Thread: Chinese blacklist an early glimpse of sweeping new social-credit control

Nathan VanderKlippe
BEIJING

January 3, 2018





Liu Hu spent two decades pushing hard at the bounds of censorship in China. An accomplished journalist, he used a blog to accuse high-level officials of corruption and wrongdoing and to publish details of misconduct by authorities.
In late 2013, he was arrested and accused of "fabricating and spreading rumours." Late in 2016, a court found him guilty of defamation and ordered him to apologize on his social-media account, which at the time had 740,000 followers. If he was unwilling to do that, the court said, he could pay $115 to publish the verdict on an authorized website. Mr. Liu paid the money.
Then, he said, the judge raised the fee to $2,900.


But in the midst of Mr. Liu's attempt to seek legal redress early in 2017, he discovered that his life had abruptly changed: Without any notice, he had been caught up in the early reaches of a social-credit system that China is developing as a pervasive new tool for social control – one expected to one day tighten the state's grip on its citizens. Critics have called it an Orwellian creation – a new kind of "thought police."
What it meant for Mr. Liu is that when he tried to buy a plane ticket, the booking system refused his purchase, saying he was "not qualified." Other restrictions soon became apparent: He has been barred from buying property, taking out a loan or travelling on the country's top-tier trains.

"There was no file, no police warrant, no official advance notification. They just cut me off from the things I was once entitled to," he said. "What's really scary is there's nothing you can do about it. You can report to no one. You are stuck in the middle of nowhere."
First envisioned in the mid-1990s, China's social-credit system would assign a ranking to each of the country's almost 1.4 billion people. Unlike a Western rating based on financial creditworthiness, China's social-credit backers want their system to be all-encompassing, to evaluate not just financial matters but anything that might speak to a person's trustworthiness. In modern China, "trust-keeping is insufficiently rewarded, the costs of breaking trust tend to be low," a 2014 Chinese government document describing the government's plans notes.
The social-credit system aims to change that – raising the penalties for poor conduct and the rewards for deferential behaviour.
It is the most ambitious attempt by any government in modern history to fuse technology with behavioural control, placing China at the forefront of a new kind of authoritarianism, one that can mine a person's digital existence – shopping habits, friends, criminal records, political views – and judge them according to the state's standard of reliability.
It was only months later that Mr. Liu discovered what had happened. A friend pointed him to a website run by China's Supreme People's Court called the List of Dishonest Persons Subject to Enforcement, a formalized catalogue of exclusion. In Mr. Liu's case, the reason states: "This person refuses to fulfill the duties listed in the verdict even though he is able to do so."


The blacklist, which by this summer had swelled to 7.49 million names, is among the most visible early elements of a social-credit rating system that can assess a person's commercial, social, political and moral life, providing benefits to those considered trustworthy and restrictions on those who are not. Chinese planners want the full system in place in three years. They say it will bring about a more honest, trustworthy country.
But a Globe and Mail review of more than two dozen cases, including one of a girl blacklisted as a toddler and another of a man blacklisted for stealing a few packs of cigarettes, suggests the system is exacting an outsized toll even now, in its earliest days. Mr. Liu's case, too, shows how the social-credit system is being used to silence dissent.
"I can't say that Liu Hu's outspokenness led directly to his troubles. But we have to admit that Liu's is not a rare case. Many people who are, like him, similarly controversial are very likely to endure the same ordeal," said Zhu Xiaoding, a Beijing lawyer who specializes in administrating proceedings.
"And the lack of an appeal mechanism has made these people unable to seek the help they really need. That leaves them in despair, because their social relations, as well as their material lives, have been ruined."
Some cities have even changed the ringback tone – the sound a caller hears – of those being punished to warn the caller that "the person you are calling is on the central credit blacklist."
To some, that's cause for optimism in the future of China.


"We are in dire need of rebuilding. We must rebuild social morality, business integrity, food safety, officials' power," said Lin Junyue, an academic sometimes called the founder of China's social-credit theory, which he has studied since the mid-1990s.
Such a system, he said, can serve as a "fantastic" counterterrorism tool, promoting social stability and peaceful co-existence.
"People who like it see me as a great contributor to a better society. People who disdain it accuse me of providing a digital tool for government to wield its power against people. I've heard voices of both sides."
It doesn't much matter. The social-credit system now under construction promises to reshape the country in profound ways.
The 2014 document offers a partial list of the areas that will be governed by social-credit scores: import and export trading, health inspection, government procurement, labour and employment, taxation, public transportation, social security, scientific research management, Communist Party promotion and appointments, applications for government financial support, hotels and restaurants, currency conversion, insurance sales, work in mining, chemicals, the manufacture of special equipment and the production of food and medicine.

China's e-commerce heavyweights have already begun creating their own credit markers, which have spread quickly. Take Sesame Credit, the creation of a unit of Alibaba. It parses a person's buying habits and contacts to come up with a credit score, which can be hurt by, for example, video games – an indicator of "an idle person," the company has said – and helped by the purchase of diapers, an indication of reliability.
On 58.com, a Craigslist-style marketplace, Sesame scores have become increasingly important. Lease agent Huang Nu'an, for example, offers a 50-per-cent waiver on rental deposits for those with high scores.
"You can't be sure that such a person is 100-per-cent trustworthy. But in the world of business, this kind of index is better than nothing," he said. "There is huge room for us to make this concept more widespread."
The development of social credit is also an attempt to regain the breadth of control the Communist Party once wielded over the country through work units and the state economy, before the rise of private enterprise eroded that power.

