Thursday, October 17, 2024

Fw: The face scan and digital ID push


Invasive technology coming soon.
 ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ 
logo
Reclaim The Net accepts no invasive advertising and is kept going by those who directly support. If you support free speech, the eradication of cancel culture, and restoring privacy and civil liberties, please become a supporter today. Supporters also get extra content, tutorials, and guides. Thank you.
NEW MERCH
1

Think For Yourself

Wear your support with this "Think For Yourself" art merch for October.

Use the coupon code "THINKOCTOBER" (without the quote marks) to get $10 off the t-shirts and hoodies before the end of this month.

Get yours today here.

All merch proceeds go toward supporting Reclaim The Net.

This discount ends this month so grab yours now.
Shop Now
ROLLING OUT
1

Logging Into a Brave New World: How Facial Recognition Just Got Personal

Surprising exactly no one paying attention to the slow erosion of privacy, the US General Services Administration (GSA) has rolled out its shiny new toy: facial recognition technology for accessing login.gov. Yes, that beloved single sign-in service, connecting Americans to federal and state agencies, now wants your face—literally. This gateway, clicked into over 300 million times a year by citizens has decided the most efficient way to keep us all "safe" is by scanning our mugs. How very 2024.

Related: Facial Recognition Continues To Proliferate at Concerts and Festivals


But of course, this little "upgrade" didn't just appear overnight. Oh no, it dragged itself through bureaucratic purgatory, complete with false starts, delays, and some spicy critique from the Inspector General. Apparently, login.gov had been fibbing about its compliance with Identity Assurance Level 2 (IAL2)—a fancy label for a government-mandated security standard that requires real-deal verification of who you are. Up until now, that "verification" meant having someone eyeball your ID card photo and say, "Yep, that looks about right," rather than dipping into the biometric surveillance toolkit.


Facial recognition was supposed to make its grand debut last year, but things got complicated when it turned out login.gov wasn't actually playing by the rules it claimed to follow. The Inspector General, ever the fun police, caught them misrepresenting their tech's adherence to the IAL2 standard, causing the rollout to stall while everyone scrambled to figure out if they could get away with this. Now, after enough piloting to give a nervous airline passenger a heart attack, login.gov has finally reached compliance, but not without leaving a greasy trail of unanswered questions in its wake.


Smile for the Algorithm


So here we are, with the GSA proudly offering up facial recognition as the answer to all our identity verification problems. Just snap a "live selfie," upload it to the cloud, and let some "best in class" algorithm work its magic by comparing your face to the one on your government ID. What could possibly go wrong? According to the GSA, nothing. They swear these photos are used solely for verification purposes and won't be stored, misused, or, you know, somehow end up in the hands of anyone you wouldn't want to have your biometric data.


But hey, let's not get too distracted by the fine print. "Best in class" algorithms? That's a bold claim coming from the same government that brought us Healthcare.gov's disaster debut and the IRS phone service from hell. There's something hilarious about throwing out a vague phrase like "best in class" as if it absolves them of any responsibility. We're just supposed to trust that their mysterious, highly proprietary facial matching system is doing the right thing behind closed doors—no questions asked, citizen.


The Privacy Mirage


Of course, the skeptics among us—the kind of people who read the full terms of service before clicking "I agree"—aren't buying the GSA's feel-good assurances. Privacy advocates have been sounding the alarm for years about the dangers of biometric data collection, and facial recognition technology has become the poster child for Big Brother's relentless march into our lives. How do we really know that these selfies won't be stored somewhere, only to be hacked or sold off like digital cattle at a data auction? And even if they are just for verification now, who's to say that won't change later?


Let's not forget that the government doesn't exactly have a spotless track record when it comes to handling sensitive personal data. The Office of Personnel Management hack in 2015, anyone? That little debacle only exposed the personal information of over 21 million people, including fingerprints. And yet, here we are, being asked to believe that this time, this time, they've got everything under control. It's hard not to picture a row of bureaucrats crossing their fingers behind their backs while issuing their promises of security.


