soloActivist

joined 1 year ago
-2
submitted 19 hours ago* (last edited 19 hours ago) by [email protected] to c/[email protected]
 

The unwarranted surveillance policies that get enshrined into law and all the illegal snooping by the gov seems to trace to anti-terror legislation and anti-terror backroom initiatives. I have to wonder, is this all attributed to Israel? If the US and other Israel allies had quit supporting Israel during their oppression of Palestinians, would there be a notable terror threat that could then be the cause for action (for unwarranted snooping) under the anti-terror façade? Would bankers had been converted into police had it not been for Israel’s oppression of Palestine?

Is this why we will lose cash in the future?

Have any privacy orgs calculated how many terror incidents stem from a consequence of supporting Israel? This could even count the white supremacist nutters who attack mosques in retaliation.

What would be a more effective anti-terror policy?:

  • Snoop on everyone in every possible way. Wiretaps, forced banking, making bankers into cops, video surveillance everywhere with facial recognition.. etc.

or

  • Stop supporting Israel.
 

I’ve noticed that the data protection authorities are deadbeats for the most part. None of my reports have ever lead to any action in the slightest -- not even a warning to the offender. Sometimes reports are rejected for frivilous reasons.

So knowing that the GDPR is merely symbolic in my experience, I have quit trusting the marketplace. Quit paying for things electronically, quit buying things online, quit sending email, quit sharing my email address with others, cut way back on electronic transactions, reach orgs the old fashioned way (by paper letter), etc.

Anyone else practicing data minimisation like this? It seems like the world around me is entirely unaware that the GDPR is mostly unenforced. Sure, they enforce a few token cases against Google and the like just for appearances. But the GDPR is failing to protect actual people whose rights are undermined.

[–] [email protected] 2 points 2 weeks ago (4 children)

I was trying to recall where I read about that. Search is terrible. Took some digging but found it here:

https://mander.xyz/post/18090719

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

When “such engagement” is required to exercise human rights, I’m not as quick as you to call that optional. I expect to have all of my human rights simultaneously satisfied together in aggregate.

A mandate can be explicitly written or merely implied. If you need food to survive, for example, and a law were to say all food distributors must refuse cash, you can safely call that an implied mandate to use a bank. Or would you say they are off the hook for the human rights consequences, perhaps on the basis that people can freely refuse to buy food and opt to grow their own food?

art.4 & art.23 (employment)


Are you suggesting that the ban on cash wages is not a banking mandate because it’s an “engagement”, despite exercise of human rights articles relying on that engagement? Consider that art.4 entitles people to be free from slavery and couple that with art.23 which states: “Everyone has the right to work, to free choice of employment”. In Belgium, it is illegal for an engineer to receive cash wages. But it is not illegal for a domestic worker to receive cash wages if that has been established as a common practice in that trade.

Do you see the issue? An unbanked engineer can freely refuse to work and live on welfare (if offered by their gov assuming no disqualifying requirements due to their ability to work), but then they must give up their rights under art.23. And even then, how do they get their welfare payment? See below.

art.25 (housing & social svcs)


Consider that no real estate transaction can involve cash, by law. Yet, art.25 states:

Everyone has the right to a standard of living adequate for the health and well-being of himself and of his family, including food, clothing, housing and medical care and necessary social services

I highlighted social services as well as housing because social services in some countries refuse to pay cash to beneficiaries. You cannot get financial aid without a bank account.

Regarding utilities, is that also what you consider to be an optional engagement? That people do not need water and power service? This may be debatable but I believe the right to housing likely includes a right to energy in regions where a box with walls+roof is insufficient to prevent freezing. I believe housing implies having a warm space. So when the energy supplier refuses cash, is that not a mandate to use a bank? If you are wondering where the gov comes into play in this case, it would be when the utility supplier refuses cash then sues the unbanked consumer in court for non-payment. When the court finds the energy contract to be “legal” and sides with the utility company, that’d essentially be a case of the gov mandating the use of banks.

