157 posts categorized "Massachusetts" Feed

Report: Little Progress Since 2016 To Replace Old, Vulnerable Voting Machines In United States

We've know for some time that a sizeable portion of voting machines in the United States are vulnerable to hacking and errors. Too many states, cities, and town use antiquated equipment or equipment without paper backups. The latter makes re-counts impossible.

Has any progress been made to fix the vulnerabilities? The Brennan Center For Justice (BCJ) reported:

"... despite manifold warnings about election hacking for the past two years, the country has made remarkably little progress since the 2016 election in replacing antiquated, vulnerable voting machines — and has done even less to ensure that our country can recover from a successful cyberattack against those machines."

It is important to remember this warning in January 2017 from the Director of National Intelligence (DNI):

"Russian effortsto influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations. We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election. Russia’s goals were to undermine public faith in the US democratic process... Russian intelligence accessed elements of multiple state or local electoral boards. Since early 2014, Russian intelligence has researched US electoral processes and related technology and equipment. DHS assesses that the types of systems we observed Russian actors targeting or compromising are not involved in vote tallying... We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes... "

Detailed findings in the BCJ report about the lack of progress:

  1. "This year, most states will use computerized voting machines that are at least 10 years old, and which election officials say must be replaced before 2020.
    While the lifespan of any electronic voting machine varies, systems over a decade old are far more likely to need to be replaced, for both security and reliability reasons... older machines are more likely to use outdated software like Windows 2000. Using obsolete software poses serious security risks: vendors may no longer write security patches for it; jurisdictions cannot replace critical hardware that is failing because it is incompatible with their new, more secure hardware... In 2016, jurisdictions in 44 states used voting machines that were at least a decade old. Election officials in 31 of those states said they needed to replace that equipment by 2020... This year, 41 states will be using systems that are at least a decade old, and officials in 33 say they must replace their machines by 2020. In most cases, elections officials do not yet have adequate funds to do so..."
  2. "Since 2016, only one state has replaced its paperless electronic voting machines statewide.
    Security experts have long warned about the dangers of continuing to use paperless electronic voting machines. These machines do not produce a paper record that can be reviewed by the voter, and they do not allow election officials and the public to confirm electronic vote totals. Therefore, votes cast on them could be lost or changed without notice... In 2016, 14 states (Arkansas, Delaware, Georgia, Indiana, Kansas, Kentucky, Louisiana, Mississippi, New Jersey, Pennsylvania, South Carolina, Tennessee, Texas, and Virginia) used paperless electronic machines as the primary polling place equipment in at least some counties and towns. Five of these states used paperless machines statewide. By 2018 these numbers have barely changed: 13 states will still use paperless voting machines, and 5 will continue to use such systems statewide. Only Virginia decertified and replaced all of its paperless systems..."
  3. "Only three states mandate post-election audits to provide a high-level of confidence in the accuracy of the final vote tally.
    Paper records of votes have limited value against a cyberattack if they are not used to check the accuracy of the software-generated total to confirm that the veracity of election results. In the last few years, statisticians, cybersecurity professionals, and election experts have made substantial advances in developing techniques to use post-election audits of voter verified paper records to identify a computer error or fraud that could change the outcome of a contest... Specifically, “risk limiting audits” — a process that employs statistical models to consistently provide a high level of confidence in the accuracy of the final vote tally – are now considered the “gold standard” of post-election audits by experts... Despite this fact, risk limiting audits are required in only three states: Colorado, New Mexico, and Rhode Island. While 13 state legislatures are currently considering new post-election audit bills, since the 2016 election, only one — Rhode Island — has enacted a new risk limiting audit requirement."
  4. "43 states are using machines that are no longer manufactured.
    The problem of maintaining secure and reliable voting machines is particularly challenging in the many jurisdictions that use machines models that are no longer produced. In 2015... the Brennan Center estimated that 43 states and the District of Columbia were using machines that are no longer manufactured. In 2018, that number has not changed. A primary challenge of using machines no longer manufactured is finding replacement parts and the technicians who can repair them. These difficulties make systems less reliable and secure... In a recent interview with the Brennan Center, Neal Kelley, registrar of voters for Orange County, California, explained that after years of cannibalizing old machines and hoarding spare parts, he is now forced to take systems out of service when they fail..."

That is embarrassing for a country that prides itself on having an effective democracy. According to BCJ, the solution would be for Congress to fund via grants the replacement of paperless and antiquated equipment; plus fund post-election audits.

Rather than protect the integrity of our democracy, the government passed a massive tax cut which will increase federal deficits during the coming years while pursuing both a costly military parade and an unfunded border wall. Seems like questionable priorities to me. What do you think?


Legislation Moving Through Congress To Loosen Regulations On Banks

Legislation is moving through Congress which will loosen regulations on banks. Is this an improvement? Is it risky? Is it a good deal for consumers? Before answering those questions, a summary of the Economic Growth, Regulatory Relief, and Consumer Protection Act (Senate Bill 2155):

"This bill amends the Truth in Lending Act to allow institutions with less than $10 billion in assets to waive ability-to-repay requirements for certain residential-mortgage loans... The bill amends the Bank Holding Company Act of 1956 to exempt banks with assets valued at less than $10 billion from the "Volcker Rule," which prohibits banking agencies from engaging in proprietary trading or entering into certain relationships with hedge funds and private-equity funds... The bill amends the United States Housing Act of 1937 to reduce inspection requirements and environmental-review requirements for certain smaller, rural public-housing agencies.

Provisions relating to enhanced prudential regulation for financial institutions are modified, including those related to stress testing, leverage requirements, and the use of municipal bonds for purposes of meeting liquidity requirements. The bill requires credit reporting agencies to provide credit-freeze alerts and includes consumer-credit provisions related to senior citizens, minors, and veterans."

Well, that definitely sounds like relief for banks. Fewer regulations means it's easier to do business... and make more money. Next questions: is it good for consumers? Is it risky? Keep reading.

The non-partisan Congressional Budget Office (CBO) analyzed the proposed legislation in the Senate, and concluded (bold emphasis added):

"S. 2155 would modify provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd Frank Act) and other laws governing regulation of the financial industry. The bill would change the regulatory framework for small depository institutions with assets under $10 billion (community banks) and for large banks with assets over $50 billion. The bill also would make changes to consumer mortgage and credit-reporting regulations and to the authorities of the agencies that regulate the financial industry. CBO estimates that enacting the bill would increase federal deficits by $671 million over the 2018-2027 period... CBO’s estimate of the bill’s budgetary effect is subject to considerable uncertainty, in part because it depends on the probability in any year that a systemically important financial institution (SIFI) will fail or that there will be a financial crisis. CBO estimates that the probability is small under current law and would be slightly greater under the legislation..."

So, the propose legislation means there is a greater risk of banks either failing or needing government assistance (e.g., bailout funds). Are there risks to consumers? To taxpayers? CNN interviewed U.S. Senator Elizabeth Warren (Dem- Mass.), who said:

"Frankly, I just don't see how any senator can vote to weaken the regulations on Wall Street banks.. [weakened regulations] puts us at greater risk that there will be another taxpayer bailout, that there will be another crash and another taxpayer bailout..."

So, there are risks for consumers/taxpayers. How? Why? Let's count the ways.

First, the proposed legislation increases federal deficits. Somebody has to pay for that: with either higher taxes, less services, more debt, or a combination of all three. That doesn't sound good. Does it sound good to you?

Second, looser regulations mean some banks may lend money to more people they shouldn't have = persons who default on loan. To compensate, those banks would raise prices (e.g., more fees, higher fees, higher interest rates) to borrowers to cover their losses. If those banks can't cover their losses, then they will fail. If enough banks fail at about the same time, then bingo... another financial crisis.

If key banks fail, then the government will bail out (again) banks to keep the financial system running. (Remember too big to fail banks?) Somebody has to pay for bailouts... with either higher taxes, less services, more debt, or a combination of all three. Does that sound good to you? It doesn't sound good to me. If it doesn't sound good, I encourage you to contact your elected officials.

It's critical to remember banking history in the United States. Nobody wants a repeat of the 2008 melt-down. There are always consequences when government... Congress decides to help bankers by loosening regulations. What do you think?


Mystery Package Scam Operating on Amazon Site. What It Is, The Implications, And Advice For Victims

Amazon logo Last fall, a couple living in a Boston suburb started receiving packages they didn't order from Amazon, the popular online retailer. The Boston Globe reported that the couple living in Acton, Massachusetts:

"... contacted Amazon, only to be told that the merchandise was paid for with a gift card. No sender’s name, no address. While they’ve never been charged for anything, they fear they are being used in a scam... The first package from Amazon landed on Mike and Kelly Gallivan’s front porch in October. And they have continued to arrive, packed with plastic fans, phone chargers, and other cheap stuff, at a rate of one or two a week."

