An adviser to the EU’s top court has claimed that citizens’ information in Germany is being illegally harvested, after telecom companies challenged bulk data collection.

The German data retention law was criticized on Thursday by an adviser to the Court of Justice of the European Union (CJEU), who stated that general and indiscriminate retention of traffic and location data is only allowed in exceptional cases, such as a threat to national security.

According to the adviser, bulk collection of data generates a ‘serious risk’ of leaks or improper access. It also entails a ‘serious interference’ with citizens’ fundamental rights to privacy and the protection of personal data.

Read more

(FILE PHOTO) © REUTERS/Russell Cheyne
Google won’t pay for spying on UK iPhone users

This comes after two companies, SpaceNet and Telekom Deutschland, challenged the obligation to store their customers’ telecommunications traffic data in 2016. The Administrative Court of Cologne ruled that the two companies were not obliged to retain data because such an obligation violated Union law. Germany then appealed to the Federal Administrative Court, who asked the CJEU about the compatibility of the data retention obligation.

The CJEU has often stated that indiscriminate mass surveillance does not fit within the general principles of EU law. Over a year ago it saw a similar case involving legal challenges around national bulk data collection under UK and French law. The court then ruled that only limited data collection and temporary retention were allowed. France seeks to bypass the CJEU on data retention and has asked the country’s highest administrative court (the Council of State) not to follow the EU ruling. France is waiting for the conclusion of the procedure launched by the Council of State before “assessing to what extent” national law should be changed. 

Despite recent EU court attempts to curb surveillance powers, leaked papers from June 2021 show that the national governments of the Netherlands, France, Spain, Luxembourg, Slovakia, and Estonia are pushing for a new pan-EU data retention law. They claim that data retention is essential for safeguarding public security and ensuring effective criminal investigations.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

Hundreds of major websites returned ‘404: not found’ errors after an apparent problem with Google Cloud. Alphabet said the problem was “partially resolved” after about ten minutes, but it will take time for everything to update.

The site Downdetector began showing a spike in reports of outages starting at 12:40pm Eastern time on Tuesday, affecting Google, Facebook, Instagram, Snapchat, Discord, Spotify, and TikTok, as well as e-commerce sites Target, Etsy, Shopify, and Home Depot, among others.

Amazon, Amazon Web Services (AWS), and Cloudflare were also affected.

Google’s Status Dashboard reported an unspecified “issue” with the Cloud service starting at 10:10 Pacific, which was causing users to encounter errors when accessing websites. 

“We believe the issue with Cloud Networking is partially resolved,” the company said by 10:17 PST, but it added that “Customers will be unable to apply changes to their load balancers until the issue is fully resolved,” and they did not have an estimate as to when that might be.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

After vowing to retaliate against Lithuania’s move to allow Taiwan open a “representative office” in Vilnius, Beijing has announced it is downgrading diplomatic relations with the Baltic state.

In a statement on Sunday, the Chinese foreign ministry said that China’s diplomatic relations with Lithuania will be formally lowered to the level of charge d’affaires, while blasting Vilnius for setting a “bad international precedent” by giving the island the green light to open its mission in the Lithuanian capital.

The ministry went on to accuse Vilnius of undermining the One China principle and the principle of neutrality in bilateral relations, explaining its decision to demote relations by citing the need to “safeguard its sovereignty and the basic norms of international relations.”

Read more

The Lithuanian flag (FILE PHOTO) © REUTERS/Ints Kalnins
China reveals whether it’ll ‘punish’ Lithuania over Taiwan

“The Lithuanian government must bear all the consequences arising from this,” the ministry said, while calling on Vilnius to “correct its mistakes immediately.”

“No matter how the ‘Taiwan independence’ forces distort facts and reverse black and white, they cannot change the historical fact that the mainland and Taiwan belong to the same China,” the ministry asserted.

The move comes just two days after Beijing went on a verbal offensive against the Baltic country, warning that pushback for its cozying up to Taiwan would be imminent. “As to what necessary measures China will take, you may wait and see,” it said at the time.

Lithuania and China have been embroiled in a diplomatic row and have not maintained relations at ambassadorial level since September. After the Baltic state revealed that it would be opening a de facto Taiwanese embassy, China withdrew its ambassador from the country in August. Vilnius followed suit the following month.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

A Roadmap for AI in the Intelligence Community

(Editor’s Note: This article was first published by our friends at Just Security and is the fourth in a series that is diving into the foundational barriers to the broad integration of AI in the IC – culture, budget, acquisition, risk, and oversight.  This article considers a new IC approach to risk management.)

