146 posts categorized "Massachusetts" Feed

Federal Reserve Survey of Experiences of Younger Workers

The Federal Reserve Board (FRB) recently released the results of its survey of younger workers ages 18 to 30 with data through 2015. The survey found that younger workers overall:

"... experienced higher rates of unemployment and lower rates of labor force participation than the general population for at least two decades, and the Great Recession exacerbated this phenomenon. Despite a substantial labor market recovery from 2009 through 2014, vulnerable populations—including the nation’s young adults—continue to experience higher rates of unemployment. Changes in labor market conditions, including globalization and automation, have reduced the availability of well-paid, secure jobs for less-educated persons, particularly those jobs that provide opportunity for advancement. Furthermore, data suggest that young workers entering the labor market are affected by a long-running increase in the use of “contingent” or “alternative” work arrangements, characterized by contracted, part-time, temporary, and seasonal work."

Specific findings about younger workers' attitudes:

"In 2015, the majority of young adults (61 percent) are optimistic about their future job opportunities, showing an increase in optimism from 2013 (45 percent)... the likelihood that a young adult is optimistic about future job opportunities increases with higher levels of education... young adults continue to have a strong preference for steady employment (62 percent) over higher pay (36 percent)... Among respondents who prefer steady employment, 80 percent would rather have one steady job than a stream of steady jobs for the next five years...

Most young adults are not sure how their standard of living will compare with their parents’ standard of living. Young adults with at least one parent with a bachelor’s degree (or higher) are more likely to believe their standard of living will be lower than their parents (4 percent) when compared with young adults whose parents have a high school education or less (1 percent)...

Specific findings about younger workers' experiences:

"28 percent of respondents are currently enrolled as students in a certificate or degree program. Most students are enrolled in degree programs... most undergraduate students are identified “nontraditional” because they are over age 23, enrolled in school part time, working full time, and/or financially independent. 10 percent of respondents are “non-completers,” meaning they are not currently enrolled in a certificate or degree program they started... 62 percent of respondents with post-secondary education worked while in school to finance all or part of their most recent education. 52 percent of respondents with post-secondary educational experience have parents that contributed financially to their education. 46 percent of respondents incurred debt to pay for some portion of their education or training...

41 percent of respondents believe they have the level of education and training needed for the type of job that they would like to hold in the next five years... 66 percent of young adults received information about jobs and careers during high school. And, 69 percent of young adults received such information in college...

Less than half (45 percent) of employees work in a career field that is closely related to their educational and training background... Many young adults gained early work experience during high school, college, or both. 53 percent of young adults had a paid job during high school, and 77 percent of young adults had a paid job during college..."

A key takeaway: about 30 percent of young adults did not receive information about jobs and careers in high school nor college. That seems to be an area the educational sector must improve upon.

4,135 potential respondents were contacted for the 2015 survey, and 2,035 completed surveys (49 percent response rate). FRB staff designed the survey, which was administered by GfK, an online consumer research company.

More notable statistics from the survey: about 69 percent of survey respondents have some form of paid employment, up from 60 percent in 2013. 63 percent of employees held a single full-time job during the past year, and 18 percent of employees held multiple full-time jobs during the past year. Profile information about employed younger workers:

"78 percent of employees have a permanent/long-term job... 75 percent of employees in the survey have a full-time job... Among part-time employees surveyed, 49 percent were identified as underemployed, as they are working part time because of economic conditions. Meanwhile, 42 percent of part-time employees prefer part-time work... The percent of young workers who have health insurance increased from 2013 (70 percent) to 2015 (82 percent). Likewise, the percent of young workers who received paid time off for sick leave, holidays, or both from any of their paid jobs increased from 2013 (59 percent) to 2015 (62 percent)...

As adults, 43 percent of employees have formed a new household with their immediate family (i.e., spouse/partner), and 20 percent have formed a new household alone or with a roommate..."

Self-sufficiency is important. The report found:

"... 73 percent of employees are able to cover their monthly household expenses with their household income. Meanwhile, 22 percent of employees report that they are sometimes able to cover their monthly household expenses, and 4 percent are not able to cover their monthly household expenses at all... Among employees who are not able to cover their household expenses some or all of the time, 64 percent reduce their monthly expenses to meet the challenge, 56 percent do not pay some bills, 54 percent borrow money from family, 46 percent use their credit cards, 41 percent use savings, and 16 percent borrow from friends.

A key consideration regarding self-sufficiency is the ability of a household to withstand financial disruptions. Among young workers, the ability to go without a paycheck temporarily improved between 2013 and 2015. The percent of young workers who can pay their living expenses if out of work for four weeks improved from 38 percent in 2013 to 45 percent in 2015..."

The report cited 4 policy implications to address the findings:

  1. Improve Alignment between Education and the Labor Market
  2. Increase Opportunities for Non-degree Education
  3. Provide Assistance and Protections for Workers with Alternative Work Arrangements
  4. Seek Opportunities to Improve Job Growth

There is plenty of information in the 120-page report, which is available at the FRB site and here (Adobe PDF; 1,190.2K bytes).


EPA Concludes Fracking a Threat to U.S. Water Supplies

[Editor's note: Today's guest post is by reporters at ProPublica. This new story was originally published on December 14, 2016. It is reprinted with permission.]

by Patrick G. Lee, ProPublica

Starting in 2008, ProPublica published stories that found hydraulic fracking had damaged drinking water supplies across the country. The reporting examined how fracking in some cases had dislodged methane, which then seeped into water supplies. In other instances, the reporting showed that chemicals related to oil and gas production through fracking were winding up in drinking water, and that waste water resulting from fracking operations was contaminating water sources.

Many environmentalists hailed the reporting. The gas drilling industry, for its part, pushed back, initially dismissing the accounts as anecdotal at best.

This week, the Environmental Protection Agency issued its latest and most thorough report on fracking's threat to drinking water, and its findings support ProPublica's reporting. The EPA report found evidence that fracking has contributed to drinking water contamination 2014 "cases of impact" 2014 in all stages of the process: water withdrawals for hydraulic fracturing; spills during the management of hydraulic fracturing fluids and chemicals; injection of hydraulic fracturing fluids directly into groundwater resources; discharge of inadequately treated hydraulic fracturing wastewater to surface water resources; and disposal or storage of hydraulic fracturing wastewater in unlined pits, resulting in contamination of groundwater resources.

In an interview, Amy Mall, a senior policy analyst at the National Resources Defense Council, said the EPA's report was welcome.

"Many of us have been working on this issue for many years, and industry has repeatedly said that there is no evidence that fracking has contaminated drinking water," Mall said.

The EPA report comes a year after its initial set of findings set off fierce criticism by environmental advocates and health professionals. That report, issued in 2015, said the agency had found no evidence that fracking had "led to widespread, systemic impacts on drinking water resources." Many accused the agency of pulling its punches and adding to confusion among the public. News organizations throughout the U.S. interpreted the EPA's language to mean it had concluded fracking did not pose a threat to water supplies and public health.

The EPA said in its report this week that the sentence about the lack of evidence of systemic issues had been intentionally removed because the agency's scientists had "concluded it could not be quantitatively supported."

"I think one of the concerns about the original document was that the EPA seemed to say that everything was fine," said Rob Jackson, a professor of earth-system science at Stanford University. "It's important that we understand the ways and the cases where things have gone wrong, to keep them from happening elsewhere."

The EPA's latest declaration comes as a Trump administration apparently hostile to almost any kind of regulation of fracking prepares to assume office. But those worried about fracking's implications for the environment have long been discouraged by the lack of consistent and stringent state or federal regulation.

"Because state regulators have not fully investigated cases of drinking water contamination, and because federal regulators have been handcuffed by Congress into how much they can regulate, the science wasn't as robust as it should have been," said Mall, the analyst at NRDC. "It's a pattern of, the rules are too weak, and the ones that are on the books aren't enforced enough."

The more significant impact of a Trump administration, however, may be in limiting the EPA's appetite for aggressive and continued study. The report issued this week was six years in the making, but made clear there was still much work to be done to better and more comprehensively determine fracking's impact on the environment, chiefly water supplies.

"It was not possible to calculate or estimate the national frequency of impacts on drinking water resources from activities in the hydraulic fracturing water cycle or fully characterize the severity of impacts," the report said.

The Trump administration's transition team did not immediately respond to an e-mailed request for comment about its position on fracking and the EPA's final report. Trump's transition website promises to "unleash an energy revolution" and "streamline the permitting process for all energy projects." It also says it will "refocus the EPA on its core mission of ensuring clean air, and clean, safe drinking water for all Americans."

Advocates for hydraulic fracturing argue that the final EPA report is not vastly different from the draft version.

"Anecdotal evidence about localized impacts does not disprove the central thesis, which is that there is no evidence of widespread or systemic impacts," said Scott Segal, a partner at Bracewell LLP who represents oil and gas developers. "There's a lot of exaggeration. There's a lot of mischaracterization of the extent of contamination that's based on a desire to enhance recovery in tort liability lawsuits."

Read more of ProPublica's major work on fracking.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Adobe Settles With 15 States Regarding 2013 Data Breach

The Indiana Attorney General announced a multi-state $1.0 million settlement agreement with Adobe Systems, Inc. after a data breach in 2013 where the information about 2.9 million customers nationwide was stolen. The data elements stolen included names, addresses, telephone numbers, e-mail addresses, usernames, encrypted payment card numbers and expiration dates.