The packages were delivered to the intended recipient. Nobody knows who sent the items: wireless chargers, a high-intensity flashlight, a Bluetooth speaker, a computer vacuum cleaner, LED tent lamps, USB cables, and more. After receiving 25 packages since October, the couple now wants it to stop. What seemed funny at first, is now a nuisance.

The Gallivans are not alone. CBC News reported that students at several universities in Canada have also received mystery packages containing a variety of items they didn't order:

"The items come in Amazon packaging, but there's no indication who's ordering the goods from the online retail giant. "We're definitely confused by it," said Shawn Wiskar, University of Regina Students' Union vice-president of student affairs. His student union has received about 15 anonymous packages from Amazon since late November, many of which contained multiple items. Products sent so far include iPad cases, a kitchen scale and a "fleshlight" — a male sex toy in the shape of a flashlight... Six other university student unions — Dalhousie in Halifax; St. Francis Xavier in Antigonish (Nova Scotia); Ryerson in Toronto; Wilfrid Laurier in Waterloo, Ontario; Royal Roads in Victoria; and the University of Manitoba in Winnipeg — have also confirmed that they've been receiving mysterious Amazon packages since the fall."

Experts speculate that the mystery packages were sent by fraudsters trying to game the retailer's review system. Consumers buy products on Amazon.com either directly from the retailer or from independent sellers listed on the site. The Boston Globe explained:

"Here’s how two experts who used to work for Amazon, James Thomson and Chris McCabe, say it probably works: A seller trying to prop up a product would set up a phony e-mail account that would be used to establish an Amazon account. Then the seller would purchase merchandise with a gift card — no identifying information there — and send it to a random person, in this case the Gallivans. Then, the phantom seller, who controls the “buyer’s” e-mail account, writes glowing reviews of the product, thus boosting the Amazon ranking of the product."

If true, then there probably are a significant number of bogus reviews on the Amazon site. The Boston Globe's news item also suggested that a data breach within a seller's firm might have provided scammers with valid mailing addresses:

"How did Mike, to whom the packages are addressed, get drawn into this? On occasion he’s ordered stuff on Amazon and received it directly from a manufacturer, once from China. That manufacturer or some affiliate may have scooped Mike’s name and address."

If true, then that highlights the downside of offshore outsourcing, where other countries don't mandate data breach disclosures. Earlier in 2017, a resident of Queens in New York City received packages with products she didn't order:

"... All she knows is that the sender is some guy named Kevin who uses Amazon gift cards... And she’s reported the packages to the NYPD, the FBI and the Better Business Bureau since Amazon hasn’t made the deliveries stop."

In that news report, a security expert speculated that criminals were testing stolen debit- and gift-card numbers. Did a seller have a data breach which went unreported? Lots of questions and few answers.

Security experts advise consumers to report packages they didn't order to various law enforcement and agencies, as the Queens resident did. Ultimately, her deliveries stopped, but not for the Gallivans.

Amazon has been unable to identify the perpetrators. At press time, a search of Amazon's Help and Customer Service site section failed to find content helping consumers victimized by this scam.

Perhaps, it is time for law enforcement and the U.S. Federal Trade Commission to step in. Regardless, we consumers will probably hear more news in the future about this scam.


Fresenius Medical Care To Pay $3.5 Million For 5 Small Data Breaches During 2012

Logo-fresenius-medical-careFresenius Medical Care Holdings, Inc. has agreed to a $3.5 million settlement agreement regarding five small data breaches the Massachusetts-based healthcare organization experienced during 2012. Fresenius Medical Care Holdings, Inc. does business under the name Fresenius Medical Care North America (FMCNA). This represents one of the largest HIPAA settlements ever by the U.S. Department of Health & Human Services (HHS).

The five small data breaches, at different locations across the United States, affected about 521 persons:

  1. Bio-Medical Applications of Florida, Inc. d/b/a Fresenius Medical Care Duval Facility: On February 23, 2012, two desktop computers were stolen during a break-in. One of the computers contained the electronic Protected Health Information (ePHI) of 200 persons, including patient name, admission date, date of first dialysis, days and times of treatments, date of birth, and Social Security number
  2. Bio-Medical Applications of Alabama, Inc. d/b/a Fresenius Medical Care Magnolia Grove: On April 3, 2012, an unencrypted USB drive was stolen from a worker's car while parked in the organization's parking lot. The USB device contained the ePHI of 245 persons, including patient name, address, date of birth, telephone number, insurance company, insurance account number (a potential social security number derivative for some patients) and the covered entity location where each patient was seen.
  3. Renal Dimensions, LLC d/b/a Fresenius Medical Care Ak-Chin: On June 18, 2012, an anonymous phone tip reported that a hard drive was missing from a desktop computer, which had been taken out of service. The hard drive contained the ePHI of 35 persons, including name, date of birth, Social Security number and Zip code. While the worker notified a manager about the missing hard drive, the manager failed t notify the FMCNA Corporate Risk Management Department.
  4. Fresenius Vascular Care Augusta, LLC: On June 16, 2012, a worker's unencrypted laptop was stolen from her car while parked overnight at home. The laptop bag also include a list of her passwords. The laptop contained the ePHI of 10 persons, including patient name, insurance account number (which could be a social security number derivative) and other insurance information.
  5. WSKC Dialysis Services, Inc. d/b/a Fresenius Medical Care Blue Island Dialysis: On or about June 17 - 18, 2012, three desktop computers and one encrypted laptop were stolen from the office. One of the desktop computers contained the ePHI of 31 persons, including patient name, dates of birth, address, telephone number, and either full or partial Social Security numbers.

Besides the hefty payment, terms of the settlement agreement (Adobe PDF) require FMCNA to implement and complete a Corrective Action Plan:

  • Conduct a risk analysis,
  • Develop and implement a risk management plan,
  • Implement a process for evaluating workplace operational changes,
  • Develop an Encryption Report,
  • Review and revise internal policies and procedures to control devices and storage media,
  • Review and revise policies to control access to facilities,
  • Develop a privacy and security awareness training program for workers, and
  • Submit progress reports at regular intervals to HHS.

The Encryption report identifies and describes the devices and equipment (e.g., desktops, laptops, tables smartphones, etc.) that may be used to access, store, and transmit patients' ePHI information; records the number of devices including which utilize encrypted information; and provides a detailed plan for implementing encryption on devices and media which should contain encrypted information and currently don't.

Some readers may wonder why a large fine for relatively small data breaches, since news reports often cite data breaches affecting thousands or millions of persons. HHS explained that the investigation by its Office For Civil Rights (OCR) unit:

"... revealed FMCNA covered entities failed to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of its ePHI. The FMCNA covered entities impermissibly disclosed the ePHI of patients by providing unauthorized access for a purpose not permitted by the Privacy Rule... Five breaches add up to millions in settlement costs for entity that failed to heed HIPAA’s risk analysis and risk management rules.."

OCR Director Roger Severino added:

"The number of breaches, involving a variety of locations and vulnerabilities, highlights why there is no substitute for an enterprise-wide risk analysis for a covered entity... Covered entities must take a thorough look at their internal policies and procedures to ensure they are protecting their patients’ health information in accordance with the law."


U.S. Senate Moves Closer To Vote On Net Neutrality

Yesterday, The Hill reported:

"A Senate bill that would reverse the Federal Communications Commission’s (FCC) decision to repeal net neutrality received its 30th co-sponsor on Monday, ensuring it will receive a vote on the Senate floor. Senator Claire McCaskill (D-Mo.) announced her support for the bill on Twitter, putting it over the top of a procedural requirement to bypass committee approval.

The bill, which is being pushed by Senator Ed Markey (D-Mass.), would use Congress’s authority under the Congressional Review Act (CRA) to reverse the FCC’s rollback of its popular net neutrality rules... Under the CRA, if a joint resolution of disapproval bill has enough support it can bypass committee review and be fast-tracked to a floor vote... Lawmakers have 60 legislative days after the FCC submits its regulations to Congress to pass the CRA. The repeal order is currently awaiting approval from the Office of Management and Budget.

With Republicans in control of both the House and Senate, the bill faces long odds to win the simple majorities it needs to reach the president’s desk."


In The News: Net Neutrality And I've Been Mugged Blog

WERS interview, net neutralityOn Sunday, December 17, 2017, WERS Radio (88.9 FM), a college radio station in Boston, broadcast on Sunday an interview about net neutrality. The persons interviewed included myself and Nina Vyedin, of Indivisible Somerville.

You can listen to the interview on SoundCloud. The interviewer, Jonathon House, and I met during the December 7th demonstration in Boston to save net neutrality protections for consumers.

Related posts:


Hate Crime Training for Police Is Often Inadequate, Sometimes Nonexistent

[Editor's note: today's guest blog post, by the reporters at ProPublica, is first in a series which explores the approaches by law enforcement to hate crimes in the United States. Today's post is reprinted with permission.]

