FCC Charges Mobile Carriers with Selling Your Location Data

Posted on February 27, 2020February 27, 2020 by Denise Simon

Source: The FCC has finished investigating carriers’ unauthorized disclosure and sale of subscribers’ real-time location data, Chairman Ajit Pai has shared with (PDF) lawmakers in the House of Representatives. In his letters, he told Energy and Commerce Committee Chairman Frank Pallone, Jr. and others that the agency has come to a conclusion after an extensive probe: one or more carriers “apparently violated federal law.” Pai has also promised the lawmakers that the agency is going to take action against the offending carriers to ensure that they comply with laws that protect consumers’ sensitive information.

Back in 2018, it came to light that carriers sell their customers’ real-time location data to aggregators, which then resold it to other companies or even gave it away. Last year, a Motherboard report also revealed that bail bond companies and bounty hunters have been buying people’s location data for years, allowing them to use that information to track their targets.

All four major US carriers promised to stop selling customer location data to aggregators after the information first came out. The companies made good on their word, though it took them a year to do so: They informed FCC Commissioner Jessica Rosenworcel that they had already halted sales to aggregators after she requested for an update in 2019.

Pallone said in a statement:

“Following our longstanding calls to take action, the FCC finally informed the Committee today that one or more wireless carriers apparently violated federal privacy protections by turning a blind eye to the widespread disclosure of consumers’ real-time location data. This is certainly a step in the right direction, but I’ll be watching to make sure the FCC doesn’t just let these lawbreakers off the hook with a slap on the wrist.”

Rosenworcel, who repeatedly brought the issue up over the past years, also said that it was a “shame that it took so long for the FCC to reach a conclusion that was so obvious.” Especially when “shady middlemen could sell your location within a few hundred meters based on your wireless phone data.”

We’ve reached out to AT&T, Verizon, T-Mobile, Sprint and CTIA, the trade group representing the wireless communications industry in the US, for a statement.

*** source: Google has been tracking Android users even when location services are disabled

House Commerce Committee Chairman Frank Pallone, Jr. (D-N.J.) said that Pai’s response to lawmakers “is a step in the right direction, but I’ll be watching to make sure the FCC doesn’t just let these lawbreakers off the hook with a slap on the wrist.”

Sen. Ron Wyden (D-Ore.) said that he is “eager to see whether the FCC will truly hold wireless companies accountable or let them off with a slap on the wrist.”

Source: An investigation by Motherboard in January 2019 found that “T-Mobile, Sprint, and AT&T are [still] selling access to their customers’ location data and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country.”

The carriers made further promises to stop selling the data and later confirmed to the FCC that they had phased out the data-selling programs.

Pai’s letter today did not say exactly which federal law the carriers broke, but Section 222 of the Communications Act says that carriers may not use or disclose location information “without the express prior authorization of the customer.” Carriers have also been accused of violating rules on the usage of 911 location data.

Justice Dept Brands Huawei as a Criminal Enterprise

Posted on February 21, 2020February 21, 2020 by Denise Simon

Gotta hope that Europe takes note, especially Britain. Europe so far has approved Huawei as the vendor platform for 5G. Check your use of apps at the Google store and take a second look at your smart devices.

Image result for huawei source

FDD: The U.S. Department of Justice (DOJ) indicted Chinese telecommunications firm Huawei Technologies and its subsidiaries last week for alleged racketeering, theft of intellectual property, and conspiracy to commit bank fraud, among other charges. The indictment portrays Huawei not merely as a company that has broken the law, but as a fundamentally criminal enterprise.

The new charges target Huawei, four of Huawei’s subsidiaries (Huawei Device Co. Ltd., Huawei Device USA Inc., Futurewei Technologies Inc., and Skycom Tech Co. Ltd.), and Huawei’s chief financial officer, Meng Wanzhou, for violating the Racketeer Influenced and Corrupt Organizations (RICO) Act, which Congress passed in 1970 to combat organized crime.

According to the DOJ, the Huawei business model entailed “the deliberate and repeated misappropriation of intellectual property of companies headquartered or with offices in the United States.” DOJ also highlighted other violations, including Huawei’s role in sanctions evasion and fraudulent activities.

Last week’s indictment marks the first time DOJ charged a company with suspect connections to a foreign government as a criminal enterprise. Although Huawei asserts it is not state-owned, the company has indirect ties to the Chinese government and has yet to publically disclose who exactly owns and controls the company. Huawei’s majority shareholder is the company’s labor union, which keeps the details of its membership and governance structure out of the public eye. Last year, Jiang Xisheng, a top executive, explained during a press conference that the labor union’s ownership is simply a matter of legal convenience; this only further obfuscated who is really in charge. Additionally, Huawei’s founder, Ren Zhangfei, served in the Chinese military and is a member of the Chinese Communist Party.

