424 posts categorized "Government" Feed

Governors and Federal Agencies Are Blocking Nearly 1,300 Accounts on Facebook and Twitter

[Editor's note: today's guest blog post, by the reporters at ProPublica, highlights a little-known practice by some elected officials to block their constituents on social networking sites. Today's post is reprinted with permission.]

By Leora Smith and Derek Kravitz - ProPublica

Amanda Farber still doesn’t know why Maryland Gov. Larry Hogan blocked her from his Facebook group. A resident of Bethesda and full-time parent and volunteer, Farber identifies as a Democrat but voted for the Republican Hogan in 2014. Farber says she doesn’t post on her representatives’ pages often. But earlier this year, she said she wrote on the governor’s Facebook page, asking him to oppose the Trump administration’s travel ban and health care proposal.

She never received a response. When she later returned to the page, she noticed her comment had been deleted. She also noticed she had been blocked from commenting. (She is still allowed to share the governor’s posts and messages.)

Farber has repeatedly emailed and called Hogan’s office, asking them to remove her from their blacklist. She remains blocked. According to documents ProPublica obtained through an open-records request this summer, hers is one of 494 accounts that Hogan blocks. Blocked accounts include a schoolteacher who criticized the governor’s education policies and a pastor who opposed the governor’s stance against accepting Syrian refugees. They even have their own Facebook group: Marylanders Blocked by Larry Hogan on Facebook.

Hogan’s office says they “diligently adhere” to their social media policy when deleting comments and blocking users.

In August, ProPublica filed public-records requests with every governor and 22 federal agencies, asking for lists of everyone blocked on their official Facebook and Twitter accounts. The responses we’ve received so far show that governors and agencies across the country are blocking at least 1,298 accounts. More than half of those — 652 accounts — are blocked by Kentucky Governor Matt Bevin, a Republican.

Four other Republican governors and four Democrats, as well as five federal agencies, block hundreds of others, according to their responses to our requests. Five Republican governors and three Democrats responded that they are not blocking any accounts at all. Many agencies and more than half of governors’ offices have not yet responded to our requests. Most of the blocked accounts appear to belong to humans but some could be “bots,” or automated accounts.

When the administrator of a public Facebook page or Twitter handle blocks an account, the blocked user can no longer comment on posts. That can create an inaccurate public image of support for government policies. (Here’s how you can dig into whether your elected officials are blocking constituents.)

ProPublica made the records requests and asked readers for their own examples after we detailed multiple instances of officials blocking constituents.

We heard from dozens of people. The governors’ offices in Alaska, Maine, Mississippi, Nebraska and New Jersey did not respond to our requests for records, but residents in each of those states reported being blocked. People were blocked after commenting on everything from marijuana legislation to Medicaid to a local green jobs bill.

For some, being blocked means losing one of few means to communicate with their elected representatives. Ann-Meredith McNeill, who lives in western rural Kentucky, told ProPublica that Bevin rarely visits anywhere near her. McNeill said she feels like “the internet is all I have” for interacting with the governor.

McNeill said she was blocked after criticizing Bevin’s position on abortion rights. (Last January, Bevin’s administration won a lawsuit that resulted in closing one of Kentucky’s two abortion clinics, the event that McNeill says inspired her comment.)

In response to questions about its social media blocking policies, Bevin’s office said in a statement that “a small number of users misuse [social media] outlets by posting obscene and abusive language or images, or repeated off-topic comments and spam. Constituents of all ages should be able to engage in civil discourse with Governor Bevin via his social media platforms without being subjected to vulgarity or abusive trolls.” McNeill told ProPublica, “I’m sure I got sassy” but she made “no threats or anything.”

Almost every federal agency that responded is blocking accounts. The Department of Veterans Affairs blocked 18 accounts as of July, but said most were originally blocked before 2014. The blocked accounts included a Michigan law firm specializing in auto accident cases and a Virginia real estate consultant who told ProPublica she had “no idea why” she was blocked. The Department of Energy blocked eight accounts as of October. The Department of Labor blocked seven accounts. And the Small Business Administration blocked two accounts, both of which were unverified and claimed to be affiliated with government loan programs.

Many governors and agencies gave us only partial lists or rejected our requests altogether. Outgoing Kansas Gov. Sam Brownback’s office told us they would not share their block lists due to “privacy concerns for those people whose names might appear on it.” Alabama declined to provide public records because our request did not come from an Alabama citizen.

Missouri Gov. Eric Greitens’ office declined to share records from his Facebook or Twitter accounts, arguing they are not “considered to be the ‘official’ social media accounts of the Governor of Missouri” because he created them before he took office.

Increased attention on the issue of blocking seems to be having an impact. In September, the California-based First Amendment Coalition revealed that California Governor Jerry Brown, a Democrat, had blocked more than 1,500 accounts until June, shortly before the organization submitted a request for his social media records.

At some point before fulfilling the coalition’s request, Brown’s office unblocked every account.

Vermont Gov. Phil Scott, a Republican, blocked the activist group Indivisible Vermont on Twitter on Aug. 25. On Aug. 28, Vermont reporter Taylor Dobbs submitted a request for the governor’s full blocked list, shortly after ProPublica’s similar request. Later that day, Scott unblocked the group and released a statement saying the account was “misconstrued as spam.”

Wisconsin Gov. Scott Walker’s office unblocked at least two Facebook users after receiving ProPublica’s request. Here are screenshots they sent us showing that the users have been unblocked:

In the last year, a series of legal claims have called into question the legality of government officials blocking constituents on social media.

At least one federal district court held that government officials who block constituents are violating their First Amendment rights.

Constituents have pending lawsuits against the governors of Kentucky, Maine, and Maryland, as well as Representative Paul Gosar, R-Ariz., and President Trump.

We asked the White House, which is not subject to open-records laws, to disclose the list of people Trump is blocking. Officials there have not responded.

Filed under:

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Photos: December 7 Demonstration In Boston To Keep Net Neutrality

Demonstrations occurred nationwide on December 7 to save net neutrality. Citizens took to the streets to keep our internet services open. About 200 persons attended the demonstration in Boston on Boylston Street. It was encouraging to meet several students from local universities participating in the event. They understand the issue and its seriousness. Several A.C.L.U. members also participated:

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4910

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4897

Boylston Street, Boston. December 7, 2017. Keep net neutrality. Image 4904

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4900

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4905

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4908

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4906

Browse photos from other demonstrations nationwide on December 7. Contact your elected officials in Congress, and learn about the next day of action on December 12, 2017. More resources:


Futurism: Your Life Without Net Neutrality Protections

Federal communications Commission logo You've probably heard that Ajit Pai, the Chairman of the U.S. Federal Communications Commission (FCC), is leading his agency towards a vote on December 14, 2017 to kill net neutrality. How will consumers' online lives change? Futurism described what your online life will be like without net neutrality:

"You’re at work and want to check Facebook on your lunch break to see how your sister is doing. This is not exactly a straightforward task, as your company uses Verizon. You’re not about to ask your boss if they’d consider putting up the extra cash every month so that you can access social media in the office, so you’ll have to wait until you get home.

That evening, you log in to pay your monthly internet bill — or rather, bills.

See, there’s the baseline internet cost, but without net neutrality, you also have to pay a separate monthly fee for social media, another for "leisure" pages like Reddit and Imgur, and another still for liberal-leaning news sites — because your provider’s CEO is politically conservative. Not only is your bill confusing, you’re not sure you can really afford to access all these websites that, at one point in time, you took for granted.

In addition to the sites you can access if you pay for them, there are also websites that have just become lost to you. Websites that you once frequented, but that now, you aren’t even sure how to access anymore. You can’t even pay to access them. You used to like reading strange Wikipedia articles late at night and cruising for odd documentaries — but now, all those interests that once entertained and educated you in your precious and minimal free time are either behind yet another separately provided paywall or blocked entirely. You’ve started to ask around, see if your friends or coworkers with other providers have better access... but the story is pretty much always the same."

Net neutrality meme highlighting blocked content. Click to view larger version In short, without net neutrality:

  1. You will lose the freedom to use the internet bandwidth you've purchased monthly as you desire;
  2. Corporate internet service providers (ISPs) increase their their revenues and profits by adding tolls to each package in a sliced-and-diced approach to internet content;
  3. Your internet bill will become just as confusing, frustrating, and expensive as your cable-TV bill, where ISPs force you to buy several expensive packages of sites in order to access your favorite sites;
  4. The new, expensive tolls allow ISPs to decide what internet content you see and don't see. Sites or content producers unwilling to pay fees to ISPs will find their content blocked or relegated to "slow" speed lanes; and
  5. Both middle-class and poor online users will bear the brunt of the price increases.

If you think this can't happen in the United States, consider:

"Some countries are already living this reality. In New Zealand, Vodafone offers mobile internet packages that are comprised of different types of services. You might have to pay a certain amount to access social apps like Snapchat and Instagram, and a separate fee to chat with friends via Facebook Messenger and iMessage. A similar framework is used by Portugal’s MEO, where messaging, social media, music streaming, video streaming, and email are also split into separate packages.

Long ago, FCC Chairman Pai made his position clear. Breitbart News reported on April 28, 2017:

"Federal Communications Commission (FCC) Chairman Ajit Pai told Breitbart News in an exclusive interview that an open and free internet is vital for America in the 21st century. During a speech at the Newseum on Wednesday, Pai said he plans to roll back the net-neutrality regulations and to restore the light-touch regulatory system established by President Bill Clinton and Congressional Republicans by the 1996 Telecommunications Act... Chairman Pai said during his speech that the internet prospered before net neutrality was enacted... Breitbart News asked the FCC chief why he thinks that net neutrality is a problem, and why we must eliminate the rule. He said: "Number one there was no problem to solve, the internet wasn’t broken in 2015. In that situation, it doesn’t seem me that preemptive market-wide regulation is necessary. Number two, even if there was a problem, this wasn’t the right solution to adopt. These Title II regulations were inspired during the Great Depression to regulate Ma Bell which was a telephone monopoly. And the broadband market we have is very different from the telephone market of 1934. So, it seems to me that if you have 4,462 internet service providers and if a few of them are behaving in a way that is anti-competitive or otherwise bad for consumer welfare then you take targeted action to deal with that. You don’t declare the entire market anti-competitive and treat everyone as if they are a monopolist. Going forward we are going to propose eliminating that Title II classification and figure out the right way forward. The bottom line is, everyone agrees on the principles of a free and open internet what we disagree with is how many regulations are needed to preserve the internet." "

Note the language. Pai uses "free and open internet" to refer to freedoms for ISPs to do what they want; a slick attempt to co-opt language net neutrality proponentsused for freedoms for consumers go online where they want without additional fees. Pai's "Light touch" means fewer regulations for ISPS regardless of the negative consequences upon consumers. Pai's comments in April attempted to spin existing net neutrality laws as antiquated ("the telephone market of 1934"), when, in fact, net neutrality was established recently... in 2010. Even the same Breitbart News article admitted this:

"Net neutrality passed under former Democrat Tom Wheeler’s FCC in 2010."