OPINION — I have written previously that the Intelligence Community (IC) must rapidly advance its artificial intelligence (AI) capabilities to keep pace with our nation’s adversaries and continue to provide policymakers with accurate, timely, and exquisite insights. The good news is that there is strong bipartisan support for doing so. The not-so-good news is that the IC is not well-postured to move quickly and take the risks required to continue to outpace China and other strategic competitors over the next decade.

In addition to the practical budget and acquisition hurdles facing the IC, there is a strong cultural resistance to taking risks when not absolutely necessary. This is understandable given the life-and-death nature of intelligence work and the U.S. government’s imperative to wisely execute national security funds and activities. However, some risks related to innovative and cutting-edge technologies like AI are in fact necessary, and the risk of inaction – the costs of not pursuing AI capabilities – is greater than the risk of action.

The Need for a Risk Framework

For each incredible new invention, there are hundreds of brilliant ideas that have failed. To entrepreneurs and innovators, “failure” is not a bad word. Rather, failed ideas are often critical steps in the learning process that ultimately lead to a successful product; without those prior failed attempts, that final product might never be created. As former President of India A.P.J. Abdul Kalam once said, “FAIL” should really stand for “First Attempt In Learning.”

The U.S. government, however, is not Silicon Valley; it does not consider failure a useful part of any process, especially when it comes to national security activities and taxpayer dollars. Indeed, no one in the U.S. government wants to incur additional costs or delay or lose taxpayer dollars. But there is rarely a distinction made within the government between big failures, which may have a lasting, devastating, and even life-threatening impact, and small failures, which may be mere stumbling blocks with acceptable levels of impact that result in helpful course corrections.

The Cipher Brief hosts private briefings with the world’s most experienced national and global security experts.  Become a member today.

As a subcommittee report of the House Permanent Select Committee on Intelligence (HPSCI) notes “[p]rogram failures are often met with harsh penalties and very public rebukes from Congress which often fails to appreciate that not all failures are the same. Especially with cutting-edge research in technologies … early failures are a near certainty …. In fact, failing fast and adapting quickly is a critical part of innovation.” There is a vital difference between an innovative project that fails and a failure to innovate. The former teaches us something we did not know before, while the latter is a national security risk.

Faced with congressional hearings, inspector general reports, performance evaluation downgrades, negative reputational effects, and even personal liability, IC officers are understandably risk-averse and prefer not to introduce any new risk. That is, of course, neither realistic nor the standard the IC meets today. The IC is constantly managing a multitude of operational risks – that its officers, sources, or methods will be exposed, that it will miss (or misinterpret) indications of an attack, or that it will otherwise fail to produce the intelligence policymakers need at the right time and place. Yet in the face of such serious risks, the IC proactively and aggressively pursues its mission. It recognizes that it must find effective ways to understand, mitigate, and make decisions around risk, and therefore it takes action to make sure potential ramifications are clear, appropriate, and accepted before any failure occurs. In short, the IC has long known that its operations cannot be paralyzed by a zero-risk tolerance that is neither desirable nor attainable. This recognition must also be applied to the ways in which the IC acquires, develops, and uses new technology.

This is particularly important in the context of AI. While AI has made amazing progress in recent years, the underlying technology, the algorithms and their application, are still evolving and the resulting capabilities, by design, will continue to learn and adapt. AI holds enormous promise to transform a variety of IC missions and tasks, but how and when these changes may occur is difficult to forecast and AI’s constant innovation will introduce uncertainty and mistakes. There will be unexpected breakthroughs, as well as failures in areas that initially seemed promising.

The IC must rethink its willingness to take risks in a field where change and failure is embraced as part of the key to future success. The IC must experiment and iterate its progress over time and shift from a culture that punishes even reasonable risk to one that embraces, mitigates, and owns it. This can only be done with a systematic, repeatable, and consistent approach to making risk-conscious decisions.

Today there is no cross-IC mechanism for thinking about risk, let alone for taking it. When considering new activities or approaches, each IC element manages risk through its own lens and mechanisms, if at all. Several individual IC elements have created internal risk assessment frameworks to help officers understand the risks of both action and inaction, and to navigate the decisions they are empowered to make depending upon the circumstances. These frameworks increase confidence that if an activity goes wrong, supervisors all the way up the chain will provide backing as long as the risk was reasonable, well-considered and understood, and the right leaders approved it. And while risk assessments are often not precise instruments of measurement – they reflect the quality of the data, the varied expertise of those conducting the assessments, and the subjective interpretation of the results – regularized and systematic risk assessments are nevertheless a key part of effective risk management and facilitate decision-making at all levels.