14 states which joined Indiana in the settlement agreement: Arkansas, Connecticut, Illinois, Kentucky, Maryland, Massachusetts, Missouri, Minnesota, Mississippi, North Carolina, Ohio, Oregon, Pennsylvania, and Vermont. The states alleged in a lawsuit that Adobe failed to use reasonable security measures to protect its computing systems from hacks or had proper intrusion detection methods installed. The multi-state settlement agreement covers about 552,000 residents from the 15 states.

Indiana's share of the settlement was $53,718.36 for 24,049 Indiana residents affected by the breach. Indiana AG Greg Zoeller said:

"This case is yet another example of the importance of protecting your personal and financial information... I continue to be an advocate for Indiana’s credit freeze protections and encourage all Hoosiers to place credit freezes with the major credit bureaus.”

Connecticut's share was $135,095.71. Connecticut AT George Jepsen  said:

"Consumers should have a reasonable expectation that their personal and financial information is properly safeguarded from unauthorized access... Adobe worked in good faith with my office and the states affected by this incident to better protect consumer information going forward, and for that it deserves some credit. My office will continue to be diligent in protecting Connecticut consumers by strictly enforcing our privacy laws."

46,465 Maryland residents were affected by the breach. Maryland AG Brian E. Frosh said:

“Reasonable security measures must be implemented to maintain the safety and security of consumers’ personal information... As a result of this agreement, Adobe has agreed to bolster its security to prevent another similar occurrence.”

More settlement agreements may be forthcoming.


Voting Technologies By County Across The United States

State and local governments across the United States use a variety of voting technologies. Chances are, you voted on Tuesday using one of two dominant technologies: optical-scan ballots or direct-recording electronic (DRE) devices. Optical-scan ballots are paper ballots where voters fill in bubbles or other machine-readable marks. DRE devices include touch-screen devices that store votes in computer memory.

The Pew Research Center analyzed data from the Verified Voting Foundation, a nongovernmental organization, and found that almost:

"... half of registered voters (47%) live in jurisdictions that use only optical-scan as their standard voting system, and about 28% live in DRE-only jurisdictions... Another 19% of registered voters live in jurisdictions where both optical-scan and DRE systems are in use... Around 5% of registered voters live in places that conduct elections entirely by mail – the states of Colorado, Oregon and Washington, more than half of the counties in North Dakota, 10 counties in Utah and two in California. And in more than 1,800 small counties, cities and towns – mostly in New England, the Midwest and the inter-mountain West – more than a million voters still use paper ballots that are counted by hand."

Previously, voting systems nationwide used punch-card devices and "lever machines" which were slowly replaced since 1980 by optical-scan and DRE devices. You may remember voting with one of the old-style lever machines, a self-contained voting booth where voters flips switches for candidates and then pulled a large lever to record their votes:

"Punch cards hung on throughout the 1990s but gradually lost ground to optical-scan and electronic systems – a decline that accelerated sharply after the 2000 Florida election recount debacle that brought the term “hanging chad” to brief prominence. But as punch cards faded away (the last two jurisdictions to use them, Franklin and Shoshone counties in Idaho, abandoned them after the 2014 elections), some voters became concerned that fully electronic voting would not generate any “paper trail” for future recounts. According to Verified Voting, of the 53,608 jurisdictions that use DRE equipment as their major voting method, almost three-quarters use systems that don’t create paper receipts or other hard-copy records of voters’ choices."

In August of this year, Wired reported about the state of security of the DRE devices:

"What people may not remember is the resulting Help America Vote Act (HAVA), passed in 2002, which among other objectives worked to phase out the use of the punchcard voting systems that had caused millions of ballots to be tossed. In many cases, those dated machines were replaced with electronic voting systems. The intentions were pure. The consequences were a technological train wreck.

“People weren’t thinking about voting system security or all the additional challenges that come with electronic voting systems,” says the Brennan Center’s Lawrence Norden. “Moving to electronic voting systems solved a lot of problems, but created a lot of new ones.”

The list of those problems is what you’d expect from any computer or, more specifically, any computer that’s a decade or older. Most of these machines are running Windows XP, for which Microsoft hasn’t released a security patch since April 2014. Though there’s no evidence of direct voting machine interference to date, researchers have demonstrated that many of them are susceptible to malware or, equally if not more alarming, a well-timed denial of service attack."

Experts have said that, besides better built and more secure DREs, post-election auditing -- checking vote totals against paper ballots -- is the best way to ensure accurate vote totals. Reportedly, more than half of states perform post-election audits.

So, it seems appropriate for citizens living in counties that use antiquated DREs, or that don't perform post-election audits, to contact their elected representatives and demand improvements. Good entities to contact are the elections departments in your city, or the Secretary in your state. Find your state in this list. Below is an image of voting technologies by county:

Pew Research Voting technologies by county in the United States. Click to view larger version


Disenfranchised By Bad Design

[Editor's Note: Today's guest post was originally published by ProPublica on October 20, 2016. It is reprinted with permission. Some towns, municipalities, and cities -- such as Boston -- use paper ballots that are scanned. (This facilitates recounts, when needed.) The city provides AutoMARK machines at polling locations to help voters requiring assistance. The machines use audio cues, magnification, and several languages to mark ballots correctly, especially for low-vision and disabled voters. Inquire about this automation or other assistance when you vote.]

by Lena Groeger, ProPublica

This November 8, even if you manage to be registered in time and have the right identification, there is something else that could stop you from exercising your right to vote.

The ballot. Specifically, the ballot's design.

Bad ballot design gained national attention almost 16 years ago when Americans became unwilling experts in butterflies and chads. The now-infamous Palm Beach County butterfly ballot, which interlaced candidate names along a central column of punch holes, was so confusing that many voters accidentally voted for Patrick Buchanan instead of Al Gore.

Pal Beach Country butterfly ballot
Palm Beach county’s infamous butterfly ballot. (Wikimedia Commons)

We've made some progress since then, but we still likely lose hundreds of thousands of votes every election year due to poor ballot design and instructions. In 2008 and 2010 alone, almost half a million people did not have their votes counted due to mistakes filling out the ballot. Bad ballot design also contributes to long lines on election day. And the effects are not the same for all people: the disenfranchised are disproportionately poor, minority, elderly and disabled.

In the predominantly African American city of East St. Louis, the race for United States senator in 2008 was missing a header that specified the type or level of government (Federal, Congressional, Legislative, etc). Almost 10 percent of East St. Louis voters did not have their vote counted for U.S. Senate, compared to the state average of 4.4 percent. Merely adding a header could have solved the problem. Below you can see the original ballot and the Brennan Center redesign.

Brennan Center ballot redesign
Before: no header for the Senate race, after: consistent headers for all contests. (Brennan Center, Better Design Better Elections)

"When we design things in a way that doesn't work for all voters, we degrade the quality of democracy," said Whitney Quesenbery, a ballot expert and co-director of the Center for Civic Design, an organization that uses design to ensure voters vote the way they want to on Election Day.

Many mistakes can be avoided with tiny tweaks
Designer Marcia Lausen, who directs the School of Design at the University of Illinois at Chicago, wrote a whole book about how democracy can be improved with design. She even tackles the infamous butterfly ballot. The 2000 Chicago Cook County judicial retention ballot crammed 73 candidates into 10 pages of a butterfly layout punch card ballot, with punch holes packed much more tightly together than in previous elections. As in Palm Beach, Yes/No votes for the candidates on the left page were confusingly interlaced with Yes/No votes for the right page.

Lausen's proposed redesign eliminates the interlaced Yes/No votes, introduces a more legible typeface, uses shading and outlines to connect names and Yes/No's with the appropriate punch holes, and removes redundant language.

Democracy For Action butterfly ballot image

Democracy For Action butterfly ballot after redesign image
Before and after butterfly ballots. (Design for Democracy)

In the 2002 midterm election in Illinois' Hamilton County, each column of candidate names was next to a series of incomplete arrows. Voters were supposed to indicate their choice of candidate by completing the arrow on the left of the candidate name. But because we read left to right and the candidate names in two races lined up perfectly, many voters marked the arrow to the right. As presented in a Brennan Center analysis, setting the columns a bit further apart and adding borders would have cleared up this confusion:

Suggested redesign of Illinois' Hamilton County ballot
  Illinois’ Hamilton county confusing ballot, and suggested redesign. (Brennan Center)

In Minnesota in 2008, Al Franken beat Norm Coleman for the U.S. Senate seat by a sliver, less than 300 votes. In that race, almost 4,000 absentee ballots were not counted because the envelope was not signed. The Minnesota Secretary of State's office decided to redesign the mailing envelope. After a series of usability tests, they added a big X to mark where people should sign. In the following election in 2010, the rate of missing signatures dropped to 837.

Minnesota's mailing envelope is a good example of how designers can solve design problems well before any election actually happens 2014 by testing those ballots beforehand.

"Test and test and test," recommends Don Norman, a designer and cognitive scientist who wrote the the book on designing objects for everyday life. The most important aspect of ballot design, he says, is considering the needs of the voters. He suggests doing extensive testing of ballots on a sample of people, which should include those who are "blind, deaf, or people with physical disabilities as well as people with language difficulties."

Bad instructions are a design problem, too
Beyond layout and ordering, the unanimous winner for worst part of ballot design? Instructions.