While the indictment does not say that Beijing directed Huawei to operate as a criminal enterprise, China’s National Intelligence Law of 2017 requires Huawei and other private companies to provide the government with their data to “support, assist, and cooperate with state intelligence according to the law.” In short, the law empowers Beijing to exploit Huawei as an intelligence asset whenever it sees fit.

In other high-profile cases, the Chinese government has stolen sensitive U.S. data to achieve a strategic advantage. U.S. officials have even deemed China’s espionage and intelligence activities as a “long-term existential threat to the security of our nation.” In 2012, the head of the U.S. National Security Agency estimated that China’s economic espionage cost U.S. companies $250 billion in annual losses. Additionally, the targeting of strategic industries has allowed Beijing to enhance its own military capabilities at America’s expense.

The exploitation of Huawei could clearly enhance Beijing’s intelligence collecting capabilities. Just last week, the U.S. government reported that for over ten years Huawei secretly maintained “back doors” on its mobile networks that allowed the company – and potentially the Chinese government – to have direct access to their users’ most sensitive data.

The indictment of Huawei as a criminal enterprise shows that the Trump administration was mistaken when it placated Beijing by softening previous penalties for Huawei’s misconduct. If the court finds Huawei guilty under RICO, the administration should ensure the full application of all penalties necessary to end its criminal pursuits.

Facebook Still Deleting Accounts Tied to Iran and Russia

Posted on February 13, 2020February 13, 2020 by Denise Simon

Social media giant Facebook on Wednesday removed two unconnected networks of accounts, pages, and groups “engaging in foreign or government interference,” one originating in Russia and the other one in Iran, both of which have alleged ties to intelligence services.

Calling the behavior “coordinated” and “inauthentic,” Facebook’s head of security policy, Nathaniel Gleicher, said both operations were acting on “behalf of a government or foreign actor.”

The Russian network primarily targeted Ukraine and its neighboring countries, while the Iranian operation focused mainly on the United States.

The people behind the groups and accounts “coordinated with one another and used fake accounts to misrepresent themselves, and that was the basis for our action,” the social-media company said.

In total, 78 accounts, 11 pages, 29 groups, and four Instagram accounts originating in Russia were removed.

Facebook’s investigation “found links to Russian and military intelligence services” within the Russian network.

The people behind the network would pose as citizen journalists and tried to contact policymakers, journalists, and other public figures in the region.

They would post content in Russian, English, and Ukrainian “about local and political news including public figures in Ukraine, Russian military engagement in Syria, alleged SBU (Ukrainian Security Service) leaks related to ethnic tensions in Crimea and the downing of the Malaysian airliner in Ukraine in 2014.”

Similarly, six Facebook and five Instagram accounts were removed originating in Iran that engaged in “coordinated inauthentic behavior.”

Some tried contacting public figures and they shared posts on such topics as the U.S. elections, Christianity, U.S.-Iran relations, U.S. immigration policy, and criticism of U.S. policies in the Middle East.

About 60 people had followed one or more of the Iran-based Instagram accounts, the media company said.

*** What there is more….

Add in Vietnam and Myanmar.

Per Facebook in part:

Each of them created networks of accounts to mislead others about who they were and what they were doing. We have shared information about our findings with industry partners.

We’re constantly working to detect and stop this type of activity because we don’t want our services to be used to manipulate people. We’re taking down these Pages, Groups and accounts based on their behavior, not the content they posted. In each of these cases, the people behind this activity coordinated with one another and used fake accounts to misrepresent themselves, and that was the basis for our action.

We are making progress rooting out this abuse, but as we’ve said before, it’s an ongoing challenge. We’re committed to continually improving to stay ahead. That means building better technology, hiring more people and working closer with law enforcement, security experts and other companies.The individuals behind this activity posed as locals and used fake accounts — some of which had already been detected and disabled by our automated systems — to manage Groups and Pages, post and comment on various content. Some of these accounts represented themselves as citizen journalists and tried to contact policymakers, journalists and other public figures in the region.

Read more here for more fake news sampling noted by Facebook.

Chinese Spy Leading California Public Pension Fund?

Posted on February 13, 2020February 13, 2020 by Denise Simon

This may add some very new and different questions when it comes to the Biden foreign operations….read on….

Rep. Jim Banks, R-Ind., joined “Mornings with Maria” to explain why he wrote a letter to California Gov. Gavin Newsom highlighting his concerns about the state public pension fund’s chief investment officer having ties to China.

The fund has invested $3.1 billion in Chinese companies, some of which have been blacklisted by the U.S. government, Banks told FOX Business’ Maria Bartiromo.

