Tracking Americans Who Have Never Worked at TikTok: An Insider’s Look at the ByteDance App
Republicans and Democrats alike have long taken aim at TikTok, since it is owned by Beijing-based tech behemoth ByteDance. Lawmakers are worried that the Chinese Communist Party will use the app to surveil Americans or amplify pro-China narratives.
The article, posted earlier on Thursday, said that ByteDance’s Internal Audit team — usually tasked with keeping an eye on those who currently work for the company or who have worked for the company in the past — planned on surveilling at least two Americans who “had never had an employment relationship with the company.” Forbes says its report was based on materials it reviewed but did not include details about who was potentially going to be tracked or why ByteDance was planning on tracking them, claiming that doing so may put its sources at risk.
Ukrainian forces have shown resilience in the face of Russian aggression and mounted attacks on Kremlin forces. But as the conflict evolves, it is entering an ominous phase of drone warfare. Russia has begun launching a series of recent attacks using Iranian “suicide drones” to inflict damage that is difficult to defend against. With Russian President Vladimir Putin raising the threat of a nuclear strike and NATO officials closely watching for any signs of a change, we examine what indicators are available to the global community in assessing whether Russia is actually preparing to use nuclear weapons.
The Vice Society of Electronic Security: Why Microsoft’s Exchange is Getting Weaker by Mitigating State-Sponsored Attacks
There are many vulnerabilities in Microsoft’s Exchange server email hosting service and researchers are concerned that the platform isn’t getting the development resources it needs anymore, so customers should consider migrating to cloud email hosting. New research looks at how the custodians of the encyclopedia ferret out state sponsored misinformation in their entries.
Middle-of-the-pack groups such as the notorious Vice Society are maximizing profits and decreasing their exposure by investing less technical innovation, according to researchers who pointed out this week. Instead, they simply run the most sparse and unremarkable operations they can to target under-funded sectors like health care and education. If you want to improve your personal security, we’ve got a handy guide to changing passwords and usingpasskeys on mobile devices.
There is more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.
The Tea Party on Internet of Things Security Labels: The United States is Creating a Safe and Secure Labeling Scheme for the Internet-Occupy Electronics Devices
The data of people who are interested in using Microsoft’s cloud services was exposed by a misconfiguration. Researchers from the threat intelligence firm told Microsoft of the leak on September 24. The exposed information went back as far as last year and up to August of this year according to the report. The researchers linked the data to more than 65,000 organizations from 111 countries. Microsoft said there was a leak of information including names, phone numbers, email addresses, and files sent between potential customers and Microsoft or its authorized partners. Cloud misconfigurations are a longstanding security risk that have led to countless exposures and, sometimes, breaches.
There are no easy answers to improve the longstanding security dumpster fire created by cheap, undefended internet of things devices in homes and businesses around the world. Some countries have found that adding security labels to internet-linked cameras, printers, and other equipment makes things a lot easier. The labels give consumers an idea of the protections built into different devices and gives manufacturers an incentive to improve their practices. This week, the United States took a step in this direction. The White House is going to create a labeling scheme for Internet of Things digital security. The administration held a summit with industry organizations and companies this week to discuss standards and guidelines for the labels. The National Security Council spoke of a labeling program that would provide American consumers with the peace of mind that the technology being brought into their homes is safe.
Source: https://www.wired.com/story/tiktok-bytedance-americans-data-security-roundup/
Security, Cybersecurity, and the Internet: What you can and should do about the world and how you can protect yourself from hackers and other criminals
The Washington Post reported this week that the FBI seized documents from former President Trump at his Mar-a-Lago estate in Florida that contained sensitive information about Iran’s nuclear program and the United States’ intelligence operations in China. “Unauthorized disclosures of specific information in the documents would pose multiple risks, experts say. The Post stated that people aiding US intelligence efforts could be at risk and collection methods could be compromised. retaliation by other countries is possible because of the information.
An American candidate beat a Russian challenger in an election last month to head the International Telecommunications Union, which is tasked with cross-border communications. Meanwhile, though, we took a look at the fragility of the world’s internet infrastructure and the vulnerability of crucial undersea cables.