Social credit offers a powerful corrective while giving extraordinary new power to those who design and maintain the system's algorithm.
"Put in the hands of the Chinese government the ability to determine your level of honesty and you have a perfect storm of human-rights abuses," said Maya Wang, China researcher for Human Rights Watch.
Take the blacklist, which has been devised to deliver shame as well as punishment to offenders. Its website hosts a scrolling list of recent additions, and any name can be searched, typically yielding a brief description of the wrongdoing.

The consequences can be severe. When Xie Wen, the founder of a corporate entertainment firm, was placed on the list after a dispute with another company, banks cut him off, rendering him unable to pay employees and hampering his ability to seek legal redress. Being "discredited" tainted his name and business partners abandoned him.
"I felt like I was being tortured, mentally and physically," he said. "It's a psychological burden that will stick to you for quite a few years."
Mr. Xie paid a sum of money ordered by the court and was removed from the blacklist.
In the eyes of social-credit supporters, that makes him a success story.
The principle is "to create a disciplinary mechanism in which all of us will unite to pressure people who behave badly or commit crimes to come back to the right track," said Li Ming, a credit-counselling expert at the Beijing Institute of Big Data Research.
"What government really wants to stress is setting up a society of credibility and integrity."
It's fair to think of social credit as an updated version of the renshi dangan, the decades-old Communist Party system of maintaining detailed personal files on cadres, said Chen Tan, a scholar at Guangzhou University and an expert on the system.

Prone to abuse, the information in those secret files could easily end a person's career.
But the social-credit system will not suffer such issues, since it will "also set standards for government," Prof. Chen said.
And, he said, the positives outweigh the negatives. Social credit "will set an important tone for society and push everyone to pay attention to their own behaviour." He expects it to be so effective that the government will save money on education because it "won't need to spend a lot on moral campaigns and verbal encouragement."

But the blacklist has already shown how governments and courts can use the system to upturn lives for questionable reasons.
Take Song Zixuan, whose father was found guilty in 2014 of murdering his wife and was sentenced to death. Zixuan was 2 at the time. The court also fined her father. He did not pay the fine, so after his execution the court assigned responsibility for that penalty to Zixuan and her grandfather, saying in the verdict: "They should also bear the debt that the dead couple owed."
That totalled more than $25,000. Because it hasn't been paid off, Zixuan's name has been added to the blacklist, her grandfather Gao Jiaxi said in an interview. (The Globe has reviewed documents that show the court transferring responsibility for the debt but has been unable to independently verify her name on the blacklist, which does not publish details of minors.)
"They didn't have even the slightest bit of concern for the future of this girl," Mr. Gao said. "For a normal person accidentally labelled as 'discredited,' the aftermath is huge – let alone a girl at this age. This is disastrous."
The Globe examined records of two dozen people on the blacklist, many of whom had committed minor offences. One man was blacklisted over a $1,500 rent payment. Another had not repaid $1,900. Another failed to pay a $195 fine. Yet another had shoplifted 10 packs of cigarettes worth $70.

Mr. Lin, the intellectual father of the social-credit system, agreed that in the case of the shoplifter, the punishment "is a bit over the top."
But for China, the value of creating the system far outweighs a few legal excesses, he said.
"Compared to the improvement in the atmosphere of the entire society, their sacrifice is worth it."
It's a question, he added, of how much value to give human rights. A government that worries too much about individual freedoms can impede economic development, he said. China has chosen a different course: pursuing the well-being of the country as a priority above all others.
"If we have to risk turning China into a country like Iraq, Libya, the Philippines or Taiwan to obtain democracy, I'd rather we remain where we are right now," he said. "Those are democracies that sacrifice people's lives and social stability. We don't need it."

https://www.theglobeandmail.com/news...ticle37493300/

China's Surveillance State Should Scare Everyone

The country is perfecting a vast network of digital espionage as a means of social control—with implications for democracies worldwide.


Imagine a society in which you are rated by the government on your trustworthiness. Your “citizen score” follows you wherever you go. A high score allows you access to faster internet service or a fast-tracked visa to Europe. If you make political posts online without a permit, or question or contradict the government’s official narrative on current events, however, your score decreases. To calculate the score, private companies working with your government constantly trawl through vast amounts of your social media and online shopping data.


When you step outside your door, your actions in the physical world are also swept into the dragnet: The government gathers an enormous collection of information through the video cameras placed on your street and all over your city. If you commit a crime—or simply jaywalk—facial recognition algorithms will match video footage of your face to your photo in a national ID database. It won’t be long before the police show up at your door.


This society may seem dystopian, but it isn’t farfetched: It may be China in a few years. The country is racing to become the first to implement a pervasive system of algorithmic surveillance. Harnessing advances in artificial intelligence and data mining and storage to construct detailed profiles on all citizens, China’s communist party-state is developing a “citizen score” to incentivize “good” behavior. A vast accompanying network of surveillance cameras will constantly monitor citizens’ movements, purportedly to reduce crime and terrorism. While the expanding Orwellian eye may improve “public safety,” it poses a chilling new threat to civil liberties in a country that already has one of the most oppressive and controlling governments in the world.