It’s also worth noting that the UDHR is not limited to govs. The private sector is also bound by the UDHR.

Anyway, this is all quite far off from the original question in the OP, which remains unanswered.

(edit) And what about tax?


Some govs require taxes to be paid electronically. Tax is by definition a mandate. Both income tax and property tax must be paid electronically. There was a guy in Germany to was denied the option to pay his radio licensing fees in cash. IIUC, that’s like BBC, a mandatory tax. You could perhaps argue that income tax is optional because income is optional, and that property tax is optional because home ownership is optional, but I’m not sure the same can be said for radio fees in Germany.

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

There is no public ledger for cash. There is no attack surface on the devices of yourself or the other party by which your cash transaction can be compromised. There are no electronic records to exfiltrate unless one party proactively deliberately records a transaction. And if they do, there is no non-repudiation. There is no risk that any cryptanalytic advances can later expose the whole history of all cash transactions or even a chain of cash transactions. Cash transactions leave no trace unless you do them under surveillance.

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago) (4 children)

I answered that same question upstream earlier today.

[–] [email protected] 3 points 2 weeks ago (1 children)

Ah, so I guess there would be no updates to the story. Patient walked in the end because the hospital demanded indemnity from late notifications.

[–] [email protected] 1 points 2 weeks ago

This is the thread covering it:

https://links.hackliberty.org/post/2983664

Apparently the hospital eventually agreed to the patient not using the app but demanded the patient agree to an indemnity that the hospital would not be liable if they fail to reach him quickly.

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago)

No issue there.. I cross-posted it today to the human rights community (which I did not know about at the time I wrote the post), since my question still stands.

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

I don’t quite recall the context I had in mind when I wrote that post 1 year ago, but Belgium (for example) has enacted a law that all suppliers must accept electronic payment. It’s not just shops or b2b situations. It all-encompassing including self-employed freelancers. Even someone who rents part of their home out must give the tenant the option to pay electronically.

Also in Belgium: employees and contractors can only accept cash payment if they happen to work in an industry where that is common. So if you’re not (e.g.) a domestic worker, receiving cash wages is generally banned. At the same time, no matter what the situation is, a cash transaction can never exceed €3k. Buying a house cannot involve 1 euro of cash, which is strictly banned from all real estate transactions.

Many water and utility companies refuse cash. So if you consider the right to housing to include a right to water and power, then those consumers are being forced to use a bank. But that’s not apparently government force.

 

cross-posted from: https://links.hackliberty.org/post/38945

Question about #humanRights— Article 20 of the #UDHR¹ states:

“① Everyone has the right to freedom of peaceful assembly and association.

② No one may be compelled to belong to an association.”

How does that apply in the context of forced banking? If a government forces you to enter the marketplace and register for a bank account, does that qualify as being compelled to belong to an association?

¹UDHR: Universal Declaration of Human Rights

#askFedi

39
submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/[email protected]
 

A guy posted a long thread in Mastodon about how a hospital refused him service because he did not install the smartphone app of the hospital/clinic which (IIRC) was exclusively available in Google’s Playstore.

Sorry to say I lost track of the link. If anyone finds the thread, please reply.

(edit) I found the link

@[email protected] -- any updates?

[–] [email protected] 3 points 2 weeks ago* (last edited 2 weeks ago) (4 children)

Where is this? I think if he is in China or Europe he would already be excluded from society to some extent. But I don’t believe it would be a problem in the US (of course neglecting obscure cases like that of the Georgia attorney general).

There are so few of us without smartphones that are updated Google/Apple attached and subscribed that we should be collecting the stories of exclusion somewhere.

(edit) I take back what I said about the US. I just remembered a patient who was denied medical care in the US because he did not go to the Google Playstore to install the app of the hospital.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago)

That link is unreachable from secure networks (tor). I can’t quite work out if you’re talking about a digital national passport, or a COVID “passport”. I suspect you mean the former.