Pai's exaggerations and falsehoods are astounding. Plenty of bogus claims by Pai and net neutrality critics. In January of this year, President Donald Trump appointed Ajit Pai, a former lawyer with Verizon, as the FCC Chairman. Earlier this year, CNN reported:

"More than 1,000 startups and investors have now signed an open letter to Pai opposing the proposal. The Internet Association, a trade group representing bigger companies like Facebook, Google, and Amazon, has also condemned the plan. "The current FCC rules are working for consumers and the protections need to be kept in tact," Michael Beckerman, president and CEO of the Internet Association, said at a press conference Wednesday."

Regular readers of this blog are aware that more than "a few" ISPs committed abused consumers and content producers. (A prior blog post listed many historical problems and abuses of consumers by some ISPs.) Also, consider this: Pai made his net-neutrality position clear long before the public submitted comments to the FCC this past summer. Sounds like he never really intended to listen to comments from the public. Not very open minded.

As bad it all of this sounds, it's even worse. How? An FCC Commissioner, 28 U.S. senators, and the New York State Attorney General (AG) have lobbied FCC Chairman Pai to delay the net neutrality vote planned by the FCC on December 14, due to clear and convincing evidence of the massive fraud of comments submitted to the FCC's online commenting system.

In short, the FCC's online comments system is corrupted, hacked, and unreliable. The group (e.g., FCC commissioner, 28 Senators, and NY State AG) also objects to the elimination of net neutrality on the merits.

The fraud evidence is pretty damning, but Chairman Pai seems intent upon going ahead with a vote to kill net neutrality despite the comments fraud. Why? How? Ars Technica reported on December 4th:

"FCC Chairman Ajit Pai says that net neutrality rules aren't needed because the Federal Trade Commission can protect consumers from broadband providers... When contacted by Ars, Pai's office issued this statement in response to the [delay request] letter: "This is just evidence that supporters of heavy-handed Internet regulations are becoming more desperate by the day as their effort to defeat Chairman Pai's plan to restore Internet freedom has stalled. The vote will proceed as scheduled on December 14."

I find the whole process deeply disturbing. First, only 28 U.S. Senators seem concerned about the massive comments fraud. Why aren't all 100 concerned? Second, why aren't any House members concerned? Third, President Trump hasn't said anything about it. (This makes one wonder if POTUS45 either doesn't care consumers are hurt, or is asleep at the wheel.) Elected officials in positions of responsibility seem willing to ignore valid concerns.

Logo-verizon-protestsMany consumers are concerned, and protests to keep net neutrality are scheduled for later today outside Verizon stores nationwide. What do you think?


The Limitations And Issues With Facial Recognition Software

We've all seen television shows where police technicians use facial recognition software to swiftly and accurately identify suspects, or catch the bad guys. How accurate is that? An article in The Guardian newspaper discussed the promises, limitations, and issues with facial recognition software used by law enforcement:

"The software, which has taken an expanding role among law enforcement agencies in the US over the last several years, has been mired in controversy because of its effect on people of color. Experts fear that the new technology may actually be hurting the communities the police claims they are trying to protect... "It’s considered an imperfect biometric," said Clare Garvie, who in 2016 created a study on facial recognition software, published by the Center on Privacy and Technology at Georgetown Law, called The Perpetual Line-Up. "There’s no consensus in the scientific community that it provides a positive identification of somebody"... [Garvie's] report found that black individuals, as with so many aspects of the justice system, were the most likely to be scrutinized by facial recognition software in cases. It also suggested that software was most likely to be incorrect when used on black individuals – a finding corroborated by the FBI's own research. This combination, which is making Lynch’s and other black Americans’ lives excruciatingly difficult, is born from another race issue that has become a subject of national discourse: the lack of diversity in the technology sector... According to a 2011 study by the National Institute of Standards and Technologies (Nist), facial recognition software is actually more accurate on Asian faces when it’s created by firms in Asian countries, suggesting that who makes the software strongly affects how it works... Law enforcement agencies often don’t review their software to check for baked-in racial bias – and there aren’t laws or regulations forcing them to."


Lower Tax Rate And Fewer Deductions. Questionable Help For Middle Class Taxpayers

Yesterday, I received an alert from the professional that prepares my income taxes:

"Dear Clients,
I know that Congress has not yet finalized the new tax law, but it looks pretty certain that Certain Miscellaneous Deductions will no longer be allowed in 2018. If you want to know if that affects you, see if there is an entry on your Schedule A, Line 27 from 2016. If you take the standard deduction, then don’t worry about it. These deductions include expenses for using your car on the job, un-reimbursed overnight travel and meals, union dues, uniforms, tools, and job training/education.

Some of my clients have huge union dues (police officers, carpenters, electricians, etc.) and others have Second Job Travel or 10-30,000 miles a year in their sales jobs. Every one of you will be hurt by this change.

If there are any expenses you can pay in December, be sure to do that so you can save 15 - 25% on your federal taxes... maybe even more. For example, do you have the option of paying your annual union dues all at once in December? Were you planning to buy a computer used for your job sometime soon? Is there a job-related course... or some tools and supplies... that you can pay for in December rather than next year? Remember... every $100 that you pay in December will save you $15 to $33 in taxes when we meet in a couple months...”

If you haven't consulted with your tax advisor, then now seems to be a good time to do so. I am not an income tax professional, and this blog post is informational.

Many people return to school to get better, high-paying jobs, or as required by their profession. The tax code allows companies to deduct expenses for business and trade associations, so why prevent union members from doing so? It seems that taxpayers with plenty of miscellaneous deductions will be hurt more than persons with fewer or no deductions.

And Republicans are probably hoping that voters won't notice nor feel the pain until after the 2018 elections. President Trump and the Republications promised to help the middle class and poor with tax reform, but the above impacts don't seem helpful. The benefits of lower tax rates are offset by the lost deductions. To use an old saying, that seems like Congress and Republicans are giving taxpayers, "the sleeves off their vests."

You might say this is a "mugging" of many taxpayers. What are your opinions?


'Tens Of Thousands' Of Fake Comments Submitted. New York State Attorney General Demands Answers From the FCC

Just before the Thanksgiving holiday, the attorney general for the New York State sent an open letter to the U.S. Federal Communications Commission (FCC) about fake comments submitted to the agency's online comments system. Eric T. Schneiderman directed his letter to FCC Chairman Ajit Pai. It read in part:

"Recent press reports suggest that the Federal Communications Commission (FCC), under your leadership, soon will release rules to dismantle your agency’s existing “net neutrality” protections under Title II of the Communications Act, which shield the public from anti-consumer behaviors of the giant cable companies that provide high-speed internet to most people... Yet the process the FCC has employed to consider potentially sweeping alterations to current net neutrality rules has been corrupted by the fraudulent use of Americans’ identities — and the FCC has been unwilling to assist my office in our efforts to investigate this unlawful activity.

Specifically, for six months my office has been investigating who perpetrated a massive scheme to corrupt the FCC’s notice and comment process through the misuse of enormous numbers of real New Yorkers’ and other Americans’ identities. Such conduct likely violates state law— yet the FCC has refused multiple requests for crucial evidence in its sole possession that is vital to permit that law enforcement investigation to proceed.

In April 2017, the FCC announced that it would issue a Notice of Proposed Rulemaking concerning repeal of its existing net neutrality rules. Federal law requires the FCC and all federal agencies to take public comments on proposed rules into account — so it is important that the public comment process actually enable the voices of the millions of individuals and businesses who will be affected to be heard. That’s important no matter one’s position on net neutrality, environmental rules, and so many other areas in which federal agencies regulate.

In May 2017, researchers and reporters discovered that the FCC’s public comment process was being corrupted by the submission of enormous numbers of fake comments concerning the possible repeal of net neutrality rules. In doing so, the perpetrator or perpetrators attacked what is supposed to be an open public process by attempting to drown out and negate the views of the real people, businesses, and others who honestly commented on this important issue. Worse, while some of these fake comments used made up names and addresses, many misused the real names and addresses of actual people... My office analyzed the fake comments and found that tens of thousands of New Yorkers may have had their identities misused in this way... Impersonation and other misuse of a person’s identity violates New York law, so my office launched an investigation... So in June 2017, we contacted the FCC to request certain records related to its public comment system that were necessary to investigate which bad actor or actors were behind the misconduct. We made our request for logs and other records at least 9 times over 5 months: in June, July, August, September, October (three times), and November.

We reached out for assistance to multiple top FCC officials, including you, three successive acting FCC General Counsels, and the FCC’s Inspector General. We offered to keep the requested records confidential, as we had done when my office and the FCC shared information and documents as part of past investigative work. Yet we have received no substantive response to our investigative requests. None."

According to an analysis by the New York State AG's office, "tens of thousands" of fraudulent comment were submitted affecting residents not only in New York but also in California, Georgia, Missouri, Ohio, Pennsylvania, and Texas. Clearly, this is both very troubling and unacceptable.

The FCC is supposed to accept comments without tampering and to weigh comments submitted by the public (e.g., consumers, businesses, technology experts, legal experts, etc.) equally to arrive at a decision based upon the majority of comments. If a sizeable portion of the comments submitted were fraudulent, then any FCC decision to kill net neutrality is (at best) both flawed and in error; and (at worst) illegal and undermines both the process and the public's trust.

AG Schneiderman's letter to the FCC is also available on the Medium site. It is most puzzling that the FCC and Chairman Pai have refused data requests since June. What are they hiding? The FCC must balance often competing needs of consumers and industry.

Consumers are very concerned about plans by the FCC to kill net neutrality. Consumers are concerned that their internet needs are not being addressed by the FCC, and that our monthly broadband costs will rise. There is so much concerns that protests are scheduled for December 7th outside Verizon stores. Killing net neutrality may be great for telecom and providers' profits, but it's bad for consumers.

Clearly, the FCC should not make any decisions regarding net neutrality, or any other business, until the fake comments allegations have been answered and resolved. And, an investigation should happen soon. As AG Schneiderman wrote:

"We all have a powerful reason to hold accountable those who would steal Americans’ identities and assault the public’s right to be heard in government rulemaking. If law enforcement can’t investigate and (where appropriate) prosecute when it happens on this scale, the door is open for it to happen again and again."

Democracy and consumers lose if the FCC kills net neutrality. What do you think?


Security Researcher Finds Unprotected Voter Files Online Affecting Up To 1.8 Million Chicagoans

While looking for unprotected data in cloud storage services, a security researcher found unprotected information for as many as 1.8 million voters in Chicago. CBS Chicago reported:

"It was Friday Aug. 11 in Silicon Valley. John Hendren, a marketing representative for IT security firm UpGuard, was looking for insecure data in the cloud. He randomly plugged in "Chicago … db," for “Chicago database,” and hit the jackpot. He found names, addresses, birth dates, driver’s license numbers and the last four digits of Social Security numbers for up to 1.8 million Chicago voters..."

How the breach happened:

"Chicago’s vendor is ES&S, out of Omaha, Nebraska. The company has been paid more than $5 million since 2014 by the Chicago Board of Elections. The company placed the data folder on Amazon Web Services (AWS) with the wrong security settings, Tom Burt, the firm’s CEO, recently told Chicago officials. Burt says managers missed the gaffe, and the database remained online for six months, until UpGuard found it. Company officials say they don’t believe the information ended up on the “dark web” for identity thieves to attain..."