China’s evolving algorithmic surveillance system will rely on the security organs of the communist party-state to filter, collect, and analyze staggering volumes of data flowing across the internet. Justifying controls in the name of national security and social stability, China originally planned to develop what it called a “Golden Shield” surveillance system allowing easy access to local, national, and regional records on each citizen. This ambitious project has so far been mostly confined to a content-filtering Great Firewall, which prohibits foreign internet sites including Google, Facebook, and The New York Times. According to Freedom House, China’s level of internet freedom is already the worst on the planet. Now, the Communist Party of China is finally building the extensive, multilevel data-gathering system it has dreamed of for decades.

While the Chinese government has long scrutinized individual citizens for evidence of disloyalty to the regime, only now is it beginning to develop comprehensive, constantly updated, and granular records on each citizen’s political persuasions, comments, associations, and even consumer habits. The new social credit system under development will consolidate reams of records from private companies and government bureaucracies into a single “citizen score” for each Chinese citizen. In its comprehensive 2014 planning outline, the CCP explains a goal of “keep[ing] trust and constraints against breaking trust.” While the system is voluntary for now, it will be mandatory by 2020. Already, 100,000 Chinese citizens have posted on social media about high scores on a “Sesame Credit” app operated by Alibaba, in a private-sector precursor to the proposed government system. The massive e-commerce conglomerate claims its app is only tracking users’ financial and credit behavior, but promises to offer a “holistic rating of character.” It is not hard to imagine many Chinese boasting soon about their official scores.



While it isn’t yet clear what data will be considered, commentators are already speculating that the scope of the system will be alarmingly wide. The planned “citizen credit” score will likely weigh far more data than the Western fico score, which helps lenders make fast and reliable decisions on whether to extend financial credit. While the latter simply tracks whether you’ve paid back your debts and managed your money well, experts on China and internet privacy have speculated—based on the vast amounts of online shopping data mined by the government without regard for consumer privacy—that your Chinese credit score could be higher if you buy items the regime likes—like diapers—and lower if you buy ones it doesn’t, like video games or alcohol. Well beyond the realm of online consumer purchasing, your political involvement could also heavily affect your score: Posting political opinions without prior permission or even posting true news that the Chinese government dislikes could decrease your rank.


Even more worrying is that the government will be technically capable of considering the behavior of a Chinese citizen’s friends and family in determining his or her score. For example, it is possible that your friend’s anti-government political post could lower your own score. Thus, the scoring system would isolate dissidents from their friends and the rest of society, rendering them complete pariahs. Your score might even determine your access to certain privileges taken for granted in the U.S., such as a visa to travel abroad or or even the right to travel by train or plane within the country. One internet privacy expert warns: “What China is doing here is selectively breeding its population to select against the trait of critical, independent thinking.”


While Westerners and especially civil liberties groups like the ACLU are horrified by such a prospect—one commentator called the possibility “authoritarianism, gamified”—others argue that because lack of trust is a serious problem in China, many Chinese welcome this potential system. However, a state-run, party-inspired, data-driven monitoring system poses profound questions for the West about the role of private companies in government surveillance. Is it ethical for private companies to assist in massive surveillance and turn over their data to the government? Alibaba (China’s Amazon) and Tencent (owner of the popular messaging platform WeChat) possess sweeping data on each Chinese citizen that the government would have to mine to calculate scores. Although Chinese companies now are required to assist in government spying while U.S. companies are not, it is possible to imagine Amazon in Alibaba’s position, or Facebook in place of Tencent. While private companies like credit scoring bureaus have always used data to measure consumers’ creditworthiness, in any decent society there must be a clear distinction between private-sector and public-sector scoring mechanisms that could determine access to citizen rights and privileges, without recourse.

https://www.theatlantic.com/internat...llance/552203/

This is nothing new, we are all being watched. But of course there are ways to protect your data. There are always 2 sides to a coin. I'm sure there's anti-big brother software to let you live an anomynous online existance.

^Did you even read the articles?

That video has nothing to do with being rated by a government using a "social score" that can ruin one's life and the lives of family members.

Originally Posted by misskit

The government gathers an enormous collection of information through the video cameras placed on your street and all over your city.

Something "unheard" in our good old world ...

How many CCTV cameras actually are there in the UK?
Credits to Tom Reeve July 11 – 2013

There are between 4 million and 5.9 million CCTV surveillance cameras in the UK, according to a new report from the British Security Industry Association (BSIA).
How many CCTV cameras actually are there in the UK? ? Arc24


THE TRUMAN EFFECT Average Brit caught on CCTV 70 times a day – as it’s revealed UK is watched by more cameras than the whole of China
7th September 2016,
THE UK is watched by more than 5.9million CCTV cameras meaning the average Brit is filmed a staggering 70 TIMES a day, a study has found.
https://www.thesun.co.uk/news/174311...hole-of-china/

Originally Posted by Klondyke

Something "unheard" in our good old world ...

How many CCTV cameras actually are there in the UK?
Credits to Tom Reeve July 11 – 2013

There are between 4 million and 5.9 million CCTV surveillance cameras in the UK, according to a new report from the British Security Industry Association (BSIA).
How many CCTV cameras actually are there in the UK? ? Arc24


THE TRUMAN EFFECT Average Brit caught on CCTV 70 times a day – as it’s revealed UK is watched by more cameras than the whole of China
7th September 2016,
THE UK is watched by more than 5.9million CCTV cameras meaning the average Brit is filmed a staggering 70 TIMES a day, a study has found.
https://www.thesun.co.uk/news/174311...hole-of-china/

They aren't particularly effective for dealing with day-to-day crime either; they seem to only be of use in the more serious "events".
I always wondered whether it was a deliberate thing for the Chinese state broadcaster to be named "CCTV".