Researchers see evidence that the US’s new legal climate for abortion access is promoting a culture of community surveillance, a hallmark of authoritarian states in which neighbors and friends are encouraged to report possible wrongdoing. There has been a rise in the use of security in soccer stadiums. The eight stadiums in use during the 2022 World Cup in Qatar, for example, will be packed with more than 15,000 cameras to monitor spectators and to conduct biometric scanning.
The Rust programming language, which ismemory safe, is giving hope that a lot of common vulnerabilities could eventually be eliminated. In the meantime, we’ve got a roundup of the most important vulnerabilities that you can—and should!—patch right now.
Source: https://www.wired.com/story/tiktok-eu-privacy-policy-security-roundup/
The IRS is investigating a phone hacking attack on a US payday payment app, Cash App, Fuels sex trafficking in the US and elsewhere
Liz is having a difficult time. Soon after her historically brief stint as the UK prime minister, the Mail on Sunday reported that agents working on behalf of Russia had hacked her personal cell phone when she was foreign minister. The Russian operatives were allowed to intercept messages between the two of them. Boris Johnson and Simon Case suppressed the incident according to the Mail report. While the breach remains unconfirmed, Labor Party officials are calling for an “urgent investigation” into their Conservative opponents. “There are immensely important national security issues raised by an attack like this by a hostile state which will have been taken extremely seriously by our intelligence and security agencies,” Labor Party shadow home secretary Yvette Cooper said last weekend. “There are also serious security questions around why and how this information has been leaked or released right now, which must also be urgently investigated.”
Jack Dorsey is facing a new challenge with his corporate creation. According to a Forbes investigation, the Cash App is helping fuel sex trafficking in the US and elsewhere. The Cash App used to be used in sex trafficking and other crimes based on police records and claims by former Cash App employees. The company, which is owned by Dorsey-led Block Inc., maintains that it “does not tolerate illegal activity on Cash App” and has staff dedicated to working with law enforcement. Forbes writes, “Block hasn’t provided any tips, even though rival payment platforms give the center tips about potential child abuse they facilitate by their services.”
In the last three years, the USTreasury Department said that US financial institutions have been facilitating almost two billion dollars in payments for the period from 2021 to 2020. The White House is trying to raise funds to combat the rising number of malicious software that allows attackers to hold on to a victim’s files and demand a fee in order to release them. The Financial Crimes Enforcement Network, the acting director of the Treasury Department’s, stated in a statement that they are concerned about the threat posed by Ransomware. While $1.2 billion in payments is already painful enough, the number does not take into account the costs and other financial consequences that come with a ransomware attack outside of the payment itself.
Social Media Privacy in the United States and the Senate-Passed Social Media Correlations (Scenarios): Investigation of a New Privacy-Protected Social Media Law
The new bill was brought about by Sen. Marco Rubio, top republican on the Senate Intelligence Committee and a bipartisan pair of congressmen. TikTok has faced doubts about its ability to safeguard US user data from the Chinese government.
The proposed legislation would “block and prohibit all transactions” in the United States by social media companies with at least one million monthly users that are based in, or under the “substantial influence” of, countries that are considered foreign adversaries, including China, Russia, Iran, North Korea, Cuba and Venezuela.
According to an internal memo, the staff of the US House of Representatives was told to remove TikTok from any House-issued mobile phones. The directive was reportedly issued by Catherine L Szpindor, the chief administrative officer of the House, and also bans the popular social media app from being downloaded on House-issued devices going forward.
The company is negotiating a deal with the US government that could allow them to address national security concerns and continue serving US users.
McQuaide said members of Congress would continue to be briefed on the plans that had been developed under the oversight of our country’s top national security agencies.
The first version of the article appeared in theReliable Sources newsletter. You can sign up for the daily digest.
Many of the lawmakers’ concerns have to do with location tracking services within the app, which they fear could be used for espionage. location tracking is a standard feature of social media apps.
The Senate-passed bill would make exceptions for law enforcement, national security interests and activities.
TikTok: A U.S. App for Social Media? The CFIUS Benchmark Panel on Foreign Investment in the United States
In 2021, TikTok announced that it had one billion monthly users. In the U.S., two-thirds of all teens say they use it, according to the Pew Research Center.