The CBE's breach notice (Adobe PDF) provided a more complete list of the data elements exposed:

"... The personal information contained in the back-up files included voter names, addresses, and dates of birth, and many voters’ driver’s license and State ID numbers and the last four digits of Social Security numbers. Upon discovery of the Incident, ES&S promptly took the AWS server off-line, secured the back-up files, and commenced a forensics investigation. ES&S also hired two specialized third-party vendors to conduct searches to determine whether any personal information stored on the back-up files was available on the Dark Web. The results of ES&S’ investigations have not uncovered any evidence that any voter’s personal information stored on the AWS server was misused..."

This is bad for several reasons. First, the data elements exposed or stolen are enough for cyber criminals to do sufficient damage to breach victims. Second, just because the post-breach investigation didn't find misuse of data doesn't mean there wasn't any. It simply means they didn't find any misuse.

Third, it would be unwise to assume that the breach wasn't that bad because only the last 4 digits of Social Security numbers were exposed. Security researchers have known for a long time that Social Security numbers are easy to guess:

"... a crook need only figure out where and when you were born--information often easily found on social networking sites like Facebook--to guess your number in as few as 1000 tries... Social Security numbers were never meant to be used for widespread identification. They were conceived solely to track taxes and benefits... Every Social Security number starts with three digits known as an "area number." Smaller states might have only one, whereas New York, for example, has 85. The next two digits are "group numbers," which can be anything from 01-99, but don't correspond to anything specific. The last four digits, the "serial number," are assigned sequentially..."

So, it's long past time to stop using the last four digits of Social Security numbers as identification. Fourth, the incident makes one wonder when -- if ever -- the unprotected data folder would have been discovered by ES&S or CBE, if the security researcher hadn't found it. That's unsettling. It calls into question the security methods and managerial oversight at ES&S.

This isn't the first breach at the Chicago Board of Elections (CBE). A CBE breach in 2012 exposed the sensitive personal information of at least 1,000 voters, after initial reports estimated the number of affected voters at 1.7 million. Before that, the CBE faced several lawsuits in 2007 claiming negligence after:

"... it distributed more than 100 computer disks containing Social Security numbers and other personal data on more than 1.3 million voters to alderman and ward committee members."

Reportedly, in 2016 foreign cyber criminals hacked the Illinois Board of Elections' voter registration system. A similar attack happened in Arizona. The main takeaway: voter registration databases are high-value targets.

So, strong data security measures and methods seem wise; if not necessary. The latest incident makes one wonder about: a) the data security language and provisions in CBE's outsourcing contract with ES&S, and b) the agency's vendor oversight.

Will Chicago residents demand better data security? I hope so. What do you think?


Survey: United States Citizens Don't Know Their Basic Constitutional Rights

The Annenberg Public Policy Center (APPC) announced the results of its latest annual Constitution Day Civics Survey -- how well United States citizens know their Constitutional rights. The latest survey was conducted August 9 to 13 and included 1,013 adults. Main findings:

"1. More than half of Americans (53 percent) incorrectly think it is accurate to say that immigrants who are here illegally do not have any rights under the U.S. Constitution;

2. More than a third of those surveyed (37 percent) can’t name any of the rights guaranteed under the First Amendment; and

3. Only a quarter of Americans (26 percent) can name all three branches of government."

About the rights of undocumented immigrants, the incorrect belief is held by more conservatives (67 percent) compared to moderates (48 percent) and liberals (46 percent). The APPC explained:

"In fact, immigrants who are in the United States illegally share some constitutional protections with U.S. citizens. More than a century ago, in Yick Wo v. Hopkins (1886), a case involving a Chinese immigrant, the Supreme Court ruled that non-citizens were entitled to due process rights under the 14th Amendment’s equal protection clause. Other cases have expanded upon those rights..."

A tiny bit of good news in the survey results:

"Most respondents, though not all, know that under the Constitution, U.S. citizens who are atheists or Muslim have the same rights as all other citizens. Seventy-nine percent of respondents know it is accurate to say that U.S. citizens who are atheists have the same rights as other citizens, and 76 percent know it is accurate to say that citizens who are Muslim have the same rights as other citizens."

About how well (or not) citizens' know their rights under the First Amendment (bold emphasis added):

"Nearly half of those surveyed (48 percent) say that freedom of speech is a right guaranteed by the First Amendment. But, unprompted, 37 percent could not name any First Amendment rights. And far fewer people could name the other First Amendment rights: 15 percent of respondents say freedom of religion; 14 percent say freedom of the press; 10 percent say the right of assembly; and only 3 percent say the right to petition the government... Contrary to the First Amendment, 39 percent of Americans support allowing Congress to stop the news media from reporting on any issue of national security without government approval. That was essentially unchanged from last year..."

So, many Americans fail to understand the law of the land -- the U.S. Constitution -- and some naively (or stupidly) support actions to restrict their rights.

Are things getting better or worse? In a 2011 survey by the APPC, barely half of United States citizens (51 percent) knew that a two-thirds majority vote by Congress is needed to overturn a presidential veto. In a 2015 survey by the APPC, about one in ten Americans (12 percent) said that the Bill of Rights guarantees pet ownership. It doesn't. A quick comparison across the years:

Survey Result (% of People) 2011 2015 2017
Correctly named all 3 branches of government 38 31 26
Unable to name 1 branch of government 33 32 33

Kathleen Hall Jamieson, director of the Annenberg Public Policy Center (APPC) of the University of Pennsylvania said:

"Protecting the rights guaranteed by the Constitution presupposes that we know what they are. The fact that many don’t is worrisome... These results emphasize the need for high-quality civics education in the schools and for press reporting that underscores the existence of constitutional protections."

I agree. These results are embarrassing, too. What do you think?


Experts Say the Use of Private Email by Trump’s Voter Fraud Commission Isn’t Legal

[Editor's note: today's guest post is by the reporters at ProPublica. It is reprinted with permission.]

By Jessica Huseman, ProPublica

President Donald Trump’s voter fraud commission came under fire earlier this month when a lawsuit and media reports revealed that the commissioners were using private emails to conduct public business. Commission co-chair Kris Kobach confirmed this week that most of them continue to do so.

Experts say the commission’s email practices do not appear to comport with federal law. "The statute here is clear," said Jason R. Baron, a lawyer at Drinker Biddle and former director of litigation at the National Archives and Records Administration.

Essentially, Baron said, the commissioners have three options: 1. They can use a government email address; 2. They can use a private email address but copy every message to a government account; or 3. They can use a private email address and forward each message to a government account within 20 days. According to Baron, those are the requirements of the Presidential Records Act of 1978, which the commission must comply with under its charter.

"All written communications between or among its members involving commission business are permanent records destined to be preserved at the National Archives," said Baron. "Without specific guidance, commission members may not realize that their email communications about commission business constitute White House records."

ProPublica reviewed dozens of emails to and from members of the commission as well as written directives on records retention. The commissioners appear to have been given no instructions to use government email or copy or forward messages to a government account.

Commissioner Matthew Dunlap, the secretary of state for Maine, confirmed that he’d received no such directives. "That’s news to me," he said, when read the PRA provision governing emails. "I think it would be a little cleaner if I had a us.gov email account."

Dunlap’s account is disputed by Andrew Kossack, the executive director of the commission. Kossack said attorneys from the Government Services Administration provided training on the PRA before the commission’s first meeting on July 19. Kossack provided a copy of the PowerPoint presentation. However, the word "email" appears in only a single slide — with no mention of anything relating to the use of government email.

Notably, the commission did not receive any training in records retention until the July 19 meeting, even though the commission was formed in May and had been actively engaged in commission business.

Indeed, the commission had kicked into high gear on June 28, when it sent a letter to all 50 secretaries of state requesting publicly available voter rolls. The response was swift and negative, and commissioners began receiving a wave of messages from election officials and the public.

Despite this, the commissioners were offered no instructions then on how to preserve communications. Baron said such messages would presumptively be considered presidential records, and "the obligation to preserve such records would have arisen on day one."

In a statement, Kossack denied there is an obligation to provide commissioners with government email addresses. He maintained that the commission is required only to "preserve emails and other records related to work on commission matters, regardless of the forum on which the records are created or sent, which the commission and its members are doing."

After the commission’s most recent meeting, on Tuesday, Kobach confirmed that he plans to continue to use his personal Gmail account to conduct commission business. Using his Kansas secretary of state email address, he said, would be a "waste of state resources" as he’s acting as a private citizen on the commission and not in his role as secretary of state.

Dunlap has interpreted the requirements differently. He’s trying to ensure his state email account is used so that emails can be made available to constituents under Maine state law. Even this is a struggle, he said, asserting that commissioners continue to email him at his personal account despite multiple requests that they send email to his government account.

"I really don’t understand why they keep using my personal Gmail account instead of my official state email. But I’m saving everything!" Dunlap wrote to himself on August 7, when he forwarded a communication from the commission to his government address. He has, it appears, continued to immediately forward all emails sent to his personal address by the commission to his state address.

At ProPublica’s request, Dunlap shared every email he has received or sent relating to the commission. The majority went to personal email accounts.

At their recent meeting in New Hampshire, Kossack provided commissioners printed instructions on how to retain their own emails related to a lawsuit filed against the commission by the Lawyers Committee for Civil Rights Under Law.

Dunlap said these instructions are the only written set of instructions on records retention he recalls receiving. (The instructions leave records retention entirely to the discretion of each member of the commission, which Dunlap said concerns him.)

Past commissions with similar missions were not allowed such wide discretion. The Presidential Commission on Election Administration, formed by the Obama administration in March 2013, provided ethics and records retention training days after commissioners were nominated. Each commissioner was provided with a federal email address that automatically archived all messages. PCEA documents show extensive, specific instructions on records retention and compliance with FACA.

Richard Painter, who served as the George W. Bush administration’s chief ethics lawyer from 2005 to 2007, expressed shock that the current commission is being allowed to rely on personal email accounts (which are to be forwarded to Kossack at their discretion). "This is just sloppy," he said, adding that waiting more than two months to offer ethics training was just another sign that the Trump administration "doesn’t take ethics training seriously."

One footnote: Among the emails provided by Dunlap was a message from Carter Page, a former policy adviser to the Trump campaign who has reportedly attracted the attention of investigators probing the Russia imbroglio. Page sent an email on July 5 to three accounts associated with Kobach and cc’d Dunlap, New Hampshire Secretary of State Bill Gardner and Indiana Secretary of State Connie Lawson. In it, he implored the commission to investigate "the Obama administration’s misuse of federal resources of the Intelligence Community in their unjustified attacks on myself and other volunteers who peacefully supported [Trump’s] campaign as private citizens."

"The work of your commission offers an essential opportunity to take further steps toward helping to further restore the integrity of the American democracy following their abuses of last year," he wrote.