One of the fundamental questions of the relationship between the individual and the group is exemplified by the question of when a representative of the government knocks on your door, do you get to ask for your ID, or do they get to ask for yours?...

The whole issue of information security has been growing for a while, and questions about it have been wrestled with for some time now:

Political and ethical perspectives on data obfuscation Finn Brunton and Helen Nissenbaum*

https://www.nyu.edu/projects/nissenb...bfuscation.pdf

Security through obscurity: How to cover your tracks online

From Tor to steganography, these six techniques will help obscure the data and traces you leave online

By Peter Wayner

Contributing Editor, InfoWorld | Nov 5, 2012





Thinking about the bits of data you leave behind is a one-way ticket to paranoia. Your browser? Full of cookies. Your cellphone? A beacon broadcasting your location at every moment. Search engines track your every curiosity. Email services archive way too much. Those are just the obvious places we're aware of. Who knows what's going on inside those routers?
The truth is, worrying about the trail of digital footprints and digital dustballs filled with our digital DNA is not just for raving paranoids. Sure, some leaks like the subtle variations in power consumed by our computers are only exploitable by teams of geniuses with big budgets, but many of the simpler ones are already being abused by identity thieves, blackmail artists, spammers, or worse.
[ Verse yourself in 9 popular IT security practices that just don't work and 10 crazy security tricks that do. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from expert contributors in InfoWorld's PDF guide. | Keep up with key security issues with InfoWorld's Security Central newsletter. ]
[ Safeguard your data! The tools you need to encrypt your communications and web data. • Maximum-security essential tools for everyday encryption. • InfoWorld's encryption Deep Dive how-to report. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]Sad news stories are changing how we work on the Web. Only a fool logs into their bank's website from a coffee shop Wi-Fi hub without using the best possible encryption. Anyone selling a computer on eBay will scrub the hard disk to remove all personal information. There are dozens of sound, preventative practices that we're slowly learning, and many aren't just smart precautions for individuals, but for anyone hoping to run a shipshape business. Sensitive data, corporate trade secrets, confidential business communications -- if you don't worry about these bits escaping, you may lose your job.
Learning how best to cover tracks online is fast becoming a business imperative. It's more than recognizing that intelligent traffic encryption means not having to worry as much about securing routers, or that meaningful client-based encryption can build a translucent database that simplifies database management and security. Good privacy techniques for individuals create more secure environments, as a single weak link can be fatal. Learning how to cover the tracks we leave online is a prudent tool for defending us all.
Each of the following techniques for protecting personal information can help reduce the risk of at least some of the bytes flowing over the Internet. They aren't perfect. Unanticipated cracks, even when all of these techniques are used together, always arise. Still, they're like deadbolt locks, car alarms, and other security measures: tools that provide enough protection to encourage the bad guys to go elsewhere.

Online privacy technique No. 1: Cookie management

The search engines and advertising companies that track our moves online argue they have our best interests at heart. While not boring us with the wrong ads may be a noble goal, that doesn't mean the relentless tracking of our online activities won't be used for the wrong reasons by insiders or websites with less esteemed ideals.
The standard mechanism for online tracking is to store cookies in your browser. Every time you return to a website, your browser silently sends the cookies back to the server, which then links you with your previous visits. These little bits of personalized information stick around for a long time unless you program your browser to delete them.
Most browsers have adequate tools for paging through cookies, reading their values, and deleting specific cookies. Cleaning these out from time to time can be helpful, although the ad companies have grown quite good at putting out new cookies and linking the new results with the old. Close 'n Forget, a Firefox extension, deletes all cookies when you close the tab associated with a site.
Standard cookies are just the beginning. Some ad companies have worked hard on burrowing deeper into the operating system. The Firefox extension BetterPrivacy, for example, will nab the "supercookies" stored by the Flash plug-in. The standard browser interface doesn't know that these supercookies are there, and you can delete them only with an extension like this or by working directly with the Flash plug-in.
There are still other tricks for sticking information in a local computer. Ghostery, another Firefox extension, watches the data coming from a website, flags some of the most common techniques (like installing single-pixel images), and lets you reverse the effects.