By A.C. Thompson, Rohan Naik and Ken Schwencke. ProPublica

To become a police officer in the U.S., one almost always has to enroll in an academy for some basic training. The typical academy session lasts 25 weeks, but state governments — which oversee police academies for local and state law enforcement officers — have wide latitude when it comes to choosing the subjects that will be taught in the classrooms.

How to properly identify and investigate hate crimes does not seem terribly high on the list of priorities, according to a ProPublica review.

Only 12 states, for example, have statutes requiring that academies provide instruction on hate crimes.

In at least seven others — Alaska, Georgia, Idaho, Nevada, Missouri, South Dakota and Texas — recruits aren’t required to learn about hate crimes at all, according to law enforcement officials.

Even states that provide new recruits with at least some education on hate crimes often provide training that is cursory at best.

Officials overseeing police training in three states — Wisconsin, North Carolina and Washington — told ProPublica that their recruits spent about 30 minutes of class time on the subject.

Hate crimes in America have made no shortage of headlines over the last year as the country has once more confronted its raw and often violent racial, religious and political divisions. Just how few hate crimes get formally reported and analyzed has shocked many. Fewer still get successfully prosecuted, a fact that has provoked frustration among some elected officials and law enforcement agencies.

But the widespread lack of training for frontline officers in how to handle potential hate crimes, if no great surprise, might actually be the criminal justice system’s most basic failing. There is, after all, little way to either accurately tabulate or aggressively prosecute hate crimes if the officers in the street don’t know how to identify and investigate them.

Hate crimes are not, by and large, simple to deal with. Different states identify different categories of people to be protected under their laws. And the authorities must prove not only guilt, but intent. It isn’t enough to find fingerprints on a weapon. The authorities must explore a suspect’s state of mind, and then find ways of corroborating it.

“Hate crimes are so nuanced and the laws can be so complex. You’re trying to deal with the motivation of a crime,” said Liebe Geft, director of the Museum of Tolerance in Los Angeles, which has for years provided training to officers as expert consultants.

“Thirty minutes in the academy is not enough,” Geft said.

Though each state operates its police academies differently, most of them rely on a training council or commission to oversee the institutions, shape the curriculum and set minimum standards for graduation.

ProPublica spent weeks trying to answer the question of how, if at all, police departments prepare their officers to respond to possible hate crimes, which are known as bias crimes in some jurisdictions. We interviewed key officials in 45 states and the District of Columbia about the lessons being taught to new recruits during their police academy classes. We reviewed thousands of pages of training material — curricula, detailed lesson plans, legal guidance, PowerPoint presentations and videos. We studied the statutes and regulations governing police training around the nation and interviewed experts who have spent years educating officers and federal agents. Several states declined to discuss their instructional practices, or provide ProPublica with any training materials.

Among our findings:

A key federal training program was scuttled during the early days of the Obama administration as police leaders concerned about violence colored by race, religion and politics shifted their focus toward Islamic extremists and terrorism. That program, which was run by an arm of the Department of Homeland Security, sent experts around the country to teach local and state police officers how to respond to hate crimes.

State leaders at times displayed a lack of even basic knowledge about hate crimes. In Alaska, the state Department of Public Safety told ProPublica that officers in that state don’t learn about hate crimes during their time in the academy because Alaska doesn’t have a hate crimes law. In fact, Alaska’s hate crimes statute has been on the books since 1996.

Training materials used in Kansas explain the history behind the federal hate crimes law, but make no mention of Kansas Statute 21-6815 — the state’s hate crimes code — which is likely to be of more use to a local officer in Topeka or Wichita.

Some states that require hate crimes training often combine the instruction with what has long been called cultural sensitivity training. Such instruction typically involves material on the subtleties of dealing with specific ethnic or religious communities. Our review, however, showed some of those materials to be either hopelessly out of date or downright inflammatory.

Law enforcement leaders point to several factors to explain, if not justify, the lack of emphasis on training for hate crimes. While the offenses can be dramatic and highly disturbing — like the incident earlier this year in which a white supremacist impaled an African-American man with an 18-inch sword in New York’s Times Square — they represent a very small percentage of the nation’s overall crime. Working with often limited budgets, police officials have to make difficult decisions about what to prioritize during training, and hate crimes can lose out.

That said, the events of the last 18 months, driven in great part by the racially charged presidential campaign of 2016, seem to suggest an adjustment of priorities might be in order.

The number of Americans reporting hate crimes to the authorities has grown in recent years, with FBI figures showing an increase of nearly 5 percent in 2016 alone, a tally that included more than 2,000 physical attacks and beatings. More recent data shows double-digit hate crime spikes in several major cities.

Melissa Garlick, the Northeast Area Civil Rights Counsel at the Anti-Defamation League, would like to see every state pass legislation requiring hate crimes training. “We want law enforcement to have the tools they need to properly investigate hate crimes,” she said.

Hate crimes laws are not new. The earliest legislation was adopted by a pair of states in the Pacific Northwest — Oregon and Washington — in 1981 and, since then, 43 states and the District of Columbia have passed their own hate crimes bills. In 2009, President Barack Obama signed into law a federal hate crimes bill named after murder victims James Byrd and Matthew Shepard. The FBI, for its part, has asked local and state law enforcement agencies to track hate crimes since 1990.

Yet today, nearly four decades after the first hate crimes law was passed, police officers in much of the country get little or no training on how the laws work, or what to look for when responding to a potential hate crime.

At the police academy in Huntsville, Alabama, instructors dedicate two weeks to educating recruits about the state’s penal code. Capt. Dewayne McCarver, who heads the academy, said he isn’t sure precisely how much time his staff spends discussing the Alabama hate crime law during those 10 days of legal instruction. In an interview, McCarver questioned whether the school needed to devote more than an hour, at most, to the subject.

The law, which dates to 1993, is similar to others across the country and focuses on individuals whose crimes are motivated by their victim’s “race, color, religion, national origin, ethnicity, or physical or mental disability.” It acts as a “sentence enhancement,” adding time behind bars in cases ranging from property destruction to murder.

In class, McCarver said, instructors caution students to be “very careful” in classifying offenses as possible hate crimes when writing up incident reports. He worries that logging incidents as potential hate crimes can cause trouble for officers when they testify in court: an aggressive defense attorney might challenge the officer’s decision to label the offense as a hate crime, particularly if prosecutors don’t wind up charging it as such.

He told ProPublica that officers in Huntsville “rarely, if ever” designate offenses as hate crimes.

“It’s really a box that I personally wish they didn’t put on a case report,” he said.

In fact, according to FBI records, the Huntsville Police Department has never reported a bias-motivated crime to the federal government.

Brian Levin, a former New York City police officer, takes issue with McCarver’s approach.

“We should always train law enforcement to tag it as a possible hate crime at the time of report, as long the evidence is there,” said Levin, director of the Center for the Study of Hate and Extremism at California State University, San Bernardino. “We need accurate data, so communities can be aware of the extent of the problem and the characteristics of the offenses.”

Last year, the entire state of Alabama reported only 14 hate crimes to the FBI, a figure criminologists believe is inaccurate and represents a small sliver of the true number of hate crimes.

Once on the force, McCarver said, Huntsville officers get 40 hours of additional training each year. That added instruction, however, does not include hate crimes, he said.

“We have a limited amount of time,” McCarver said. “We have not had a reason to put hate crimes into the curriculum other than what we learn in the basic class.”

Huntsville isn’t unique: Across the border in Florida, two of that state’s largest law enforcement agencies, the Jacksonville Sheriff’s Office and the Miami-Dade Police Department, also do not refresh cops on hate crimes after their initial instruction.

Boe Turner is chief of training for Nevada’s Commission on Peace Officer Standards and Training, the body that oversees academies in that state. Turner thinks officers shouldn’t go looking into the motivation of suspected offenders. That’s the job of prosecutors, he said. Victims, he added, tend to have little insight into the motivations of their assailants.

Experts disagree. Victims, they say, are critical sources of information, particularly in hate crime cases. Because the cases are difficult to prove — prosecutors must show conclusively that the offender was motivated by bigotry or bias — it’s crucial for police to gather as much evidence as possible, they argue, and victims often understand the circumstances surrounding a crime better than anyone.

“Training for law enforcement officials on identifying and investigating hate crimes is critical,” said Becky Monroe, a former federal prosecutor who now works for the Lawyers’ Committee for Civil Rights Under Law. Decent training, she added, can prepare officers for a pair of intertwined tasks: gathering the right evidence and calming the fears of community members who may feel frightened and vulnerable in the aftermath of an attack.

To better equip officers for such investigations, some state academies have developed thorough and detailed lessons on hate crimes. Instructors at the Iowa Law Enforcement Academy, for instance, work from a 61-page handbook, which ProPublica obtained. The manual profiles local white supremacist leaders and extremist groups, examines recent criminal cases and offers practical guidance for investigators.