There is no evidence this email was forwarded to a federal email account. Page, Kossack and Kobach did not respond to requests for comment about the email.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


The Equifax Breach: Several Investigations Underway

The Office of the Attorney General (AG) for the State of Nevada announced yesterday an investigation into the Equifax data breach. About 143 million persons were affected. The announcement stated:

"The breach, which took place from mid-May through July of this year, neglected to keep important personal identifying information safe and allowed hackers to access names, Social Security numbers, birth dates, addresses and even some driver’s license numbers. As a result of this breach, approximately 209,000 individuals throughout the country are estimated to have had their credit card numbers stolen."

Nevada AG Adam Paul Laxalt said:

"As a part of my commitment to safeguard the identities and personal information of Nevadans, my office will be working diligently with other states to investigate the cause of the Equifax breach... I encourage Nevadans to contact Equifax to determine whether their data was compromised, and to consider taking additional steps to protect themselves."

The statement did not mention the other states the Nevada AG's Office is working with. Residents of Nevada should read the announcement which lists specific actions consumers in that state should take to protect themselves.

The Attorney General for the State of New York announced on September 8 both an investigation into the Equifax data breach and a consumer alert:

"Under New York law, businesses with New York customers are required to inform customers and the Attorney General’s Office about security breaches that have placed personal information in jeopardy. The Attorney General’s Office investigates data breaches to determine if customers were properly notified of the breach and if the entity had appropriate safeguards in place to protect customers’ data..."

The consumer alert portion of the announcement:

"1) Check your credit reports from Equifax, Experian, and TransUnion by visiting annualcreditreport.com. Accounts or activity that you do not recognize could indicate identity theft. This is a free service; 2) Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. It will not prevent a thief from using any of your existing accounts; 3) Monitor your existing credit card and bank accounts closely for unauthorized charges. Call the credit card company or bank immediately about any charges you do not recognize; and 4) Since Social Security numbers were affected, there is risk of tax fraud. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Consider filing your taxes early and pay close attention to correspondence from the IRS."

Annulacreditreport.com is the official site for free credit reports.  The U.S. Federal Trade Commission (FTC) issued new rules in 2010 which addressed consumer confusion in the marketplace about sites offering free credit reports. When using unofficial sites, some consumers found the "free" credit reports weren't truly free because they included expensive subscriptions to credit monitoring services.

On September 11, the New York AG's issued a warning about cyber attacks resulting from the Equifax breach:

"In addition to taking measures to protect their credit cards and bank accounts, New Yorkers should also think twice before clicking on any suspicious [e-mail] links claiming to be from Equifax or financial institutions... Hackers are resourceful criminals who are constantly looking to exploit any vulnerabilities... New Yorkers should be on the lookout for these possible attacks: a) Phishing emails that claim to be from Equifax where you can check if your data was compromised; b) Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information; c) Calls from scammers that claim they are from your bank or credit union..."

Also, the Los Angeles Times confirmed an investigation by the U.S. Federal Trade Commission (FTC):

"The FTC’s disclosure of an ongoing probe is highly unusual, underscoring the enormous stakes involved in the incident affecting what amounts to half the country."

The news report cited comments by Peter Kaplan, the agency’s acting director of public affairs. So far, little is known which aspects of the breach the FTC is investigating.

No doubt, there is more news to come.


What We Know -- And Don't Know -- About Hate Crimes in America

[Editor's Note: today's guest blog post explores the problem of hate crimes. Recent surveys about harassment found that what happens online often doesn't stay online. Hopefully, future reports by ProPublica will explore the linkages. Today's blog post is reprinted with permission.]

By Rachel Glickhouse, ProPublica

"Go home. We need Americans here!" white supremacist Jeremy Joseph Christian yelled at two black women -- one wearing a hijab -- on a train in Portland, Oregon, in May. According to news reports, when several commuters tried to intervene, he went on a rampage, stabbing three people. Two of them died.

If the fatal stabbing was the worst racist attack in Portland this year, it was by no means the only one. In March, Buzzfeed reported on hate incidents in Oregon and the state's long history as a haven for white supremacists. Some of the incidents they found were gathered by Documenting Hate, a collaborative journalism project we launched earlier this year.

Documenting Hate is an attempt to overcome the inadequate data collection on hate crimes and bias incidents in America. We've been compiling incident reports from civil-rights groups, as well as news reports, social media and law enforcement records. We've also asked people to tell us their personal stories of witnessing or being the victim of hate.

It's been about six months since the project launched. Since then, we've been joined by more than 100 newsrooms around the country. Together, we're verifying the incidents that have been reported to us -- and telling people's stories.

We've received thousands of reports, with more coming every day. They come from cities big and small, and from states blue and red. People have reported hate incidents from every part of their communities: in schools, on the road, at private businesses, in the workplace. ProPublica and our partners have produced more than 50 stories using the tips from the database, from New York to Seattle, Minneapolis to Phoenix. Some examples:

Univision, HuffPost, and The New York Times opinion section identified a common thread in the reports we've received in which people of color are harassed "Go back to your country." This type of harassment affects both immigrants and U.S. citizens alike, reporters found.

Several stories published by our partners focused on racial harassment on public transportation, using tips to illustrate something officials were also seeing. The New York City Commission on Human Rights observed a 480 percent increase in claims of discriminatory harassment between 2015 and 2016, according to The New York Times Opinion section. The Massachusetts Bay Transportation Authority recorded 24 cases of offensive graffiti through April, compared to 35 in all of last year, the Boston Globe found. Univision covered multiple incidents involving Latinos targeted in incidents on the New York City subway.

Combing through our database, Buzzfeed discovered there were dozens of reported incidents in K-12 schools in which students cited President Donald Trump's name or slogans to harass minority classmates. This echoed a pattern Univision had reported on: In November, the Teaching Tolerance project at the Southern Poverty Law Center received more than 10,000 responses to an educator survey indicating an uptick in anti-Semitic, anti-Muslim and anti-immigrant activity in schools.

Our local partners reported on how hate incidents affect communities across the country: anti-Semitic graffiti in Phoenix, Islamophobia in Minneapolis, racist vandalism and homophobic threats in Seattle, white supremacist activity at a California university, racist harassment and vandalism in Boston, racism in the workplace in New Orleans, and hate incidents throughout Florida.

There are a few questions for which answers continue to elude us: How many hate crimes happen each year, and why is the record keeping so inadequate?

The FBI, which is required to track hate crimes, counts between 5,000 and 6,000 of them annually. But the Bureau of Justice Statistics estimates the total is closer to 250,000. One explanation for the gap is that many victims -- more than half, according to a recent estimate -- don't report what happened to them to police.

Even if they do, law enforcement agencies aren't all required to report to the FBI, meaning their reports might never make it into the national tally. The federal government is hardly a model of best practices; many federal agencies don't report their data, either -- even though they're legally required to do so.

We'll spend the next six months continuing to tackle these questions and more. And we and our partners will keep working our way through the tips in our database, telling people's stories and doing our best to understand what's happening.

There are ways that you can help us move the project forward:

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


The Consequences From Unchecked Development Without Zoning Laws

While there has been plenty of news about hurricane Harvey and the flood in Houston, there hasn't been much news about an important, related issue which affects all taxpayers. This report by the QZ site highlights the consequences of unchecked development while ignoring environmental concerns:

"... Houstonians have been treating its wetlands as stinky, mosquito-infested blots in need of drainage. Even after it became a widely accepted scientific fact that wetlands can soak up large amounts of flood water, the city continued to pave over them. The watershed of the White Oak Bayou river, which includes much of northwest Houston, is a case in point. From 1992 to 2010, this area lost more than 70% of its wetlands, according to research (pdf) by Texas A&M University."

Unchecked development affects all taxpayers when federal bailout money is spent to repair the damage in areas subject to repeated, frequent floods:

"... the flooding caused by Hurricane Harvey has raised water levels in some parts of the watershed high enough to completely cover a Cadillac. The vanished wetlands wouldn’t have prevented flooding, but they would have made it less painful, experts say. The Harvey-wrought devastation is just the latest example of the consequences of Houston’s gung-ho approach to development. The city, the largest in the US with no zoning laws, is a case study in limiting government regulations and favoring growth—often at the expense of the environment. As water swamps many of its neighborhoods, it’s now also a cautionary tale of sidelining science and plain common sense..."

The consequences from lax laws favoring unchecked development:

"Wetland loss... The construction of flood-prone buildings in flood plains is another one: The elderly residents of La Vita Bella, a nursing home in Dickinson, east of Houston, were up to their waists in water before they got rescued. The home is within the Federal Emergency Management Agency’s (FEMA) designated flood zone... too few people have flood insurance. Although federal rules require certain homeowners to carry it, those rules are based on outdated flood data. Only a little over a quarter of the homes in “high risk” areas in Harris County, where Houston sits, have flood insurance."

So, not everyone who should be is paying their fair share (via flood insurance). And, it seems that things will get worse. All of the above was:

"... before [President] Trump came into office and started removing layers of regulation. Just 10 days before Harvey struck, the president signed an executive order that rescinded federal flood protection standards put in place by his predecessor, Barack Obama. FEMA and the US Housing and Urban Development Department, the two federal agencies that will handle most of the huge pile of cash expected for the rebuilding of Houston, would have been forced to require any rebuilding to confirm to new, safer codes. Now, they won’t."

Lax laws allowing the repair and construction of new buildings in high-risk areas subject to repeated flooding sounds foolish. It's basically throwing taxpayers' hard-earned money out the window. Do you want to pay for this? I don't. A few local developers may get rich, but at the expense of taxpayers nationwide.

There are always consequences -- intended and unintended. Be sure to demand that your elected officials consider and understand them.


Experts Call For Ban of Killer Robotic Weapons

116 robotics and artificial intelligence experts from 26 countries sent a letter to the United Nations (UN) warning against the deployment of lethal autonomous weapons. The Guardian reported:

"The UN recently voted to begin formal discussions on such weapons which include drones, tanks and automated machine guns... In their letter, the [experts] warn the review conference of the convention on conventional weapons that this arms race threatens to usher in the “third revolution in warfare” after gunpowder and nuclear arms... The letter, launching at the opening of the International Joint Conference on Artificial Intelligence (IJCAI) in Melbourne on Monday, has the backing of high-profile figures in the robotics field and strongly stresses the need for urgent action..."

The letter stated in part:

"Once developed, lethal autonomous weapons will permit armed conflict to be fought at a scale greater than ever, and at timescales faster than humans can comprehend. These can be weapons of terror, weapons that despots and terrorists use against innocent populations, and weapons hacked to behave in undesirable ways."

"We do not have long to act. Once this Pandora’s box is opened, it will be hard to close."

This is not science fiction. Autonomous weapons are already deployed:

"Samsung’s SGR-A1 sentry gun, which is reportedly technically capable of firing autonomously but is disputed whether it is deployed as such, is in use along the South Korean border of the 2.5m-wide Korean Demilitarized Zone. The fixed-place sentry gun, developed on behalf of the South Korean government, was the first of its kind with an autonomous system capable of performing surveillance, voice-recognition, tracking and firing with mounted machine gun or grenade launcher... The UK’s Taranis drone, in development by BAE Systems, is intended to be capable of carrying air-to-air and air-to-ground ordnance intercontinentally and incorporating full autonomy..."

Ban, indeed. Your thoughts? Opinions? Reaction?