Online privacy technique No. 2: Tor

One of the simplest ways to track your machine is through your IP address, the number the Internet uses like a phone number so that your requests for data can find their way back to your machine. IP addresses can change on some systems, but they're often fairly static, allowing malware to track your usage.
One well-known tool for avoiding this type of tracking is called Tor, an acronym for "The Onion Router." The project, developed by the Office of Naval Research, creates a self-healing, encrypted supernetwork on top of the Internet. When your machine starts up a connection, the Tor network plots a path through N different intermediate nodes in the Tor subnet. Your requests for Web pages follow this path through the N nodes. The requests are encrypted N times, and each node along the path strips off a layer of encryption like an onion with each hop through the network.
The last machine in the path then submits your request as if it were its own. When the answer comes back, the last machine acting as a proxy encrypts the Web page N times and sends it back through the same path to you. Each machine in the chain only knows the node before it and the node after it. Everything else is an encrypted mystery. This mystery protects you and the machine at the other end. You don't know the machine and the machine doesn't know you, but everyone along the chain just trusts the Tor network.
While the machine acting as your proxy at the other end of the path may not know you, it could still track the actions of the user. It may not know who you are, but it will know what data you're sending out onto the Web. Your requests for Web pages are completely decrypted by the time they get to the other end of the path because the final machine in the chain must be able to act as your proxy. Each of the N layers was stripped away until they're all gone. Your requests and the answers they bring are easy to read as they come by. For this reason, you might consider adding more encryption if you're using Tor to access personal information like email.
There are a number of ways to use Tor that range in complexity from compiling the code yourself to downloading a tool. One popular option is downloading the Torbutton Bundle, a modified version of Firefox with a plug-in that makes it possible to turn Tor on or off while using the browser; with it, using Tor is as simple as browsing the Web. If you need to access the Internet independently from Firefox, you may be able to get the proxy to work on its own.

Online privacy technique No. 3: SSL

One of the easiest mechanisms for protecting your content is the encrypted SSL connection. If you're interacting with a website with the prefix "https," the information you're exchanging is probably being encrypted with sophisticated algorithms. Many of the better email providers like Gmail will now encourage you to use an HTTPS connection for your privacy by switching your browser over to the more secure level if at all possible.
An SSL connection, if set up correctly, scrambles the data you post to a website and the data you get back. If you're reading or sending email, the SSL connection will hide your bits from prying eyes hiding in any of the computers or routers between you and the website. If you're going through a public Wi-Fi site, it makes sense to use SSL to stop the site or anyone using it from reading the bits you're sending back and forth.
SSL only protects the information as it travels between your computer and the distant website, but it doesn't control what the website does with it. If you're reading your email with your Web browser, the SSL encryption will block any router between your computer and the email website, but it won't stop anyone with access to the mail at the destination from reading it after it arrives. That's how your free Web email service can read your email to tailor the ads you'll see while protecting it from anyone else. The Web email service sees your email in the clear.
There are a number of complicated techniques for subverting SSL connections, such as poisoning the certificate authentication process, but most of them are beyond the average eavesdropper. If you're using a local coffee shop's Wi-Fi, SSL will probably stop the guy in the back room from reading what you're doing, but it may not block the most determined attacker.

Online privacy technique No. 4: Encrypted messages

While Tor will hide your IP address and SSL will protect your bits from the prying eyes of network bots, only encrypted mail can protect your message until it arrives. The encryption algorithm scrambles the message, and it's bundled as a string of what looks like random characters. This package travels directly to the recipient, who should be the only one who has the password for decrypting it.
Encryption software is more complicated to use and far less straightforward than SSL. Both sides must be running compatible software, and both must be ready to create the right keys and share them. The technology is not too complicated, but it requires much more active work.
There's also a wide range in quality of encryption packages. Some are simpler to use, which often makes for more weaknesses, and only the best can resist a more determined adversary. Unfortunately, cryptography is a rapidly evolving discipline that requires a deep knowledge of mathematics. Understanding the domain and making a decision about security can require a doctorate and years of experience. Despite the problems and limitations, even the worst programs are often strong enough to resist the average eavesdropper -- like someone abusing the system admin's power to read email.

Online privacy technique No. 5: Translucent databases

The typical website or database is a one-stop target for information thieves because all the information is stored in the clear. The traditional solution is to use strong passwords to create a wall or fortress around this data, but once anyone gets past the wall, the data is easy to access.
Another technique is to only store encrypted data and ensure all the encryption is done at the client before it is shipped across the Internet. Sites like these can often provide most of the same services as traditional websites or databases while offering much better guarantees against information leakage.
A number of techniques for applying this solution are described in my book "Translucent Databases." Many databases offer other encryption tools that can provide some or all of the benefits, and it's easy to add other encryption to the Web clients.
In the best examples, the encryption is used to obscure only the sensitive data, leaving the rest in the clear. This makes it possible to use the nonpersonal information for statistical analysis and data-mining algorithms.

Online privacy technique No. 6: Steganography

One of the most elusive and beguiling techniques is steganography, a term generally applied to the process of hiding a message so that it can't be found. Traditional encryption locks the data in a safe; steganography makes the safe disappear. To be more accurate, it disguises the safe to look like something innocuous, such as a houseplant or a cat.
The most common solutions involve changing some small part of the file in a way it won't be noticed. A single bit of a message, for instance, can be hidden in a single pixel by arranging the parity of the red and green components. If they're both even or both odd, then the pixel carries the message of 0. If one is even and one is odd, then it's a 1. To be more concrete, imagine a pixel with red, green and blue values of 128, 129, and 255. The red value is even, but the green value is odd, meaning the pixel is carrying the message of 1.
A short, one-bit message can be hidden by taking a file, agreeing upon a pixel, and making a small change in either the red or green value so that the pixel carries the right message. A one-bit change will be tiny and almost certainly not visible to the human, but a computer algorithm looking in the right place will be able to find it.
Paul Revere needed to send only one bit, but you may need to send more. If this technique is repeated long enough, any amount of data can be hidden. An image with 12 megapixels can store a message with 12Mb, or 1.5MB, without changing any pixel by more than one unit of red or green. Judicious use of compression can improve this dramatically. A large message like this article can be snuck into the corners of an average photo floating around the Internet.