Even Hanna Kim, the Director of login.gov, acknowledges that the decision to integrate biometric tech came in response to "partner agency demands for handling high-risk scenarios." Translation: Some agencies wanted an easy way to ramp up security, so now the rest of us get to hand over our facial data for the sake of "high-risk" situations. Except, it's not just the high-risk cases that should concern us—it's the creeping normalization of using biometric data for everyday tasks. Today it's logging into government websites. Tomorrow it's buying groceries with a retinal scan.


Choose Your Poison


For now, users of login.gov still have a choice—they can opt to verify their identity the old-fashioned way, without giving up their face to the algorithmic overlords. But that choice, like so many others in the digital age, comes with strings attached. Sure, you can avoid the facial recognition route, but the fact that it's now on the table means we're only a few policy changes away from it becoming mandatory. After all, how long before certain agencies start saying, "You know, for security reasons, we need your biometric data. If you want that social security check or to file your tax return, you're going to have to play ball"?


Related: The TSA Plans Big Digital ID Push in 2024


There's something sinister about this slow, methodical erosion of choice. First, it's presented as an option, just one of many verification methods, no big deal. But as the machinery of government grinds on, options have a way of disappearing, replaced by convenient mandates. And when it comes to biometric data, once it's out there, good luck getting it back.


The Fine Print of Freedom


Let's call this what it is: another step towards a world where privacy is little more than a quaint relic of the past. The GSA's move to facial recognition is part of a larger trend, one where security and convenience are dangled like carrots, while individual freedoms are quietly signed away in the background. Sure, your face is unique, but so is your right to keep it out of a database.
At some point, we're going to have to ask ourselves: is the convenience of a quicker login worth trading in the last shreds of privacy we've got left? Or are we too busy snapping selfies to notice that the surveillance state just got a little closer to home?
Since you're reading this, we hope you find Reclaim The Net useful. Today, we could use your help. We depend on supporters (averaging $15), but fewer than 0.2% of readers choose to give. If you donate just $5, (or the equivalent in your currency) you would help keep Reclaim The Net thriving for years. You don't have to become a regular supporter; you can make a one-time donation. Please take a minute to keep Reclaim The Net going.

Thank you.
RUSHED
2

EU's Digital ID Push Sparks Fears Over Privacy and Rushed Rollout

European digital rights network EDRi is warning that the EU is rushing the rollout of its digital identification system in an increasingly undemocratic way, without properly addressing the issues of privacy, security, and safety, as the bloc is "chasing an unrealistic deadline."

eID Wallet, regulated by the Electronic Identification, Authentication and Trust Services (eIDAS) rules, is close to getting implemented, but the EU is accused of choosing to move forward too quickly, without first ensuring that proper protections are in place.


EDRi member epicenter.works has been making these warnings for several years now, noting that eIDAS itself, adopted in April, mandates the main privacy and security protections, something the EU is nonetheless avoiding.


According to the organization, the safeguards that should be built into the Wallet won't be there as the system is implemented, amid what seems like typical EU confusion, purposeful or otherwise. Namely, the EU Commission is said to be ignoring some eIDAS provisions adopted this year, choosing instead to stick to the version it proposed in 2021, and doing this over the heads of both the EU Parliament and the Council.


What makes something of this kind possible is a host of technical implementing acts, and it is in these acts that the Commission has been able to get its original regulation proposal to "reflect," the digital rights group believes.


One of the implementing acts set for adoption on November 17 regards key safeguards "against the risk of over-identification and over-sharing of personal information - that is, the regulation of who may ask which information from users."


But, a number of acts will have to be reopened within a year, making tax money another "victim" of the EU's almost inexplicable rush to get eID Wallet up and running. Money will be wasted on a large scale, EDRi is warning.


"This essentially means tax money will be spent on a large-scale software project in the middle of which fundamental requirements are going to change (for example, for interoperability of the Wallet between member-states)," the network says.


The way to address the problems, according to EDRi, is for the EU to decide on a major change of course, i.e., give up on the fast implementation and instead opt to include all the personal data and other key protections in a way that will not "trade people's safety and security for an unrealistically fast implementation of a tech tool that threatens our fundamental rights."