"The instructions are uniformly horrible!" said usability expert Dana Chisnell, who co-directs the Center for Civic Design with Quesenbery. Confusing jargon, run-on sentences, old-fashioned language left over from 100 years ago: all of these plague ballots across the country. Here are a few example instructions (the first from Kansas, the second from Ohio) along with the Brennan Center's redesign:

Brennan Center suggested redesign of Kansas ballot instructions
(Brennan Center, Better Ballots)

Brennan Center suggested redesign of Ohio ballot instructions
(Brennan Center, Better Ballots)

Even if the instructions are clear, placement of instructions has a huge effect on whether people understand them. In usability tests conducted in Florida's Sarasota and Duval counties in 2008, the majority of participants got to the end of the ballot and stopped. Which was a problem, because the ballot continued on the other side. Despite instructions specifically telling people to vote both sides of the ballot, they didn't.

Designers have already put together guidelines for making better ballots
Luckily, there are resources for how to help avoid these predictable problems. In addition to Lausen's book, the Design for Democracy initiative has worked for years at applying design principles to improve elections. A few years ago the design association AIGA combined forces with Whitney Quesenbery and Dana Chisnell to condense their best practices into a set of handy field guides.

The ballot-specific guide, Designing Usable Ballots, has this advice:

  1. Use lowercase letters.
  2. Avoid centered type.
  3. Use big enough type.
  4. Pick one sans-serif font.
  5. Support process and navigation.
  6. Use clear, simple language.
  7. Use accurate instructional illustrations.
  8. Use informational icons (only).
  9. Use contrast and color to support meaning.
  10. Show what’s most important.

For the designers, these recommendations may seem obvious. But election officials 2014 the ones responsible for laying out a ballot 2014 are not designers.

Sometimes, reality thwarts good design
Even if officials wanted to follow every design best practice, they probably wouldn't be able to.

That's because ballots are as complicated as the elections they represent. Elections in the U.S. are determined at the local level, and so each ballot must be uniquely crafted to its own jurisdiction. Ballots must combine federal, state, and local contests, display measures and propositions, and sometime require voters to express their choices in various formats 2014 for example ranking their choices versus selecting one candidate for the job.

"There will always be special circumstances that present new problems for ballot design," said David Kimball, a political science professor at the University of Missouri-St. Louis who has written extensively on voting behavior and ballot design.

Take what happened this summer in California's Senate race primary. A record number of 34 candidates were running to replace incumbent Democrat Barbara Boxer, and the ballot needed to fit them all. In many counties, elections officials simply couldn't follow the good design recommendation of "Put all candidate names in one column."

To make matters worse, bad design is written right into the law
Election officials are often constricted in what they can and can't do by specific language in their local election code. More often than not, the law is to blame for bad design.

For example, numerous jurisdictions require that candidate names and titles be written in capital letters. This goes against huge amounts of evidence that lowercase letters are easier to read. Other requirements like setting a specific font size, making sections bold or center-aligning headers make it next to impossible to follow all the design best practices.

Image of Illinois Election Code
Illinois Election Code used to require candidate names to be printed in capital letters. (Statutes of the State of Illinois)

Some election code requirements just seem to invite clutter. In Kansas, a candidate's hometown must be listed under their name. In California, the candidate's occupation. Designers argue that this additional text complicates the ballot with needless information, but they can't get rid of it without breaking the law.

"It's amazing how many design prescriptions are written into law by non-designers," said designer Drew Davies, who has worked with numerous jurisdictions to improve their ballots and voting materials and is design director of AIGA's Design for Democracy.

Some of those prescriptions border on the comical. In New York, election law requires that each candidate name must be preceded by "the image of a closed fist with index finger extended pointing to the party or independent row." Here's how that actually looks on real New York ballots:

[insert ny closed fist image]

In design, everything matters 2014 even the order of the candidate names
Some design problems are not as obvious as a pointing finger. Take something as simple as the order of the candidates' names. There is a well known advantage for being listed first on the ballot. The "primacy effect" can significantly sway elections, especially in smaller races not widely covered in the media where there is no incumbent. One study of the 1998 Democratic primary in New York found that in seven races the advantage from being listed first was bigger than the margin of victory. In other words, if the runner-up candidates in those races had been listed first on the ballot, they likely would have won.

As one report puts it, "a non-negligible portion of local governmental policies are likely being set by individuals elected only because of their ballot position." To combat this unconscious bias, some states have already mandated that names are randomly ordered on the ballot. Still, many states and jurisdictions do not have a standard system for organizing these names.

The future will bring new design challenges --but also new ways to make voting more accessible
As more and more states adopt absentee and vote-by-mail systems, they make voting more accessible and convenient 2014 but they also introduce new ways of making mistakes. And those errors are only caught after the ballot has been mailed in, too late to change. A polling place acts as a fail-safe, giving you the opportunity to ask a poll worker for help or letting you fill out a new ballot if yours gets rejected by the voting machine. But on an absentee ballot, if you made a mistake and your vote isn't counted, you'll never know.

There are several current efforts to overhaul the ballot entirely. Los Angeles County, for example, has teamed up with the design company IDEO to create an easier and more accessible way to vote. Their customizable device would let people fill out a sample ballot on their own time from a computer or mobile device, and then scan a code at the polling place to automatically transfer their choices to a real ballot.

The Anywhere Ballot is another open-source project that's designed to create a better voting experience for everyone 2014 including voters with low literacy or mild cognitive issues. Their digital ballot template, which came out of extensive user testing and follows all the current ballot design best practices, lets anyone use their own electronic device to mark a ballot.

But of course, the design problems that plague ballots affect all aspects of the voting process.

Voter registration materials, mailed voter guides and education booklets, election department websites and online instructions, poll worker materials 2014 all of these have problems that can be improved with better design.

"Ballots are where all the drama happens," said designer Lausen, "but there is much more to election design."

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Report Documents The Problems And Privacy Risks With Unregulated Facial Recognition Databases By Law Enforcement

According to a report by the Center on Privacy and Technology (CPT) at Georgetown Law school, about 48 percent of adult Americans -- 117 million people-- are already profiled in facial-recognition databases by law enforcement. The U.S. Federal Bureau of Investigation (FBI) maintains a facial-recognition database, but local police departments do, too.

Issues raised by findings in the report:

"Across the country, state and local police departments are building their own face recognition systems, many of them more advanced than the FBI’s. We know very little about these systems. We don’t know how they impact privacy and civil liberties. We don’t know how they address accuracy problems. And we don’t know how any of these systems—local, state, or federal—affect racial and ethnic minorities."

Facial recognition software is not new, and the report acknowledges that its use is inevitable by law enforcement. The facts include:

"FBI face recognition searches are more common than federal court-ordered wiretaps. At least one out of four state or local police departments has the option to run face recognition searches through their or another agency’s system. At least 26 states (and potentially as many as 30) allow law enforcement to run or request searches against their databases of driver’s license and ID photos. Roughly one in two American adults has their photos searched this way... Historically, FBI fingerprint and DNA databases have been primarily or exclusively made up of information from criminal arrests or investigations. By running face recognition searches against 16 states’ driver’s license photo databases, the FBI has built a biometric network that primarily includes law-abiding Americans. This is unprecedented and highly problematic..."

The report does not want to stop facial-recognition software usage, and it acknowledges that most law enforcement personnel do not want to invade citizens' privacy. The report' raises concerns based upon the data collection primarily includes law-abiding citizens and not just criminals; plus the lack of transparency and regulation regarding accuracy, training, and deployment. Some of the uses that raise concerns:

"Real-time face recognition lets police continuously scan the faces of pedestrians walking by a street surveillance camera... at least five major police departments—including agencies in Chicago, Dallas, and Los Angeles—either claimed to run real-time face recognition off of street cameras, bought technology that can do so, or expressed a written interest in buying it... A face recognition search conducted in the field to verify the identity of someone who has been legally stopped or arrested is different, in principle and effect, than an investigatory search of an ATM photo against a driver’s license database, or continuous, real-time scans of people walking by a surveillance camera. The former is targeted and public. The latter are generalized and invisible. While some agencies, like the San Diego Association of Governments, limit themselves to more targeted use of the technology, others are embracing high and very high risk deployments."

The report described specific examples of usage at the state and local levels:

"No state has passed a law comprehensively regulating police face recognition. We are not aware of any agency that requires warrants for searches or limits them to serious crimes. This has consequences. The Maricopa County Sheriff’s Office enrolled all of Honduras’ driver’s licenses and mug shots into its database. The Pinellas County Sheriff’s Office system runs 8,000 monthly searches on the faces of seven million Florida drivers—without requiring that officers have even a reasonable suspicion before running a search..."

A major concern the report discussed is the:

"... real risk that police face recognition will be used to stifle free speech. There is also a history of FBI and police surveillance of civil rights protests. Of the 52 agencies that we found to use (or have used) face recognition, we found only one, the Ohio Bureau of Criminal Investigation, whose face recognition use policy expressly prohibits its officers from using face recognition to track individuals engaging in political, religious, or other protected free speech."

Another major concern the report discussed:

"Face recognition is less accurate than fingerprinting, particularly when used in real-time or on large databases. Yet we found only two agencies, the San Francisco Police Department and the Seattle region’s South Sound 911, that conditioned purchase of the technology on accuracy tests or thresholds. There is a need for testing. One major face recognition company, FaceFirst, publicly advertises a 95% accuracy rate but disclaims liability for failing to meet that threshold in contracts with the San Diego Association of Governments... Companies and police departments largely rely on police officers to decide whether a candidate photo is in fact a match. Yet a recent study showed that, without specialized training, human users make the wrong decision about a match half the time... an FBI co-authored study suggests that face recognition may be less accurate on black people..."