On March 10, after the invasion of Ukraine by Russia, the White House hosted a call with TikTok creators. The creators of the tens of millions of followers of the White House had to be briefed by the White House press secretary, members of the National Security Council, and Jen Psaki, then the White House press secretary. The meeting followed a similar effort the previous summer, in which the White House recruited dozens of TikTokers to help encourage young people to get vaccinated against Covid.
While the company denies it would ever be used for nefarious purposes, national security experts say China-based businesses usually have to give unfettered access to the authoritarian regime if information is ever sought.
So the ban on federal government devices is an incremental restriction: Most drastic measures have not advanced, since the efforts lacked the political will, or courts intervened to stop them.
“I think some concern about TikTok is warranted,” said Julian McAuley, a professor of computer science at the University of California San Diego, who noted that the main difference between TikTok and other social media apps is that TikTok is much more driven by user-specific recommendations.
“While ByteDance claims that it maintains its operations in the United States separately, there is no easy way to determine the extent to which that claim is true,” said Sameer Patil, a professor at the University of Utah who studies user privacy online.
He said that the amount of data that social media companies harvest is overblown to what extent they know about users.
The Committee on Foreign Investment in the United States (CFIUS), a powerful interagency federal panel that reviewing foreign investment in the U.S., began examining TikTok during the Trump administration and the probe is still underway.
The committee is satisfied that TikTok made sure that there was a firewall between Beijing and the U.S.
CFIUS deliberations are famously secretive and happen behind closed doors. It is not clear when the committee might finish its investigation, nor is it known which way it is leaning.
The U.S. Department of State is Protecting from the Beijing-Controlled Weather App for Good, and China is No More Harmful
Nebraska has had a ban in place since 2020, which covers all state devices. The Department of Financial Services of Florida has also done so. Louisiana and West Virginia each announced partial bans.
This is in part because Byte Dance is required by Chinese law to assist the government, which could include sharing user data from anywhere in the world.
“There is no more time to waste on meaningless negotiations with a CCP-puppet company,” Rubio said in a statement. “It is time to ban Beijing-controlled TikTok for good.”
“That makes sense for the U.S. soldiers to be told not to use the app due to the chance it would share their location information with other entities,” he said. “But that’s also true of the weather app and then lots of other apps that are existing in your phone, whether they’re owned by China or not.”
The University of Washington has a law professor named Ryan Calo. He says that the data privacy in the United States needs improvement, but that the proposed legislation is more about political tensions and not about TikTok.
“The truth of the matter is, if the sophisticated Chinese intelligence sector wanted to gather information on particular state employees in the United States, it wouldn’t probably have to go through TikTok.”
“It’s always easy – and this happens across the world – to say that a foreign government is a threat, and ‘I’m protecting you from that foreign government,’ he says. “And I think we should be a little cautious about how that can be politicized in a way that far exceeds the actual threat in order to achieve political ends.”
The Tech Critics’ Corner: How the U.S. Big Tech is going to come under the scrutiny of China’s National Security Laws
Both Chander and Calo are skeptical that an outright TikTok ban would gain much political momentum, and both argue that even if it were to move forward, banning a communication platform would raise First Amendment concerns. But Calo believes the conversation could push policy in a positive direction for Americans.
“I think that we’re right in the United States to be finally thinking about the consequences of having so much commercial surveillance taking place of U.S. citizens and residents,” he said. In order to address it, we should pass comprehensive privacy rules or laws, which is what the Federal Trade Commission seems to be interested in doing.
Lobbying isn’t the only thing that is making these bills difficult to pass. It is more difficult to impose sweeping rules on an entire industry than it is to get the US government to use its own technology.
The tech industry’s largest players have faced a kitchen sink of allegations in recent years. Big Tech has been portrayed as one of Washington’s biggest villains, from knee-capping rivals; to harming children and mental health; to undoing democracy; to spreading hate speech and harassment; and to censoring conservative viewpoints.
There is no evidence yet that that has actually happened. It is a possibility that is identified by China’s national security laws, which fit into a larger anti-China narrative involving trade, human rights and authoritarianism. After the report said US user data had been accessed repeatedly by China-based employees, those fears were renewed. TikTok didn’t like the report.
