FCC Charges Mobile Carriers with Selling Your Location Data

Posted on February 27, 2020February 27, 2020 by Denise Simon

Source: The FCC has finished investigating carriers’ unauthorized disclosure and sale of subscribers’ real-time location data, Chairman Ajit Pai has shared with (PDF) lawmakers in the House of Representatives. In his letters, he told Energy and Commerce Committee Chairman Frank Pallone, Jr. and others that the agency has come to a conclusion after an extensive probe: one or more carriers “apparently violated federal law.” Pai has also promised the lawmakers that the agency is going to take action against the offending carriers to ensure that they comply with laws that protect consumers’ sensitive information.

Back in 2018, it came to light that carriers sell their customers’ real-time location data to aggregators, which then resold it to other companies or even gave it away. Last year, a Motherboard report also revealed that bail bond companies and bounty hunters have been buying people’s location data for years, allowing them to use that information to track their targets.

All four major US carriers promised to stop selling customer location data to aggregators after the information first came out. The companies made good on their word, though it took them a year to do so: They informed FCC Commissioner Jessica Rosenworcel that they had already halted sales to aggregators after she requested for an update in 2019.

Pallone said in a statement:

“Following our longstanding calls to take action, the FCC finally informed the Committee today that one or more wireless carriers apparently violated federal privacy protections by turning a blind eye to the widespread disclosure of consumers’ real-time location data. This is certainly a step in the right direction, but I’ll be watching to make sure the FCC doesn’t just let these lawbreakers off the hook with a slap on the wrist.”

Rosenworcel, who repeatedly brought the issue up over the past years, also said that it was a “shame that it took so long for the FCC to reach a conclusion that was so obvious.” Especially when “shady middlemen could sell your location within a few hundred meters based on your wireless phone data.”

We’ve reached out to AT&T, Verizon, T-Mobile, Sprint and CTIA, the trade group representing the wireless communications industry in the US, for a statement.

*** source: Google has been tracking Android users even when location services are disabled

House Commerce Committee Chairman Frank Pallone, Jr. (D-N.J.) said that Pai’s response to lawmakers “is a step in the right direction, but I’ll be watching to make sure the FCC doesn’t just let these lawbreakers off the hook with a slap on the wrist.”

Sen. Ron Wyden (D-Ore.) said that he is “eager to see whether the FCC will truly hold wireless companies accountable or let them off with a slap on the wrist.”

Source: An investigation by Motherboard in January 2019 found that “T-Mobile, Sprint, and AT&T are [still] selling access to their customers’ location data and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country.”

The carriers made further promises to stop selling the data and later confirmed to the FCC that they had phased out the data-selling programs.

Pai’s letter today did not say exactly which federal law the carriers broke, but Section 222 of the Communications Act says that carriers may not use or disclose location information “without the express prior authorization of the customer.” Carriers have also been accused of violating rules on the usage of 911 location data.

Operation Mega Flex

Posted on February 25, 2020February 25, 2020 by Denise Simon

From July to September last year, Customs and Border Patrol in that 3 month period seized 1061 shipments of counterfeit goods at our cargo ports of entry. Items from Louis Vuitton bags to sports equipment with faulty parts. Other items included children’s toys, drug paraphernalia, deadly opioids, and really scary were (are) counterfeit drivers’ licenses. Recreational drugs, clothing, jewelry and even food and nutritional items (may contain toxins) are part of the counterfeit items affecting likely every American and business.

Image result for cbp counterfeit

Unlike legitimate drug manufacturers that are subject to inspections by the U.S. Food and Drug Administration, labs that manufacture counterfeits have no such oversight. According to a 2019 Better Business Bureau study, “companies based in China, Hong Kong, Singapore, and India shipped 97 percent of the counterfeit medicines seized in the U.S.”In March 2019, Europol, the European Union’s law enforcement agency, seized 13 million doses of counterfeit medicine ranging from opioids to heart medication. Europol noted that this type of counterfeiting is on the rise due to the relatively low risk of criminal detection.

Check those items in retail operations of all sorts and locations and what you purchase in the e-commerce realm, not the from the street vendor at the corner and when purchasing books, movies or music, you could be in real trouble for a transaction that violates copyright protected work.

Image result for cbp counterfeit

Watches and jewelry follow at 13 percent of total seizures. During the Mega Flex operation on August 21, 2019, for example, CBP officers seized counterfeit Rolex watches valued at over $1.4 million. Handbags and wallets represented nearly 11 percent of all seizures, including counterfeits of luxury brands such as Louis Vuitton, Michael Kors, and Gucci. Consumer electronicsrepresented 10 percent of seizures, including products such as iPhones, hover boards, earbuds, microchips, and others. Pharmaceuticals and personal care items account for only 7 percent of total seizures. However, as discussed in the next section, many of the products in these categories pose significant dangers to the consumer. Fake prescription drugs can lack active ingredients, contain incorrect dosages, or include dangerous additives. Fake personal care items such as cosmetics have been found to contain everything from harmful bacteria to human waste. Between 2017 and 2018, CBP and ICE Homeland Security Investigations (HSI) seized over $31 million in fake perfumes from China.

