The 197th Block: Personal data protection
"I'm in!"
This week…
Your reading time is about 8 minutes. Let’s start.
Two weeks ago, it was Data Protection Day (28 January), which is observed in about 50 countries, mostly in Europe. That week, I wanted to talk about a series of attempts to get into my Microsoft account (and Gmail in the process), but I decided to follow up on language patterns shaped by the Internet and the romanticising of vaccine-preventable infectious diseases in high-income countries. That seemed far more profound, at that time, and I’m sure many readers are not here to look for tips about data privacy and protection. (But if you are, follow this link.)
However, this week, I received a notification about my data being found on the dark web so I thought I should share my experience a little bit. I have a Google One membership that scans the dark web for associated personal information. This time, I found out old credentials associated with an active account were found in a 7 February leak. This happens more often than not—many of these ‘ leaks’ are just old sets of credentials bundled and presented as new.
Even before this latest notification, I knew that there were multiple attempts from Germany, Croatia, Russia, the U.S., Turkey, China, Seychelles, etc. (although it could easily have been a single person using VPN) to get into my Microsoft account. There was also one Exchange ActiveSync attempt. While there has not been any successful attempt yet, it is enough to annoy me because sometimes they also try to get into my Gmail account to reset the login and I would get notified in the middle of my sleep.
There is nothing much I can do about it except to keep my login methods up to date and use multi-factor authentication. Even I struggle to sign into my own accounts. 🙃 The reason I share this is because you can do everything right and still, due to platform vulnerabilities, find your online data in the wrong hands. Just try to stay a step ahead, even if you only have 0.03 cents of expired Skype credit in your Microsoft account.
Below, Cory Doctorow, an expert in matters related to personal data and online privacy (he has written extensively on these subjects, at least), shared how he has fallen victim to fraud and phishing scams too, despite his better-than-average knowledge of this field. As he illustrated with the Swiss-cheese security metaphor in his post, all you need is for things to line up perfectly at the right moment for a vulnerability to be exploited. That's why scammers and hackers are willing to try endlessly, using as many methods until the attack lands. If you think you are 100 per cent secure, that’s when you are most vulnerable. Stay vigilant.
And now, a selection of top stories on my radar, a few personal recommendations, and the chart of the week.
ICYMI: The Previous Block showed how the Internet sways elections, China's involvement in foreign interference, and the way language mastery affects digital literacy. CORRECTION NOTICE: None notified.MEDIA INDEPENDENCE
Invitation to tea: Chinese regime’s Orwellian threat to journalists
RSF with quotes from Cédric Alviani, RSF Asia-Pacific Bureau Director:
Framed as a reminder of legal regulations, in reality the list is yet another ploy by the Beijing regime to further intimidate the Chinese public, clearly including the media and their sources, into self-censorship during the Lunar New Year holidays. We call on the international community to step up the pressure on this Orwellian regime to stop violating press freedom and the right to information, two principles that are enshrined in the country’s constitution.
I, too, have received similar invitations from the “office of the first lady of Malaysia” when convicted felon Najib Razak was Prime Minister. Only his wife self-styled herself that way, I think, and established her own government department. I ignored those invites. 😇 Loosely linked:
A global rise in government-led fact-checking initiatives cause concern, worries of misuse by Elias Meseret for Poynter.
Chinese websites posing as local news outlets target global audiences with pro-Beijing content by Alberto Fittarelli for The Citizen Lab (Munk School).
CNN staff say network’s pro-Israel slant amounts to ‘journalistic malpractice’ by Chris McGreal for The Guardian.
Gaza is now the frontline of a global information war by Robert M. Dover (University of Hull) for The Conversation.
DEEPFAKE SCAMS
Everyone looked real: multinational firm’s Hong Kong office loses HK$200 million after scammers stage deepfake video meeting
Harvey Kong for SCMP:
A multinational company lost HK$200 million (US$25.6 million) in a scam after employees at its Hong Kong branch were fooled by deepfake technology, with one incident involving a digitally recreated version of its chief financial officer ordering money transfers in a video conference call, police said.