Regarding the lack of transparency by law enforcement:

"Ohio’s face recognition system remained almost entirely unknown to the public for five years. The New York Police Department acknowledges using face recognition; press reports suggest it has an advanced system. Yet NYPD denied our records request entirely. The Los Angeles Police Department has repeatedly announced new face recognition initiatives—including a “smart car” equipped with face recognition and real-time face recognition cameras—yet the agency claimed to have “no records responsive” to our document request. Of 52 agencies, only four (less than 10%) have a publicly available use policy. And only one agency, the San Diego Association of Governments, received legislative approval for its policy... Maryland’s system, which includes the license photos of over two million residents, was launched in 2011. It has never been audited. The Pinellas County Sheriff’s Office system is almost 15 years old and may be the most frequently used system in the country. When asked if his office audits searches for misuse, Sheriff Bob Gualtieri replied, “No, not really.” Despite assurances to Congress, the FBI has not audited use of its face recognition system, either..."

Learn more about the expanded facial-recognition system the FBI deployed in 2014. The New York Times reported last year about some of the problems:

"Facial recognition software, which American military and intelligence agencies used for years in Iraq and Afghanistan to identify potential terrorists, is being eagerly adopted by dozens of police departments around the country to pursue drug dealers, prostitutes and other conventional criminal suspects. But because it is being used with few guidelines and with little oversight or public disclosure... Law enforcement officers say the technology is much faster than fingerprinting at identifying suspects, although it is unclear how much it is helping the police make arrests... "

The CPT report proposed the following solutions to address privacy concerns:

  • Use mug-shot databases (and not driver’s license databases and ID photos) as the default for facial recognition searches. Periodically purge them of innocent persons,
  • Searches of driver's license databases and ID photos should require a court order showing probable cause, except in instances of identity theft and fraud,
  • Notify the public if the policy includes searches of databases maintained by motor-vehicle agencies,
  • Local communities should decide real-time facial recognition surveillance is used in public places of the public and/or with police-worn body cameras. Real-time facial recognition surveilance should be a last resort used only in life-threatening emergencies supported by probable cause with limits as to scope and duration.

The year-long investigation by the CPT included more than 100 records requests to police departments around the country. Read the full report: "The Perpetual Line-up: Unregulated Police Face Recognition in America."

We know the National Security Agency (NSA) uses facial recognition software. Some agencies probably acquire photos and related information from them, too. If so, this should be disclosed. In 2012, the U.S. Federal Trade Commission (FTC) proposed guidelines for facial-recognition by social networking sites, companies, and retail stores. Since governments are supposed to report to and serve citizens, similar guidelines should apply to law enforcement.

What are your opinions of real-time facial recognition surveillance? Of the issues raised by the CDT report?


Massachusetts Regulator Charges Morgan Stanley Bank With Operating 'Unethical' Sales Contests

Another bank seems to have had difficulty managing a high-pressured sales incentive program. The office of the Secretary of the Commonwealth for Massachusetts has charged Morgan Stanley bank with running "dishonest and unethical" sales contests. The Boston Herald newspaper reported:

"The contests focused on the sales of securities-based loans, or SBLs, which let customers borrow against the value of the securities in their investment accounts with their securities as collateral, authorities said. Secretary of the Commonwealth William Galvin said 30 financial advisers in the Springfield, Wellesley, Worcester, Waltham and Providence, R.I., offices were offered incentives of $1,000 for 10 loans, $3,000 for 20 loans and $5,000 for 30 loans, creating a conflict of interest."

Reportedly, Galvin stated the contests were officially prohibited by the bank, but it proceeded anyway as the highly profitable contests tripled loan origination and added $24 million to new loan balances. Allegedly, bank executives were slow to recognize the improper activities and shut down the sales contests which began in 2014. The bank denies the allegations and claims that clients' consent was obtained first.

In July, Morgan Stanley reported financial results (Adobe PDF) with net revenues of $8.9 billion for the second quarter which ended June 30, 2016, compared with $9.7 billion for the same period a year ago. Net income was $1.6 billion compared with $1.8 billion for the same period a year ago. A data breach in 2011 exposed the sensitive personal information of 34,000 investment clients. Earlier this year, the bank paid a $1.0 million fine to settled charges by the U.S. Securities and Exchange Commission (SEC) that it failed to adequately protect customer information from 2011 to 2014 when 730,000 accounts were hacked.

Last month, Wells Fargo paid a $185 million fine to settle allegations by regulators that its employees created thousands of phony new accounts to earn sales incentive compensation. Investigations are still ongoing by Wells Fargo, regulators, and the Justice Department.

Both scandals raise two important questions: a) the appropriateness of incentive programs to encourage employees to cross-sell existing customers with more types of accounts, and b) accounts those customers may not need (nor want). The cross-selling programs may conflict with the bank's fiduciary duty to its investment clients.

Read more about the latest Morgan Stanley scandal at Fortune. What are your opinions?


News About The Massive Data Breach At Yahoo Isn't Pretty

Yahoo logo The news about Yahoo's massive data breach seems to be getting worse. The Oregonian reported:

" "Data breaches on the scale of Yahoo are the security equivalent of ecological disasters," said Matt Blaze, a security researcher who directs the Distributed Systems Lab at the University of Pennsylvania, in a message posted to Twitter. A big worry is a cybercriminal technique known as "credential stuffing," which works by throwing leaked username and password combinations at a series of websites in an effort to break in, a bit like a thief finding a ring of keys in an apartment lobby and trying them, one after the other, in every door in the building. Software makes the trial-and-error process practically instantaneous. Credential stuffing typically succeeds between 0.1 percent and 2 percent of the time..."

Apply those success rates to half a billion stolen credentials and criminals have plenty of opportunities to break into consumers' online accounts. And, this list of seven ways the breach has exposed consumers to online banking fraud is definitely accurate.

The tech company's stock has dropped 4 percent since September 22. During an interview, Tim Amstrong, the head of Verizon's AOL would not comment about whether Verizon might renegotiate its $4.8 billion purchase price cash offer for Yahoo's core business. Experts have speculated about whether or not the breach might trigger the "material adverse effect" clause in the purchase transaction.

Tech Week Europe reported:

"Cybersecurity specialist Venafi conducted research into how well Yahoo reacted to the breach, in particular the cryptographic controls Yahoo still has in place, and said the results were “damning.” Researchers said Yahoo had still not “taken the action necessary to ensure they are not still exposed and that the hackers do not still have access to their systems and encrypted communications.” Furthermore Venafi warned that “Yahoo is still using cryptography (MD5) that has been known to be vulnerable for many years now.” "

On Monday, U.S. Senator Mark R. Warner (D-VA) requested that the U.S. Securities and Exchange Commission (SEC) investigate Yahoo and its executives. Senator Warner said in a statement:

"Data security increasingly represents an issue of vital importance to management, customers, and shareholders, with major corporate liability, business continuity, and governance implications," wrote Sen. Warner, a former technology executive. "Yahoo’s September filing asserting lack of knowledge of security incidents involving its IT systems creates serious concerns about truthfulness in representations to the public. The public ought to know what senior executives at Yahoo knew of the breach, and when they knew it."

Senator Warner called on the SEC:

"... to investigate whether Yahoo and its senior executives fulfilled their obligations to keep investors and the public informed, and whether the company made complete and accurate representations about the security of its IT systems. Additionally, since published reports indicate fewer than 100 of approximately 9,000 publicly listed companies have reported a material data breach since 2010, I encourage you to evaluate the adequacy of current SEC thresholds for disclosing events of this nature,

Also, six U.S. Senators sent a letter on September 27 to Marissa Meyer, the Chief executive Officer at Yahoo, demanding answers about precisely how and why the massive breach went undetected for so long. The letter by Senators Richard Blumenthal (D-CT), Al Franken (D-MN), Patrick Leahy (D-VT), Edward J. Markey (D-MA), Elizabeth Warren (D-MA), and Ron Wyden read in part:

"We are even more disturbed that user information was first compromised in 2014, yet the company only announced the breach last week. That means millions of Americans' data may have been compromised for two years. That is unacceptable. This breach is the latest in a series of data breaches that have impacted the privacy of millions of Americans in recent years, but it is by far the largest. Consumers put their trust in companies when they share personal and sensitive information with them, and they expect all possible steps to be taken to protect that information."

Indeed. Consumers have these reasonable and valid expectations. The letter demands that the tech company provide a briefing to the Senators' staffs with answers to a set of eight questions including a detailed timeline of events, specific systems and services affected, steps being taken to prevent a massive breach from happening again, and how it responded to any communications and warnings by government officials about state-sponsored hacking activity.

Elizabeth Denham, the Information Commissioner of the United Kingdom (UK), released a statement on September 23 demanding answers from Yahoo:

"The vast number of people affected by this cyber attack is staggering and demonstrates just how severe the consequences of a security hack can be. The US authorities will be looking to track down the hackers, but it is our job to ask serious questions of Yahoo on behalf of British citizens and I am doing that today. We don’t yet know all the details of how this hack happened, but there is a sobering and important message here for companies that acquire and handle personal data. People’s personal information must be securely protected..."