But not all training guides are so impressive. A six-page handout used in Arizona lists a host of white supremacist groups that have completely disbanded or faded from relevancy, but fails to mention the Hammerskins or Vinlanders, two Nazi skinhead gangs that have murdered people in the state in recent years.

In Wisconsin, trainers fold hate crimes training into broader courses about cultural sensitivity and biased policing. The material includes some dubious racial generalizations.

“African Americans may distrust the motives or honesty of a speaker who is carefully neutral, objective, and unemotional,” one section of the guide states. “By contrast, European Americans may see someone who is speaking with a great deal of emotion as irrational.”

The federal government, for its part, has mounted several different training initiatives over the years, some more successful than others. Since the 1990s, the FBI’s Criminal Justice Information Services branch has run training programs aimed at teaching law enforcement agencies how to collect hate crimes statistics and submit that data to the FBI; today, however, around 12 percent of those agencies still don’t gather the information at all and many more fail to give the bureau reliable data.

After the federal Shepard-Byrd Act passed in 2009, Cynthia Deitle, while serving as head of the FBI’s Civil Rights unit, began organizing hate crimes conferences for state and local officers, educational events that explained the mechanics of the various state laws and laid out the ways the FBI could assist with local hate crime cases. She remembers stressing to local officers the importance of gathering every possible clue, no matter how insignificant it might seem. Unfortunately, many of the events weren’t well attended, pulling in maybe 20 to 50 police officers apiece.

“We could not force a police officer to come to our training,” said Deitle, who is now an executive at the Matthew Shepard Foundation, an advocacy group, adding that she understood the challenges faced by smaller agencies — many simply couldn’t take officers off the street for extra schooling.

While Deitle was trying to launch a new training effort, another federal program was coming to end.

For more than a decade, the Federal Law Enforcement Training Centers ran a program called “Train-the-Trainer” that routinely sent hate crimes specialists around the country to work with state and local cops. The idea was to educate police trainers and command staff about hate crimes so they could return to their departments and teach new recruits and frontline officers.

“It was a great program,” recalled Levin, the director of the extremism center in California who was one of the instructors. “I did stuff on everything from the hate groups to legal issues such as Supreme Court cases.” Levin said he volunteered his time out of a sense of mission and worked alongside experts from the Southern Poverty Law Center and the ADL, as well as law enforcement figures.

But interest in the issue eventually waned. Several people familiar with the effort say it came to a halt in the early days of the Obama administration, in 2009, at a time when police departments were shifting their attention toward combating acts of terrorism.

“Departments really wanted to focus on terrorism rather than hate crimes,” said Levin.

At FLETC, Communications Officer Christa Thompson wasn’t sure why the program shut down, but she did know what kind of courses the agency — which teaches local, state, federal and tribal law enforcement — is holding these days: internet investigations, active shooter response, marksmanship and more.

She said, “We do not currently offer hate crimes training” on a regular basis.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.

 


Net Neutrality: Massachusetts Joins Multi-State Lawsuit Against FCC. What Next?

The Attorney General (AG) for the Commonwealth of Massachusetts is suing the U.S. Federal Communications Commission (FCC) after the FCC voted on December 14th to repeal existing net neutrality rules protecting consumers. Maura Healey, the Massachusetts AG, announced that her office has joined a multi-state lawsuit with the New York State AG:

"... joined New York Attorney General Eric T. Schneiderman in announcing that they will be filing a multi-state lawsuit against the Federal Communications Commission (FCC) over its vote to rollback net neutrality protections...The FCC recently issued a proposed final order rolling back net neutrality protections and on December 14th, voted 3-2 on party lines to implement the final order. On December 13th, AG Healey joined a coalition of 18 attorneys general in sending a letter to the FCC after reports emerged that nearly two million comments submitted in support of the agency were fake."

AG Healey said about the multi-state lawsuit:

"With the FCC vote, Americans will pay more for the internet and will have fewer options... The agency has completely failed to justify this decision and we will be suing to stand up for the free exchange of ideas and to keep the American people in control of internet access."

The December 13th letter to the FCC about fake comments was signed by AGs from California, District of Columbia, Delaware, Hawaii, Iowa, Illinois, Kentucky, Massachusetts, Maryland, Maine, Mississippi, North Carolina, Oregon, Pennsylvania, Rhode Island, Virginia, Vermont, and Washington. The AGs' letter stated, in part:

"One of the most important roles that we perform is to prosecute fraud. It is a role we take extremely seriously, and one that is essential to a fair marketplace... The ‘Restore Internet Freedom’ proposal, also known as net neutrality rollback (WC Docket No. 17- 108) has far-reaching implications for the everyday life of Americans... Recent attempts by New York Attorney General Schneiderman to investigate supposed comments received by the FCC have revealed a pattern of facts that should raise alarm bells for every American about the integrity of the democratic process. A careful review of the publicly available information revealed a pattern of fake submissions using the names of real people. In fact, there may be over one million fake submissions from across the country. This is akin to identity theft on a massive scale – and theft of someone’s voice in a democracy is particularly concerning.

As state Attorneys General, many of our offices have received complaints from consumers indicating their distress over their names being used in such a manner. While we will investigate these consumer complaints through our normal processes, we urge the Commission to take immediate action and to cooperate with law enforcement investigations. Woven throughout the Administrative Procedures Act is a duty for rulemakers to provide information to the public and to listen to the public. We know from advising our rulemakers at the state level that listening to the public provides insights from a diversity of viewpoints. But, if the well of public comment has been poisoned by falsified submissions, the Commission may be unable to rely on public comments that would help it reach a legitimate conclusion to the rulemaking process. Or, it must give less weight to the public comments submitted which also undermines the process..."

The FCC ignored the AGs' joint letter about fraud and proceeded with its net-neutrality vote on December 14. FCC Chairman Ajit Pai had blown off the identity theft and fraud charges as maneuvers by desperate net neutrality advocates.

California AG Xavier Becerra said:

"... the FCC failed to do what is right... The FCC decided that consumers do not deserve free, open, and equal access to the internet. It decided to ignore the millions of Americans who voiced their strong support for our existing net neutrality rules. Here in California – a state that is home to countless start-ups and technology giants alike – we know that a handful of powerful companies should not dictate the sources for the information we seek..."

Residents in some states can use special sites to notify their state's AG about the misuse of their identity data in fake comments submitted to the FCC: Pennsylvania, New York.

The FCC under Chairman Pai seems to listen and respond to the needs of corporate internet service providers (ISPs), and not to consumers. A November 21 - 25 poll found that 52 percent of registered voters support the current rules, including 55 percent of Democrats and 53 percent of Republicans.

While that is down from prior polls, a majority support net neutrality rules. A poll by Mozilla and Ipsos in June, 2017 found overwhelming support across party lines: 76% of Americans, 81% of Democrats, and 73% of Republicans favor keeping net neutrality rules. The poll included approximately 1,000 American adults across the U.S. with 354 Democrats, 344 Republicans, and 224 Independents.

Before the FCC affirmed net neutrality rules in 2015, a poll by the Center for Political Communication at the University of Delaware in 2014 found strong and widespread support:

"... About 81 percent of Americans oppose allowing Internet providers like Comcast and Verizon to charge Web sites and services more if they want to reach customers more quickly... Republicans were slightly more likely to support net neutrality than Democrats. 81 percent of Democrats and 85 percent of Republicans in the survey said they opposed fast lanes."

Experts have debated the various ways of moving forward after the December 14th FCC vote. Wired reported:

"Most immediately, the activity will move to the courts... The most likely argument: that the commission’s decision violates federal laws barring agencies from crafting “arbitrary and capricious” regulations. After all, the FCC’s net neutrality rules were just passed in 2015... as capricious as the current FCC's about-face may seem, legal experts say the challenges won’t be a slam-dunk case. Federal agencies are allowed to change their minds about previous regulations, so long as they adequately explain their reasoning... The FCC's main argument for revoking the 2015 rules is that the regulations hurt investment in broadband infrastructure. But, as WIRED recently detailed, many broadband providers actually increased their investments, while those that cut back on spending told shareholders that the net neutrality rules didn't affect their plans. University of Pennsylvania Law School professor Christopher Yoo says courts generally defer to an agency's expertise in interpreting evidence submitted into the record... net neutrality advocates could also argue that the agency's decision-making process was corrupted by the flood of fake comments left by bots. But FCC Chair AJit Pai will argue that the agency discarded low-quality and repeated comments and focused only on matters of substance... A long-term solution to net neutrality will require Congress to pass laws that won't change every time control of the White House passes to another party... Senator John Thune (R-South Dakota) recently called for Congress to pass bipartisan net neutrality legislation. In 2015, Thune and Representative Fred Upton (R-Michigan) introduced a bill that would have banned blocking or slowing legal content, but limited the FCC's authority over internet service providers. It never moved forward. Thune is clearly hoping that growing demand from the public for net neutrality protections will bring more Republicans to the table... Senator Ron Wyden (D-Oregon) told WIRED earlier this year that he won't support a bill with weaker protections than the 2015 rules..."