Everyone present on the video calls except the victim was a fake representation of real people. The scammers applied deepfake technology to turn publicly available video and other footage into convincing versions of the meeting’s participants.
Police said they were highlighting the case as it was the first of its kind in Hong Kong and involved a large sum. They did not reveal details about the company or the employees involved.
Loosely linked:
How I got scammed by Cory Doctorow on Pluralistic.
Romance scammer reveals how he tricks women after failing to fool Go Public reporter by Erica Johnson for CBC.
Worried about AI voice clone scams? Create a family password by Cooper Quintin for EFF.
AI BIAS
The AI tools that might stop you getting hired
Zoë Corbyn for The Guardian:
Investigating the use of artificial intelligence (AI) in the world of work, Hilke Schellmann thought she had better try some of the tools. Among them was a one-way video interview system intended to aid recruitment called myInterview. She got a login from the company and began to experiment – first picking the questions she, as the hiring manager, would ask and then video recording her answers as a candidate before the proprietary software analysed the words she used and the intonation of her voice to score how well she fitted the job.
She was pleased to score an 83% match for the role. But when she re-did her interview not in English but in her native German, she was surprised to find that instead of an error message she also scored decently (73%) – and this time she hadn’t even attempted to answer the questions but read a Wikipedia entry. The transcript the tool had concocted out of her German was gibberish. When the company told her its tool knew she wasn’t speaking English so had scored her primarily on her intonation, she got a robot voice generator to read in her English answers. Again she scored well (79%), leaving Schellmann scratching her head.
Loosely linked:
Microsoft in deal with Semafor to create news stories with aid of AI chatbot by Anna Nicolaou for Ars Technica (via FT).
Biased GPT? Singapore builds AI model to ‘represent’ Southeast Asians by Rina Chandran for Context.
Roblox releases real-time AI chat translator by Emilia David for The Verge.
What I read, listen, and watch…
I’m reading The Age of Empathy (2009) by Frans de Waal. Where behavioural science and evolutionary biology are concerned, most thinkers of the field often end up getting a little bit too… goofy after a while, Jane Goodal included. I’m glad de Waal called out Richard Dawkins in this book.
I’m listening to WNYC’s On the Media episode about the AI clickbait business by a Serbian DJ, Nebojša Vujinović (also known as DJ Vujo) with input by Wired tech reporter Kate Knibbs. Also on the episode are the editor-in-chief of The New York Amsterdam News, Elinor Tatum on the push to make AI technology and data more diverse, and misinformation researcher for Media Matters, Abbie Richards on AI-generated conspiracy theories on TikTok.
I’m watching The Voice: Conspiracies and Australia’s Referendum, a BBC World Service’s episode on how an Australian referendum to establish an indigenous advisory body was affected by disinformation.
Other curious links, including en español et français:
News companies reverse course on hard subscriptions by Sara Fischer for Axios.
U.S. Federal Communications Commission made robocalls illegal by Ali Swenson for AP.
In Pakistan, Senegal and Sudan, networks are down — and it’s no accident by Ellery Roberts Biddle for Coda.
Framing fact-checks as a “confirmation” increases engagement with corrections of misinformation: a four-country study by Natalia Aruguete et al. for Nature.
The rise and fall of a double agent by Justin Ling and illustrated by Michael Byers for The Walrus.
How a nuclear weapons lab helped crack a serial-killer case by Sarah Scoles for Undark.
Bukele y el día en que el miedo triunfó por Esteban González de León en Gatopardo.
La generación de cristal y libertaria ¿la ven? por Solana Camaño en Pagina 12.
De quoi le « Sud global » est-il le nom ? par Béligh Nabli dans L’Obs.
Au Nouveau-Brunswick, les signalements de sextorsion sont en hausse vertigineuse par Réal Fradette dans Radio-Canada.
Chart of the week
Based on Statista Consumer Insights, there is only one (among the 21 countries surveyed) where a majority of respondents are worried about the misuse of their data. More here by Florian Zandt for Statista.
And one more thing
Infinite Craft by Neal Agarwal. More fun here.