Tweaking pixels is just one of the ways that messages can be inserted in different locations. There are dozens of methods to apply this approach -- for example, replacing words with synonyms or artfully inserting slight typographical mistakes into an article. Is that a misspelling or a secret message? All rely on inserting small, unnoticeable changes.
Steganography is not perfect or guaranteed to avoid detection. While the subtle changes to values like the red and green component may not be visible to the naked eye, clever algorithms can sometimes find the message. A number of statistical approaches can flag files with hidden messages by looking for patterns left behind by sloppy changes. The glare off of glass or chrome in a picture is usually stuffed with pixels filled with the maximum amount of red, green, and blue. If a significant number of these are just one unit less than the maximum, there's a good chance that a steganographic algorithm made changes.
These detection algorithms also have limits, and there are a number of sophisticated approaches for making the hidden messages harder to find. The scientists working on detection are playing a cat-and-mouse game with the scientists looking for better ways to hide the data.
For anyone seeking more on this, my book "Disappearing Cryptography" explores various solutions in depth, and my iPad App How to Hide Online provides interactive illustrations for trying the algorithms.

https://www.infoworld.com/article/26...ne.html?page=2

Generating a Bunch Of "Internet Noise" Isn't Going to Hide Your Browsing Habits

Thorin Klosowski
3/31/17 1:41pm



Earlier this week, Congress shut down a measure that would have required ISPs to get your approval to log and sell your browsing habits. Now, everyone’s freaking out and looking for solutions. One of those solutions is to attempt to obfuscate your browsing by creating random noise. Sadly, that’s not going to do much.

The theory here seems great, you head to a web site like Internet Noise or install an extension like Noiszy, and those sites perform random searches on Google, hoping to camouflage everything you’re actually searching for.
The problem is that it doesn’t really work for privacy purposes, a fact that Dan Schultz, the developer behind Internet Noise, even mentions on his web site when he says, “this button will make some noise as a form of digital protest. It does not make you safe.” Schultz’s project is meant to raise awareness as a sign of protest. It’s art, not a privacy tool.
Internet Noise doesn’t linger on sites long enough to leave that much of an impression, and even if it did spend more time there, filtering out the random noise would be a trivial task. Advertisers are looking for consistent visits to specific sites, not the places you randomly end up for a few seconds after searching for something on Google. If our ad profiles were filled with all the accidental clicks on Yahoo Answers links, they’d be pointless.
Speaking to Wired, privacy expert Parker Higgins lays it out like so, “The main problem with these sorts of projects is that they rely on your being able to generate plausible activity more reliably than your adversaries.” An algorithm that heads to random sites creates a profile that looks random, which is easy to filter out because we’re still all creatures of habit, and habits are more profitable than random clicks. If you head to Lifehacker every day at 7am, then follow that with a trip to Amazon, before wandering off to Ars Technica for a bit, a data broker can still build a profile of you.
So, what can you do to hide your browsing? Well, you can go all-in tinfoil hat with Tor to anonymize your browsing at the cost of speed, or go for a VPN, which also comes at the cost of speed (and the literal cost of money), or download a handful of extensions that won’t prevent your ISP from collecting data, but will at least stop everyone else.

https://lifehacker.com/generating-a-...-hi-1793898833

Originally Posted by misskit

^Did you even read the articles?

That video has nothing to do with being rated by a government using a "social score" that can ruin one's life and the lives of family members.

Seems related...

https://www.creditperfect.co.uk/faqs...l-report-score
Communications Data Bill creates 'a virtual giant database' - BBC News

As the Investigatory Powers Bill passes into law, internet providers will be required to keep a full record of every site that each of its customers have visited

Everyone who can now see your entire internet history, including the taxman, DWP and Food Standards Agency | The Independent

Taxman unleashes its 'snooper computer': what information does its have on you?



The deadline for 2015/16 self assessment tax returns is looming, at the end of January Credit: DWImages /Alamy

• Laura Suter

7 January 2017 • 7:37am HM Revenue & Customs has spent years and £100m or more on a super-computer designed to identify those who may have paid too little tax. And now – with the deadline for filing 2015-16 tax returns just weeks away – the system is being fully deployed for the first time.
Instead of relying solely on information provided by taxpayers via their returns, HMRC’s powerful “Connect” system now draws on information from myriad government and corporate sources to create a profile of each taxpayer’s total income. Where this varies from the information provided by the taxpayer, the account is flagged and could be subject to further investigation.
For the first time, HMRC is also using these powers to warn individuals to check that they have not underpaid.


We all leave a massive electronic footprint of where we are, when we are away, what we do and what we spendGeorge Bull, RSM


Last month it sent letters to 10,000 individuals who had submitted their 2014-15 tax return without a complete declaration of savings interest received.
HMRC said it had used information gathered from banks, peer-to-peer lenders such as Zopa and other financial institutions and then checked it against individuals’ tax returns. It sent letters to those with discrepancies.
A spokesman said: “We have written to customers who appear to have under-declared untaxed interest.”