Go beyond the headlines with expert perspectives on today’s news with The Cipher Brief’s Daily Open-Source Podcast.  Listen here or wherever you listen to podcasts.

Creating these individual frameworks is commendable and leading-edge for government agencies, but more must be done holistically across the IC. Irregular and inconsistent risk assessments among IC elements will not provide the comfort and certainty needed to drive an IC-wide cultural shift to taking risk. At the same time, the unique nature of the IC, comprised of 18 different elements, each with similar and overlapping, but not identical, missions, roles, authorities, threats and vulnerabilities, does not lend itself to a one-size-fits-all approach.

For this reason, the IC needs a flexible but common strategic framework for considering risk that can apply across the community, with each element having the ability to tailor that framework to its own mission space. Such an approach is not unlike how the community is managed in many areas today – with overarching IC-wide policy that is locally interpreted and implemented to fit the specific needs of each IC element. When it comes to risk, creating an umbrella IC-wide framework will significantly improve the workforce’s ability to understand acceptable risks and tradeoffs, produce comprehensible and comparable risk determinations across the IC, and provide policymakers the ability to anticipate and mitigate failure and unintended escalation.

Critical Elements of a Risk Framework

A common IC AI risk framework should inform and help prioritize decisions from acquisition or development, to deployment, to performance in a consistent way across the IC. To start, the IC should create common AI risk management principles, like its existing principles of transparency and AI ethics, that include clear and consistent definitions, thresholds, and standards. These principles should drive a repeatable risk assessment process that each IC element can tailor to its individual needs, and should promote policy, governance, and technological approaches that are aligned to risk management.

The successful implementation of this risk framework requires a multi-disciplinary approach involving leaders from across the organization, experts from all relevant functional areas, and managers who can ensure vigilance in implementation. A whole-of-activity methodology that includes technologists, collectors, analysts, innovators, security officers, acquisition officers, lawyers and more, is critical to ensuring a full 360-degree understanding of the opportunities, issues, risks, and potential consequences associated with a particular action, and to enabling the best-informed decision.

Given the many players involved, each IC element must strengthen internal processes to manage the potential disconnects that can lead to unintended risks and to create a culture that instills in every officer a responsibility to proactively consider risk at each stage of the activity. Internal governance should include an interdisciplinary Risk Management Council (RMC) made up of senior leaders from across the organization. The RMC should establish clear and consistent thresholds for when a risk assessment is required, recommended, or not needed given that resource constraints likely will not allow all of the broad and diverse AI activities within organizations to be assessed. These thresholds should be consistent with the IC risk management principles so that as IC elements work together on projects across the community, officers have similar understandings and expectations.

The risk framework itself should provide a common taxonomy and process to:

  • Understand and identify potential failures, including the source, timeline, and range of effects.
  • Analyze failures and risks by identifying internal vulnerabilities or predisposing conditions that could increase the likelihood of adverse impact.
  • Evaluate the likelihood of failure, taking into consideration risks and vulnerabilities.
  • Assess the severity of the potential impact, to include potential harm to organizational operations, assets, individuals, other organizations, or the nation.
  • Consider whether the ultimate risk may be sufficiently mitigated or whether it should be transferred, avoided, or accepted.

AI-related risks may include, among other things, technology failure, biased data, adversarial attacks, supply chain compromises, human error, cost overruns, legal compliance challenges, or oversight issues.

An initial risk level is determined by considering the likelihood of a failure against the severity of the potential impact. For example, is there is a low, moderate, or high likelihood of supply chain compromise? Would such a compromise affect only one discrete system or are there system-wide implications? These calculations will result in an initial risk level. Then potential mitigation measures, such as additional policies, training, or security measures, are applied to lower the initial risk level to an adjusted risk level. For example, physically or logically segmenting an organization’s systems so that a compromise only touches one system would significantly decrease the risk level associated with that particular technology. The higher the likelihood of supply chain compromise, the lower the severity of its impact must be to offset the risk, and vice versa. Organizations should apply the Swiss Cheese Model of more than one preventative or mitigative action for a more effective layered defense. Organizations then must consider the adjusted risk level in relation to their tolerance for risk; how much risk (and potential consequence) is acceptable in pursuit of value? This requires defining the IC’s risk tolerance levels, within which IC elements may again define their own levels based upon their unique missions.