Law enforcement officials have uncovered intricate links between the sale of counterfeit goods and transnational organized crime. A study by the Better Business Bureau notes that the financial operations supporting counterfeit goods typically require central coordination, making these activities attractive for organized crime, with groups such as the Mafia and the Japanese Yakuza heavily involved. Criminal organizations use coerced and child labor to manufacture and sell counterfeit goods. In some cases, the proceeds from counterfeit sales may be supporting terrorism and dictatorships throughout the world.

In FY 2018, 12 percent of DHS seizures included counterfeit versions of critical technological components, automotive and aerospace parts, batteries, and machinery. Each of these industrial sectors have been identified as critical to the defense industrial base, and thus critical to national security. One example drawn from a 2018 study by the Bureau of Industry and Security within the Department of Commerce featured the import of counterfeit semiconductors or “Trojan chips” for use in defense manufacturing and operations. Such Trojan chips can carry viruses or malware that infiltrate and weaken American national security. The problem of counterfeit chips has become so pervasive that the Department of Defense has referred to it as an “invasion.” Companies from China are the primary producers of counterfeit electronics.

According to a 2019 report, Instagram and Counterfeiting, nearly 20 percent of the posts analyzed about fashion products on Instagram featured counterfeit or illicit products. More than 50,000 Instagram accounts were identified as promoting and selling counterfeits, a 171 percent increase from a prior 2016 analysis. Instagram’s Story feature, where content disappears in twenty-four hours, was singled out as particularly effective for counterfeit sellers.

For the full report, go here.

FBI Arrests Hacker Linked to Katie Hill Campaign

Posted on February 21, 2020February 21, 2020 by Denise Simon

Federal agents have arrested Arthur Dam in connection with a hacking spree that disrupted the 2018 Democratic California primary that ultimately nominated Katie Hill, according to a new criminal complaint. Criminal complaint found here.

Image result for congresswoman katie hill

‘Throuple’ congresswoman Katie Hill says she made the right choice to resign

Dam, in the criminal complaint, is linked directly to the Hill campaign. Hill won the general election in California’s 25th district, and then later resigned from Congress amid controversy.
“Dam was found to be connected to the cyber attacks through subscriber information, IP addresses, geolocation history, and open sources, including through his employer and his wife, K.O., who worked for one of the Victim’s opponents,” the complaint reads.

Dam’s wife is Kelsey O’Hara, Hill’s fundraiser during the campaign and her district director after she won office. O’Hara was also the subject of a sexual joke made by Hill and caught on tape by Vice News in 2018. In Hill’s FEC records, she lists a $500 in-kind contribution from Dam on March 25, 2018, for “Graphic design and website security consultation.”
During the campaign, the websites of Hill’s opponents, Democrats Bryan Caforio and Jess Phoenix, were both attacked, though Hill’s never was, raising suspicions at the time that Hill’s campaign was behind them. One major attack on Caforio’s campaign website came at a crucial moment, just an hour before the biggest debate of the primary, the complaint notes. Hill eventually won the California primary by fewer than 3,000 votes.

The FBI traced the hacking to an Amazon Web Services account tied to the email address [email protected], though the credit card used to pay for the service was listed under Dam. The Hotmail account had been created in 2002 using the subscriber name “Arthur Slam.” Dam also used the Hotmail account as the recovery email for his own Gmail account.
The FBI launched a probe that zeroed in on the Hill campaign in 2019, according to FBI correspondence reviewed by The Intercept. Hill did not immediately respond for comment.

Hill’s campaign was the subject of unusual national attention during her campaign, including a Vice News documentary and a Rolling Stone article. On March 3, the 25th Congressional district will hold a special election to replace Hill, who resigned in October 2019.

Justice Dept Brands Huawei as a Criminal Enterprise

Posted on February 21, 2020February 21, 2020 by Denise Simon

Gotta hope that Europe takes note, especially Britain. Europe so far has approved Huawei as the vendor platform for 5G. Check your use of apps at the Google store and take a second look at your smart devices.

Image result for huawei source

FDD: The U.S. Department of Justice (DOJ) indicted Chinese telecommunications firm Huawei Technologies and its subsidiaries last week for alleged racketeering, theft of intellectual property, and conspiracy to commit bank fraud, among other charges. The indictment portrays Huawei not merely as a company that has broken the law, but as a fundamentally criminal enterprise.