Home-sharing website Airbnb is used by many to rent out rooms or their whole property, and earn additional income Credit: AP


The Connect system’s data-hoarding does not stop at the income people have received from work and investment.
“Connect broadly deals with information spontaneously available in government departments or as part of the digital footprint that people leave when they use the internet,” said George Bull, senior tax partner at RSM, the auditing and consulting firm.
“We all leave a massive electronic footprint of where we are, when we are away, what we do and what we spend.”
The Connect system crunches data from Airbnb, the rental platform, for instance, or eBay.
A spokesman from Airbnb said: "Airbnb hosts want to pay their fair share of tax and we want to help. We remind hosts to check and follow tax rules, send email reminders during tax season and have downloadable transaction histories for hosts. We also include helpful information on our responsible hosting page."
It can also access Land Registry records to see houses purchased and ensure the correct tax has been paid. From there, further sources enable it to determine if properties are being rented out and whether that income has been declared.
It can also determine if someone is likely to be able to afford such properties, or whether they are suspected of having used previously undeclared income or savings.
HMRC gains anonymised information on all Visa and Mastercard transactions, enabling it to identify areas of likely underpayments which it can then target further, seeking details of individuals’ transactions where necessary.

As of September last year, HMRC can now get information from banks and financial organisations in British overseas territories, such as the Channel Islands, while from this year it can gather this information from 60 more countries.
“This is the tipping of the scales,” said Richard Morley of accountant BDO. “Five years ago those making minor tax errors would feel fairly safe. But HMRC now has more information and more access to information.”
HMRC will also be one of the government bodies to gain access to information under new laws known commonly as the “snoopers’ charter”. The legislation means telecom providers store customers’ web browsing and email records for at least a year; it can then be accessed by the Government.

Taxman unleashes its 'snooper computer': what information does its have on you?

https://www.ifa.org.uk/media/653935/...ect-system.pdf

How the taxman spies on everything you buy and sell online... thanks to a new law hardly anyone has noticed

• Tax officers monitor eBay and AirBnB to check up on activity
• HMRC has been hiring teams of 'data analysts' and 'intelligence analysts'
• Taxman can now force auction and payment sites to hand over your details
• Investigators now have extensive access to Etsy, eBay, Booking.com and Airbnb

By Louise Eccles and Ruth Lythe for the Daily Mail
Published: 22:00, 10 January 2017 | Updated: 10:00, 11 January 2017


Tax officials are spying on eBay and Airbnb customers' accounts to obtain their names, addresses, bank account numbers and details of what they buy and sell online, Money Mail can reveal.
HM Revenue & Customs quietly acquired powers in September which allow it to snoop on anyone who uses so-called marketplace websites that connect buyers and sellers.
It means teams of investigators now have extensive access to websites such as Etsy — where craft-makers sell items like homemade cards and knitting — and eBay, as well as property and holiday letting sites including Booking.com and Airbnb.
+3



Target: Tax officials are spying on eBay and Airbnb customers' accounts to obtain their names, addresses, bank account numbers and details of what they buy and sell online

They can also see customers' online shopping and sales receipts with payment firms such as PayPal and Worldpay.
Under new laws, these websites can now be forced to hand over millions of customers' details whenever the taxman asks.
Officials don't need any evidence that you have done something wrong to see your data, nor need they ask your permission or inform you that they're snooping.
HMRC can feed this information into a sophisticated new computer system that flags up anyone who appears to be evading tax.
RELATED ARTICLES



The powers are part of a drive to catch tax cheats who make a tidy profit from so-called 'sharing economy' websites.
Millions of people are making cash online, thanks to a boom in such sites. These online marketplaces allow any number of sellers to flog goods, services — or even a room in their home.
The middleman site takes a small cut of the proceeds.
But accountants say many sellers do not realise they owe tax on the profits they make.
Accountants say many sellers do not realise they owe tax on the profits they make

Last year, around 870,000 people — including people making small sums online — failed to submit self-assessment returns before the January 31 deadline. The number for 2017 is expected to top a million.
Money Mail understands that HMRC has five major data analysis centres across Britain. According to its website, it has been hiring 'data analysts' and 'intelligence analysts' on salaries between £27,000 and £38,000.
Insiders say these officials can obtain detailed files on you, which include information on where you holiday and even how much cash you got for selling that old dining table on eBay.

They claim some of this comes from social media sites such as Facebook and business network LinkedIn.
Experts say the taxman is looking for internet sellers who make regular profits or run successful businesses, rather than part-time hobbyists.
But the crackdown will still concern those who sell second-hand furniture or handmade crafts, who may be snooped on even though they owe no tax at all.
Bill Dodwell, of accountancy Deloitte, says: 'Lots of the data will be for perfectly honest, straightforward transactions. But, in the middle of it, HMRC may find evidence of tax evasion.
'However, it will not be going after the small-time sellers, such as someone getting rid of an iPhone on eBay. It's looking for patterns.
'For example, if you are selling dozens every month, that would suggest you are running a business.'
+3



Clampdown: Selling a few unwanted household items on eBay or Gumtree could now bring you the attention of HMRC's snoopers

The law that lets the taxman check up on you
Under the laws passed last September, the taxman can force auction and payment sites to hand over your name, address, online username, email address, phone number, whether you are a registered business, your VAT number and national insurance number.
It can obtain your bank account details and even the branch where the account is held, as well as the value and volume of any transactions you have made.
The details can be added to a database called Connect, which already contains billions of pieces of information about you from government records, banks and building societies, the Land Registry and DVLA data.
Until recently, HMRC could demand information on people's online activity from sites such as eBay and classified ad site Gumtree only if it had launched an inquiry into an individual or had reason to suspect a business of evading tax.
However, the 'bulk' data collection rules introduced in the Finance Act in September let it bypass this requirement.
+3



