128 posts categorized "Reports & Studies" Feed

Report: Software Failure In Fatal Accident With Self-Driving Uber Car

TechCrunch reported:

"The cause of the fatal crash of an Uber self-driving car appears to have been at the software level, specifically a function that determines which objects to ignore and which to attend to, The Information reported. This puts the fault squarely on Uber’s doorstep, though there was never much reason to think it belonged anywhere else.

Given the multiplicity of vision systems and backups on board any given autonomous vehicle, it seemed impossible that any one of them failing could have prevented the car’s systems from perceiving Elaine Herzberg, who was crossing the street directly in front of the lidar and front-facing cameras. Yet the car didn’t even touch the brakes or sound an alarm. Combined with an inattentive safety driver, this failure resulted in Herzberg’s death."

The TechCrunch story provides details about which software subsystem the report said failed.

Not good.

So, the autonomous or self-driving cars are only as good as the software they're programmed with (including maintenance). Anyone who has used computers during the last couple decades probably has experienced software glitches, bugs, and failures. It happens.

This latest incident suggests self-driving cars aren't yet ready. what do you think?


How the Crowd Led ProPublica to Investigate IBM

[Editor's note: today's guest post, by the reporters at ProPublica, discusses employment practices at a major corporation in the United States. The investigation is as interesting as the "Cutting 'Old Heads' At IBM" report. This also caught my attention because a data breach at IBM in 2007 led to the creation of this blog. Today's article is reprinted with permission.]

IBM logo By Ariana Tobin and Peter Gosselin, ProPublica

On March 22, we reported that over the past five years IBM has been removing older U.S. employees from their jobs, replacing some with younger, less experienced, lower-paid American workers and moving many other jobs overseas.

We’ve got documentation and details — most of which are the direct result of a questionnaire filled out by over 1,100 former IBMers.

We’ve gone to the company with our findings. IBM did not answer the specific questions we sent. Spokesman Edward Barbini said: “We are proud of our company and our employees’ ability to reinvent themselves era after era, while always complying with the law. Our ability to do this is why we are the only tech company that has not only survived but thrived for more than 100 years.”

We don’t know the exact size of the problem. Our questionnaire isn’t a scientific sample, nor did all the participants tell us they experienced age discrimination. But the hundreds of similar stories show a pattern of older employees being pushed out even when the company itself says they were doing a good job.

This project wasn’t inspired by a high-level leak or an errant line in secret documents. It came to us through reader engagement. Our investigation took us beyond some of our usual reporting techniques. We’d like to elaborate on this because:

  • We know readers will wonder how we sourced some pretty serious claims.
  • Many ex-employees trusted us with their stories and spent many hours in conversation with us. We think it’s good practice to let them know how we’ve used their information.
  • This is the probably the first time we’ve been pointed to a big project by a community of people we found through digital outreach. We hope that by sharing our experiences, we can help others build on our work.

IBMers found us

This project started as a conversation between the two of us, both reporters at ProPublica. Peter had taken on the age discrimination beat for reasons both personal and professional. Ariana was newly minted into a job called “engagement reporter.”

Ariana suggested that Peter write up a short essay on his own experiences of being laid off at 63 and searching for a job in the aftermath. We attached a short questionnaire to the bottom and headlined it: “Over 50 and looking for a job? We’d like to hear from you.

Dozens of people responded within the first couple of weeks. As we looked through this first round of questionnaires, we noticed a theme: a whole lot of information and technology workers told us they were struggling to stay employed. And those who had lost their jobs? They were having a really hard time finding new work.

Of those IT workers, several mentioned IBM right off the bat. One woman wrote that she and her coworkers were working together to find new jobs in order to “ward off the dreaded old person layoff from IBM.”

Another wrote: “I can probably help you get a lot more stories, contact me if you want to discuss this possibility.”

Another wrote: “Part of the separation agreement was that I not seek collective action against IBM for age discrimination. I was not going to sign as a law firm was planning to file a grievance. However they needed 10 people to agree and they could not get the numbers.”