“If this were up to me, I would fire [Chief Investment Officer Yu Ben Meng] immediately because of these suspicious ties,” he said. “We learned that Mr. Meng, who is the chief investment officer of CalPERS, was actually recruited to this position by the [Chinese Communist Party] through something called the Thousand Talents Program. Now he’s denied it.”

CalPERS stands for the California Public Employees’ Retirement System, the largest public pension fund in the nation.

“What is unusual is that many of these companies are companies that we’ve blacklisted, that make Chinese military equipment or are responsible for technologies like Hikvision, which is the equipment that’s used by the Chinese for surveillance on the Uighur Muslim population that they’ve been abusing in their own country,” Banks said.

The Commerce Department blacklisted Hikvision in October “for engaging in or enabling activities contrary to the foreign policy interests of the United States.”

CalPERS defended Meng.

“This is a reprehensible attack on a U.S. citizen. We fully stand behind our Chief Investment Officer who came to CalPERS with a stellar international reputation,” a CalPERS spokeswoman told Reuters.

Hold on, it is actually worse… going back 4 months ago….

(Reuters) – Some of the biggest public pensions funds in the United States have invested in one of the world’s largest purveyors of video surveillance systems that the U.S. government claims are used in wide-scale repression of the Muslim population of western China.

The Trump administration’s decision to put the company, Hangzhou Hikvision Digital Technology Co (002415.SZ), on a blacklist last week has prompted at least two of the pension plans to say they are reviewing or monitoring that development.

The blacklist applies to Hikvision and seven other companies because they allegedly enabled the crackdown that has led to mass arbitrary detentions in the Xinjiang region.

“We are tracking the situation given this new development with the Department of Commerce’s announcement,” a spokeswoman for the California State Teachers’ Retirement System (CalSTRS) said in an email.

CalSTRS owned 4.35 million Hikvision shares at the end of June 30, 2018, the last data available. The holding, owned directly and through emerging market exchange-traded funds, would be worth $24 million at that share count.

The New York State Teachers Retirement System also owned Hikvision, reporting 81,802 shares at the end of June, up from 26,402 shares at the end of 2018, fund disclosures show.

“Our holdings are primarily held according to their weights in passive portfolios matching the MSCI ACWI ex-U.S. index, our policy benchmark. We are monitoring the situation,” said a spokesman for the teachers’ fund. The ex-U.S. All Country World Index includes stocks from 22 developed and emerging markets.

The blacklisting means Hikvision and the other companies will not be able to buy U.S. technology, such as software and microchips, without specific U.S. government approval. It does not prevent U.S. investors from buying the companies’ shares. In August, Hikvision had been banned from selling to U.S. federal agencies because the government said its products could allow access to sensitive systems.

Hikvision’s General Manager Hu Yangzhong told Reuters on Wednesday it has been talking to the U.S. government about Xinjiang and has hired human rights lawyers to defend itself against the blacklisting.

A spokeswoman for law firm Sidley Austin LLP, which has lobbied for Hikvision this year, declined to comment.

Another major fund investing in Hikvision shares is the Florida Retirement System (FRS), with 1.8 million shares at the end of June.

A spokesman for the fund said it was working closely with external money managers “related to the issue in order to meet all regulatory and fiduciary requirements.”

POSTER CHILD

Risk consultants say the ease with which money used for the retirements of tens of millions of Americans is being invested in such companies should concern U.S. authorities at every level, as well as Americans generally.

“Hikvision has emerged as the corporate poster child for enabling Chinese human rights abuses, with its surveillance cameras visible atop the walls of detention camps incarcerating some one million or more Uighurs in Xinjiang,” said Roger Robinson, president and CEO of Washington DC-based risk consultancy RWR Advisory Group.

Beijing denies any mistreatment of people at the camps, which it says provide vocational training to help stamp out religious extremism and teach new work skills.

Robinson said that many Americans are unwittingly owning shares in such companies because they are in index funds. “They are picked up by the index providers in sizable numbers and sluiced into U.S. investor portfolios with seemingly very little, if any, due diligence or disclosure in the categories of national security and human rights.”

MSCI Inc (MSCI.N), whose products are designed for global investors, added Hikvision to its benchmark emerging markets index last year. MSCI declined to comment.

One other company among the blacklisted eight that is owned by some of the big pension funds is iFlytek Co Ltd (002230.SZ), a speech-recognition firm. Its shares were owned by funds in Florida, New York State as well as CalSTRS and the California Public Employees Retirement System (CalPERS) indirectly through the iShares MSCI Emerging Markets ETF at their last disclosure dates. IShares, a top ETF provider owned by BlackRock Inc (BLK.N), declined to comment.

CUTTING TIES

Not all the funds have stuck with Hikvision.