Target: Experts say the taxman is looking for internet sellers who make regular profits

The Electronic Money Association (EMA) — which represents members such as eBay, Airbnb, PayPal and Worldpay — says the new powers are disproportionate and an administrative burden.
It claims that the powers mean HMRC can collect data monthly and use it for 'any purpose'. It is also concerned about customers' data being well-protected and their privacy safeguarded. Dr Thaer Sabri, chief executive of the EMA, says: 'Customers may see firms as facilitating an intrusive power.'
The taxman is consulting on plans to extend its powers to cover payment transfer services, such as MoneyGram, which lets you send money abroad.
Guy Smith, of Abbey Tax, which represents small business owners in tax investigations, says: 'In the same way that HMRC used to target cash traders, such as newsagents and fish and chip shops, it wants to root out hidden earnings on the internet.'
Mr Smith says the files that data analysts compile for inspectors on individuals include data from Facebook and LinkedIn.
For instance, if someone says they're a high-flying accountant on their CV on LinkedIn, but files a tax return mentioning only occasional consultancy work, it would raise suspicions.
We had a client who received a letter from HMRC detailing the number of transactions she had made on eBay and asking why she had not paid tax on them - Guy Smith, Abbey Tax

'Equally, if someone is flying off on luxury holidays, but claiming they earn £10,000 a year, that could raise a red flag,' he adds.
'We had a client who received a letter from HMRC detailing the number of transactions she had made on eBay and asking why she had not paid tax on them.'
Accountants say only the most active sellers are likely to be targeted in the crackdown. For example, someone who has sold an old sofa, a TV and a handful of clothes on eBay this year will not be affected.
And, from April, sellers running small businesses online will not be taxed on the first £1,000 they make.
However, the allowance will come too late for sellers filing tax returns this year, which covers earnings between April 2015 and April 2016.
A spokesman for HMRC says: 'This is about businesses who are trading without paying the tax they owe.

'Those who are declaring their income to HMRC as the law requires have nothing to worry about.'

...aaah, that old chestnut...
HMRC spies on what you buy and sell online with eBay and others thanks to new law | This is Money

Wonder how many points on one's social score is deducted for singing silly songs?

"A Frenchman Went To The Lavatory" Song Lyrics w/Free MP3 Download

Proposed law aims to curb insulting of heroes, war victims


More than 30 political advisers from the worlds of art, culture and entertainment have backed a proposal calling for a law to safeguard China's "national dignity".


The move comes after a series of incidents in which young Chinese people have been accused of disrespecting victims of the Nanjing Massacre by visiting memorials and other historic locations dressed as imperial Japanese soldiers.


"Making fun of a national disaster or people's pain challenges the bottom line of justice and human nature," He Yun'ao, a member of the National Committee of the 13th Chinese People's Political Consultative Conference, said during a group discussion on Thursday.


He, who is a history professor at Nanjing University in Jiangsu province, proposed drafting a law to deter such behavior. His motion was supported by other members, including Hong Kong movie star Jackie Chan.


According to official statistics, more than 300,000 people were killed in just six weeks after Japanese troops captured Nanjing on Dec 13, 1937.


This week, a man from Shanghai was detained for the second time in two months for offensive remarks online about those who lost their lives.


The 35-year-old, identified only as Meng, was held for 15 days in February for saying in a WeChat group that the massacre victims had deserved their fates. This month, he was detained for another eight days for recording a video outside the Memorial Hall for the Victims of the Nanjing Massacre to insult the netizens who reported him.


Also in February, two men wearing costumes designed to look like imperial Japanese military uniforms took selfies in front of a historic battlefield site in Nanjing.


Four men in similar outfits also posed for pictures in August outside Sihang Warehouse, a Shanghai landmark where Chinese soldiers held off invaders for days during the War of Resistance Against Japanese Aggression (1931-45).


Each incident resulted in a public outcry, yet current law defines such actions as disturbing public order, which carries a maximum punishment of 15 days in detention.


Foreign Minister Wang Yi denounced those who carry out such stunts as "scum" at a news conference on Thursday.


He Yun'ao, the history professor, said: "We must bring people's voices to the two sessions. Desecrating war heroes and excusing the Japanese forces' atrocities is a mockery to Chinese people's lasting resistance against the invaders. It insults our national dignity. I'm not targeting the individuals but looking for reasonable solutions."


Insulting the national flag, anthem or emblem are now crimes in China, and He said his proposed law would give "national dignity" equal status.


"We still need more solid legal references when talking about how to punish those who publicly promote fascism or Japanese militarism, or who insult revolutionary martyrs and national heroes," he added.


Actor and director Zhang Guangbei was among the political advisers who backed the proposal. To show his support, he quoted a line from his best-known role, as general Chu Yunfei in Drawing Sword: "National interests should come above all else."


TV director Zheng Xiaolong added that the unrealistic portrayals of combat in some recent Chinese productions made the war eight decades ago look like a game and had negatively influenced viewers' perceptions.


Feng Yuanzheng, an actor from Beijing People's Art Theatre, also endorsed the proposal and said the issue reflected problems in education.


"Offenders cannot be explained away as naive," he said. "It will harm our country if the young generation blindly admires foreign cultures. There should be rules to let people know where the red line is."


Proposed law aims to curb insulting of heroes, war victims - Chinadaily.com.cn