Some consumers aren't waiting for lawmakers. The Mercury News reported:

"... a class-action suit accusing the Sunnyvale tech firm of putting their finances at risk and failing to notify them earlier about the breach. “While investigating another potential data breach, Yahoo uncovered this data breach, dating back to 2014,” the lawsuit, filed Thursday in U.S. District Court in San Diego, said. “Two years is unusually long period of time in which to identify a data breach.” On Friday in U.S. District Court in San Jose, a second class-action suit was filed over the hack. Plaintiff Ronald Schwartz, of New York, claims his personal information was stolen. His suit calls Yahoo’s treatment of users’ data “grossly negligent” and alleges that circumstantial evidence indicates “Yahoo insiders” knew of the breach “long before it was disclosed.” "

Reportedly, one of the plaintiffs has already experienced financial fraud as a result of identity theft from the data breach.


Smart Wine Bottles

Does wine go stale in your home? If so, then Kuvée Wine has a solution for you. The solution uses Internet-connected or "smart" wine bottles that reportedly keep your wine fresh for up to 30 days. Each bottle holds 5 glasses or 750 ml of wine. Included wines are 2013 Schug Carneros Pinot Noir, 2013 BR Cohn Cabernet Sauvignon, 2014 Bonny Doon Vin Gris de Cigare, and 2014 Coppola Director's Chardonnay.

Residents in some states can pre-order wine now. Orders from California and Massachusetts residents start shipping in October. Orders from residents in New York, Washington, and Oregon start shipping in December. See the website for terms for other states. The price is $199.00, which includes the Kuvée smart wine bottle plus four bottles of wine.

Since everything is "smart" in today's world, I guess this was bound to happen. Is it a good deal? You can decide for yourself. I'm not a big wine drinker. Heck, I'm not a big drinker -- period. This entertaining video from The Verge provides a perspective about how the Kuvée smart wine bottle works:


National Parks Celebrate Their 100th Anniversary

For your next vacation, consider visiting a national park. This summer, the United States National Park Service (NPS) celebrates 100 years of operations on August 25, 2016 with special discounts, programs, and events. The NPS was created to preserve:

“…unimpaired the natural and cultural resources and values of the National Park System for the enjoyment, education, and inspiration of this and future generations.”

When you visit a national park, you see what your ancestors saw. That includes trees, plants, wildlife, lakes, rivers, mountains, and glaciers. The NPS includes 411 areas covering all 50 States, plus the District of Columbia, American Samoa, Guam, Puerto Rico, and the Virgin Islands. These areas include national parks, monuments, battlefields, military parks, historical parks, historic sites, lake shores, seashores, recreation areas, scenic rivers, and trails.

The largest NPS site is Wrangell-St. Elias National Park and Preserve (Alaska) at 13.2 million acres. The smallest site is the Thaddeus Kosciuszko National Memorial (Pennsylvania) at 0.02 acres. 307 million people visited NPS sites during 2015. The NPS is a bureau of the U.S. Department of the Interior. It was created by an act signed by President Woodrow Wilson on August 25, 1916. The Director of the NPS is nominated by the President and confirmed by the U.S. Senate.

Some of the favorite national parks:

  • Yosemite National Park (California): this park is famous for outdoor activities including hiking, fishing, biking, camping, rock climbing, photography, and more
  • Mount Rushmore National Memorial (South Dakota): enjoy marvelous views of the 60-foot-tall heads of Abraham Lincoln, George Washington, Theodore Roosevelt, and Thomas Jefferson
  • Grand Canyon National Park (Arizona): view dazzling colors and the Colorado River, as it makes its way through the mile-deep canyon, which is 277 miles long and 18 miles wide
  • Glacier National Park (Montana): with more than 700 miles of trails, this park features pristine forests, alpine meadows, and majestic mountains
  • Volcanoes National Park (Hawaii): volcanoes created the Hawaiian islands, and the park features two massive volcanoes, Kīlauea and Mauna Loa, that erupt periodically with slow lava flows down the mountainside. Mauna Loa is 56,000 feet (17,000 meters) high, as measured from the sea floor.

The parks operate programs for adults, families, and children. Some of the programs for children include the Junior Rangers, Web Rangers, Every Kid in a Park, and mobile apps for citizen science. Check the NPS site for event times and locations.

View from atop Haleakala. Click to view larger version It is easy to combine a visit to a national park with a cruise vacation. My wife and I visited the Volcanoes National Park in 2004 during a cruise around the Hawaiian Islands. We sailed on Norwegian Cruise Line round-trip from Honolulu. At night, we saw red lava flows into the ocean. That cruise also included a port stop at the island of Maui, where we visited Haleakala National Park. Our bicycle ride down the mountainside started above the clouds.

In 2005, we visited Denali National Park and Preserve (Alaska) during a cruise-tour on Princess Cruises. A cruise-tour combines sea and land travel, so you see the best of everything – the inland wilderness, wildlife, glaciers, parks, and mountains. The land portion of our cruise-tour included 5 days and 4 nights traveling from Fairbanks to Anchorage, with hotel stays at several Princess Lodges across Alaska. The cruise-tour price included everything, and it was easy! The cruise line handled our luggage and checked us into each lodge. Then, our 7-night cruise sailed southbound from Whittier (near Anchorage) to Vancouver (British Columbia, Canada).

Southbound via train in Alaska. June, 2005 The land portion of our cruise-tour included travel by bus and train. If you love trains, this is a must-experience vacation. Each cruise line has their own rail cars with glass-domes, so you sit comfortably and easily watch the spectacular countryside pass by. The trains don't travel fast, which makes photography and filming easy. Some rail cars have open-air platforms for photographers wanting to avoid reflections created by glass windows.

Clear view of Mount Denali in 2005. Click to view larger image Before visiting Denali National Park, we stayed at the Denali Princess Wilderness Lodge. When you visit the park, allow enough time for the full-day tour. The park is massive, about the size of the State of New Hampshire. You won't see much if you book the half-day tour. We stayed the next night at the Mount McKinley Princess Wilderness Lodge, which featured a spectacular view of the mountain. We were lucky because clouds didn't obstruct views of Denali (a/k/a Mount McKinley).

View of the Grand Canyon from the South Rim. Click to view larger version During a trip to Las Vegas in 2012, we visited Grand Canyon National Park. The hotel offered an excursion package that included both air and bus travel. You could rent a car and drive, but short one-hour flight was faster and offered spectacular aerial views of Hoover Dam!

Words cannot describe the splendor and beauty of these national parks. If you haven’t visited a national park, I strongly encourage you to visit one this year. Don’t wait. You’ll be glad you did. Filmmaker and historian Ken Burns said it best in the title of his documentary series, "The National Parks: America's Best Idea."

If you don’t want to drive or fly, you can easily visit a park via train. Amtrak serves many NPS sites including Glacier, Grand Canyon, Yosemite, Everglades, Sequoia, Kings Canyon, Rocky Mountain, and more.

For the 100-year celebration, the national parks will waive entry fees for 16 days including August 25 through 28, September 24, and November 11. To find a national park near you, use the Find A Park search tool. To prevent damage to the environment, off-road vehicles are illegal with the national parks. And, leave your drone at home. The use of drones are banned in all national parks.

Which national parks have you visited?

Princess Lodge in Denali, Alaska


6 Tips To Protect Yourself From Callers Offering Energy Discount Scams

Recently, I received a phone call offering "discounts on my Eversource bill." The caller identified himself as "Kevin." I have no idea if that is his real name. Kevin explained that I could get discounts by giving him some simple personal information. His then asked for my ZIP Code.

Right. I was born at night, but not last night.

I told Kevin that I don't share my personal information over the phone without knowing who the caller is. I asked him to provide four items: a) his full name, b) his company name, c) his company's phone number, and d) his company's website address.

Kevin replied, "okay." The next thing I heard was a loud click as he hung up.

Now, there are real companies offering discounts on electric utilities. Clearly, Kevin was not one of them. After receiving robocalls before from energy scammers, I have learned to demand these four data elements before sharing any personal information on the phone.

Eversource logo To protect yourself and your money from scam artists, Eversource advises residential customers:

"1. Always verify whether these callers are legitimate by asking for some basic information about your account. Our representatives will always be able to provide the name on the account, the account address, and the exact past due balance.

2. Never immediately pay, regardless of what the caller knows about your account. If they request an immediate payment using a third-party service, at another location or via a prepaid debit card, hang up immediately and contact us directly to verify your account status.

3. If you are suspicious, hang up and call us ​at 800-592-2000. Also, please report this to your local law enforcement.

4. Never wire money to someone you don’t know – regardless of the situation. Once you wire money, you cannot get it back.

5. Do not accept offers from anyone, including those claiming to be Eversource employees, to pay your bill or provide any other service for a fee.

6. Do not click on links or call numbers that appear in unexpected emails or text messages – especially those asking for your account information. If you click on a link, your computer could become infected with malware, including viruses that can steal your information and compromise your computer."

And, learn how to spot these five energy scams. Demanding that the caller clearly and completely identify their self also seems to work.


In The Modern Era, More Young Adults Live With Their Parents

As a parent of three children who are now adults, this news item caught my attention. The Pew Research Center reported:

"Broad demographic shifts in marital status, educational attainment and employment have transformed the way young adults in the U.S. are living, and an analysis of census data highlights the implications of these changes for the most basic element of their lives – where they call home. In 2014, for the first time in more than 130 years, adults ages 18 to 34 were slightly more likely to be living in their parents’ home than they were to be living with a spouse or partner in their own household."