Otherwise, EU member countries should "reject the draft implementing acts in their upcoming meeting in mid-October," EDRi states.
POPULAR TOOL BLOCKED
3

Ad-Blocking Showdown: Google Forces Popular Ad-Blocker Off Chrome

Google has initiated the discontinuation of support for uBlock Origin, the popular ad-tracking blocker, in Chrome. The migration to Manifest V3—a new extension framework believed to reduce the effectiveness of certain ad blockers—is the underlying cause and is seen as part of Google's big move against ad and tracking blocks. Developer Raymond Hill highlighted this shift by sharing a screenshot depicting Chrome automatically disabling uBlock Origin due to incompatibility with the upcoming regulations.

To circumnavigate these limitations, Hill has developed uBlock Origin Lite, which conforms to the Manifest V3 guidelines, though it needs to be installed manually because, as Hill points out in a GitHub FAQ, the differences between the original and the Lite versions are too significant for an automatic update.


The essence of a manifest involves defining extension attributes such as name, version, and required permissions. Manifest V3 changes key aspects of this definition, notably removing the ability to execute code from external servers. According to Hill, the newer version of his ad-blocking tool, uBlock Origin Lite, may not perform as robustly as its predecessor due to its diminished filtering capabilities. The new framework places constraints on the Declarative Net Request API, which ad-blockers use to filter content. Consequently, users might find uBlock Origin Lite less effective on sites that employ anti-ad content measures.


Hill clearly states, "In general, uBOL will be less effective at dealing with websites using anti-content blocker or minimizing website breakage because many filters can't be converted into DNR [Declarative Net Request] rules."


If you're still using Chrome, you may want to switch to Brave, which blocks invasive tracking by default and also lets users still install uBlock Origin.
COMING SOON
4

World Cup 2026: Where Football Fans Face Off With Facial Recognition

The US is by no means the home or even a meaningful hub of soccer. And - the country's at the same time working hard on "raising" its biometric mass surveillance profile.

These two seemingly unrelated facts are set to converge since the US has been allowed to host the 2026 FIFA (football) World Cup. And it looks like biometric scanning will flourish during the almost month-long event involving millions of fans.


Regardless of the status of football (soccer) in the US, in much of the rest of the world, it is by far the most important and popular sport, and so a great number of people from other countries are expected to travel there to support their national teams.


What those fans can expect, according to reports, are the rules that are steadily taking root at US sports venues, revolving around biometric "security technology."


The passion for football is only increasing: South America's top-tier continental competition, Copa America, just recently reported 11 percent more "traveling fans" - and the World Cup is expected to reflect much the same trend.


Related: The TSA, Facial Recognition In Airports, and Your Rights


What opponents of biometric surveillance see as by and large unchecked, extremely privacy-invasive, and technically flawed practice, is something those promoting it like to call "enhanced security and operational efficiency."


A lot of things get passed off as "media literacy" these days - so maybe it's time to start to rethink what "tech literacy" means. But this time for real: things like what real-time biometric scanning and surveillance really mean to an individual.


Not, "learn to use Microsoft Office" - and call that "tech literacy."


The time for that effort seems to be right, given that real-time facial recognition, fingerprint scanning, etc, is a policy that's reportedly now producing "high public acceptance" - at least in the US.


There, it's been spreading, in airports as well as sports venues, and if some surveys are to be believed, travelers are blissfully enjoying trading their core privacy for "convenience."


Four out of five do - that's what a US Travel and Ipsos poll, asking if US travelers supported TSA (biometric) checkpoints, said.


But football fans from around the world might be wise to learn more about the technology and how it may affect their lives before they book that 2026 trip to the USA.
Reclaim The Net is funded by the community. Keep us going and get extra benefits by becoming a supporter today. Thank you.

Become a Supporter
Thanks for reading,

Reclaim The Net




























86-90 Paul Street
London
London
EC2A 4NE
United Kingdom

No comments:

Post a Comment