Big Tech, Big Tech: Why Tech Platforms are Fail? How Tech Markets Get Their ByteDance and Google Lobbyists
Beckerman told CNN’s Jake Tapper on Tuesday that they think a lot of the concerns are overblown but that they do think these problems can be solved through the government negotiations.
ByteDance spent over $270,000 on lobbyists in the year of 2015, according to public records. By the end of last year, the company had spent over five million dollars on lobbying.
Last year, Meta was the biggest internet industry lobbyist, spending up to $20 million. Amazon was next at $19 million, followed by almost $10 million from a search engine. Combined, that’s roughly $49 million in lobbying — almost 10 times what was spent by TikTok’s parent, which nevertheless clocked in at number four on the list.
One of those bills, the American Innovation and Choice Online Act (AICOA), would erect new barriers between tech platforms’ various lines of business, preventing Amazon, for example, from being able to compete with third-party sellers on its own marketplace. The tech industry was investigated by the House and it was found that many of the biggest tech companies were effectively monopolies.
For a brief moment this month, lawmakers seemed poised to pass a bill that could force Meta, Google and other platforms to pay news organizations a larger share of ad revenues. But the legislation stumbled after Meta warned it could have to drop news content from its platforms altogether if the bill passed.
Source: https://www.cnn.com/2022/12/22/tech/washington-tiktok-big-tech/index.html
Technology, Politics, and Business: Rethinking Tech Laws to Protect Our Children’s Children, Our Schools, and Our Future, and Their Role in Education and Research
Silicon Valley’s biggest players have taken care of business in Washington to defend their turf from hungry lawmakers.
By contrast, decisions about the rules government might impose on tech platforms have called into question how those regulations may affect different parts of the economy, from small businesses to individual users to the future of the internet itself.
In some cases, as with proposals to revise the tech industry’s decades-old content moderation liability shield, Section 230 of the Communications Decency Act, legislation may raise First Amendment issues as well as partisan divisions. Section 230 of the Communications Decreetts Act gives social media companies a pass to leave offensive content alone, and Democrats have called for changes to the law in order to force platforms to take down less offensive content.
The cross-cutting politics and the technical challenges of regulating an entire sector of technology combined have made it difficult for lawmakers to reach an accord.
“It’s really important to establishing a Republican brand. “Republicans agree on one thing, taking a strong stance and standing up to China,” says Kousser, professor of political science.
Academic and higher education curriculums incorporate social media research and teaching. The nature of modern communication has been fundamentally changed by the app.
From an educational standpoint, how are media and communications professors supposed to train students to be savvy content creators and consumers if we can’t teach a pillar of the modern media landscape? While students can certainly still access TikTok within the privacy of their own homes, professors can no longer put TikToks into PowerPoint slides or show TikTok links via classroom web browser. Colleges can’t train students in best practices for the sake of brands, companies and novel forms of storytellers who all rely on TikTok. Additionally, TikTok makes parts of the world more accessible, as students can see the things they are learning about in real time.
The world keeps turning as these states implement their bans, leaving their citizens disadvantaged in a fast-paced media world. Additionally, media and communications students in the states will be at a disadvantage in applying for jobs, showcasing communicative and technical mastery, and brand and storytelling skills, as their peers from other states will be able to receive education and training.
Professors also must do research. If the bans continue, social media scholars can’t do what they’ve been hired to do and be experts. The compliance offices have said that the bans are only for campus, but who will foot the bill for more expensive data plans on their phone? No one answered the question. While working at home does remain an option, professors are also employees who are expected to be on campus regularly to show they are in fact working. It is possible for a social media professor to research TikTok on campus, but they would have to rely on video streaming via mobile data which can be quite expensive, either by having to individually pay for unlimited data, or accidentally going over one’s limits.
TikTok CEO Shou Zi Chew will testify before Congress in March, amid nationwide efforts to ban the social media app among government employees and schools due to concerns about privacy and its effect on young people’s mental health.
Earlier this month, Sen. Mark Warner (D-VA), chair of the Senate Intelligence Committee, was reportedly considering offering a bill to ban a broader “category of applications” that could be applied to other apps that pose security risks, according to Axios.
ByteDance sued the Trump administration after the former president signed an order to ban the app.