The data:

  Percent of Adults
Ages 18 to 34
Living Arrangement 1880 1940 1960 2014
Living at home with parents 30 35 20 32.1
Married or co-habitation in own household 45 46 62 31.6
Living alone, single parents, and other head of household 3 3 5 14
Other living arrangement 22 16 13 22

Several factors contributed to this shift:

"The first is the postponement of, if not retreat from, marriage. The median age of first marriage has risen steadily for decades. In addition, a growing share of young adults may be eschewing marriage altogether. A previous Pew Research Center analysis projected that as many as one-in-four of today’s young adults may never marry. While cohabitation has been on the rise, the overall share of young adults either married or living with an unmarried partner has substantially fallen since 1990.

In addition... employed young men are much less likely to live at home than young men without a job, and employment among young men has fallen significantly in recent decades. The share of young men with jobs peaked around 1960 at 84%. In 2014, only 71% of 18- to 34-year-old men were employed. Similarly with earnings, young men’s wages (after adjusting for inflation) have been on a downward trajectory since 1970 and fell significantly from 2000 to 2010. As wages have fallen, the share of young men living in the home of their parent(s) has risen."

And there are differences by gender:

"For men ages 18 to 34, living at home with mom and/or dad has been the dominant living arrangement since 2009. 'In 2014, 28 percent of young men were living with a spouse or partner in their own home, while 35 percent were living in the home of their parent(s). For their part, young women are on the cusp of crossing over this threshold: They are still more likely to be living with a spouse or romantic partner (35%) than they are to be living with their parent(s) (29%). In 2014, more young women (16%) than young men (13%) were heading up a household without a spouse or partner. This is mainly because women are more likely than men to be single parents living with their children..."

Additional findings:

"In 2014, 40 percent of 18- to 34-year-olds who had not completed high school lived with parent(s), the highest rate observed since the 1940 Census when information on educational attainment was first collected.

Young adults in states in the South Atlantic, West South Central and Pacific United States have recently experienced the highest rates on record of living with parent(s).

With few exceptions, since 1880 young men across all races and ethnicities have been more likely than young women to live in the home of their parent(s)."

The methodology included decennial census data and large samples, typically 1 percent of young adults nationwide.


Boston Mayor Announced Verizon Partnership And Fiber High-Speed Internet Expansion Across City

Verizon logo During a Boston City Council meeting in October 2015, Verizon representatives firmly stated the company's disinterest in expanding its FiOS fiber-based high-speed Internet services throughout the city. That position resulted in a lack of broadband Internet competition, with Comcast often the only service available in teh city. (The FCC increased the minimum broadband speed, so DSL services no longer qualify.) I was pleasantly surprised when Boston Mayor Marty Walsh announced on Tuesday:

"... a new partnership with Verizon to make Boston one of the most technologically advanced cities in the country by replacing its copper-based infrastructure with a state-of-the-art fiber-optic network platform across the city. The new network will offer enormous bandwidth and speeds. Through an investment of more than $300 million from Verizon over six years, this change will bring increased competition and choice for broadband and entertainment services in Boston..."

This is welcome news. Other Internet Service Providers (ISPs) offer slower speeds and charge high prices for those slower speeds. This worldwide study found that municipal broadband networks provide consumers with the best value (e.g., highest speeds at the lowest prices via wired lines). Thankfully, Massachusetts is not one of the 19 states with laws that prevent local towns and cities from forming their own municipal broadband networks. Consumers everywhere need choice and more competition.

Verizon fiber broadband construction in Boston will start:

"... in Dorchester, West Roxbury and the Dudley Square neighborhood of Roxbury in 2016, followed by Hyde Park, Mattapan, and other areas of Roxbury and Jamaica Plain. The city has also agreed to provide an expedited permitting process to encourage this build... As a next step, the city will begin the cable television licensing process. Upon successful completion of the licensing process, Verizon expects to offer FiOS TV service in Boston... Verizon kicked off the new collaboration by presenting a $100,000 Digital Equity contribution to the city, which will be used to support a mobile hotspot lending program at the Boston Public Library."

The partnership will measure demand from residents and businesses, and prioritize construction, using the www.verizon.com/BostonFiber website. Residents and businesses should visit the site and vote (for free) to ensure that their neighborhood gets fiber broadband first.

The partnership also includes the installation of Internet-connected devices in public areas, which is one portion of the Internet-ofThings (ioT):

"... an innovative "Smart Cities" trial that will address traffic safety and congestion along the Massachusetts Avenue Vision Zero Priority Corridor. The city and Verizon will experiment with sensors and advanced traffic signal control technology to increase safety, measure bicycle traffic, improve public transit vehicle flow, and decrease congestion. Future "Smart Cities" applications will address other key services, including environmental sensors, energy efficiency, and city lighting management."

As the projects move forward, it will be interesting to learn about what data will be collected by ioT devices and data-sharing agreements. Details matter. Verizon also announced:

"This partnership will also improve wireless services in Boston by enabling Verizon to attach wireless equipment to city street lights and utility poles, helping residents get fast, reliable mobile service."

Fiber broadband availability is good news. I visited the Boston Fiber website and voted. The site asks for your full name, email, and mobile phone number to provide availability updates. The site confirmed that I live in the area the partnership considers Zone A: the first area to get Verizon FiOS.

With all of this good news, sadly it seems to already be two steps forward and one step backward. Verizon has failed to reach agreement with its workers' unions, who went on strike yesterday. CNN reported:

"Most of the striking workers service the company's landline phone business and FiOS broadband network -- not the much larger Verizon Wireless network. They have gone without a contract since August, and their union, the Communication Workers of America, says it is fighting to get Verizon to come to the table with a better offer. The union's list of complaints is a long one: Verizon has outsourced 5,000 jobs to workers in Mexico, the Philippines and the Dominican Republic. Verizon is hiring more low-wage, non-union contractors... The union also claims Verizon won't negotiate with people who work in Verizon stores and is closing call centers. And Verizon is asking workers to work out of state, away from their homes, for months at a time. Meanwhile, the union says Verizon is cutting costs as its profits have soared."

I am sure that many residents and businesses want to order Verizon FiOS fiber broadband, and have it installed by fully trained and experienced technicians, not hastily gathered replacements.

After I voted, the Verizon website presented the image below with relative vote counts for Boston fiber:

Verizon FiOS fiber broadband Internet for Boston. Relative vote counts by neighborhoods. Click to view larger image


FCC Proposed New Privacy Rules To Help Consumers With Broadband Internet Services

Federal Communications Commission logo Earlier this month, the U.S. Federal Communications Commission (FCC) proposed new privacy rules to help consumers when subscribing to high-speed Internet services. The rules clarify when Internet Service providers (ISPs) must obtain the consumer's approval. A summary:

"Consent Inherent in Customer Decision to Purchase ISP’s Services: Customer data necessary to provide broadband services and for marketing the type of broadband service purchased by a customer – and for certain other purposes consistent with customer expectations, such as contacting public safety – would require no additional customer consent beyond the creation of the customer-ISP relationship.

Opt-out: Broadband providers would be allowed to use customer data for the purposes of marketing other communications-related services and to share customer data with their affiliates that provide communications-related services for the purposes of marketing such services unless the customer affirmatively opts out.

Opt-in: All other uses and sharing of consumer data would require express, affirmative “opt-in” consent from customers."

Additional rules require ISPs to clearly provide notices, opt-in mechanisms, and opt-out mechanisms:

"Transparency requirements that require ISPs to provide customers with clear, conspicuous and persistent notice about what information they collect, use and share with third parties, and how customers can change their privacy preferences;

Robust and flexible data security requirements for broadband providers that include requirements to adopt risk management practices; institute personnel training practices; implement strong customer authentication requirements; identify a senior manager responsible for data security; and take responsibility for use and protection of customer information when shared with third parties;

Common-sense data breach notification requirements to encourage ISPs to protect the confidentiality of customer data, and to give consumers and law enforcement notice of failures to protect such information."

The Notice of Proposed Rulemaking (NPRM - Adobe format) contains the detailed statements. (The document is also available here.) Privacy is critical, since broadband Internet access is critical to do anything today. In January, 50 consumer and privacy groups urged the FCC to tighten broadband privacy rules for ISPs. In March, the FCC released a broadband privacy Fact Sheet, which stated in part:

"Telephone networks have had clear, enforceable privacy rules for decades, but broadband networks currently do not... An ISP handles all of its customers’ network traffic, which means it has an unobstructed view of all of their unencrypted online activity – the websites they visit, the applications they use. If customers have a mobile device, their provider can track their physical and online activities throughout the day in real time. Even when data is encrypted, broadband providers can still see the websites that a customer visits, how often they visit them, and the amount of time they spend on each website. Using this information, ISPs can piece together enormous amounts of information about their customers – including private information such as a chronic medical condition or financial problems. A consumer’s relationship with her ISP is very different than the one she has with a website or app. Consumers can move instantaneously to a different website, search engine or application. But once they sign up for broadband service, consumers can scarcely avoid the network for which they are paying a monthly fee."

You don't need to look far to find abuses and questionable customer service historically by ISPs. This blog has covered many of those abuses:

Historically, ISPs have sought increased revenues and viewed targeted (behavioral) advertising as the means. To do this, they partnered with several technology companies (some went out of business after class-action lawsuits) to spy on consumers without notice, without consent, and without providing opt-out  mechanisms. Consumers should control their privacy, not ISPs.

