Daniel_Stuckey (2647775) writes 'A year after leaked files exposed the National Security Agency's efforts to spy on citizens and companies in Brazil, previously unpublished chat logs obtained by Motherboard reveal that while under the FBI's supervision, Hector Xavier Monsegur, widely known by his online persona, "Sabu," facilitated attacks that affected Brazilian websites.The operation raises questions about how the FBI uses global Internet vulnerabilities during cybercrime investigations, how it works with informants, and how it shares information with other police and intelligence agencies.

After his arrest in mid-2011, Monsegur continued to organize cyber attacks while working for the FBI. According to documents and interviews, Monsegur passed targets and exploits to hackers to disrupt government and corporate servers in Brazil and several other countries. Details about his work as a federal informant have been kept mostly secret, aired only in closed-door hearings and in redacted documents that include chat logs between Monsegur and other hackers. The chat logs remain under seal due to a protective order upheld in court, but in April, they and other court documents were obtained by journalists at Motherboard and the Daily Dot.'

chicksdaddy (814965) writes 'As the U.S. Senate considers draft legislation governing the commercial use of location data, The Federal Trade Commission (FTC) is asking Congress to make it — not the Department of Justice — the chief rule maker and enforcer of policies for the collection and sharing of geolocation information, the Security Ledger reports.

Jessica Rich, Director of the FTC Bureau of Consumer Protection, told the Senate Judiciary Committee's Subcommittee for Privacy, Technology that the Commission would like to see changes to the wording of the Location Privacy Protection Act of 2014 (LPPA) . The LPPA is draft legislation introduced by Sen. Al Franken that carves out new consumer protections for location data sent and received by mobile phones, tablets and other portable computing devices. Rich said that the FTC, as the U.S. Government's leading privacy enforcement agency, should be given rule making and enforcement authority for the civil provisions of the LPPA. The current draft of the law instead gives that authority to the Department of Justice.

The LPPA updates the Electronic Communications Privacy Act to take into account the widespread and availability and commercial use of geolocation information provided. LPPA requires that companies get individuals' permission before collecting location data off of smartphones, tablets, or in-car navigation devices, and before sharing it with others.

It would prevent what Franken refers to as "GPS stalking," preventing companies from collecting location data in secret. LPPA also requires companies to reveal the kinds of data they collect and how they share and use it, bans the development, operation, and sale of GPS stalking apps and requires the federal government to collect data on GPS stalking and facilitate reporting of GPS stalking by the public.'

An anonymous reader writes 'A routine request in Florida for public records regarding the use of a surveillance tool known as stingray took an extraordinary turn recently when federal authorities seized the documents before police could release them. "This is consistent with what we've seen around the country with federal agencies trying to meddle with public requests for stingray information," Wessler said, noting that federal authorities have in other cases invoked the Homeland Security Act to prevent the release of such records. "The feds are working very hard to block any release of this information to the public." ... "We've seen our fair share of federal government attempts to keep records about stingrays secret, but we've never seen an actual physical raid on state records in order to conceal them from public view," the ACLU wrote in a blog post today.'

mpicpp (3454017) writes with this news from Ars Technica: 'Europeans may browse the Internet without fear of infringing copyrights, as the EU Court of Justice ruled Thursday in a decision that ends a four-year legal battle threatening the open Internet. It was the European top court's second wide-ranging cyber ruling in less than a month. The court ruled May 13 that Europeans had a so-called "right to be forgotten" requiring Google to delete "inadequate" and "irrelevant" data upon requests from the public. That decision is spurring thousands of removal requests. In this week's case, the court slapped down the Newspaper Licensing Agency's (NLA) claim that the technological underpinnings of Web surfing amounted to infringement. The court ruled that "on-screen copies and the cached copies made by an end-user in the course of viewing a website satisfy the conditions" of infringement exemptions spelled out in the EU Copyright Directive. The NLA's opponent in the case was the Public Relations Consultants Association (PRCA). The PR group hailed the decision.'