Homeowners Receive $6.3 Million In Refunds Due To Improper Charges By Insurance Company

Assurant logo Last week, the Attorney General's office for the Commonwealth of Massachusetts announced the results of a post-settlement agreement audit with American Security Insurance Company, a subsidiary of Assurant, Inc., where homeowners in the state will receive $6.3 million in refunds for improper "forced-place insurance" charges. The announcement explained:

"Force-placed insurance is a type of property insurance that mortgage servicers can purchase on behalf of borrowers if they fail to maintain adequate homeowners insurance coverage on mortgaged properties. Mortgage servicers often hire insurance companies like Assurant to monitor whether borrowers are maintaining adequate homeowners insurance coverage and to issue force-placed insurance policies when appropriate homeowners coverage is not in place.

Premiums for force-placed policies are high—often two or three times as expensive as regular homeowners insurance—and the coverage provided is quite limited. Some mortgage servicers accept commission payments from force-placed insurers, which contribute to the high cost of force-placed insurance and create conflicts of interest for mortgage servicers."

The settlement agreement was first announced in November, 2015. The latest announcement described the results of the audit:

"Although force-placed insurance is only intended for circumstances in which the borrower has failed to adequately insure the mortgaged property, the Attorney General’s audit of Assurant found thousands of cases of duplicative insurance coverage for Massachusetts homeowners. Borrowers eligible for settlement money were previously required by their mortgage servicer to purchase force-placed insurance from Assurant, or were overcharged for force-placed insurance because they were mistakenly sold commercial policies rather than less expensive residential policies..."

4,500 homeowners were improperly charged. The average refund per homeowner is about $1,400. Refund checks were mailed last week to affected homeowners.


Google And Massachusetts Transportation Department Provide GPS Signals In Tunnels

Smartphone users love their phones. That includes Global Positioning System (GPS) navigation services for driving directions. However, those driving directions don't work in tunnels where phones can't get GPS signals. That is changing.

Google and the Massachusetts Department of Transportation (MassDOT) have entered a partnership to provide GPS navigation services for drivers inside tunnels. If you've familiar with Boston, then you know that portions of both Interstate 93 and the Massachusetts Turnpike include tunnels. The ABC affiliate in Boston, WCVB reported last month that the partnership, part of the Connected Citizens Program, will:

"... install beacons inside Boston's tunnels to help GPS connection stay strong underground. Around 850 beacons are being installed, free of charge, as a part of an ongoing partnership between the state and the traffic app... Installation is scheduled to be complete by the end of July... The beacons are not limited to improving their own app's signal. As long as you are using Bluetooth, they are able to help improve any traffic app's connection."

For those unfamiliar with the technology, beacons are low-powered transmitters which, in this particular application, are installed in the tunnels' walls and provide geographic location information usable by drivers' (or passengers') smartphones passing by (assuming the phones' Bluetooth features are enabled).

Bluetooth beacons are used in a variety of applications and locations. The Privacy SOS blog explained:

"... They’re useful in places where precise location information is necessary but difficult to acquire via satellite. For that reason, they’ve been field tested in museums such as New York’s Metropolitan Museum of Art and airports like London Gatwick. At Gatwick, beacons deliver turn-by-turn directions to users’ phones to help them navigate the airport terminals..."

Within large airports such as Gatwick, the technology can present more precise geolocation data of nearby dining and shopping venues to travelers. According to Bluetooth SIG, Inc., the community of 30,000 companies that use the technology:

"The proliferation and near universal availability of Bluetooth® technology is opening up new markets at all ends of the spectrum. Beacons or iBeacons—small objects transmitting location information to smartphones and powered by Bluetooth with low energy—make the promise of a mobile wallet, mobile couponing, and location-based services possible... The retail space is the first to envision a future for beacons using for everything from in-store analytics to proximity marketing, indoor navigation and contactless payments. Think about a customer who is looking at a new TV and he/she gets a text with a 25 percent off coupon for that same TV and then pays automatically using an online account..."

iBeacons are the version for Apple branded mobile devices. All 12 major automobile makers offer hands-free phone calling systems using the technology. And, social network giant Facebook has developed its own proprietary Bluetooth module for an undisclosed upcoming consumer electronics device.

So, the technology provides new marketing and revenue opportunities to advertisers. TechCrunch explained:

"The Beacons program isn’t looking to get help from individual-driver Wazers in this case, but is looking for cities and tunnel owners who might be fans of the service to step up and apply to its program. The program is powered by Eddystone, a Bluetooth Low Energy beacon profile created by Google that works with cheap, battery-powered BLE Waze Beacon hardware to be installed in participating tunnels. These beacons would be configured to transmit signals to Bluetooth-enabled smartphones... There is a cost to participate — each beacon is $28.50, Waze notes, and a typical installation requires around 42 beacons per mile of tunnel. But for municipalities and tunnel operators, this would actually be a service they can provide drivers, which might actually eliminate frustration and traffic..."

There are several key takeaways here:

  1. GPS navigation services can perform better in previously unavailable areas,
  2. Companies can collect (and share) more precise geolocation data about consumers and our movements,
  3. Consumers' GPS data can now be collected in previously unattainable locations,
  4. What matters aren't the transmissions by beacons, but rather the GPS and related data collected by your phone and the apps you use, which are transmitted back to the apps' developers, and then shared by developers with their business partners (e.g., mobile service providers, smartphone operating system developers, advertisers, and affiliates
  5. You don't have to be a Google user for Google to collect GPS data about you, and
  6. Consumers can expect a coming proliferation of Bluetooth modules in a variety of locations, retail stores, and devices.

So, now you know more about how Google and other companies collect GPS data about you. After analyzing the geolocation data collected, they know not only when and where you go, but also your patterns in the physical world: where you go on certain days and times, how long you stay, where and what you've done before (and after), who you associate with, and more.

Don't like the more precise tracking? Then, don't use the Waze app or Google Maps, delete the blabbermouth apps, or turn off the Bluetooth feature on your phone.

A noted economist once said, "There is no free lunch." And that applies to GPS navigation in tunnels. The price for "free," convenient navigation services means mobile users allow companies to collect and analyze mountains of data about their movements in the physical world.

What are your opinions of GPS navigation services in tunnels? If the city or town where you live has tunnels, have beacons been installed?


The Myth Of Drug Expiration Dates

[Editor's Note: some politicians and pundits repeatedly claim that the private sector is more efficient than the public sector. Today's blog post explores waste in the healthcare industry. Today's post is reprinted with permission.]

By Marshall Allen, ProPublica

The box of prescription drugs had been forgotten in a back closet of a retail pharmacy for so long that some of the pills predated the 1969 moon landing. Most were 30 to 40 years past their expiration dates -- possibly toxic, probably worthless.

But to Lee Cantrell, who helps run the California Poison Control System, the cache was an opportunity to answer an enduring question about the actual shelf life of drugs: Could these drugs from the bell-bottom era still be potent?

Cantrell called Roy Gerona, a University of California, San Francisco, researcher who specializes in analyzing chemicals. Gerona had grown up in the Philippines and had seen people recover from sickness by taking expired drugs with no apparent ill effects.

"This was very cool," Gerona says. "Who gets the chance of analyzing drugs that have been in storage for more than 30 years?"

The age of the drugs might have been bizarre, but the question the researchers wanted to answer wasn't. Pharmacies across the country -- in major medical centers and in neighborhood strip malls -- routinely toss out tons of scarce and potentially valuable prescription drugs when they hit their expiration dates.

Gerona and Cantrell, a pharmacist and toxicologist, knew that the term "expiration date" was a misnomer. The dates on drug labels are simply the point up to which the Food and Drug Administration and pharmaceutical companies guarantee their effectiveness, typically at two or three years. But the dates don't necessarily mean they're ineffective immediately after they "expire" -- just that there's no incentive for drugmakers to study whether they could still be usable.

ProPublica has been researching why the U.S. health care system is the most expensive in the world. One answer, broadly, is waste -- some of it buried in practices that the medical establishment and the rest of us take for granted. We've documented how hospitals often discard pricey new supplies, how nursing homes trash valuable medications after patients pass away or move out, and how drug companies create expensive combinations of cheap drugs. Experts estimate such squandering eats up about $765 billion a year -- as much as a quarter of all the country's health care spending.

What if the system is destroying drugs that are technically "expired" but could still be safely used?

In his lab, Gerona ran tests on the decades-old drugs, including some now defunct brands such as the diet pills Obocell (once pitched to doctors with a portly figurine called "Mr. Obocell") and Bamadex. Overall, the bottles contained 14 different compounds, including antihistamines, pain relievers and stimulants. All the drugs tested were in their original sealed containers.

The findings surprised both researchers: A dozen of the 14 compounds were still as potent as they were when they were manufactured, some at almost 100 percent of their labeled concentrations.

"Lo and behold," Cantrell says, "The active ingredients are pretty darn stable."

Cantrell and Gerona knew their findings had big implications. Perhaps no area of health care has provoked as much anger in recent years as prescription drugs. The news media is rife with stories of medications priced out of reach or of shortages of crucial drugs, sometimes because producing them is no longer profitable.

Tossing such drugs when they expire is doubly hard. One pharmacist at Newton-Wellesley Hospital outside Boston says the 240-bed facility is able to return some expired drugs for credit, but had to destroy about $200,000 worth last year. A commentary in the journal Mayo Clinic Proceedings cited similar losses at the nearby Tufts Medical Center. Play that out at hospitals across the country and the tab is significant: about $800 million per year. And that doesn't include the costs of expired drugs at long-term care pharmacies, retail pharmacies and in consumer medicine cabinets.

After Cantrell and Gerona published their findings in Archives of Internal Medicine in 2012, some readers accused them of being irresponsible and advising patients that it was OK to take expired drugs. Cantrell says they weren't recommending the use of expired medication, just reviewing the arbitrary way the dates are set.  

"Refining our prescription drug dating process could save billions," he says.

But after a brief burst of attention, the response to their study faded. That raises an even bigger question: If some drugs remain effective well beyond the date on their labels, why hasn't there been a push to extend their expiration dates?

It turns out that the FDA, the agency that helps set the dates, has long known the shelf life of some drugs can be extended, sometimes by years.

In fact, the federal government has saved a fortune by doing this.

For decades, the federal government has stockpiled massive stashes of medication, antidotes and vaccines in secure locations throughout the country. The drugs are worth tens of billions of dollars and would provide a first line of defense in case of a large-scale emergency.

Maintaining these stockpiles is expensive. The drugs have to be kept secure and at the proper humidity and temperature so they don't degrade. Luckily, the country has rarely needed to tap into many of the drugs, but this means they often reach their expiration dates. Though the government requires pharmacies to throw away expired drugs, it doesn't always follow these instructions itself. Instead, for more than 30 years, it has pulled some medicines and tested their quality.

The idea that drugs expire on specified dates goes back at least a half-century, when the FDA began requiring manufacturers to add this information to the label. The time limits allow the agency to ensure medications work safely and effectively for patients. To determine a new drug's shelf life, its maker zaps it with intense heat and soaks it with moisture to see how it degrades under stress. It also checks how it breaks down over time. The drug company then proposes an expiration date to the FDA, which reviews the data to ensure it supports the date and approves it. Despite the difference in drugs' makeup, most "expire" after two or three years.