I see no problem with border control forcing people to present a passport (or particular form thereof) if they have one. But a citizen is (or should be) absolutely entitled to enter their country, full stop. If they have no documentation at all, it would be an abuse of their rights to deny them entry on that basis. We might expect a citizen without docs to face a long inconvenient process to verify their citizenship, but it’d be a perverse injustice to deny them entry. IMO a passport should be a convenience, not a requirement.

I recall either Australia or NZ was refusing entry of their own well documented citizens if either they had COVID or were unvaccinated (I forgot which). Regardless of their COVID situation there is no good reason for denying a citizen entry. It dilutes the purpose and meaning of citizenship. Anyway, this is why I cannot be sure what passport you’re talking about.

[–] [email protected] 6 points 2 weeks ago

I think the common term for “internet-izing” is #digitalTransformation. That’s the language used in the EU as they enact policy that ultimately cattle-herds people into a forced digital transformation. The quasi antithesis of that which wiser people support would be:

  • right to be offline
  • right to be analog
  • right to unplug

I kind of favor right to be analog because it also somewhat implies a right to cash and to be unbanked.

[–] [email protected] 16 points 2 weeks ago* (last edited 2 weeks ago) (3 children)

Indeed in Netherlands I already encountered an e-receipt-only fiasco at a cafe. They forced me to order and pay by app as a cloud order (no cash.. no paper menu either). I had a degoogled phone so I could not do Playstore and their captive portal did not work on my phone anyway. So a staff member had to lend me their phone just to be able to order. Then the order was trapped in their account. The receipt becomes more important when paying by card so I can check it against the bank statement later. They had no printer. Only e-receipts. And their app could not handle entering another email address than what the staff member already entered for their own account -- assuming I were even willing to give them a (disposable) address as I oppose feeding Google on general principle and their email provider was Google. They could not handle pulling out a notebook and writing out a receipt.

Throughout the whole fiasco the staff must have been wondering “what’s wrong with this person? How can someone be walking around in public without a recent smartphone and all the Google services?” Probably wondered if I was part of an organised crime gang.

I’m also excluded from my public library’s Wi-Fi for not carrying a subscribed SMS-capable phone to get past the captive portal. So WTF, to get wi-fi service (financed with public money) you must already be equipped with tools that are generally redundant with wi-fi to begin with. They seem to be excluding the people who would need wi-fi the most from wi-fi service.

 

Just did a search using the most privacy respecting search service in the world:

ombrelo.im5wixghmfmt7gf7wb4xrgdm6byx2gj26zn47da6nwo7xvybgxnqryid.onion

Was quite disgusted to see a link to a sh.itjust.works thread in the results. It was rightfully low-ranking with a strike-through, which is how ombrelo treats Cloudflare sites. But still, ombrelo sources the results from the giants and that exclusive centralised shit is now polluting search results even more.

 

All links for this story are shit -- Cloudflare or paywalls. So I linked the archive and will dump the text below. Note the difference between my title and the original. I think mine is more accurate. The AG seems to view feature phones as a tool for criminals. But also says having no phone is suspect as well, so the original title is also correct.


Georgia AG claims not having a phone makes you a criminal

That’s dangerous for constitutional rights
SAMANTHA HAMILTON
FEBRUARY 12, 2024 6:52 PM

The ubiquity of smartphones is causing some to pine for simpler times, when we didn’t have the entire history of humankind’s knowledge at our fingertips on devices that tracked our every move. There’s a growing trend, particularly among young people, to use non-smartphones, or “basic phones.” The reasons range from aesthetic to financial to concern for mental health. But according to Georgia Attorney General Chris Carr, having a basic phone, or a phone with no data on it, or no phone at all in the year 2024, is evidence of criminal intent. The AG’s position poses grave dangers for all Georgians’ constitutional rights.

