Pete Recommends – Weekly highlights on cyber security issues, May 11, 2024

Subject: How Do I Prepare My Phone for a Protest? (Updated 2024)
Source: The Markup

Before going to a protest, demonstrators or observers should note that their cellphones may subject them to surveillance tactics by law enforcement. If your cellphone is on and unsecured, your location can be tracked and your unencrypted communications, such as SMS, may be intercepted. Additionally, police may retrieve your messages and the content of your phone if they take custody of your phone, or later by warrant or subpoena.

“All protesting and all marches are a series of balancing acts of different priorities and acceptable risks,” said Mason Donahue, a member of Lucy Parsons Labs, a Chicago-based group of technologists and activists that run digital security training classes and have investigated the Chicago Police Department’s use of surveillance technology. “There is a lot of communication ability that goes away if you don’t bring a phone period,” he said.

Leaving your phone behind means the data it holds and transmits will be the safest it will ever be, but it also means giving up access to important resources. It becomes much more difficult to coordinate with others, or get updates from social media. For many, phone cameras are also the only way they can document what’s happening.

In the United States, the Fifth Amendment grants people the right not to be “compelled in any criminal case to be a witness against” themselves. When it comes to whether you’re obligated to unlock your smartphone, your Fifth Amendment protection varies depending on whether you’re using a passcode or biometrics like a fingerprint or face scans.

In some parts of the United States, law enforcement has tools that can intercept cellphone signals, called “stingrays” or “IMSI catchers.” Stingrays collect the identifying details of phones in the area by “impersonating” cell towers, and newer models are believed to be able to intercept calls and messages, according to TechCrunch.

Reporter Madeleine Davies suggested writing down the phone number of a lawyer or emergency contact on your arm with a Sharpie.

The National Lawyers Guild operates legal support hotlines across the United States that are specifically for people who have been arrested at political demonstrations. Look up a hotline for your area and write it down.

From the Series:

Subject: He Wanted Privacy. His College Gave Him None
Source: The Markup

A Markup examination of a typical college shows how students are subject to a vast and growing array of watchful tech, including homework trackers, test-taking software, and even license plate readers

To understand how Mt. SAC collects data on its students, The Markup used public records requests to obtain contracts between the college and companies that provide its learning management system, online proctoring services, and automated parking enforcement technology, three of the most invasive data collection mechanisms on campus. The Markup also obtained five college policies that govern these technologies, as well as information security and computer use, at Mt. SAC.

A day of data collection for a college student. As college students go through their days, their movements and behaviors can be tracked on and off campus

And as more colleges disclose data breaches, many students are becoming uneasy about how much personal information their schools gather. They are forming new on-campus student groups to advocate for privacy and tapping into global networks designed to facilitate a more collective fight. Some colleges are taking note of the unrest as well as the liability inherent in holding so much data. The University of California, San Diego, for example, is among the universities that have created stand-alone positions for chief privacy officers in recent years.

Mt. SAC’s contract for Canvas, which The Markup obtained through a public records request, says that the parent company, Instructure, owns the usage data. The contract lists examples of how the company can use that data, including statistical analyses, trend analyses, and the creation of “data models.” The contract says usage data can only be used if it is aggregated or anonymized and should never be used for profit or sale—but in 2019, Instructure’s former CEO Dan Goldsmith pointed investors to the company’s corpus of education data as key to its multibillion-dollar value, saying it could be used to train algorithms and predictive models.

Since that comment, Instructure has stopped working on predictive models, according to Daisy Bennett, who said she was hired as the company’s privacy officer in part to repair the damage from Goldsmith’s claims.


See also: How to Keep Your Personal Data a Little More Private While Pursuing Higher Education

Posted in: AI, AI in Banking and Finance, Cybercrime, Cybersecurity, Privacy