These proposed rules seem reasonable and common-sense. Consumers should be able to register for (e.g., opt-in) for additional desired programs and unsubscribe (e.g., opt-out) of undesired programs offered by their ISP.

Like any newly proposed rules, there is a comment period where the FCC seeks feedback from both consumers and companies. (A democracy requires participation.) If you like, or dislike, or want the proposed rules modified, then tell the FCC and explain why. The deadline for submitting feedback is May 27, 2016. Submit feedback online at the FCC website. The site lists several open proceedings for comments, so use Docket Number 16-106: "Protecting the Privacy of Customers of Broadband and Other Telecommunications Services."


Report: Significant Security Risks With Healthcare And Financial Services Mobile Apps

Arxan Technologies logo Arxan Technologies recently released its fifth annual report about the state of application security. This latest report also highlighted some differences between how information technology (I.T.) professionals and consumers view the security of healthcare and financial services mobile apps. Overall, Arxan found critical vulnerabilities:

"84 percent of the US FDA-approved apps tested did not adequately address at least two of the Open Web Application Security Project (OWASP) Mobile Top 10 Risks. Similarly, 80 percent of the apps tested that were formerly approved by the UK National Health Service (NHS) did not adequately address at least two of the OWASP Mobile Top 10 Risks... 95 percent of the FDA-approved apps, and 100 percent of the apps formerly approved by the NHS, lacked binary protection, which could result in privacy violations, theft of personal health information, and tampering... 100 percent of the mobile finance apps tested, which are commonly used for mobile banking and for electronic payments, were shown to be susceptible to code tampering and reverse-engineering..."

Some background about the U.S. Food and Drug Administration (FDA). The FDA revised its guidelines for mobile medical apps in September, 2015. The top of that document clearly stated, "Contains Nonbinding Regulations." The document also explained which apps the FDA regulates (link added):

"Many mobile apps are not medical devices (meaning such mobile apps do not meet the definition of a device under section 201(h) of the Federal Food, Drug, and Cosmetic Act (FD&C Act)), and FDA does not regulate them. Some mobile apps may meet the definition of a medical device but because they pose a lower risk to the public, FDA intends to exercise enforcement discretion over these devices (meaning it will not enforce requirements under the FD&C Act). The majority of mobile apps on the market at this time fit into these two categories. Consistent with the FDA’s existing oversight approach that considers functionality rather than platform, the FDA intends to apply its regulatory oversight to only those mobile apps that are medical devices and whose functionality could pose a risk to a patient’s safety if the mobile app were to not function as intended. This subset of mobile apps the FDA refers to as mobile medical apps."

The Arxan report found that consumers are concerned about app mobile security:

80 percent of mobile app users would change providers if they knew the apps they were using were not secure. 82 percent would change providers if they knew alternative apps offered by similar service providers were more secure."

Arxan commissioned a a third party which surveyed 1,083 persons in the United States, United Kingdom, Germany, and Japan during November, 2015. 268 survey participants were I.T. professionals and 815 participants were consumers. Also, Arxan hired Mi3 to test mobile apps during October and November, 2015. Those tests included 126 health and financial mobile apps covering both the Apple iOS and Android platforms, 19 mobile health apps approved by the FDA, and 15 mobile health apps approved3 by the UK NHS.

One difference in app security perceptions between the two groups: 82 percent of I.T. professionals believe "everything is being done to protect my apps" while only 57 percent of consumers hold that belief. To maintain privacy and protect sensitive personal information, Arxan advises consumers to:

  1. Buy apps only from reputable app stores,
  2. Don't "jail break" your mobile devices, and
  3. Demand that app developers disclose upfront the security methods and features in their apps.

The infographic below presents more results from the consolidated report. Three reports by Arxan Technologies are available: consolidated, healthcare, and financial services.

Arxan Technologies. 5th Annual State of App Security infographic
Infographic reprinted with permission.


Facts About Debt Collection Scams And Other Consumer Complaints

Logo for Consumer Financial Protection Bureau The Consumer Financial Protection Bureau (CFPB) recently released a report about debt collection scams. The report is based upon more than 834,00 complaints filed by consumers nationally with the CFPB about financial products and services: checking and savings accounts, mortgages, credit cards, prepaid cards, consumer loans, student loans, money transfers, payday loans, debt settlement, credit repair, and credit reports. Complaints about debt collection scams accounted for 26 percent of all complaints.

The most frequent scam are attempts to collect money from consumers for debts they don't owe. This accounted for 38 percent of all debt-collection-scam complaints submitted. This included harassment:

"Consumers complained about receiving multiple calls weekly and sometimes daily from debt collectors. Consumers often complained that the collector continued to call even after being repeatedly told that the alleged debtor could not be contacted at the dialed number. Consumers also complained about debt collectors calling their places of employment... Consumers complained that they were not given enough information to verify whether or not they owed the debt that someone was attempting to collect. "

The two companies with the most complaints:

"... were Encore Capital Group and Portfolio Recovery Associates, Inc. Both companies, which are among the largest debt buyers in the country, averaged over 100 complaints submitted to the Bureau each month between October and December 2015. In 2015, the CFPB took enforcement actions against these two large debt buyers for using deceptive tactics to collect bad debts."

Compared to a year ago, debt collection complaints increased the most in Indiana (38 percent), Arizona (27 percent), and New Hampshire (26 percent) during December 2015 through February 2016. Debt collection complaints decreased the most in Maine (-34 percent), Wyoming (-26 percent), and North Dakota (-23 percent). And:

"Of the five most populated states, California (10 percent) experienced the greatest percentage increase and Illinois (-4 percent) experienced the greatest percentage decrease in debt collection complaints..."

The report lists 20 companies with the most debt-collection complaints during October through December 2015. The top five companies with with average monthly complaints about debt collection are Encore Capital Group (139.3), Portfolio Recovery Associates, Inc. (112.3), Enhanced recovery Company, LLC (65.7), Transworld Systems Inc. (63.7), and Citibank (54.7). This top-20 list also includes several banks: Synchrony Bank, Capital One, JPMorgan Chase, Bank of America, and Wells Fargo.

While the March Monthly Complaint Report by the CFPB focused upon debt collection complaints, it also provides plenty of detailed information about all categories of complaints. From December 2015 through February 2016, the CFPB received on average every month about 6,856 debt collection complaints, 4,211 mortgage complaints, 3,556 credit reporting complaints, 2,021 complaints about bank accounts or services, and 1,995 complaints about credit cards. Most categories showed increased complaint volumes compared to the same period a year ago. Only two categories showed a decline in average monthly complaints: credit reporting and payday loans. Debt collection complaints were up 6 percent.

Compared to a year ago, average monthly complaint volume (all categories) increased in 40 states and decreased in 11 states. The top five states with the largest increases (all categories) included Connecticut (31 percent), Kansas (30 percent), Georgia (25 percent), Louisiana (25 percent), and Indiana (24 percent). The top five states with the largest decreases (all categories) included Hawaii (-25 percent), Maine (-19 percent), South Dakota (-14 percent), District of Columbia (-8 percent), and Idaho (-6 percent). Also:

"Of the five most populated states, New York (12 percent) experienced the greatest complaint volume percentage increase, and Texas (-8 percent) experienced the greatest complaint volume percentage decrease from December 2014 to February 2015 to December 2015 to February 2016."

The chart below lists the 10 companies with the most complaints (all categories) during October through December, 2015:

Companies with the most complaints. CFPB March 2016 Monthly Complaints Report. Click to view larger image

The "Other" category includes consumer loans, student loans, prepaid cards, payday loans, prepaid cards, money transfers, and more. During this three-month period, complaints about these companies totaled 46 percent of all complaints. Consumers submit complaints about the national big banks covering several categories. According to the CFPB March complaints report (links added):

"By average monthly complaint volume, Equifax (988), Experian (841), and TransUnion (810) were the most-complained-about companies for October - December 2015. Equifax experienced the greatest percentage increase in average monthly complaint volume (32 percent)... Ocwen experienced the greatest percentage decrease in average monthly complaint volume (-18 percent)... Empowerment Ventures (parent company of RushCard) debuted as the 10th most-complained-about company..."

To learn more about the CFPB, there are plenty of posts in this blog. Simply enter "CFPB" in the search box in the right column.


Learn How To Spot These 5 Energy Scams So You Don't Get Duped

Eversource logo Maybe it was a visit by door-to-door sales person. Maybe it was a phone call; or a text or e-mail message. There are six energy scams you should be aware of, so you don't get duped and lose your hard-earned money. Eversource, the largest energy delivery service in New England, alerted its customers about common scams:

  1. Shut-off Threats: callers claim to represent the Billing or Disconnect Department, and state that your power will be shut off if you don't make a payment immediately.
  2. Pay immediately: callers instruct you to make a payment immediately to a third-party location, such as a grocery store, or to a "Green Dot" VISA card. Then, the scammer directs victims to call another phone number to report the card payment information, so the scammers can drain the card account online.
  3. Faulty meters: callers claim your electric (or gas) meter is broken and it overcharging you. Then, the scammer directs victims to buy a $200.00 prepaid card. The scammers calls again claiming the first payment hasn't posted, and the consumer should buy a $300.00 prepaid card. Of course, the scammer lies about the meter being fixed soon.
  4. Unsolicited technician: a door-to-door person, with a hard-to-read badge, claims he is there to check your usage since your neighbors reported have claimed about high monthly bills.
  5. Unsolicited salesperson: a door-to-door person claims there is a problem with your utilities, and you failed to respond to urgent notices. The scammers insisted that you could get a rebate, or savings, but needs to see a copy of your energy bill.