President Trump appointed Pai as FCC Chairman in January, giving the Republican commissioners at the FCC a voting majority. Neither the President nor the White House staff said anything in its daily e-mail blast or in their website about the FCC vote; and instead discussed tax reform, general remarks about reducing regulation, and infrastructure (e.g., roads, bridges, tunnels).

Seems to me the internet is a key component of our country's infrastructure. What are your opinions? If your state isn't in the above list, we'd like to hear from you, too.


More Year-End Considerations Given The Coming Likely Republican Tax Plan

A prior post discussed the questionable benefits and year-end considerations for middle-class taxpayers of the likely Republican tax reform plan making its way through Congress. The likely tax plan includes lower tax rates paired with many deductions eliminated.

The professional who prepares my taxes provided another warning:

"Dear clients:
It looks like almost a sure thing that, if you itemize deductions, beginning in 2018, you will no longer be able to take a deduction for the Excise Tax on your car or the income taxes that you pay to Massachusetts and other states. You will PROBABLY still be able to deduct your real estate property taxes up to $10,000 a year. If you currently pay the Alternative Minimum Tax (line 45 of your Form 1040), check with me before you follow these recommendations.

All others who itemize, I recommend that you consider the following actions this month (December):

  1. If your total property taxes (including those for a second home) are more than $10,000, pay your city or town as much as you possibly can in December.
  2. Be sure to pay... maybe even over-pay... as much of your State Income Tax as possible by December 31st. If you make estimated payments, your 4th quarter Massachusetts payment is due by January 15th. YOU SHOULD DEFINITELY PAY IT IN DECEMBER INSTEAD.
  3. Even if you don't usually make Estimate Payments to Massachusetts, you should consider making one in December... For example, if you made a payment of $1,000, you might save $150 or $250 or more on your 2017 federal tax return. You will save NOTHING on any state income taxes that you pay in 2018.

I will reach out again if and when the tax bill is finalized and signed into law if there are any other changes that might affect your plans in December."

Obviously, you should consult the professional that prepares your income taxes, since your situation and state may dictate different actions. And, I am not an income tax professional. New legislation always has consequences, and it seems wise to be aware. hence, this informational blog post.

Some additional thoughts. Capping the real estate property tax deduction at $10,000 might help pay for the increased deficits the Republican tax plan would generate, but it will also hurt persons living in high-cost areas (e.g., cities, states with high state taxes, areas with high real estate prices). Plus, the tax cuts are temporary for individuals but permanent for corporations. Slick, eh? Is it fair? Seems not.

My college friends and I are discussing via e-mail the considerations listed above and in my prior blog post. The proposed elimination of deductions for state and local taxes (SALT) is a hot topic. You can find online articles discussing the advantages and disadvantages of eliminating SALT deductions. Regardless, more to discuss with your accountant and/or income tax professional.


Photos: December 7 Demonstration In Boston To Keep Net Neutrality

Demonstrations occurred nationwide on December 7 to save net neutrality. Citizens took to the streets to keep our internet services open. About 200 persons attended the demonstration in Boston on Boylston Street. It was encouraging to meet several students from local universities participating in the event. They understand the issue and its seriousness. Several A.C.L.U. members also participated:

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4910

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4897

Boylston Street, Boston. December 7, 2017. Keep net neutrality. Image 4904

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4900

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4905

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4908

Boylston Street, Boston. December 7, 2017. Keep net neutrality demonstration. Image 4906

Browse photos from other demonstrations nationwide on December 7. Contact your elected officials in Congress, and learn about the next day of action on December 12, 2017. More resources:


Lower Tax Rate And Fewer Deductions. Questionable Help For Middle Class Taxpayers

Yesterday, I received an alert from the professional that prepares my income taxes:

"Dear Clients,
I know that Congress has not yet finalized the new tax law, but it looks pretty certain that Certain Miscellaneous Deductions will no longer be allowed in 2018. If you want to know if that affects you, see if there is an entry on your Schedule A, Line 27 from 2016. If you take the standard deduction, then don’t worry about it. These deductions include expenses for using your car on the job, un-reimbursed overnight travel and meals, union dues, uniforms, tools, and job training/education.

Some of my clients have huge union dues (police officers, carpenters, electricians, etc.) and others have Second Job Travel or 10-30,000 miles a year in their sales jobs. Every one of you will be hurt by this change.

If there are any expenses you can pay in December, be sure to do that so you can save 15 - 25% on your federal taxes... maybe even more. For example, do you have the option of paying your annual union dues all at once in December? Were you planning to buy a computer used for your job sometime soon? Is there a job-related course... or some tools and supplies... that you can pay for in December rather than next year? Remember... every $100 that you pay in December will save you $15 to $33 in taxes when we meet in a couple months...”

If you haven't consulted with your tax advisor, then now seems to be a good time to do so. I am not an income tax professional, and this blog post is informational.

Many people return to school to get better, high-paying jobs, or as required by their profession. The tax code allows companies to deduct expenses for business and trade associations, so why prevent union members from doing so? It seems that taxpayers with plenty of miscellaneous deductions will be hurt more than persons with fewer or no deductions.

And Republicans are probably hoping that voters won't notice nor feel the pain until after the 2018 elections. President Trump and the Republications promised to help the middle class and poor with tax reform, but the above impacts don't seem helpful. The benefits of lower tax rates are offset by the lost deductions. To use an old saying, that seems like Congress and Republicans are giving taxpayers, "the sleeves off their vests."

You might say this is a "mugging" of many taxpayers. What are your opinions?


What We Know -- And Don't Know -- About Hate Crimes in America

[Editor's Note: today's guest blog post explores the problem of hate crimes. Recent surveys about harassment found that what happens online often doesn't stay online. Hopefully, future reports by ProPublica will explore the linkages. Today's blog post is reprinted with permission.]

By Rachel Glickhouse, ProPublica

"Go home. We need Americans here!" white supremacist Jeremy Joseph Christian yelled at two black women -- one wearing a hijab -- on a train in Portland, Oregon, in May. According to news reports, when several commuters tried to intervene, he went on a rampage, stabbing three people. Two of them died.

If the fatal stabbing was the worst racist attack in Portland this year, it was by no means the only one. In March, Buzzfeed reported on hate incidents in Oregon and the state's long history as a haven for white supremacists. Some of the incidents they found were gathered by Documenting Hate, a collaborative journalism project we launched earlier this year.

Documenting Hate is an attempt to overcome the inadequate data collection on hate crimes and bias incidents in America. We've been compiling incident reports from civil-rights groups, as well as news reports, social media and law enforcement records. We've also asked people to tell us their personal stories of witnessing or being the victim of hate.

It's been about six months since the project launched. Since then, we've been joined by more than 100 newsrooms around the country. Together, we're verifying the incidents that have been reported to us -- and telling people's stories.

We've received thousands of reports, with more coming every day. They come from cities big and small, and from states blue and red. People have reported hate incidents from every part of their communities: in schools, on the road, at private businesses, in the workplace. ProPublica and our partners have produced more than 50 stories using the tips from the database, from New York to Seattle, Minneapolis to Phoenix. Some examples:

Univision, HuffPost, and The New York Times opinion section identified a common thread in the reports we've received in which people of color are harassed "Go back to your country." This type of harassment affects both immigrants and U.S. citizens alike, reporters found.

Several stories published by our partners focused on racial harassment on public transportation, using tips to illustrate something officials were also seeing. The New York City Commission on Human Rights observed a 480 percent increase in claims of discriminatory harassment between 2015 and 2016, according to The New York Times Opinion section. The Massachusetts Bay Transportation Authority recorded 24 cases of offensive graffiti through April, compared to 35 in all of last year, the Boston Globe found. Univision covered multiple incidents involving Latinos targeted in incidents on the New York City subway.

Combing through our database, Buzzfeed discovered there were dozens of reported incidents in K-12 schools in which students cited President Donald Trump's name or slogans to harass minority classmates. This echoed a pattern Univision had reported on: In November, the Teaching Tolerance project at the Southern Poverty Law Center received more than 10,000 responses to an educator survey indicating an uptick in anti-Semitic, anti-Muslim and anti-immigrant activity in schools.

Our local partners reported on how hate incidents affect communities across the country: anti-Semitic graffiti in Phoenix, Islamophobia in Minneapolis, racist vandalism and homophobic threats in Seattle, white supremacist activity at a California university, racist harassment and vandalism in Boston, racism in the workplace in New Orleans, and hate incidents throughout Florida.

There are a few questions for which answers continue to elude us: How many hate crimes happen each year, and why is the record keeping so inadequate?

The FBI, which is required to track hate crimes, counts between 5,000 and 6,000 of them annually. But the Bureau of Justice Statistics estimates the total is closer to 250,000. One explanation for the gap is that many victims -- more than half, according to a recent estimate -- don't report what happened to them to police.

