Cyber Week in Review: May 27, 2022

Clearview AI fined by UK regulators, ordered to delete data 

Regulators in the United Kingdom levied a $9 million fine against Clearview AI, the controversial facial recognition company, and ordered the company to stop scraping and using data from United Kingdom residents. The UK Information Commissioner’s Office found that Clearview AI did not use the information it had collected in a fair and transparent manner and did not have a lawful reason for collecting the data in the first place. The company will be forced to delete the data of United Kingdom residents and will also be barred from collecting information on them in the future. Clearview has faced significant headwinds recently, as regulators in Australia, Italy, and France have all ordered the company to delete data on residents of their respective countries. 

Quad announces cybersecurity and software initiatives 

The Quad, the grouping of the United States, India, Japan, and Australia, announced that they would collaborate on new initiatives related to cybersecurity and emerging technologies after a recent summit in Tokyo. The group agreed to work collaboratively to establish standards on emerging technologies and to share information on technology standards. The Quad will also work to increase communication between Computer Emergency Response Teams (CERT) in each member country. The leaders announced the creation of a new fellowship program, which will aim to encourage cooperation in science, technology, engineering, and mathematics, an area where exchanges between some members has been lackluster in the past. The importance of the Quad has risen in recent years, as the members have engaged in different disputes with China over a variety of issues. 

Russian social media manipulation tool exposed 

A Russian botnet, dubbed Fronton could also be used to post disinformation to social media and avoid detection. Fronton was originally exposed in March 2020, and researchers originally thought it was primarily used to launch distributed denial of service (DDoS) attacks. The new research shows the tool also gives operators the ability to coordinate inauthentic social media behavior across a wide number of accounts. Operators can manage how bots interact with each other and what they post. The botnet also disguises traffic by routing it through compromised devices, making it appear like the activity is independent and geographically dispersed. While Fronton likely was not deployed outside of a single test use, its discovery offers a window into the propaganda tools of Russian troll farms and how they can be used to manipulate online discourse. 

Twitter fined $150 million by FTC 

The Federal Trade Commission (FTC) fined Twitter $150 million over Twitter’s misuse of phone numbers and email addresses provided for two factor authentication. That penalty represents about 3 percent of Twitters revenue for 2020. The FTC said that Twitter had failed to disclose that it would use personal data customers had provided to secure their accounts to target advertisements. Twitter claimed that it had inadvertently used the data for advertising and that it had identified the problem in 2019 and stopped the practice. The fine comes as Elon Musk has been engaged in an attempt to buy Twitter for $44 billion. 

China pursues cyber, data cooperation in new economic security deal with Pacific island nations

One month following a bilateral security cooperation agreement signed with the Solomon Islands, China is again attempting to shape the security environment of the South Pacific. A leaked draft of the “China-Pacific Island Countries Common Development Vision” it hopes to sign with ten Pacific islands reveals that China may become increasingly influential in issues of cybersecurity and global data governance in the region. The draft communique pledges to “strengthen exchanges and cooperation in the fields of [both] traditional and non-traditional security.” The proposed deal drew a rebuke from Australia, whose new Foreign Minister Penny Wong said that “China has made its intentions clear” regarding its growing influence in the region. It remains to be seen if the United States and Australia can blunt China’s gains in the South Pacific, as the two countries have launched efforts of their own.