Understanding and considering the risk of action is an important step forward for the IC, but it is not the last step. Sometimes overlooked in risk assessment practices is the consideration of the risk of inaction. To fully evaluate potential options, decision-makers must consider whether the overall risk of doing something is outweighed by the risks of not doing it. If the IC does not pursue particular AI capabilities, what is the opportunity cost of that inaction? Any final determination about whether to take action must consider whether declining to act would cause greater risk of significant harm. While the answer will not always be yes, in the case of AI and emerging technology, it is a very realistic possibility.

And, finally, a risk framework only works if people know about it. Broad communication – about the existence of the framework, how to apply it, and expectations for doing so – is vital. We cannot hold people accountable for appropriately managing risk if we do not clearly and consistently communicate and help people use the structure and mechanisms for doing so.

Buy-in To Enhance Confidence

An IC-wide AI risk framework will help IC officers understand risks and determine when and how to take advantage of innovative emerging technologies like AI, increasing comfort with uncertainty and risk-taking in the pursuit of new capabilities. Such a risk framework will have even greater impact if it is accepted – explicitly or implicitly – by the IC’s congressional overseers. The final article in this series will delve more deeply into needed changes to further improve the crucial relationship between the IC and its congressional overseers. It will also provide a link to a full report that provides more detail on each aspect of the series, including a draft IC AI Risk Framework.

Although Congress is not formally bound by such a framework, given the significant accountability measures that often flow from these overseers, a meeting of the minds between the IC and its congressional overseers is critical. Indeed, these overseers should have awareness of and an informal ability to provide feedback into the framework as it is being developed. This level of transparency and partnership would lead to at least two important benefits: first, increased confidence in the framework by all; and second, better insight into IC decision-making for IC overseers.

Ultimately, such a mutual understanding would encourage exactly what the IC needs to truly take advantage of next-generation technology like AI: a culture of experimentation, innovation, and creativity that sees reasonable risk and failure as necessary steps to game-changing outcomes.

Read also AI and the IC: The Tangled Web of Budget and Acquisition

Read also Artificial Intelligence in the IC: Culture is Critical

Read also AI and the IC: The Challenges Ahead

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The post A Roadmap for AI in the IC appeared first on The Cipher Brief.

find more fun & mates at SoShow now !

Carving the turkey for Thanksgiving is a true honor for any man, and should be taken extremely seriously. Assuming you have no backup turkey, you have one opportunity to slice and carve it just perfectly, or your reputation with your family with be tainted forever. What better way to ensure you carve your Thanksgiving turkey properly and in the most manly way possible than with a chainsaw carving tool?

Turkey carving chainsaw.

The electric chainsaw turkey carving tool looks and acts like a real chainsaw, except it won’t actually cut wood, and it’s a much smaller version of its larger counterpart. Though a chain doesn’t wrap around the blade and spin like a real chainsaw, a small electric knife is on the bottom of the blade to make it look like it’s working like a real chainsaw.

Turkey carving chainsaw.

Made with stainless steel cutting blades along with an ABS plastic body, the chainsaw inspired turkey carving tool is not only great for cutting turkeys and other birds, but is also useful for cutting melons, pineapples, potatoes, breads, and more.

Chainsaw knife.

Turkey carving chainsaw.

Turkey carving chainsaw.

Turkey carving chainsaw.

Turkey carving chainsaw.

If you feel like this is something you would want to spend money on, you can get this weird kitchen tool on Amazon.

The post This Miniature Chainsaw For Carving Turkeys Will Take Thanksgiving To The Next Level first appeared on .

find more fun & mates at SoShow now !

France’s best-known book of words, Le Petit Robert dictionary, has caused a stir by including the non-binary personal pronoun as an alternative to the existing masculine and feminine terms.

While the annual update of the Petit Robert dictionary is often a topic of considerable debate in French media, the latest edition has caused quite the backlash, with some, including a cabinet member, accusing it of pandering to wokeism.

The word “iel,” a neologism combining the French words for he and she (“il” and “elle“), is described as the personal pronoun for a person of any gender. “Personal pronoun subject to the third person singular and plural, used to evoke a person of any gender. The use of the pronominal in inclusive communication,” the dictionary’s entry reads. 

Read more

(FILE PHOTO) © REUTERS/Costas Baltas
France turns to Ancient Greece for war on woke

Striking out at the latest inclusion, François Jolivet, an MP in President Emmanuel Macron’s LREM party took his protest to the Académie Française, the official guardians of the French language.  

Describing the move as “wokeism,” Jolivet said in a letter to the Académie that the word “iel” had no place in the French language and claimed it would be a precursor to the rise of ‘woke’ ideology, which undermines the values of the Gallic nation.