Last month, Deputy Attorney General John Fowler argued in state court that mere possession of a basic cellphone indicates criminal intent to commit conspiracy under Georgia’s racketeer influenced and corrupt organizations statute, better known as RICO.

His accusation was directed at 19-year-old Ayla King, one of 61 people indicted last summer on RICO charges linked to protests in the South River Forest where the $109 million Atlanta Public Safety Training Center, nicknamed “Cop City” by its opponents, is slated to be built. The RICO charges against King and the 60 other RICO defendants have been widely criticized as a political prosecution running contrary to the First Amendment. King is the first of these defendants to stand trial.

During the Jan. 8 hearing in Fulton County Superior Court, Fowler argued that a cellphone in King’s possession on the day of their arrest, which he characterized as a “burner phone,” should be admissible as evidence of wrongdoing, even though it contained no data. He went even further to suggest that not possessing a cellphone at all also indicates criminal intent. Judge Kimberly Adams agreed to admit evidence of King’s cellphone.

Civil liberty groups are decrying the AG’s argument and court’s action as violations of constitutional rights under the First Amendment and Fourth Amendment. In an open letter to Attorney General Carr, the groups wrote, “It is alarming that prosecutors sworn to uphold the Constitution would even make such arguments—let alone that a sitting judge would seriously entertain them, and allow a phone to be searched and potentially admitted into evidence without any indication that it was used for illegal purposes.”

The Supreme Court recognized in the 2014 case Riley v. California that cellphones carry enough personal information—photos, text messages, calendar entries, internet history, and more—to reconstruct a person’s life using smartphone data alone. “Prior to the digital age, people did not typically carry a cache of sensitive personal information with them as they went about their day,” the Court noted. “Now it is the person who is not carrying a cellphone, with all that it contains, who is the exception.”

On the dark side of smartphones’ interconnectivity is their susceptibility to surveillance. In 2022, it was reported that the U.S. Department of Justice had purchased for testing a version of the Phantom spyware from NSO Group, an Israeli firm which sold its surveillance technology to governments like Mexico and Saudi Arabia to spy on journalists and political dissidents. Phantom could be used to hack into the encrypted data of any smartphone located anywhere in the world, without the hacker ever touching the phone and without the phone’s user ever knowing. The U.S. federal government denied using Phantom in any criminal investigation, but concerns about surveillance in the U.S. have led some folks to obtain basic phones.

Flip phones have made a comeback, and the potential for invasion of privacy is one of the reasons why. I’m not talking about the recent wave of smartphones that flip open. I’m talking about early 2000s-era basic phones, whose smartest feature was the game Snake or, if you were lucky, the ability to set your favorite song as your ringtone.

Folks are returning to basic phones—or in the case of Gen Z, turning for the first time—out of recognition that doom scrolling on a smartphone for hours each day is not good for mental health. For some older adults, basic phones, which offer few features beyond calling and texting, are preferable to smartphones for their simplicity. There are lots of reasons why someone might have a basic phone—not to mention they’re cheaper and more durable than a lot of smartphones.

Using simple phones that have little data on them is a legitimate, and common, practice for journalists, whistleblowers, human rights activists, and other people seeking to protect their identities or those of others from surveillance by the government or malicious actors. The Committee to Protect Journalists recommends that journalists cycle through “low-cost burner phones every few months” to maintain their safety and that of their sources. Even athletes competing in the 2022 Beijing Olympics were advised to use burner phones in light of the overreaching state surveillance in China.

Using a burner phone is not evidence of criminal intent—it’s a reasonable response to the threat of surveillance and government overreach. While burner phones are not immune from location tracking via cell towers, the fact that they contain much less data than a smartphone can make them a more secure form of communication.