Once a drug is launched, the makers run tests to ensure it continues to be effective up to its labeled expiration date. Since they are not required to check beyond it, most don't, largely because regulations make it expensive and time-consuming for manufacturers to extend expiration dates, says Yan Wu, an analytical chemist who is part of a focus group at the American Association of Pharmaceutical Scientists that looks at the long-term stability of drugs. Most companies, she says, would rather sell new drugs and develop additional products.

Pharmacists and researchers say there is no economic "win" for drug companies to investigate further. They ring up more sales when medications are tossed as "expired" by hospitals, retail pharmacies and consumers despite retaining their safety and effectiveness.

Industry officials say patient safety is their highest priority. Olivia Shopshear, director of science and regulatory advocacy for the drug industry trade group Pharmaceutical Research and Manufacturers of America, or PhRMA, says expiration dates are chosen "based on the period of time when any given lot will maintain its identity, potency and purity, which translates into safety for the patient."

That being said, it's an open secret among medical professionals that many drugs maintain their ability to combat ailments well after their labels say they don't. One pharmacist says he sometimes takes home expired over-the-counter medicine from his pharmacy so he and his family can use it.

The federal agencies that stockpile drugs -- including the military, the Centers for Disease Control and Prevention and the Department of Veterans Affairs -- have long realized the savings in revisiting expiration dates.

In 1986, the Air Force, hoping to save on replacement costs, asked the FDA if certain drugs' expiration dates could be extended. In response, the FDA and Defense Department created the Shelf Life Extension Program.

Each year, drugs from the stockpiles are selected based on their value and pending expiration and analyzed in batches to determine whether their end dates could be safely extended. For several decades, the program has found that the actual shelf life of many drugs is well beyond the original expiration dates.

A 2006 study of 122 drugs tested by the program showed that two-thirds of the expired medications were stable every time a lot was tested. Each of them had their expiration dates extended, on average, by more than four years, according to research published in the Journal of Pharmaceutical Sciences.

Some that failed to hold their potency include the common asthma inhalant albuterol, the topical rash spray diphenhydramine, and a local anesthetic made from lidocaine and epinephrine, the study said. But neither Cantrell nor Dr. Cathleen Clancy, associate medical director of National Capital Poison Center, a nonprofit organization affiliated with the George Washington University Medical Center, had heard of anyone being harmed by any expired drugs. Cantrell says there has been no recorded instance of such harm in medical literature.

Marc Young, a pharmacist who helped run the extension program from 2006 to 2009, says it has had a "ridiculous" return on investment. Each year the federal government saved $600 million to $800 million because it did not have to replace expired medication, he says.

An official with the Department of Defense, which maintains about $13.6 billion worth of drugs in its stockpile, says that in 2016 it cost $3.1 million to run the extension program, but it saved the department from replacing $2.1 billion in expired drugs. To put the magnitude of that return on investment into everyday terms: It's like spending a dollar to save $677.

"We didn't have any idea that some of the products would be so damn stable -- so robustly stable beyond the shelf life," says Ajaz Hussain, one of the scientists who formerly helped oversee the extension program.

Hussain is now president of the National Institute for Pharmaceutical Technology and Education, an organization of 17 universities that's working to reduce the cost of pharmaceutical development. He says the high price of drugs and shortages make it time to reexamine drug expiration dates in the commercial market.

"It's a shame to throw away good drugs," Hussain says.

Some medical providers have pushed for a changed approach to drug expiration dates -- with no success. In 2000, the American Medical Association, foretelling the current prescription drug crisis, adopted a resolution urging action. The shelf life of many drugs, it wrote, seems to be "considerably longer" than their expiration dates, leading to "unnecessary waste, higher pharmaceutical costs, and possibly reduced access to necessary drugs for some patients."

Citing the federal government's extension program, the AMA sent letters to the FDA, the U.S. Pharmacopeial Convention, which sets standards for drugs, and PhRMA asking for a re-examination of expiration dates.

No one remembers the details -- just that the effort fell flat.

"Nothing happened, but we tried," says rheumatologist Roy Altman, now 80, who helped write the AMA report. "I'm glad the subject is being brought up again. I think there's considerable waste."

At Newton-Wellesley Hospital, outside Boston, pharmacist David Berkowitz yearns for something to change.

On a recent weekday, Berkowitz sorted through bins and boxes of medication in a back hallway of the hospital's pharmacy, peering at expiration dates. As the pharmacy's assistant director, he carefully manages how the facility orders and dispenses drugs to patients. Running a pharmacy is like working in a restaurant because everything is perishable, he says, "but without the free food."

Federal and state laws prohibit pharmacists from dispensing expired drugs and The Joint Commission, which accredits thousands of health care organizations, requires facilities to remove expired medication from their supply. So at Newton-Wellesley, outdated drugs are shunted to shelves in the back of the pharmacy and marked with a sign that says: "Do Not Dispense." The piles grow for weeks until they are hauled away by a third-party company that has them destroyed. And then the bins fill again.

"I question the expiration dates on most of these drugs," Berkowitz says.

One of the plastic boxes is piled with EpiPens -- devices that automatically inject epinephrine to treat severe allergic reactions. They run almost $300 each. These are from emergency kits that are rarely used, which means they often expire. Berkowitz counts them, tossing each one with a clatter into a separate container, " 'that's 45, 46, 47' " He finishes at 50. That's almost $15,000 in wasted EpiPens alone.

In May, Cantrell and Gerona published a study that examined 40 EpiPens and EpiPen Jrs., a smaller version, that had been expired for between one and 50 months. The devices had been donated by consumers, which meant they could have been stored in conditions that would cause them to break down, like a car's glove box or a steamy bathroom. The EpiPens also contain liquid medicine, which tends to be less stable than solid medications.

Testing showed 24 of the 40 expired devices contained at least 90 percent of their stated amount of epinephrine, enough to be considered as potent as when they were made. All of them contained at least 80 percent of their labeled concentration of medication. The takeaway? Even EpiPens stored in less than ideal conditions may last longer than their labels say they do, and if there's no other option, an expired EpiPen may be better than nothing, Cantrell says.

At Newton-Wellesley, Berkowitz keeps a spreadsheet of every outdated drug he throws away. The pharmacy sends what it can back for credit, but it doesn't come close to replacing what the hospital paid.

Then there's the added angst of tossing drugs that are in short supply. Berkowitz picks up a box of sodium bicarbonate, which is crucial for heart surgery and to treat certain overdoses. It's being rationed because there's so little available. He holds up a purple box of atropine, which gives patients a boost when they have low heart rates. It's also in short supply. In the federal government's stockpile, the expiration dates of both drugs have been extended, but they have to be thrown away by Berkowitz and other hospital pharmacists.

The 2006 FDA study of the extension program also said it pushed back the expiration date on lots of mannitol, a diuretic, for an average of five years. Berkowitz has to toss his out. Expired naloxone? The drug reverses narcotic overdoses in an emergency and is currently in wide use in the opioid epidemic. The FDA extended its use-by date for the stockpiled drugs, but Berkowitz has to trash it.

On rare occasions, a pharmaceutical company will extend the expiration dates of its own products because of shortages. That's what happened in June, when the FDA posted extended expiration dates from Pfizer for batches of its injectable atropine, dextrose, epinephrine and sodium bicarbonate. The agency notice included the lot numbers of the batches being extended and added six months to a year to their expiration dates.

The news sent Berkowitz running to his expired drugs to see if any could be put back into his supply. His team rescued four boxes of the syringes from destruction, including 75 atropine, 15 dextrose, 164 epinephrine and 22 sodium bicarbonate. Total value: $7,500. In a blink, "expired" drugs that were in the trash heap were put back into the pharmacy supply.

Berkowitz says he appreciated Pfizer's action, but feels it should be standard to make sure drugs that are still effective aren't thrown away.

"The question is: Should the FDA be doing more stability testing?" Berkowitz says. "Could they come up with a safe and systematic way to cut down on the drugs being wasted in hospitals?"

Four scientists who worked on the FDA extension program told ProPublica something like that could work for drugs stored in hospital pharmacies, where conditions are carefully controlled.

Greg Burel, director of the CDC's stockpile, says he worries that if drugmakers were forced to extend their expiration dates it could backfire, making it unprofitable to produce certain drugs and thereby reducing access or increasing prices.

The 2015 commentary in Mayo Clinic Proceedings, called "Extending Shelf Life Just Makes Sense," also suggested that drugmakers could be required to set a preliminary expiration date and then update it after long-term testing. An independent organization could also do testing similar to that done by the FDA extension program, or data from the extension program could be applied to properly stored medications.

ProPublica asked the FDA whether it could expand its extension program, or something like it, to hospital pharmacies, where drugs are stored in stable conditions similar to the national stockpile.

"The Agency does not have a position on the concept you have proposed," an official wrote back in an email.

Whatever the solution, the drug industry will need to be spurred in order to change, says Hussain, the former FDA scientist. "The FDA will have to take the lead for a solution to emerge," he says. "We are throwing away products that are certainly stable, and we need to do something about it."

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Presidential Commission Demands Massive Amounts of State Voter Data

[Editor's Note: today's guest blog post, by the reporters at ProPublica, explores issues of alleged voter fraud, and the problems with analyses claiming multiple voter registrations across states. It is reprinted with permission.]

by Jessica Huseman, ProPublica

On June 28, all 50 states were sent letters from Kris Kobach -- vice chair for the Presidential Advisory Commission on Election Integrity -- requesting information on voter fraud, election security and copies of every state's voter roll data.

The letter asked state officials to deliver the data within two weeks, and says that all information turned over to the commission will be made public. The letter does not explain what the commission plans to do with voter roll data, which often includes the names, ages and addresses of registered voters. The commission also asked for information beyond what is typically contained in voter registration records, including Social Security numbers and military status, if the state election databases contain it.

President Donald Trump established the commission through an executive order on March 11. Its stated goal is to "promote fair and honest Federal elections" and it is chaired by Vice President Mike Pence. The commission plans to present a report to Trump that identifies vulnerabilities in the voting system that could lead to fraud and makes recommendations for enhancing voters' confidence in election integrity. No deadline has been set for completion of the work.

A number of experts, as well as at least one state official, reacted with a mix of alarm and bafflement. Some saw political motivations behind the requests, while others said making such information public would create a national voter registration list, a move that could create new election problems.

"You'd think there would want to be a lot of thought behind security and access protocols for a national voter file, before you up and created one," said Justin Levitt, a professor at Loyola University School of Law and former Department of Justice civil rights official. "This is asking to create a national voter file in two weeks."

David Becker, the executive director of the Center for Election Innovation & Research, also expressed serious concerns about the request. "It's probably a good idea not to make publicly available the name, address and military status of the people who are serving our armed forces to anyone who requests it," he said.

Kobach, the secretary of state in Kansas, has been concerned about voter fraud for years. His signature piece of legislation was a law requiring Kansans to show proof of citizenship when they register to vote, which is currently ensnarled in a fraught court battle with the American Civil Liberties Union. He has written that he believes people vote twice with "alarming regularity," and also that non-citizens frequently vote. Multiple studies have shown neither happens with any consistency.