Even if they do, law enforcement agencies aren't all required to report to the FBI, meaning their reports might never make it into the national tally. The federal government is hardly a model of best practices; many federal agencies don't report their data, either -- even though they're legally required to do so.

We'll spend the next six months continuing to tackle these questions and more. And we and our partners will keep working our way through the tips in our database, telling people's stories and doing our best to understand what's happening.

There are ways that you can help us move the project forward:

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


$5.5 Million Settlement Agreement Between Nationwide Insurance And 32 States

Nationwide Mutual Insurance Company logo Last week, 32 states inked a settlement agreement with Nationwide Mutual Insurance for the insurance company's data breach in 2012. The Attorney General's Office for the Commonwealth of Massachusetts participated in the agreement, and explained in an announcement: that the data breach reach in 2012 was:

"... allegedly caused by Nationwide’s failure to apply a critical software security patch. The breach resulted in the loss of personal information belonging to 1.27 million consumers, with nearly 950 in Massachusetts, including their social security numbers, driver’s license numbers, credit scoring information, and other personal data. The lost personal information was collected by Nationwide in order to provide insurance quotes to consumers applying for insurance. AG Healey’s Office is not aware of any fraud or identity theft involving Massachusetts residents related to this data breach."

Other states participating in the settlement agreement include the Attorneys General of Alaska, Arizona, Arkansas, Connecticut, Florida, Hawaii, Illinois, Indiana, Iowa, Kentucky, Louisiana, Maine, Maryland, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, New York, North Carolina, North Dakota, Oregon, Pennsylvania, Rhode Island, South Dakota, Tennessee, Texas, Vermont, Washington, and the District of Columbia. Terms of the settlement agreement require Nationwide to:

"... both generally update its security practices and to ensure that it keeps software up-to-date, including timely applying patches and other updates to its software. Nationwide must also hire a technology officer responsible for monitoring and managing software and application security updates, including supervising employees responsible for evaluating and coordinating the maintenance, management, and application of all security patches and software and application security updates.

Many of the consumers whose data was lost as a result of the data breach were consumers who never became Nationwide’s insureds, but whose information was retained by the company in order to provide the consumers re-quotes at a later date. The settlement requires Nationwide to be more transparent about its data collection practices by requiring it to disclose to consumers that it retains their personal information even if they do not become its customers."

950 Massachusetts residents were affected. Massachusetts' share of the payment is $100,000. Massachusetts Attorney General (AG) Maura Healey said in a statement:

"People shopping for financial products should be assured that companies collecting their personal information will protect it no matter what... Nationwide knew their software was vulnerable to hacking but did not promptly address it, leaving sensitive data vulnerable to identity thieves. This settlement holds the company accountable for subjecting our residents to this avoidable risk."

2,810 New York residents were affected. New York State's share of the payment is $107,736. New York State AG Eric T. Schneiderman said:

"Nationwide demonstrated true carelessness while collecting and retaining information from prospective customers, needlessly exposing their personal data in the process... This settlement should serve as a reminder that companies have a responsibility to protect consumers’ personal information regardless of whether or not those consumers become customers..."

774 Connecticut residents were affected. Connecticut's share of the payment is $256,559. Connecticut AG George Jepsen said:

"Connecticut law requires that anyone in possession of another person's personal information safeguard that data... It is critically important that companies take seriously the maintenance of their computer software systems and their data security protocols..."


Homeowners Receive $6.3 Million In Refunds Due To Improper Charges By Insurance Company

Assurant logo Last week, the Attorney General's office for the Commonwealth of Massachusetts announced the results of a post-settlement agreement audit with American Security Insurance Company, a subsidiary of Assurant, Inc., where homeowners in the state will receive $6.3 million in refunds for improper "forced-place insurance" charges. The announcement explained:

"Force-placed insurance is a type of property insurance that mortgage servicers can purchase on behalf of borrowers if they fail to maintain adequate homeowners insurance coverage on mortgaged properties. Mortgage servicers often hire insurance companies like Assurant to monitor whether borrowers are maintaining adequate homeowners insurance coverage and to issue force-placed insurance policies when appropriate homeowners coverage is not in place.

Premiums for force-placed policies are high—often two or three times as expensive as regular homeowners insurance—and the coverage provided is quite limited. Some mortgage servicers accept commission payments from force-placed insurers, which contribute to the high cost of force-placed insurance and create conflicts of interest for mortgage servicers."

The settlement agreement was first announced in November, 2015. The latest announcement described the results of the audit:

"Although force-placed insurance is only intended for circumstances in which the borrower has failed to adequately insure the mortgaged property, the Attorney General’s audit of Assurant found thousands of cases of duplicative insurance coverage for Massachusetts homeowners. Borrowers eligible for settlement money were previously required by their mortgage servicer to purchase force-placed insurance from Assurant, or were overcharged for force-placed insurance because they were mistakenly sold commercial policies rather than less expensive residential policies..."

4,500 homeowners were improperly charged. The average refund per homeowner is about $1,400. Refund checks were mailed last week to affected homeowners.


Google And Massachusetts Transportation Department Provide GPS Signals In Tunnels

Smartphone users love their phones. That includes Global Positioning System (GPS) navigation services for driving directions. However, those driving directions don't work in tunnels where phones can't get GPS signals. That is changing.

Google and the Massachusetts Department of Transportation (MassDOT) have entered a partnership to provide GPS navigation services for drivers inside tunnels. If you've familiar with Boston, then you know that portions of both Interstate 93 and the Massachusetts Turnpike include tunnels. The ABC affiliate in Boston, WCVB reported last month that the partnership, part of the Connected Citizens Program, will:

"... install beacons inside Boston's tunnels to help GPS connection stay strong underground. Around 850 beacons are being installed, free of charge, as a part of an ongoing partnership between the state and the traffic app... Installation is scheduled to be complete by the end of July... The beacons are not limited to improving their own app's signal. As long as you are using Bluetooth, they are able to help improve any traffic app's connection."

For those unfamiliar with the technology, beacons are low-powered transmitters which, in this particular application, are installed in the tunnels' walls and provide geographic location information usable by drivers' (or passengers') smartphones passing by (assuming the phones' Bluetooth features are enabled).

Bluetooth beacons are used in a variety of applications and locations. The Privacy SOS blog explained:

"... They’re useful in places where precise location information is necessary but difficult to acquire via satellite. For that reason, they’ve been field tested in museums such as New York’s Metropolitan Museum of Art and airports like London Gatwick. At Gatwick, beacons deliver turn-by-turn directions to users’ phones to help them navigate the airport terminals..."

Within large airports such as Gatwick, the technology can present more precise geolocation data of nearby dining and shopping venues to travelers. According to Bluetooth SIG, Inc., the community of 30,000 companies that use the technology:

"The proliferation and near universal availability of Bluetooth® technology is opening up new markets at all ends of the spectrum. Beacons or iBeacons—small objects transmitting location information to smartphones and powered by Bluetooth with low energy—make the promise of a mobile wallet, mobile couponing, and location-based services possible... The retail space is the first to envision a future for beacons using for everything from in-store analytics to proximity marketing, indoor navigation and contactless payments. Think about a customer who is looking at a new TV and he/she gets a text with a 25 percent off coupon for that same TV and then pays automatically using an online account..."

iBeacons are the version for Apple branded mobile devices. All 12 major automobile makers offer hands-free phone calling systems using the technology. And, social network giant Facebook has developed its own proprietary Bluetooth module for an undisclosed upcoming consumer electronics device.

So, the technology provides new marketing and revenue opportunities to advertisers. TechCrunch explained:

"The Beacons program isn’t looking to get help from individual-driver Wazers in this case, but is looking for cities and tunnel owners who might be fans of the service to step up and apply to its program. The program is powered by Eddystone, a Bluetooth Low Energy beacon profile created by Google that works with cheap, battery-powered BLE Waze Beacon hardware to be installed in participating tunnels. These beacons would be configured to transmit signals to Bluetooth-enabled smartphones... There is a cost to participate — each beacon is $28.50, Waze notes, and a typical installation requires around 42 beacons per mile of tunnel. But for municipalities and tunnel operators, this would actually be a service they can provide drivers, which might actually eliminate frustration and traffic..."

There are several key takeaways here:

  1. GPS navigation services can perform better in previously unavailable areas,
  2. Companies can collect (and share) more precise geolocation data about consumers and our movements,
  3. Consumers' GPS data can now be collected in previously unattainable locations,
  4. What matters aren't the transmissions by beacons, but rather the GPS and related data collected by your phone and the apps you use, which are transmitted back to the apps' developers, and then shared by developers with their business partners (e.g., mobile service providers, smartphone operating system developers, advertisers, and affiliates
  5. You don't have to be a Google user for Google to collect GPS data about you, and
  6. Consumers can expect a coming proliferation of Bluetooth modules in a variety of locations, retail stores, and devices.