The new charges target Huawei, four of Huawei’s subsidiaries (Huawei Device Co. Ltd., Huawei Device USA Inc., Futurewei Technologies Inc., and Skycom Tech Co. Ltd.), and Huawei’s chief financial officer, Meng Wanzhou, for violating the Racketeer Influenced and Corrupt Organizations (RICO) Act, which Congress passed in 1970 to combat organized crime.

According to the DOJ, the Huawei business model entailed “the deliberate and repeated misappropriation of intellectual property of companies headquartered or with offices in the United States.” DOJ also highlighted other violations, including Huawei’s role in sanctions evasion and fraudulent activities.

Last week’s indictment marks the first time DOJ charged a company with suspect connections to a foreign government as a criminal enterprise. Although Huawei asserts it is not state-owned, the company has indirect ties to the Chinese government and has yet to publically disclose who exactly owns and controls the company. Huawei’s majority shareholder is the company’s labor union, which keeps the details of its membership and governance structure out of the public eye. Last year, Jiang Xisheng, a top executive, explained during a press conference that the labor union’s ownership is simply a matter of legal convenience; this only further obfuscated who is really in charge. Additionally, Huawei’s founder, Ren Zhangfei, served in the Chinese military and is a member of the Chinese Communist Party.

While the indictment does not say that Beijing directed Huawei to operate as a criminal enterprise, China’s National Intelligence Law of 2017 requires Huawei and other private companies to provide the government with their data to “support, assist, and cooperate with state intelligence according to the law.” In short, the law empowers Beijing to exploit Huawei as an intelligence asset whenever it sees fit.

In other high-profile cases, the Chinese government has stolen sensitive U.S. data to achieve a strategic advantage. U.S. officials have even deemed China’s espionage and intelligence activities as a “long-term existential threat to the security of our nation.” In 2012, the head of the U.S. National Security Agency estimated that China’s economic espionage cost U.S. companies $250 billion in annual losses. Additionally, the targeting of strategic industries has allowed Beijing to enhance its own military capabilities at America’s expense.

The exploitation of Huawei could clearly enhance Beijing’s intelligence collecting capabilities. Just last week, the U.S. government reported that for over ten years Huawei secretly maintained “back doors” on its mobile networks that allowed the company – and potentially the Chinese government – to have direct access to their users’ most sensitive data.

The indictment of Huawei as a criminal enterprise shows that the Trump administration was mistaken when it placated Beijing by softening previous penalties for Huawei’s misconduct. If the court finds Huawei guilty under RICO, the administration should ensure the full application of all penalties necessary to end its criminal pursuits.

Chinese Spy Leading California Public Pension Fund?

Posted on February 13, 2020February 13, 2020 by Denise Simon

This may add some very new and different questions when it comes to the Biden foreign operations….read on….

Rep. Jim Banks, R-Ind., joined “Mornings with Maria” to explain why he wrote a letter to California Gov. Gavin Newsom highlighting his concerns about the state public pension fund’s chief investment officer having ties to China.

The fund has invested $3.1 billion in Chinese companies, some of which have been blacklisted by the U.S. government, Banks told FOX Business’ Maria Bartiromo.

“If this were up to me, I would fire [Chief Investment Officer Yu Ben Meng] immediately because of these suspicious ties,” he said. “We learned that Mr. Meng, who is the chief investment officer of CalPERS, was actually recruited to this position by the [Chinese Communist Party] through something called the Thousand Talents Program. Now he’s denied it.”

CalPERS stands for the California Public Employees’ Retirement System, the largest public pension fund in the nation.

“What is unusual is that many of these companies are companies that we’ve blacklisted, that make Chinese military equipment or are responsible for technologies like Hikvision, which is the equipment that’s used by the Chinese for surveillance on the Uighur Muslim population that they’ve been abusing in their own country,” Banks said.

The Commerce Department blacklisted Hikvision in October “for engaging in or enabling activities contrary to the foreign policy interests of the United States.”

CalPERS defended Meng.

“This is a reprehensible attack on a U.S. citizen. We fully stand behind our Chief Investment Officer who came to CalPERS with a stellar international reputation,” a CalPERS spokeswoman told Reuters.

Hold on, it is actually worse… going back 4 months ago….

(Reuters) – Some of the biggest public pensions funds in the United States have invested in one of the world’s largest purveyors of video surveillance systems that the U.S. government claims are used in wide-scale repression of the Muslim population of western China.

The Trump administration’s decision to put the company, Hangzhou Hikvision Digital Technology Co (002415.SZ), on a blacklist last week has prompted at least two of the pension plans to say they are reviewing or monitoring that development.

The blacklist applies to Hikvision and seven other companies because they allegedly enabled the crackdown that has led to mass arbitrary detentions in the Xinjiang region.

“We are tracking the situation given this new development with the Department of Commerce’s announcement,” a spokeswoman for the California State Teachers’ Retirement System (CalSTRS) said in an email.