The New York State Common Fund, one of the country’s biggest pension funds, liquidated its position months ago. It had owned 2.7 million shares worth $14.2 million at the end of March through an external fund manager, but sold them in May, a spokesman said, declining to say why.

U.S. mutual funds have also cut or eliminated positions in Hikvision amid the negative publicity, which included it being named in a Human Rights Watch report on mass surveillance in Xinjiang in May.

Just 9% of global emerging markets funds now own Hikvision, down from 20% in 2018, according to Copley Fund Research. One fund to pull out is the $2.7 billion Artisan Developing World Fund (APDYX.O), which had a $66 million position in Hikvision at the end of March but reported holding no shares three months later, fund disclosures show. Artisan did not respond to a request for comment.

At least one U.S. pension fund had worried this summer about whether to invest in the Chinese surveillance company.

The $33 billion Alaska Permanent Fund had considered an investment in a China fund featuring Hikvision as a top holding, according to minutes of a June meeting of its trustees and staff. The minutes were published last month.

Schroders Global Asset Management, a finalist for the fund’s mainland China investment mandate, touted Hikvision as a top performer.

Some Alaska trustees, however, worried about “headline risks” of investing in companies that aid the Chinese government’s surveillance activities, according to the minutes.

Jack Lee, portfolio manager of the China fund, assured Alaska pension officials he had spoken with Hikvision executives. Hikvision will “try to avoid that kind of business,” the trustees were told, but “they don’t necessarily know how their equipment is used,” Lee told the trustees, according to the minutes.

Reuters could not determine whether Alaska made an investment in the Schroders fund that included Hikvision stock.

A spokeswoman for the Alaska Retirement Management Board, which oversees the pension, said it does not have any additional information to share regarding Schroders’ efforts. A Schroders spokesman declined to comment.

Huawei Snooping via Backdoor on US Telecom Network

Posted on February 11, 2020February 11, 2020 by Denise Simon

For ten years…..

U.S. officials say Huawei Technologies Co. can covertly access mobile-phone networks around the world through “back doors” designed for use by law enforcement, as Washington tries to persuade allies to exclude the Chinese company from their networks.

Chinese tech giant Huawei can reportedly access the networks it helped build that are being used by mobile phones around the world. It’s been using backdoors intended for law enforcement for over a decade, The Wall Street Journal reported Tuesday, citing US officials. The details were disclosed to the UK and Germany at the end of 2019 after the US had noticed access since 2009 across 4G equipment, according to the report.

The backdoors were inserted for law enforcement use into carrier equipment like base stations, antennas and switching gear, the Journal said, with US officials reportedly alleging they were designed to be accessible by Huawei.

“We have evidence that Huawei has the capability secretly to access sensitive and personal information in systems it maintains and sells around the world,” Robert O’Brien, national security adviser, reportedly said.

The White House and Huawei didn’t immediately respond to a request for comment, but the tech giant rejected the claims according to the Journal.

UK Prime Minister Boris Johnson approved Huawei for 5G last month with some conditions: The British restrictions are to exclude Huawei from building core parts of the UK’s 5G networks, have Huawei’s market share capped at 35% and exclude Huawei from sensitive geographic locations. The European Union allowed higher-risk vendors for 5G with similar restrictions at the end of January.

Huawei’s 5G approval there came despite the US urging the UK to ban the Chinese telecommunications giant.

Huawei was blacklisted in May when it was added to the United States’ “entity list” (PDF). In addition, US President Donald Trump at the same time signed an executive order essentially banning the company in light of national security concerns that Huawei had close ties with the Chinese government. Huawei has repeatedly denied that charge.

*** Huawei faces further investigation into Chinese 'spying ... source

Huawei disputed the latest allegations, as it has done in the past, saying it “has never and will never do anything that would compromise or endanger the security of networks and data of its clients.” Huawei also said that the United States made its latest accusations “without providing any kind of concrete evidence.”

“No Huawei employee is allowed to access the network without an explicit approval from the network operator,” a Huawei official said, according to the Journal.

The US government has been moving to reduce the amount of Huawei and ZTE equipment in telecom networks. The Federal Communications Commission voted unanimously in November to ban Huawei and ZTE gear in projects paid for by the FCC’s Universal Service Fund (USF). FCC Chairman Ajit Pai said at the time that Huawei and ZTE “have close ties to China’s Communist government and military apparatus” and “are subject to Chinese laws broadly obligating them to cooperate with any request from the country’s intelligence services and to keep those requests secret.”

The ban is expected to hit small carriers the hardest, as Huawei has appealed to small network operators by selling low-cost gear. By contrast, big telcos like AT&T “have long steered clear of Huawei,” a March 2018 Wall Street Journal report said.