hype7 (239530) writes 'The Harvard Business Review is running a fascinating article on how finance is increasingly abstracting itself — and the gains it makes — away from the creation of value in the real world, and how High Frequency Trading is the most extreme version of this phenomenon yet. From the article: "High frequency trading is a different phenomenon from the increasing focus on short term returns by human investors. But they're borne from a similar mindset: one in which financial returns are the priority, independent of whether they're associated with something innovative or useful in the real world. What Lewis's book demonstrated to me isn't just how "bad" HFTs are per se, but rather, what happens when finance keeps walking down the path it seems to be set on — a path that involves abstracting itself from the creation of real-world value. The final destination? It will enter a world entirely of its own — a world in which it is fighting to capture value that is completely independent of whether any is created in the first place."'

reifman (786887) writes 'Last week, AT&T shut down my data service after I turned roaming on in Canada for one minute to check Google maps. I wasn't able to connect successfully but they reported my phone burned through 50 MB and that I owed more than $750. Google maps generally require 1.3 MB per cell. They adamantly refused to reactivate my U.S. data service unless I 'agreed' to purchase an international data roaming package to cover the usage. They eventually reversed the charges but it seems that the company's billing system had bundled my U.S. data usage prior to the border crossing with the one minute of international data roaming.'

Today, as the EFF notes, marks one year from Edward Snowden's first document leaks, and the group is using that as a good spur to install free software intended to make it harder for anyone (the NSA is certainly not the first, and arguably far from the worst) to spy on your electronic communications. Nowadays, that means nearly everything besides face-to-face communication, or paper shipped through the world's postal systems. Reader gnujoshua (540710) highlights one of the options: 'The FSF has published a (rather beautiful) infographic and guide to encrypting your email using GnuPG. In their blog post announcing the guide they write: "One year ago today, an NSA contractor named Edward Snowden went public with his history-changing revelations about the NSA's massive system of indiscriminate surveillance. Today the FSF is releasing Email Self-Defense, a guide to personal email encryption to help everyone, including beginners, make the NSA's job a little harder.'" Serendipitous timing: a year and a day ago, we mentioned a UN report that made explicit the seemingly obvious truth that undue government surveillance, besides being an affront in itself, chills free speech. (Edward Snowden agrees.)

jfruh (300774) writes "Imagine you've spent years making credit card purchases in your home state of California, and suddenly a bunch of charges appear the card in Russia. Your bank might move to shut the card down for suspected fraud, which would be great if your account number had been stolen by hackers — but really irritating if you were on vacation in Moscow. AT&T is proposing a service that would allow customers to let their bank track their movements via their cell phone, to confirm that you (or at least your phone) and your credit card are in the same place."

Bismillah (993337) writes 'The British government wants life in prison for hackers who cause disruption to computer networks, resulting in loss of life or threat to the country's national security. From the article: "The UK government will seek to amend the 1990 Computer Misuse Act "to ensure sentences for attacks on computer systems fully reflect the damage they cause. Currently, the law provides for a maximum sentence of ten years' imprisonment for those who commit the offence of impairing a computer. A new, aggravated offence of unauthorised access to a computer will be introduced into the Computer Misuse Act by the government, carrying far longer sentences."'

hazeii (5702) writes in with news about a secret trial set to take place in England. 'A major terrorism trial is set to be held entirely in secret for the first time in British legal history in an unprecedented departure from the principles of open justice, the court of appeal has heard. The identities of the two defendants charged with serious terror offences are being withheld from the public, and the media are banned from being present in court to report the forthcoming trial against the two men, known only as AB and CD.'

itwbennett (1594911) writes 'In the three weeks since a key ruling by the European Court of Justice about the so-called right to be forgotten, Google has already received around 41,000 requests to delete links to personal information from its search results (within 24 hours of putting the form online, Google had reportedly received 12,000 deletion requests). It should be noted, though, that there is no absolute right to have information deleted, and Google will have to weigh a number of criteria in responding to the requests to delete links, including relevance of the information, and the time passed since the facts related.'