CalSTRS owned 4.35 million Hikvision shares at the end of June 30, 2018, the last data available. The holding, owned directly and through emerging market exchange-traded funds, would be worth $24 million at that share count.

The New York State Teachers Retirement System also owned Hikvision, reporting 81,802 shares at the end of June, up from 26,402 shares at the end of 2018, fund disclosures show.

“Our holdings are primarily held according to their weights in passive portfolios matching the MSCI ACWI ex-U.S. index, our policy benchmark. We are monitoring the situation,” said a spokesman for the teachers’ fund. The ex-U.S. All Country World Index includes stocks from 22 developed and emerging markets.

The blacklisting means Hikvision and the other companies will not be able to buy U.S. technology, such as software and microchips, without specific U.S. government approval. It does not prevent U.S. investors from buying the companies’ shares. In August, Hikvision had been banned from selling to U.S. federal agencies because the government said its products could allow access to sensitive systems.

Hikvision’s General Manager Hu Yangzhong told Reuters on Wednesday it has been talking to the U.S. government about Xinjiang and has hired human rights lawyers to defend itself against the blacklisting.

A spokeswoman for law firm Sidley Austin LLP, which has lobbied for Hikvision this year, declined to comment.

Another major fund investing in Hikvision shares is the Florida Retirement System (FRS), with 1.8 million shares at the end of June.

A spokesman for the fund said it was working closely with external money managers “related to the issue in order to meet all regulatory and fiduciary requirements.”

POSTER CHILD

Risk consultants say the ease with which money used for the retirements of tens of millions of Americans is being invested in such companies should concern U.S. authorities at every level, as well as Americans generally.

“Hikvision has emerged as the corporate poster child for enabling Chinese human rights abuses, with its surveillance cameras visible atop the walls of detention camps incarcerating some one million or more Uighurs in Xinjiang,” said Roger Robinson, president and CEO of Washington DC-based risk consultancy RWR Advisory Group.

Beijing denies any mistreatment of people at the camps, which it says provide vocational training to help stamp out religious extremism and teach new work skills.

Robinson said that many Americans are unwittingly owning shares in such companies because they are in index funds. “They are picked up by the index providers in sizable numbers and sluiced into U.S. investor portfolios with seemingly very little, if any, due diligence or disclosure in the categories of national security and human rights.”

MSCI Inc (MSCI.N), whose products are designed for global investors, added Hikvision to its benchmark emerging markets index last year. MSCI declined to comment.

One other company among the blacklisted eight that is owned by some of the big pension funds is iFlytek Co Ltd (002230.SZ), a speech-recognition firm. Its shares were owned by funds in Florida, New York State as well as CalSTRS and the California Public Employees Retirement System (CalPERS) indirectly through the iShares MSCI Emerging Markets ETF at their last disclosure dates. IShares, a top ETF provider owned by BlackRock Inc (BLK.N), declined to comment.

CUTTING TIES

Not all the funds have stuck with Hikvision.

The New York State Common Fund, one of the country’s biggest pension funds, liquidated its position months ago. It had owned 2.7 million shares worth $14.2 million at the end of March through an external fund manager, but sold them in May, a spokesman said, declining to say why.

U.S. mutual funds have also cut or eliminated positions in Hikvision amid the negative publicity, which included it being named in a Human Rights Watch report on mass surveillance in Xinjiang in May.

Just 9% of global emerging markets funds now own Hikvision, down from 20% in 2018, according to Copley Fund Research. One fund to pull out is the $2.7 billion Artisan Developing World Fund (APDYX.O), which had a $66 million position in Hikvision at the end of March but reported holding no shares three months later, fund disclosures show. Artisan did not respond to a request for comment.

At least one U.S. pension fund had worried this summer about whether to invest in the Chinese surveillance company.

The $33 billion Alaska Permanent Fund had considered an investment in a China fund featuring Hikvision as a top holding, according to minutes of a June meeting of its trustees and staff. The minutes were published last month.

Schroders Global Asset Management, a finalist for the fund’s mainland China investment mandate, touted Hikvision as a top performer.

Some Alaska trustees, however, worried about “headline risks” of investing in companies that aid the Chinese government’s surveillance activities, according to the minutes.

Jack Lee, portfolio manager of the China fund, assured Alaska pension officials he had spoken with Hikvision executives. Hikvision will “try to avoid that kind of business,” the trustees were told, but “they don’t necessarily know how their equipment is used,” Lee told the trustees, according to the minutes.

Reuters could not determine whether Alaska made an investment in the Schroders fund that included Hikvision stock.

A spokeswoman for the Alaska Retirement Management Board, which oversees the pension, said it does not have any additional information to share regarding Schroders’ efforts. A Schroders spokesman declined to comment.