have proven unconstitutional. And several of the state AG lawsuits against TikTok have proven to be baseless and largely incoherent.

Regardless of motivation (and despite three years of breathless press coverage presenting the GOP efforts as good faith), actual support for such bans is small and shrinking. One Pew survey recently found that the percentage of American adults who support a ban dropped from 50% in March to 38% now. And of course support for a ban is far worse among those aged 13-17 (18%) that actually use the app.

Even Republican support for a TikTok ban could soon be a minority position within the party:

None of this means that TikTok isn’t a problem. Like most companies, it over-collects too much data, monetizes it, fails to adequately secure it, and wants to sell access to it to any nitwit with a nickel. It was caught spying on journalists. Just like most American companies, it loves the idea of stripping away your legal rights. And yes, there are valid concerns about exploitation by Chinese intelligence.

But again, if you actually care about privacy and national security, banning a single app (clumsily) and then declaring mission accomplished is an empty performance.

Actually fixing these things at any real scale means shaking off congressional corruption to pass a halfway decent privacy law. Actually addressing the problem requires regulating data brokers, which operate at much greater scale and routinely sell access to far more data to anybody with a few nickels to rub together (including Chinese intelligence). Shoring up national security requires attacking corruption.

As an increasingly corrupt, authoritarian party, the GOP supports none of these things, and it seems like after several years of hyperventilation, the message is getting through that their “reforms,” when it comes to TikTok, are largely just sound and fury, signifying nothing.

Filed Under: gop, national security, propaganda, republican, social media, tiktok, tiktok ban
Companies: tiktok