So, now you know more about how Google and other companies collect GPS data about you. After analyzing the geolocation data collected, they know not only when and where you go, but also your patterns in the physical world: where you go on certain days and times, how long you stay, where and what you've done before (and after), who you associate with, and more.

Don't like the more precise tracking? Then, don't use the Waze app or Google Maps, delete the blabbermouth apps, or turn off the Bluetooth feature on your phone.

A noted economist once said, "There is no free lunch." And that applies to GPS navigation in tunnels. The price for "free," convenient navigation services means mobile users allow companies to collect and analyze mountains of data about their movements in the physical world.

What are your opinions of GPS navigation services in tunnels? If the city or town where you live has tunnels, have beacons been installed?


Senator Warren Calls For the Firing Of All Wells Fargo Board Members

Wells Fargo logo In a letter sent Monday to the Federal Reserve Chair Janet Yellen, U.S. Senator Elizabeth Warren (D-Massachusetts) has called for the firing of all 12 board members at Wells Fargo bank for failing to adequately protect accountholders. CNBC reported first the Senator's letter, which read in part:

"The fake accounts scandal cost Wells Fargo customers millions of dollars in unauthorized fees and damaged many of their credit scores," the senator wrote. "The scandal also revealed severe problems with the bank's risk management practices — problems that justify the Federal Reserve's removal of all responsible Board members."

After implementing sales targets and an incentive program, many of the bank's employees secretly opened new accounts and transferred money from other accounts to fund the new accounts -- all without the customers' knowledge nor consent. In some cases, employees applied for credit cards, created PIN numbers, and operated fake e-mail accounts in customers' names.

The Consumer Financial Protection Bureau (CFPB) announced in September, 2016 the consent order with the bank. As a result of the fake-account scandal, the bank paid about $185 million in fines and fired 5,300 lower-level employees for setting up 2 million bogus accounts. Few or no senior executives have been punished.

Many Republicans and President Trump seek to defund and shut down the CFPB.

During October, 2016 Timothy J. Sloan was elected chief executive officer at Wells Fargo bank after the former CEO, John Stumpf, retired. Sloan also joined the board of directors as a member.

CNN Money reported:

"... Wells Fargo suffered from inadequate risk management systems that should have flagged the illegal activity earlier. Shareholder advisory firm Institutional Shareholder Services (ISS) agrees. ISS argued the Wells Fargo board made the scandal worse by failing to provide oversight that could have limited the damage..."

In her letter, Senator Warren urged the Federal Reserve to act:

"I urge you to use the tools Congress has given you to remove the responsible board members and protect the continued safety and soundness of one of the country's largest banks..."

Reportedly, the Senator's letter mentioned the following Wells Fargo board members: John D. Baker II, John S. Chen, Lloyd H. Dean, Elizabeth A. Duke, Enrique Hernandez, Donald M. James, Cynthia H. Milligan, Federico F. Pena, James H. Quigley, Stephen W. Sanger, Susan G. Swenson, and Suzanne M. Vautrinot.

Some banking experts see the demand as unprecedented and unlikely. All of the bank's board members were re-elected during the annual shareholder meeting in April , 2017. Also during April, the bank announced an expansion of its class-action settlement agreements for its retail sales practices. The expansion covered account holders affected as early as May, 2002 by the bogus new account scandal, and added $32 million to the settlement amount total.


Dozens Of Uber Employees Fired Or Investigated For Harassment. Uber And Lyft Drivers Unaware of Safety Recalls

Uber logo Ride-sharing companies are in the news again and probably not for the reasons their management executives would prefer. First, TechCrunch reported on Thursday:

"... at a staff meeting in San Francisco, Uber executives revealed to the company’s 12,000 employees that 20 of their colleagues had been fired and that 57 are still being probed over harassment, discrimination and inappropriate behavior, following a string of accusations that Uber had created a toxic workplace and allowed complaints to go unaddressed for years. Those complaints had pushed Uber into crisis mode earlier this year. But the calamity may be just beginning... Uber fired senior executive Eric Alexander after it was leaked to Recode that Alexander had obtained the medical records of an Uber passenger in India who was raped in 2014 by her driver."

"Recode also reported that Alexander had shared the woman’s file with Kalanick and his senior vice president, Emil Michael, and that the three men suspected the woman of working with Uber’s regional competitor in India, Ola, to hamper its chances of success there. Uber eventually settled a lawsuit brought by the woman against the company..."

News broke in March, 2017 about both the Recode article and the Grayball activity at Uber to thwart local government code inspections. In February, a former Uber employee shared a disturbing story with allegations of sexual harassment.

Lyft logo Second, the investigative team at WBZ-TV, the local CBS afiliate in Boston, reported that many Uber and Lyft drivers are unaware of safety recalls affecting their vehicles. This could make rides in these cars unsafe for passengers:

"Using an app from Carfax, we quickly checked the license plates of 167 Uber and Lyft cars picking up passengers at Logan Airport over a two day period. Twenty-seven of those had open safety recalls or about 16%. Recalls are issued when a manufacturer identifies a mechanical problem that needs to be fixed for safety reasons. A recent example is the millions of cars that were recalled when it was determined the airbags made by Takata could release shrapnel when deployed in a crash."

Both ride-sharing companies treat drivers as independent contractors. WBZ-TV reported:

"Uber told the [WBZ-TV investigative] Team that drivers are contractors and not employees of the company. A spokesperson said they provide resources to drivers and encourage them to check for recalls and to perform routine maintenance. Drivers are also reminded quarterly to check with NHTSA for recall information."

According to the president of the Massachusetts Bar Association Jeffrey Catalano, the responsibility to make sure the car is safe for passengers lies mainly with the driver. But because Uber and Lyft both advertise their commitment to safety on their websites, they too could be held responsible."


Verizon To Exit Its Copper Wire Telephone Business In Several States In 2018

Verizon logo If your home uses a copper wire telephone service, often called a "landline" or POTS (e.g., Plain Old Telephone Service), you may soon have to make a change. In Boston, Verizon will abandon its landline business in June 2018.

On Saturday, my wife received a letter via postal mail from Verizon. We live in Boston. The "Notice of Copper Retirement" stated:

"Currently, Verizon brings voice and/or data services to your home over copper cables. However, the company is updating to fiber-optic technology in your area, and will be retiring its copper facilities that currently serve you and your neighbors.

To continue to provide you service, Verizon will have to move your service to these fiber-optic facilities. If fiber is available to your home now, we will be contacting you individually soon to schedule an appointment to transition your services to fiber. Otherwise, we will be contacting you once fiber is available. In either case, we will need to move your service well before we retire the copper in your area which is scheduled for on or after June 1, 2018

We will transfer your voice services from copper to fiber at no cost to you. This transfer will not result in any change to the voice service that you currently receive from Verizon. You may continue to subscribe to the same voice service at the same price, terms, and conditions. In addition, any devices that rely upon your voice service, such as fax machines, medical devices, or security alarms connected to a central station, will continue to work in the same way as they currently do over copper. We will also provide you with a battery backup device at no charge. For almost all residential customers, that device uses standard D-cell batteries that can support up to 24 hours of standby voice service during a commercial power outage. In case of a prolonged power outage, you can simply replace the batteries and extend the backup power.

If you subscribe to our High Speed Internet service, the migration to fiber will require a change since that service is not available on our fiber facilities. The Internet access service that we offer on fiber is FiOS Internet. FiOS Internet is available at significantly faster speeds than High Speed Internet. We will offer the service at a special rate for customers who migrate from copper to fiber facilities as a result of the retirement of our copper facilities. In some cases, this price may be lower or higher than what you currently pay for internet access.

Please review the Frequently Asked Questions for additional information about the fiber update or visit us at verizon.com/fiberupgrade. If you still have questions, please call us Monday through Friday, 8 a.m. - 8 p.m., or Saturday 9 a.m. - 5 p.n. at 1-877-439-7442.

You may also contact the Federal Communications Commission or your State Commission if you have any questions. Thank you for continuing to be a loyal customer. We greatly appreciate your business.