These are all scams because:

"Eversource would never ask you to purchase prepaid cards or make an immediate payment at a third-party location, like a grocery store. We have a very secure, protected billing system, and you have multiple, convenient options to pay your bills, including direct debit, check, credit card and cash. Customers who are scheduled for disconnection due to nonpayment receive written notice that includes the actions they can take to maintain service... All [Eversource] employees carry company-issued identification, and any electrical contractors working with us carry documentation explaining the nature and location of their work. Customers can always call us to verify this information. Eversource would never solicit door-to-door or over the phone on behalf of a specific competitive/alternate energy supplier."

The information on your monthly energy bill is sensitive information. Protect it. Eversource advises:

"Never provide personal financial or utility account information to any unsolicited individual, in person, on the phone, or online, even if the individual seems legitimate."

And Eversource advises its consumers to:

"Always verify whether these contacts are legitimate by asking for some basic information about your account. Our representatives will always be able to provide the name on the account, the account address, and the exact past due balance. If the caller cannot provide that information, the call is not from us."

If you use a different energy provider, check it's website for scams. For example, earlier this month PG&E warned its customers in California about similar scams.

I've received some of these robocalls from scammers. Long ago, I registered both my landline and mobile phone numbers in the National Do Not Call Registry. When I receive unwanted and un-requested robocalls, I hang up the call immediately and submit a complaint to the U.S. Federal Trade Commission (FTC). You should, too.


Voter Tracking, Data Collection, Analysis, And Privacy

While the New Hampshire primary and Iowa caucuses have passed, there are many more upcoming primaries this year before the general election in November. These primaries represent data collection opportunities for companies to learn more about voters. Marketplace reported:

"One company is tracking voter characteristics through some likely sources — their phones. Dstillery is a big data intelligence company that sells targeted advertising information about consumers to big companies like Microsoft and Comcast. But in the Iowa primary, the company tried its hand at compiling voter traits... people who loved to grill or work on their lawns overwhelmingly voted for Trump in Iowa... people who watched and supported NASCAR also happened to support Donald Trump and Hillary Clinton..."

Dstillery's has an impressive list of clients: AT&T, Cablevision, Comcast, DirecTV, Hulu, Sprint, T-Mobile, Verizon, Vonage, and many more. If you remember your college statistics classes, then you know that a correlation does not man causation. Things may happen together but it doesn't mean one causes the other. Being a NASCAR fan doesn't mean a voter will vote for certain candidates. Voting for certain candidates does not mean you will be a NASCAR fan.

This "big data" collection is also a reminder of how much we consumers share on social networking sites. All a consumer has to do is "Like" a brand (e.g., NASCAR, one of these top-10 barbeque grills, a particular politician, etc.) on Facebook.com, or "Follow" that brand (or politician) on Twitter and it is pretty easy for a big data intelligence company to collect, analyze, and compare voters preferences. (Facebook knows far more about you than you realize.) Even if you didn't "Like" or "Follow" a brand, the data collection is still pretty easy. All a big data intelligence firm has to do is troll through the metadata attached to photos you took with your phone and posted online: racetracks on Instagram, NASCAR cakes on Pinterest, or whatever else. You get the idea. The metadata attached to your photos recorded where and when you were (e.g., geo-location of the racetrack), the background scene (e.g., stands, pits, etc.), and the people (e.g., emblems on their clothes). This blog post explains what happens when you stop "Liking" posts and comments on Facebook.

The data analysis is also pretty easy because many most of you gave your mobile phone numbers to social networking sites so you could use their mobile apps. Both social networking sites and data brokers have two crucial data elements (e.g., your birth date, your phone number) to match, merge, and purge data about you. So, political campaigns (via data brokers and big data intelligence firms they hire) can understand pretty easily who actually voted, and for whom, at a particular voting location.

Is this a good thing? I guess your answer to that depends upon how much privacy you want associated with your voting activity. What you do within the voting booth may be private, but there are many players performing surveillance outside the booth to reveal what you did in the booth. And, if you aren't careful what you say in front of Internet-of-Things devices installed in your home (e.g., toys, smart televisions, smart speakers or search robots, etc.), then the data collection is probably even more extensive.

Is this a good thing?


Political Campaigns In The USA: Privacy And Security Issues

The Los Angeles Times provided a good primer about the privacy issues in the political system in the United States:

"... data for politics is not a new phenomenon. Presidential candidates began pioneering the approach more than a decade ago, and it was a key part of Barack Obama’s winning strategy in 2008 and 2012. But technological advancements, plunging storage costs and a proliferation of data firms have substantially increased the ability of campaigns to inhale troves of strikingly personal information about voters... as presidential campaigns push into a new frontier of voter targeting, scouring social media accounts, online browsing habits and retail purchasing records of millions of Americans, they have brought a privacy imposition unprecedented in politics. By some estimates, political candidates are collecting more personal information on Americans than even the most aggressive retailers... The campaigns and the data companies are cagey about what particular personal voter details they are trafficking in..."

Reportedly, one firm collected 500 data elements about each voter. That means, they know a lot about you.

What might those data elements be? Let's use Facebook.com as an example, since many consumers use the social networking services. If you are a member, you can see for yourself. Sign into your account with a web browser, select SETTINGS and then ADS. You'll see a page that looks similar to this:

Image of Facebook Ad Settings page. Click to view larger image

Chances are, your account settings were preset to automatically display targeted advertisements based upon your interests (e.g., what you "Liked," posted about, friends' posts you commented upon, even when you don't click "Like" buttons, music and fitness apps linked to your account, edited and unpublished posts, etc.). I'd already modified my account settings to suppress targeted ads, but that doesn't stop the data collection. Now, select the EDIT link next to "Ads based upon my preferences." When prompted, select the "View Ad Preferences" button. You will see a page that looks similar to this:

Image of Facebook Ad Preferences Categories page. Click to view larger image

Facebook has neatly arranged your preferences into several categories: Education, People, News and Entertainment, Travel, and more. Click on any category to view the items for that category. After selecting the "Lifestyle and Culture" category, I saw this:

Image of Facebook Lifestyle and Culture Ad Preferences view. Click to view larger image

You can click on each item to see details about that item. You can also mouseover an item to display a button to toggle on or off each item. That tells Facebook to either display or suppress targeted advertisements to you about that item. (I turned 95 percent of mine off.) If you "Like" the Facebook page for a specific brand, product, service, newspaper, organization, event, or person then the site is happy to catalog that and serve targeted ads from that entity, or other companies in that category.

This provides a huge clue as to the data elements Facebook has collected and shared with data brokers and its partners. Chances are, some of this information has already made its way via data brokers into the databases of political campaigns. You can read in this blog about data brokers and tech companies that have assisted social networking sites.

I've used Facebook.com as an example to highlight for consumers the data elements. The above images make it real. Data collected by social networking sites is so valuable, at least one credit reporting agency wanted it. As The Los Angeles reported:

"The data companies are required by law to keep the names of individuals separate from the pile of data accumulated about them. Instead, each voter is assigned an online identification number, and when a campaign wants to target a particular group – say, drivers of hybrid vehicles or gun owners – the computers coordinate a robocall, or a volunteer’s canvassing list, or a digital advertisement with relevant accounts. Since campaigns are ultimately in the business of finding particular people and getting them to show up to vote, some scholars are dubious their digital targeting efforts offer the same level of anonymity as those of corporations."

So, campaigns will re-assign names to information the data brokers have supposedly anonymized. Are you happy with that? Are you happy with political campaigns knowing this much about you? Are you confident that political campaigns adequately protect your personal information? Do you believe that you should have some say in what political campaigns collect and archive about you? Do you want control over your personal information?

Again, from the Los Angeles Times article:

"There is a tremendous amount of data out there and the question is what types of controls are in place and how secure is it,” said Craig Spiezle, executive director of the nonprofit Online Trust Alliance. The group’s recent audit of campaign websites for privacy, security and consumer protection gave three-quarters of the candidates failing grades... An exhaustive paper [New York University School of Law researcher] Rubenstein recently published on voter privacy found that “political dossiers may be the largest unregulated assemblage of personal data in contemporary American life.” Basic privacy guidelines that apply to other industries don’t appear to apply to candidates. Some do not even have clear privacy policies posted on their websites..."

Now you have an idea of what data is out there about you. If you want to turn off targeted ads displayed by Facebook, you can. You can't stop the data collection though. The data collection, archiving, and resale is part of most social networking sites' business models.

Are political campaigns reselling data to make money? Are you interested in what political campaigns have collected about you? Do you think it's accurate?


The Most Discussed Topics On Facebook During 2015

Facebook logo What did Facebook members discuss the most during 2015? It wasn't all lolcats, music, selfies, and humor. The social networking giant published its list of most discussed global topics:

  1. U.S. Presidential Election
  2. November 13 Attacks in Paris
  3. Syrian Civil War & Refugee Crisis
  4. Nepal Earthquakes
  5. Greek Debt Crisis
  6. Marriage Equality
  7. Fight Against ISIS
  8. Charlie Hebdo Attack
  9. Baltimore Protests
  10. Charleston Shooting & Flag Debate