Kobach also runs the Interstate Voter Registration Crosscheck Program, a proprietary piece of software started by Kansas Secretary of State Ron Thornburgh in 2005. Under the program, 30 states pool their voter information and attempt to identify people who are registered in more than one state.

Some expect the information Kobach has requested will be used to create a national system that would include data from all 50 states.

It is not uncommon for voters to be registered in more than one state. Many members of Trump's inner circle -- including his son-in-law Jared Kushner and daughter Tiffany Trump -- were registered to vote in two states. Given the frequency with which voters move across state lines and re-register, the act of holding two registrations is not in itself fraud. There is no evidence to suggest that voting twice is a widespread problem, though experts say removing duplicate registrations are a good practice if done carefully.

"In theory, I don't think we have a problem with that as an idea, but the devil is always in the details," said Dale Ho, the director of the ACLU's Voting Rights Project. While he believes voter registration list maintenance is important, he says Kobach's Crosscheck program has been repeatedly shown to be ineffective and to produce false matches. A study by a group of political scientists at Stanford published earlier this year found that Crosscheck highlighted 200 false matches for every one true double vote.

"I have every reason to think that given the shoddy work that Mr. Kobach has done in this area in the past that this is going to be yet another boondoggle and a propaganda tool that tries to inflate the problem of double registration beyond what it actually is," Ho said.

Some experts already see sloppy work in this request. On at least one occasion, the commission directed the letter to the incorrect entity. In North Carolina, it addressed and sent the letter to Secretary of State Elaine Marshall, who has no authority over elections or the voter rolls. In that state, the North Carolina Board of Elections manages both.

Charles Stewart, a professor at MIT and expert in election administration, said it was proof of "sloppy staff work," and questioned the speed at which the letter was sent. "It seems to me that the data aren't going anywhere. Doing database matching is hard work, and you need to plan it out carefully," he said. "It's a naïve first undertaking by the commission, and reflects that the commission may be getting ahead of itself."

Connecticut Secretary of State Denise Merrill, who oversees voting in the state, said she was dismayed about the commission's failure to be clearer about what its intentions are. In a statement, Merrill said her office would share publicly available information with the commission. But she said that "in the same spirit of transparency" her office would request the commission "share any memos, meeting minutes or additional information as state officials have not been told precisely what the Commission is looking for."

"This lack of openness is all the more concerning, considering that the Vice Chair of the Commission, Kris Kobach, has a lengthy record of illegally disenfranchising eligible voters in Kansas," she wrote.

Alabama's Republican Secretary of State John Merrill (no relation) also indicated he had questions for Kobach regarding how much of the data would be made public and how Alabamans' privacy would be protected, even while he expressed support for the commission. "Kobach is a close friend, and I have full confidence in him and his ability, but before we turn over data of this magnitude to anybody we're going to make sure our questions are answered," he said.

Colorado Secretary of State Republican Wayne Williams, for his part, said he was not concerned with what the commission planned to do with the data. "Just like when we get a [public-records] request, we don't demand to know what they are going to do with the data," he said. "There are important reasons why the voter roll is publicly available information."

The extent to which voter roll data is public varies across the country. While some states, like North Carolina, make their voter rolls available for free download, other states charge high fees. Alabama, for example, charges one cent per voter in the roll for a total cost of more than $30,000. The state law provides a waiver for government entities, so Merrill said the commission would receive the data for free. Other states, like Virginia, do not make this information public beyond sharing it with formal campaigns and political candidates. When ProPublica tried to purchase Illinois' voter roll, our request was denied because they only release it to government entities for privacy reasons. Illinois did not respond to a request regarding whether they would release this information to the PCEI, which 2014 while a government entity 2014 intends to make the information public.

The letter from the commission also asks quite broad questions of state elections officials.

"What changes, if any, to federal election laws would you recommend to enhance the integrity of federal elections?" asks the first question. The letter also asked for all information and convictions related to any instance of voter fraud or registration fraud, and it solicited recommendations "for preventing voter intimidation or disenfranchisement."

"The equivalent is, 'Hey, doctors, what changes would you suggest regarding healthcare? Let us know in two weeks,'" said Levitt, the Loyola professor. "If I were a state election official, I wouldn't know what to do with this."

While the commission is being chaired by Vice President Mike Pence, Kobach signed the letter alone. Jon Greenbaum, chief counsel for the Lawyers' Committee for Civil Rights Under Law, said this is an indication that Kobach -- not Pence -- "will be running the show," which he said should be a point of concern.

"As we know with Kobach, he's obsessed with trying to identify voter fraud and finds it in a lot of places where it doesn't exist," he said.

Vanita Gupta, the former acting head of the Department of Justice's civil rights division under President Barack Obama, said the commission's letter was an indication the commission was "laying the groundwork" to carry out changes to the National Voter Registration Act that might seek to restrict access to the polls.

The National Voter Registration Act -- sometimes called the Motor Voter Act -- was enacted in 1993. It allows the DOJ the authority to ensure states to keep voter registration lists, or voter rolls, accurate and up-to-date. It also requires states to offer opportunities for voter registration at all offices that provide public assistance (like the DMV). 

In November, Kobach was photographed holding a paper addressing national security issues and proposing changes to the voter registration law. It is not clear what these changes were. The ACLU is involved in a lawsuit against Kansas' state law requiring people to show proof of citizenship in order to register to vote. As part of the suit, ACLU lawyers requested access to the document reflecting the changes Kobach proposed.

Originally Kobach told the court the document was beyond the scope of the lawsuit, but last week the court found the documents were relevant and that Kobach had intentionally misled the court. He was fined $1,000 for the offense and required him to turn the document over. It has not yet been made public.

Gupta said her concern about the future of the voter registration act was deepened by the fact that, on June 29, the DOJ sent a letter to the 44 states covered by the act requesting information on the maintenance of their voter rolls. States were given 30 days to answer a set of detailed questions about their policies for list maintenance.

"The timing of the letters being issued on the same day is curious at the very least," she said.

The White House and the DOJ all did not respond to requests for comment about the letters.

The letter did not ask about compliance with the portions of the act that require states to attempt to expand the voter base, such as by offering voter registration forms and information in public offices.

Danielle Lang, deputy director of voting rights for The Campaign Legal Center, said the focus on list maintenance troubled her. While she said this might point to a new direction in enforcement for the DOJ's voting rights section, it was too early to tell how this information might be used.

Levitt said he did not recall a time when the DOJ has previously requested such broad information. While the information is public and not, on its face, troubling, Levitt said the only time he recalled requesting similar information was during targeted investigations when federal officials suspected a state was not complying with the law.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Senator Warren Calls For the Firing Of All Wells Fargo Board Members

Wells Fargo logo In a letter sent Monday to the Federal Reserve Chair Janet Yellen, U.S. Senator Elizabeth Warren (D-Massachusetts) has called for the firing of all 12 board members at Wells Fargo bank for failing to adequately protect accountholders. CNBC reported first the Senator's letter, which read in part:

"The fake accounts scandal cost Wells Fargo customers millions of dollars in unauthorized fees and damaged many of their credit scores," the senator wrote. "The scandal also revealed severe problems with the bank's risk management practices — problems that justify the Federal Reserve's removal of all responsible Board members."

After implementing sales targets and an incentive program, many of the bank's employees secretly opened new accounts and transferred money from other accounts to fund the new accounts -- all without the customers' knowledge nor consent. In some cases, employees applied for credit cards, created PIN numbers, and operated fake e-mail accounts in customers' names.

The Consumer Financial Protection Bureau (CFPB) announced in September, 2016 the consent order with the bank. As a result of the fake-account scandal, the bank paid about $185 million in fines and fired 5,300 lower-level employees for setting up 2 million bogus accounts. Few or no senior executives have been punished.

Many Republicans and President Trump seek to defund and shut down the CFPB.

During October, 2016 Timothy J. Sloan was elected chief executive officer at Wells Fargo bank after the former CEO, John Stumpf, retired. Sloan also joined the board of directors as a member.

CNN Money reported:

"... Wells Fargo suffered from inadequate risk management systems that should have flagged the illegal activity earlier. Shareholder advisory firm Institutional Shareholder Services (ISS) agrees. ISS argued the Wells Fargo board made the scandal worse by failing to provide oversight that could have limited the damage..."

In her letter, Senator Warren urged the Federal Reserve to act:

"I urge you to use the tools Congress has given you to remove the responsible board members and protect the continued safety and soundness of one of the country's largest banks..."

Reportedly, the Senator's letter mentioned the following Wells Fargo board members: John D. Baker II, John S. Chen, Lloyd H. Dean, Elizabeth A. Duke, Enrique Hernandez, Donald M. James, Cynthia H. Milligan, Federico F. Pena, James H. Quigley, Stephen W. Sanger, Susan G. Swenson, and Suzanne M. Vautrinot.

Some banking experts see the demand as unprecedented and unlikely. All of the bank's board members were re-elected during the annual shareholder meeting in April , 2017. Also during April, the bank announced an expansion of its class-action settlement agreements for its retail sales practices. The expansion covered account holders affected as early as May, 2002 by the bogus new account scandal, and added $32 million to the settlement amount total.


Trump Administration Quietly Rolls Back Civil Rights Efforts Across Federal Government

[Editor's Note: today's guest blog post is by the reporters at ProPublica. Consent decrees are an important oversight tool to ensure corporate responsibility after wrongdoing. Today's post is reprinted with permission.]

By Jessica Huseman and Annie Waldman, ProPublica

Department of Justice logo For decades, the Department of Justice has used court-enforced agreements to protect civil rights, successfully desegregating school systems, reforming police departments, ensuring access for the disabled and defending the religious.

Now, under Attorney General Jeff Sessions, the DOJ appears to be turning away from this storied tool, called consent decrees. Top officials in the DOJ civil rights division have issued verbal instructions through the ranks to seek settlements without consent decrees -- which would result in no continuing court oversight.

The move is just one part of a move by the Trump administration to limit federal civil rights enforcement. Other departments have scaled back the power of their internal divisions that monitor such abuses. In a previously unreported development, the Education Department last week reversed an Obama-era reform that broadened the agency's approach to protecting rights of students. The Labor Department and the Environmental Protection Agency have also announced sweeping cuts to their enforcement.

"At best, this administration believes that civil rights enforcement is superfluous and can be easily cut. At worst, it really is part of a systematic agenda to roll back civil rights," said Vanita Gupta, the former acting head of the DOJ's civil rights division under President Barack Obama.

Consent decrees have not been abandoned entirely by the DOJ, a person with knowledge of the instructions said. Instead, there is a presumption against their use -- attorneys should default to using settlements without court oversight unless there is an unavoidable reason for a consent decree. The instructions came from the civil rights division's office of acting Assistant Attorney General Tom Wheeler and Deputy Assistant Attorney General John Gore. There is no written policy guidance.

Devin O'Malley, a spokesperson for the DOJ, declined to comment for this story.

Consent decrees can be a powerful tool, and spell out specific steps that must be taken to remedy the harm. These are agreed to by both parties and signed off on by a judge, whom the parties can appear before again if the terms are not being met. Though critics say the DOJ sometimes does not enforce consent decrees well enough, they are more powerful than settlements that aren't overseen by a judge and have no built-in enforcement mechanism.