Sincerely

Janet Gazlay Martin
Director, Network Transformation

I visited the website mentioned in the notice. That site pitches the FiOS Internet service, and doesn't explain the company's copper landline retirement activities. You have to do a little digging online to find the locations where Verizon announced its retirement of copper-wire telephone services. The locations include several states in the Northeast and Middle Atlantic regions. Earlier this month, Verizon announced the retirement of copper landlines next year in the following states, cities, and towns:

  • Delaware: Newark, Ocean View
  • Maryland: Bethesda, Columbia, Glen Burnie, Rockville, Towson
  • Massachusetts: Danvers, Dorchester, Framingham, Hanover, Lawrence, Leominster, Marblehead, Newton, North Chelmsford, Roxbury, Stoughton, West Roxbury
  • New Jersey: Bergen, Berlin, Cape May, Cranford, East Dover, East Orange, Ewing, Freehold, Hackensack, Haddonfield, Journal Square, Marlton, Medford, Merchantville, Morristown, New Brunswick, Red Bank, Somerville, Toms River, Union City, Wall Township, Woodbury
  • New York: Cayuga Williamsville, Cornwall, Mineola, Mount Vernon, Plainview Central, Skaneateles, White Plains, and multiple areas within all of the five boroughs of New York City
  • Pennsylvania: Allentown, Dormont, Glenolden, Jefferson, Jenkintown, Mayfair, Mechanicsburg, portions of Philadelphia, Pilgrim, Turtle Creek, Wilkinsburg
  • Rhode Island: portions of Providence
  • Virginia: Arlington, Falls Church, Reston, Springfield, Virginia Beach, and portions of Richmond

The telecommunications company made similar announcements during February, 2017 about other areas within the same states. Verizon is not alone. Telephone companies have planned for years to abandon their their copper landline services. In August 2015, the Institute of Electrical and Electronics Engineers (IEEE) reported that the U.S. Federal Communications Commission (FCC):

"... set new ground rules for carriers seeking to replace their old copper telephone networks. Approved by a 3-2 vote at an open meeting yesterday, the rules require carriers to notify customers in advance and to seek FCC approval before reducing services... FCC chairman Tom Wheeler and others have been pushing to shift telephone traffic to fiber optics and the Internet. Critics have charged that phone companies are allowing their old copper networks to decay to force customers to shift to fiber service. But some 37 million households —- many of them headed by elderly people —- remain on legacy copper, commissioner Mignon Clyburn noted at the hearing. Other holdouts live in rural areas that lack cellular and broadband service. Some prefer copper connections because they are independent of local power lines, and offer better 911 emergency service.

The FCC ruling requires that carriers notify retail customers at least three months before shutting down a copper network, and provide six-months notice to interconnecting carriers using the old lines. (Clyburn complained that that's much less time than the FCC gave before shutting down analog broadcast television, but voted for the measure anyway.) Carriers also must seek FCC approval if the telephone changeover would "discontinue, reduce or impair" service... In a separate vote, all five FCC commissioners agreed to require carriers to offer customers backup power supplies that maintain their phone service during prolonged power outages..."

You can read announcements by AT&T about copper landline retirements. CenturyLink notified the FCC last year about copper landline retirements in eight states: in Alabama, Florida, Michigan, Minnesota, Pennsylvania, Virginia, Washington, and Wisconsin.

Since the FCC set copper-retirement rules in 2015, technology adoption has climbed slightly. In January of this year, Pew Research reported that 77 percent of adults in the USA own a smartphone and 73 percent have broadband internet at home. However, while:

"... broadband adoption has increased to its highest level since the Center began tracking this topic in early 2000, not all Americans have shared in these gains. For instance, those who have not graduated from high school are nearly three times less likely than college graduates to have home broadband service (34 percent vs. 91 percent)... 12 percent of Americans say they are “smartphone dependent” when it comes to their online access – meaning they own a smartphone but lack traditional broadband service at home. The share of Americans who are smartphone dependent has increased 4 percentage points since 2013, and smartphone reliance is especially pronounced among young adults, nonwhites and those with relatively low household incomes."

While more people have smartphones and internet access at home, a sizeable number still have copper landlines. Phys.org reported in November 2016 the results of a recent survey:

"... 20 percent of the nation's households still view having a landline or fixed telephone as the most important of their telecommunications choices, according to a survey that queried consumers about their telephone and internet preferences... The study also found that for the average consumer, having mobile telephone service is about 3.5 times more important than a landline or fixed telephone service... Study findings suggest about 90 percent of American households have at least one mobile phone, 75 percent have fixed internet service, 58 percent have mobile internet service and 49 percent have fixed telephone service. Mobile telephone service was the most important service for the typical respondent, followed by fixed internet service, mobile internet service and fixed telephone service, although a portion rank fixed telephone first."

According to the 2012 United States Census, there are about 117 million households in the United States, and 2.59 persons on average per household. So, a substantial portion of the population will probably view negatively the termination of copper wire telephone services in their homes.

Verizon's copper termination notice was unnecessarily complicated, which could confuse many consumers. The portion of its notice which said "If fiber is available to your home..." was laughable. FiOS is already available in our neighborhood. Verizon notified me months ago, and I already migrated my antiquated DSL (Digital Subscriber Line) internet service on my phone line to FiOS. Verizon's landline business unit should know what its FiOS division is doing.The left hand should know what the right hand is doing.

So, Verizon's notice wasn't as customized nor as relevant as it could have been. It makes one wonder if, in its zeal to terminate its copper wire phone business, Verizon rushed the customer letters.

Readers of this blog remember the Boston City Council's hearings in 2015 about residents' requests for FiOS. In 2015, Verizon hadn't deployed FiOS even though it had been available in several suburban towns for many years. Example: a friend in Lexington has had FiOS since at least 2009. So, Verizon could have deployed FiOS far sooner, providing consumers more time to migrate their phone service without rushing.

What should consumers do? It depends upon your lifestyle. If you already have a smartphone, you may want to simply terminate your landline phone service and use your smartphone instead. If you don't have a smartphone, you can migrate your copper landline phone service to Verizon's FiOS fiber connection, to a smartphone, or to another telephone service provider. For example, many cable-TV providers, such as Comcast, provide phone service in residences.

Some consumers value security and privacy. If you perform phone-based banking or online banking with your desktop/laptop computer, then security is a concern. Since smartphones or wireless phones using home WiFi networks transmit using radio waves, you'll probably want to encrypt you wireless online banking transmissions to protect against theft by criminals or hackers. Several brands of Virtual Private Network (VPN) software and apps are available to encrypt your wireless transmissions. If you are unfamiliar with VPN software, this prior blog post contains links to online primers and tutorials.

If you received a copper termination letter from your phone company, what were your opinions of it? Did you switch to fiber landlines or to wireless?


Attorneys General In Several States Announce Settlement Agreements With Target

Target Bullseye logo The Office of the Attorney General (AG) for the Commonwealth of Massachusetts announced on Wednesday that the state will receive $625,000 as part of the settlement agreement with Target Corporation. The settlement agreement, which includes 47 states plus the District of Colombia, resolves claims by states about the retailer's massive data breach in 2013.

Card issuers had also sued the retailer. Target settled with Visa in August, 2015 to resolve claims in which 110 million consumers' records were stolen, including 40 million credit- and debit-card numbers. Also, debit card PIN numbers were stolen.

The announcement by Massachusetts AG Maura Healey explained:

"The investigation found that the stolen credentials were used to exploit weaknesses in Target’s system, which allowed the attackers to access a customer service database, install malware on the system and then capture data from credit or debit card transactions at Target stores (including stores in Massachusetts) from Nov. 27, 2013 to Dec. 15, 2013. The stolen data included consumers’ full names, telephone numbers, email addresses, mailing addresses, payment card numbers, expiration dates, security codes, and encrypted debit PINs... The breach affected more than 41 million customer payment card accounts and contact information for more than 60 million customers nationwide. In Massachusetts, the breach compromised information from approximately 947,000 customer payment card accounts and other personally-identifying information of about 1.5 million Massachusetts residents."

Terms of the settlement require Target:

"... to develop, implement and maintain a comprehensive information security program and to employ an executive or officer who is responsible for executing the plan. The company is required to hire an independent, qualified third-party to conduct a comprehensive security assessment... to maintain and support software on its network; to maintain appropriate encryption policies, particularly as pertains to cardholder and personal information data; to segment its cardholder data environment from the rest of its computer network; and to undertake steps to control access to its network, including implementing password rotation policies and two-factor authentication for certain accounts."

California will receive $1.4 million from the settlement. New York AG Eric T. Schneiderman said about the settlement agreement:

"New Yorkers need to know that when they shop, their data will be protected... This settlement marks an important win for New Yorkers – bringing over $635,000 into the state, in addition to the free credit monitoring services for those impacted by the data breach, and key security improvements to help protect Target consumers moving forward."

Yes, indeed. Shoppers everywhere need to know their data will be protected.

Besides Massachusetts, New York and California, the other states participating in this settlement include Alaska, Arizona, Arkansas, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, and the District of Columbia.

AL.com reported:

"Alabama won't be cashing in on the largest multi-state data breach settlement in history, however. The reason, according to the Alabama Attorney General's Office, is the absence of a state law that requires entities to notify customers whose information could have been exposed in a breach and then take steps to remediate any injuries.

"Alabama is one of the few states in the nation that is not a party to the recent Target settlement because our state does not have data breach notification law," said Mike Lewis, Communications Director for the Office of the Alabama Attorney General."

Connecticut and Illinois led the states' investigation. The participating states have not yet announced how the settlement money will be distributed.

[Editor's Note: a prior version of this blog post did not include the report by AL.com.]