How deeply invasive of privacy rights will the AG’s logic extend? Will the prosecution argue that using a virtual private network (VPN) is evidence of criminal intent? What about communicating via encrypted messaging apps, like Signal? The First Amendment protects the right to anonymous speech, and the use of privacy protection measures like VPNs and Signal has become commonplace in today’s world. The AG has already asserted in the RICO indictment that anonymous speech communicated online constitutes a conspiracy, but if the AG argues that using VPNs and Signal is evidence of criminal intent, he would be going even further by claiming that the very tools which make people feel safe to communicate online are themselves evidence of criminal intent, thereby assuming criminality before the speech has even taken place.

The position the AG has taken in Ayla King’s case has the potential to make all of us suspects. If you have a smartphone with data on it, the information on the phone can be used as evidence against you. And if you have a phone with no data on it or no phone at all, that can be used as evidence against you.

The state’s use of the absence of evidence as affirmative evidence is an unsettling development, and one that seems desperate. Is it—and perhaps the RICO charges themselves—a sign of prosecutorial weakness in a case intended to silence criticism and criminalize First Amendment expression?

2
hackliberty.org onion is down (links.hackliberty.org)
submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/[email protected]
 

The onion host:

http://snb3ufnp67uudsu25epj43schrerbk7o5qlisr7ph6a3wiez7vxfjxqd.onion

is down. Clearnet host is up.

 

I was winging over the fact that the CJEU ruled that victims of GDPR offenses cannot claim their legal costs (particularly the lawyer’s fees) when they win a case, which kills lawsuits as a viable option in most GDPR situations. At the same time, data protection authorities are deadbeats -- not enforcing most cases. So the GDPR is mostly just symbolic for most of us.

A brit said they use the court and it only costs them £30 to file a paper with no need for a lawyer. I’m surprised because that’s even cheaper than typical small claims courts in the US. And the other thing is, small claims courts (in the US) only handle money disputes. A US small claims court can only order someone to pay for damages. If a CCPA case were brought to a small claims court in California, it would be unable to order someone to take an action such as to erase info from a DB.

So I’m curious about this UK option. Do UK small claims courts have the power to order a data controller to erase data? Or would it be a higher court?

To be clear, the brit said they do not get their £30 back (unlike what would happen in a US small claims court). So Brits are still at a loss, but perhaps still worthwhile in some cases.

 

Is there any kind of legal standard of liability when a victim of a data breach suffers from someone exploiting their data? If you are only breached once, obviously it’s easy to point the finger to whoever leaked your data.

But I’ve been hit 3 times now. So all those shitty corps who sloppily handled my data can point the finger to each other. Would a court say the most recent sloppy custodian is responsible if my data is used against me? Or would it be the most reckless custodian? Or would it be equal blame? Or does everyone get off the hook when a victim cannot prove which leak leads to an exploit?

It’s a hypothetical question. Not saying my data was exploited after the breaches, but I wonder about the overall trend. What I’m getting at is there may be little incentive to actually invest in good data security because when a breach happens amid so many other breaches there is perhaps a diffusion responsibility.

 

Folks just post whatever link they want to share without thinking. Then thousands of people have to grapple with some enshitified paywall or a shitty Cloudflare CAPTCHA. We need smarter users. It just takes one lazy/naive motherfucker to cause a lot of work for people collectively.

This is inspired by archive.org going down. The sole digital public library we have in the world is a hack around shared links to shitty servers -- servers that expect US to serve THEM. Servers that piss on their role as a /server/ and fail to serve us.

So here are some methods/rules that will make you a better contributor:

① Realize that the same story is often published by several sources. Whatever source you first encountered, it’s probably not decent. The web is designed to get the most enshitified page in front of you. Instead of spreading that garbage, go to Ombrelo:

https://ombrelo.im5wixghmfmt7gf7wb4xrgdm6byx2gj26zn47da6nwo7xvybgxnqryid.onion/

Search for the story there. Ombrelo will down-rank the exclusive Cloudflare garbage so the more inclusive links float to the top.