Such settlements have "far fewer teeth to ensure adequate enforcement," Gupta said.

Consent decrees often require agencies or municipalities to take expensive steps toward reform. Local leaders and agency heads then can point to the binding court authority when requesting budget increases to ensure reforms. Without consent decrees, many localities or government departments would simply never make such comprehensive changes, said William Yeomans, who spent 26 years at the DOJ, mostly in the civil rights division.

"They are key to civil rights enforcement," he said. "That's why Sessions and his ilk don't like them."

Some, however, believe the Obama administration relied on consent decrees too often and sometimes took advantage of vulnerable cities unable to effectively defend themselves against a well-resourced DOJ.

"I think a recalibration would be welcome," said Richard Epstein, a professor at New York University School of Law and a fellow at the Hoover Institution at Stanford, adding that consent decrees should be used in cases where clear, systemic issues of discrimination exist.

Though it's too early to see how widespread the effect of the changes will be, the Justice Department appears to be adhering to the directive already.

On May 30, the DOJ announced Bernards Township in New Jersey had agreed to pay $3.25 million to settle an accusation it denied zoning approval for a local Islamic group to build a mosque. Staff attorneys at the U.S. attorney's office in New Jersey initially sought to resolve the case with a consent decree, according to a spokesperson for Bernards Township. But because of the DOJ's new stance, the terms were changed after the township protested, according to a person familiar with the matter. A spokesperson for the New Jersey U.S. attorney's office declined comment.

Sessions has long been a public critic of consent decrees. As a senator, he wrote they "constitute an end run around the democratic process." He lambasted local agencies that seek them out as a way to inflate their budgets, a "particularly offensive" use of consent decrees that took decision-making power from legislatures.

On March 31, Sessions ordered a sweeping review of all consent decrees with troubled police departments nationwide to ensure they were in line with the Trump administration's law-and-order goals. Days before, the DOJ had asked a judge to postpone a hearing on a consent decree with the Baltimore Police Department that had been arranged during the last days of the Obama administration. The judge denied that request, and the consent decree has moved forward.

The DOJ has already come under fire from critics for altering its approach to voting rights cases. After nearly six years of litigation over Texas' voter ID law -- which Obama DOJ attorneys said was written to intentionally discriminate against minority voters and had such a discriminatory effect -- the Trump DOJ abruptly withdrew its intent claims in late February.

Attorneys who worked on the case for years were barely consulted about the change -- many weren't consulted at all, according to two former DOJ officials with knowledge of the matter. Gore wrote the filing changing the DOJ's position largely by himself and asked the attorneys who'd been involved in the case for years to sign it to show continuity. Not all of the attorneys fell in line. Avner Shapiro -- who has been a prosecutor in the civil rights division for more than 20 years -- left his name off the filings written by Gore. Shapiro was particularly involved in developing the DOJ's argument that Texas had intentionally discriminated against minorities in crafting its voter ID legislation.

"That's the ultimate act of rebellion," Yeomans, the former civil rights division prosecutor, said. A rare act, removing one's name from a legal filing is one of the few ways career attorneys can express public disagreement with an administration.

Gore has no history of bringing civil rights cases. A former partner at the law firm Jones Day, he has instead defended states against claims of racial gerrymandering and represented North Carolina when the state was sued over its controversial "bathroom bill," which requires transgender people to use the facility that matched their birth gender.

All of the internal changes at the DOJ have left attorneys and staff with "a great deal of fear and uncertainty," said Yeomans. While he says the lawyers there would like to stay at the department, they fear Sessions' priorities will have devastating impact on their work.

The DOJ's civil rights office is not alone in fearing rollbacks in enforcement. Across federal departments, the Trump administration has made moves to diminish the power of civil rights divisions.

U.S. Department of Education logo The Department of Education has laid out plans to loosen requirements on investigations into civil rights complaints, according to an internal memo sent to staff on June 8 and obtained by ProPublica.

Under the Obama administration, the department's office for civil rights applied an expansive approach to investigations. Individual complaints related to complex issues such as school discipline, sexual violence and harassment, equal access to educational resources, or racism at a single school might have prompted broader probes to determine whether the allegations were part of a pattern of discrimination or harassment.

The new memo, sent by Candice Jackson, the acting assistant secretary for civil rights, to regional directors at the department's civil rights office, trims this approach. Jackson was appointed deputy assistant secretary for the office in April and will remain as the acting head of the office until the Senate confirms a full-time assistant secretary. Trump has not publicly nominated anyone for the role yet.

The office will apply the broader approach "only" if the original allegations raise systemic concerns or the investigative team argues for it, Jackson wrote in the memo.

As part of the new approach, the Education Department will no longer require civil rights investigators to obtain three years of complaint data from a specific school or district to assess compliance with civil rights law.

Critics contend the Obama administration's probes were onerous. The office "did such a thorough review of everything that the investigations were demanding and very expensive" for schools, said Boston College American politics professor R. Shep Melnick, adding that the new approach could take some regulatory pressure off schools and districts.

But some civil rights leaders believe the change could undermine the office's mission. This narrowing of the department's investigations "is stunning to me and dangerous," said Catherine Lhamon, who led the Education Department's civil rights office from August 2013 until January 2017 and currently chairs the United States Commission on Civil Rights. "It's important to take an expansive view of the potential for harm because if you look only at the most recent year, you won't necessarily see the pattern," said Lhamon.

The department's new directive also gives more autonomy to regional offices, no longer requiring oversight or review of some cases by department headquarters, according to the memo.

The Education Department did not respond to ProPublica's request for comment.

Education Secretary Betsy DeVos has also proposed cutting over 40 positions from the civil rights office. With reduced staff, the office will have to "make difficult choices, including cutting back on initiating proactive investigations," according to the department's proposed budget.

Elsewhere, Trump administration appointees have launched similar initiatives. In its 2018 fiscal plan, the Labor Department has proposed dissolving the office that handles discrimination complaints. Similarly, new leadership at the Environmental Protection Agency has proposed entirely eliminating the environmental justice program, which addresses concerns that almost exclusively impact minority communities. The Washington Post reports the plan transfers all environmental justice work to the Office of Policy, which provides policy and regulatory guidance across the agency.

Mustafa Ali, a former EPA senior adviser and assistant associate administrator for environmental justice who served more than 20 years, quit the agency in protest days before the plan was announced. In his resignation letter, widely circulated in the media, Ali suggested the new leadership was abandoning "those who need our help most."

Ryan Gabrielson contributed to this report.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Russian Cyber Attacks Against US Voting Systems Wider Than First Thought

Cyber attacks upon electoral systems in the United States are wider than originally thought. The attacks occurred in at least 39 states. The Bloomberg report described online attacks in Illinois as an example:

"... investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016... In early July 2016, a contractor who works two or three days a week at the state board of elections detected unauthorized data leaving the network, according to Ken Menzel, general counsel for the Illinois board of elections. The hackers had gained access to the state’s voter database, which contained information such as names, dates of birth, genders, driver’s licenses and partial Social Security numbers on 15 million people, half of whom were active voters. As many as 90,000 records were ultimately compromised..."

Politicians have emphasized that the point of the disclosures isn't to embarrass any specific state, but to alert the public to past activities and to the ongoing threat. The Intercept reported:

"Russian military intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.

The top-secret National Security Agency document, which was provided anonymously to The Intercept and independently authenticated, analyzes intelligence very recently acquired by the agency about a months-long Russian intelligence cyber effort against elements of the U.S. election and voting infrastructure. The report, dated May 5, 2017, is the most detailed U.S. government account of Russian interference in the election that has yet come to light."

Spear-fishing is the tactic criminals use by sending malware-laden e-mail messages to targeted individuals, whose names and demographic details may have been collected from social networking sites and other sources. The spam e-mail uses those details to pretend to be valid e-mail from a coworker, business associate, or friend. When the target opens the e-mail attachment, their computer and network are often infected with malware to collect and transmit log-in credentials to the criminals; or to remotely take over the targets' computers (e.g., ransomware) and demand ransom payments. Stolen log-in credentials are how criminals steal consumers' money by breaking into online bank accounts.

The Intercept report explained how the elections systems hackers adopted this tactic:

"... the Russian plan was simple: pose as an e-voting vendor and trick local government employees into opening Microsoft Word documents invisibly tainted with potent malware that could give hackers full control over the infected computers. But in order to dupe the local officials, the hackers needed access to an election software vendor’s internal systems to put together a convincing disguise. So on August 24, 2016, the Russian hackers sent spoofed emails purporting to be from Google to employees of an unnamed U.S. election software company... The spear-phishing email contained a link directing the employees to a malicious, faux-Google website that would request their login credentials and then hand them over to the hackers. The NSA identified seven “potential victims” at the company. While malicious emails targeting three of the potential victims were rejected by an email server, at least one of the employee accounts was likely compromised, the agency concluded..."

Experts believe the voting equipment company targeted was VR Systems, based in Florida. Reportedly, it's electronic voting services and equipment are used in eight states. VR Systems posted online a Frequently Asked Questions document (adobe PDF) about the cyber attacks against elections systems:

"Recent reports indicate that cyber actors impersonated VR Systems and other elections companies. Cyber actors sent an email from a fake account to election officials in an unknown number of districts just days before the 2016 general election. The fraudulent email asked recipients to open an attachment, which would then infect their computer, providing a gateway for more mischief... Because the spear-phishing email did not originate from VR Systems, we do not know how many jurisdictions were potentially impacted. Many election offices report that they never received the email or it was caught by their spam filters before it could reach recipients. It is our understanding that all jurisdictions, including VR Systems customers, have been notified by law enforcement agencies if they were a target of this spear-phishing attack... In August, a small number of phishing emails were sent to VR Systems. These emails were captured by our security protocols and the threat was neutralized. No VR Systems employee’s email was compromised. This prevented the cyber actors from accessing a genuine VR Systems email account. As such, the cyber actors, as part of their late October spear-phishing attack, resorted to creating a fake account to use in that spear-phishing campaign."

It is good news that VR Systems protected its employees' e-mail accounts. Let's hope that those employees were equally diligent about protecting their personal e-mail accounts and home computers, networks, and phones. We all know employees that often work from home.

The Intercept report highlighted a fact about life on the internet, which all internet users should know: stolen log-in credentials are highly valued by criminals:

"Jake Williams, founder of computer security firm Rendition Infosec and formerly of the NSA’s Tailored Access Operations hacking team, said stolen logins can be even more dangerous than an infected computer. “I’ll take credentials most days over malware,” he said, since an employee’s login information can be used to penetrate “corporate VPNs, email, or cloud services,” allowing access to internal corporate data. The risk is particularly heightened given how common it is to use the same password for multiple services. Phishing, as the name implies, doesn’t require everyone to take the bait in order to be a success — though Williams stressed that hackers “never want just one” set of stolen credentials."

So, a word to the wise for all internet users: don't use the same log-in credentials at multiple site. Don't open e-mail attachments from strangers. If you weren't expecting an e-mail attachment from a coworker/friend/business associate, call them on the phone first and verify that they indeed sent an attachment to you. The internet has become a dangerous place.