Privacy News Roundup 1 November 2016

Trump plans to build a ‘psychographic’ profile of every voter

US presidential candidate Donald Trump is paying a company millions of dollars to develop a psychological model for identifying voters that can “determine the personality of every single adult in the United States of America,” said Alexander Nix, chief executive of Cambridge Analytica.

The company has operated in the US for four years, though only opened its office in New York last month. The model is clearly a list-ditch attempt by the Trump campaign to influence the result of the upcoming presidential election, especially since Democratic candidate Hillary Clinton is increasingly looking like the favourite.

Recently released federal files show that Trump’s campaign made a payment of $250,000 to Cambridge Analytica in August increasing to $5 million in September. The company says it can predict how most people will vote by manipulating 5,000 pieces of data from every American adult, including the results of hundreds of thousands of personality and behavioural surveys that identify which voters are most susceptible to persuasion by Trump’s campaign.

Micro-targeting techniques such as this have been used before, including the monitoring of demographic and consumer data such as magazine subscriptions and club memberships to gauge political opinion among the public.

Yale professor and author of “Hacking the Electorate,” a study of data mining in presidential campaigns, said Cambridge Analytica’s claim that it can predict voter leanings is “basically impossible…You can do better randomly guessing”.

The Clinton campaign has rejected psychological profiling of this kind. The Clinton campaign’s analytics chief, Elan Kriegel, said that he relies more on “bread and butter” information such as voter history. By contrast, the Trump campaign receives computerized summaries of data and offers recommendations, including where to hold rallies, where volunteers should knock on doors, where potential donors live, where television ads should be placed and much more.

Trump_Election2016
Donald Trump’s campaign for the 2016 US presidential race is developing a psychological profiling technique for identifying voters. Source: Flickr.

Time Warner Cable threatens pirates with account termination

Time Warner Cable has clarified a change to its copyright infringement notification whereby copyright infringers are warned of the “mitigation measures,” which are part of the Copyright Alert System, as well as being told now that persistent pirates can risk losing their internet connection.

The copyright alert system was first implemented more than three years ago. The first main goal of the program, also known as “six-strikes” is to educate the public, which involves informing people whose connections are being used for piracy and directing them to legal alternatives.

According to the program, repeat pirates risk mitigation measures though the copyright holders and ISPs have made it clear that no one will permanently lose their internet connection. Time Warner Cable, however, has decided to update its standard copyright alerts to let people know that those who continue to infringe may lose their internet subscription, email account and more.

The added paragraph to the alert notification reads as follows:

“In addition, in accordance with our acceptable use policy, your internet service may be subject to termination at our sole discretion if we continue to receive credible allegations that your internet connection has been used to share copyrighted content without permission of the copyright owner.”

time warner cable six strikes
Time Warner Cable has added a warning for pirates, threatening account termination and loss of internet connection. Source: Flickr

Australia’s Red Cross Blood Service suffers country’s largest data leak

Australia’s Red Cross Blood Service has suffered a huge data leak considered to be the “most severe” in the country’s history. The leak was discovered on October 24th by a security expert who noticed when one of the Australian Red Cross Blood Service’s third-party service providers leaked a backup database of 550,000 people with personal details from donors between 2010 and 2016. The database was publicly accessible between September 5th and October 25th.

The leaked database is a 1.74Gb MySQLdump file containing 1.3 million records and the following information: names, gender, physical address, phone numbers, blood types, donation dates, eligibility answers and the type of donations, as well as other data.

In a blog post, tech expert Troy Hunt wrote, “In the Red Cross case, the data that was ultimately leaked was a database backup. That 1.74GB was simply a mysqldump file that had everything in it. Taking a database backup is not unusual (in fact it’s pretty essential for disaster recovery), it’s what happened next that was the problem.”

He wrote, “The database backup was published to a publicly facing website. This is really the heart of the problem because no way, no how should that ever happen. There is no good reason to place database backups on a website, let alone a publicly facing one. There are many bad reasons (usually related to convenience), but no good ones.”

Hunt reported the issue to the AusCERT and the Australian Red Cross Blood Service, which reported the issue to the Australian Cyber Security Center, Office of Information Commissioner, and the Federal Police.

The formal announcement from the Red Cross reads:

“This file contained registration information of 550,000 donors made between 2010 and 2016. The file was part of an online application to give blood and information such as names, addresses, dates of birth and some personal details are included in the questionnaire.”

australia_red_cross
Australia’s Red Cross Blood Service has suffered the largest data leak in Australia’s history with the records of 550,000 donors being made available to the public. Source: Australian Red Cross

Leave a Comment