② Copy the whole text of the article into your post. This will become the most convenient and most accessible version of the article. Maybe not convenient for you but the reader’s convenience is more important (because there are thousands of them).

③ Don’t link archive.is. That’s just another shitty exclusive walled garden. Link to archive.org if it is online.

④ Don’t create an original thread on a Cloudflared community or you are just worsening the problem of jailing more content in an exclusive place. These are some of the mainstream shitty oppressive Cloudflare instances:

  • lemmy.world
  • lemm.ee
  • sh.itjust.works
  • lemmy.ca
  • lemmy.zip
  • aussie.zone
  • lemmy.one
  • lemdro.id
  • programming.dev
  • literature.cafe
  • beehaw.org ← not Cloudflare, but Tor-hostile thus exclusive

Most people are ignorant and have no idea that by using those places they are jailing content in the worlds biggest centralized walled garden. Now that you know, you can choose more wisely. Use lemmyverse.net to find the community you’re after. And use the filter to nix the above nodes. If it does not show the community you need outside of the above giant walled garden, then create the community in the open free world. If you are desperate for visibility you can cross-post to those shitty places above. At least some of the subscribers in the walled garden will learn of your more free venue.

Follow the advice RMS gives to people who insist on feeding Facebook, but substitute the above Cloudflare list. Ensure everything you author is reachable somewhere in the open free world. Only show a minimal number of posts on Cloudflare-pawned or exclusive nodes. Keep in mind when you post to those places, you are feeding an oppressive corporation while blocking some demographics of your fellow human beings from access. That’s some fucked up boot licking when done knowingly.

⑤ If you want to link a youtube video, yikes. That sucks because (at least at the moment) the free world resources (Invideous) have been rendered dysfunctional by Google. But in the very least, you can copy the Youtube transcript into the body of your post. If you have the video up in Youtube, you can click into the transcript. I forgot how.. something like expanding the description then details, or some buried place. There is also https://www.tubetranscripts.com/

⑥ If you want to link a NY Times article, we’re all fucked.. plz don’t do it. Look for the story elsewhere. NYtimes has this onion: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/

which used to give full access to content, but now it’s as enshitified as the clearnet site. For BBC, there is:

https://www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion/

I don’t recall if BBC’s onion is free-er. For medium.com, there is https://scribe.rip/ (many instances thereof). I suggest also searching here:

https://search.fabiomanganiello.com/search

That guy has gone to some trouble to do link replacements with better versions. Though i’m confused because he is no longer replacing Reddit links with mirrors.. wtf.

 

A company I have no business relationship with sent me a breach notice stating that criminals got my data. This company is a supplier to many banks, brokerages, insurance companies, etc.

Obviously I want to know which of my banks or insurance companies I am doing business with trusted them with my data. I called and asked. They refused to tell me. But they have made it deliberately complicated. The phone number they gave to breach victims is for a 3rd party call center who knows nothing. So the call center says “we don’t have that info”.

Question: do financial/analytics orgs (or whatever the fuck they are) have a legal obligation to provide data breach victims with the SOURCE of the info? Do they have to tell me which of my banks (or whatever) hired them to be a custodian of my data?

What rights to data breach victims have?

(more background: https://links.hackliberty.org/post/2667522)

(update)
Thanks for all the useful feedback folks! I guess the question that remains is whether there are any federal laws that require the disclosure I am after. I looked up the law for my state here and found no law entitling breach victims to be informed of the source of their personal data. It would help to know the law because the AG, CFPB, and FTC will be limited to the law themselves.

 

Discuss. (But plz, it’s only interesting to hear from folks who have some healthy degree of contempt for exclusive corporate walled-gardens and the technofeudal system the fedi is designed to escape.)

And note that links can come into existence that are openly universally accessible and then later become part of a walled-garden... and then later be open again. For example, youtube. And a website can become jailed in Cloudflare but then be open again at the flip of a switch. So a good solution would be a toggle of sorts.

view more: next ›