Outspoken Education Minister Jean-Michel Blanquer also chimed in. “Inclusive writing is not the future of the French language,” he tweeted, sharing Jolivet’s letter. “Just as our schoolchildren are consolidating their basic skills, they don’t need to have this as a reference,” he added.

The head of Gaullist party Debout La France, Nicolas Dupont-Aignan, further criticized Petit Robert’s “woke” addition. “Let’s defend our language against these ridiculous fanatics of deconstruction and let’s boycott the collaborators who give into them,” he tweeted.  

Le Petit Robert has responded to the “lively debate” by claiming that the pronoun has been used increasingly in society in recent months and they chose to reflect this by adding it to their latest update. The publication also said that some have welcomed the addition.

France’s offensive against wokeism, which has been described by some as an Anglo-Saxon import, recently saw Blanquer vow to increase the teaching of ancient Greek and Latin languages. The education minister claims that the classical vernaculars respond to a demand for logos (language as a tool for reason), in a world where “a lack of reason is spreading like wildfire.” 

If you like this story, share it with a friend!

find more fun & mates at SoShow now !

A stream literally flowing with booze emitting a strong beery odor has been discovered in one of the tropical islands of Hawaii. Its waters have been apparently contaminated with alcohol after a leak at a beverage warehouse.

A small river with a distinctive alcoholic smell was recently found on the island of Oahu, some 15 miles (24 kilometers) away from Honolulu, Hawaiian capital. Its waters have been flowing through the Waipio valley and even turned into a 100-foot (30 meters) waterfall on their way.  

Read more

Image from geosociety.org
​‘Plastic stones’ found at remote Hawaii beach

The stream caught the attention of local environmental activists, who noticed the smell in the area.

The other day we came here you would think it was a beer pub that hadn’t opened its doors for three or four days,” activist Carroll Cox told local Hawaii News Now. She also contacted the Department of Health about the issue.

Local media took samples from the unusual stream and had them checked at a private laboratory. It tested positive for alcohol, containing 1.2% percent of the substance in its waters – nearly a quarter the content in regular beer and strong enough to cause a buzz.

Local health authorities got involved, and an investigation into the source of contamination was launched. It was learned that the stream was coming from a drain pipe that was traced back to a warehouse of Hawaii’s largest liquor distributor, Paradise Beverages. Its representatives told local media they were working with officials to eliminate a possible spill, with the booze river apparently closing its free drinks service.

Like this story? Share it with a friend!

find more fun & mates at SoShow now !

Extinction Rebellion has targeted Colombian diplomatic missions across several EU countries, including France and Italy, demanding that the nation address deforestation, coal mining, and indigenous peoples’ rights.

The hard-line climate activist group staged simultaneous protests outside several of Colombia’s diplomatic missions on Tuesday, calling on Bogota to protect biodiversity and stop deforestation. It also urged the country’s government to take action against the El Descanso open-pit coal mine, which is said to be threatening the Yukpa indigenous people.

The French branch of the activist group targeted the Colombian Embassy in Paris, vandalizing its entrance. Footage from the scene shows activists dousing the mission’s entrance in black paint, while plastering placards over its walls.

XR members then chanted slogans, lighting flares that emitted thick pink and black smoke. At least one activist was seen bathing in fake blood.

Another protest held outside Colombia’s consulate in Milan, Italy, saw that mission vandalized too. The building’s entrance was covered in fake blood, with a pile of a black substance, which looked like charcoal or coal, left by its doors.

Demonstrations also took place outside Colombia’s missions in Germany’s capital, Berlin, as well as in Madrid, Spain. Those protests appeared to be more civil, with activists rallying outside of the missions without vandalizing them.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

A gunman injured two civilians, one of them fatally, and two police officers before being shot dead by security forces near Jerusalem’s Western Wall on Sunday morning, Israeli police said.

The civilian victims were taken to Shaare Zedek Medical Center. One, who was in his 30s, succumbed to his injuries at the hospital. The other, a 46-year-old, is said to have suffered moderate injuries. Two police officers were hurt by shrapnel.

In a video clip shared on social media and purportedly filmed at the scene, multiple gunshots could be heard amid agitated shouting. Security officers could then be seen standing around what appears to be a dead body. Witnesses speculated it was that of a “terrorist.”

The gunman, whose identity was not immediately disclosed, was killed during the incident. Police said he had used a homemade submachine gun.

DETAILS TO FOLLOW

find more fun & mates at SoShow now !