… and then they connected us with more IBMers

We started making some calls. One of the first people we talked to was Brian Paulson, a 57-year-old senior manager with 18 years at IBM, who was fired for “performance reasons” that the company refused to explain. He was still job-hunting two years later.

Another ex-IBM employee told us that she had seen examples of older workers laid off from many parts of the company on a public Facebook page called WatchingIBM. Ariana spent a day looking through the posts, which were, as promised, crawling with stories, questions, and calls for support from workers of all kinds, as shown in the accompanying screenshot.

We decided to reach out to the page’s administrator, who was a longtime IBM workplace activist, Lee Conrad. He shared our age discrimination questionnaire in the group and more responses poured in.

With dozens of interviews already on the books, we decided to launch a second, more specific questionnaire — this time about IBM

We realized that we had been pointed toward an angry, sad and motivated group. The older ex-IBM workers we called were trying to figure out whether their own layoffs were unique or part of a larger trend. And if they were part of a larger trend... how many people were affected?

A major frustration we saw in comment after comment: These workers couldn’t get information on how many others had been forced out with them.

This was an information gap that immediately struck Peter, because that information is exactly what the law requires employers to disclose at the time of a layoff.

On top of that, many of these sources mentioned having been forced to sign agreements that kept them from going to court or even talking about what had happened to them. They were scared to do anything in violation of those agreements, a fear that kept them from finding out the answers to some big open questions: Why would IBM have stopped releasing the ages and positions of those let go, as they had done before 2014 to comply with federal law? How many workers out there believed they had been “retired” against their will? What did managers really tell their subordinates when the time came to let them go? Who was left to do all of their work?

So we wrote up another questionnaire asking those specific questions.

We learned from the responses, and also the response rate

We contacted people on listservs, found them on open petitions, joined closed LinkedIn networks, and followed each posting on ex-IBM groups. We tweeted the questionnaire out on days that IBM reported its earnings, including the company’s ticker symbol. We talked to trade magazines and IBM historians and organizers who still work at IBM. We bought ads on Facebook and aimed them toward cities and towns where we knew IBM had been cutting its workforce.

As the responses came in, we tried to figure out where most of them were coming from. To identify any meaningful trends, we needed to know who was answering, what was working, and why. We also realized that we needed to introduce ourselves in order to persuade anyone it was worth participating.

When something worked, we’d double down:

We know what worked the best: When people filled out the questionnaire they’d also share their contact information with us. So we asked them to forward the questionnaire around within their own networks:

And we got more leads

We read through all of the responses and identified themes: 183 respondents said the company recorded them as having retired by choice even though they had no desire to retire or flat-out objected to the idea. Forty-five people were told they’d have to uproot their lives and move sometimes thousands of miles from the communities where they had worked for years, or else resign. Fifty-three said their jobs had been moved overseas. Some were happy they’d left. Some were company luminaries, given top ratings throughout their career. Some were still fighting over benefits and health care. Some were worried about finding work ever again.

Inevitably, this categorization process led to us to identify new patterns as we went along, and as new responses accumulated. For each new pattern, we would go back and see how many people fit.

One of the first and most interesting such categories were the people who had received emails congratulating them on their retirement at the same time as they were informed of their layoff. We realized there would be power in numbers there, so we set up a SecureDrop for people who were willing to send us their paperwork.

Eventually, we also created a category called “legal action.” We’d stumbled upon support groups of ex-IBM employees who had filed formal complaints with the Equal Employment Opportunity Commission. Some sent us the company’s responses to their individual complaints, giving us insight into the way the company responded to allegations of discrimination. These seemed, of course, very useful.

In other words: we sent some rather complicated mass emails and were surprised over and over again by the specificity of the responses:

IBM undoubtedly has information that would shed light on the documents, its layoff practices or the overall extent and nature of its job cuts. The company chose not to respond to our questions about those issues.

So we tried to answer ex-IBMers’ questions ourselves, including one of the most basic: How many employees ages 40 and over were let go or left in recent years?

IBM won’t say. In fact, over the years, the company has stopped releasing almost all information about its U.S. workforce. In 2009, it stopped publishing its American employment total. In 2014, it stopped disclosing the numbers and ages of older employees it was laying off, a requirement of the nation’s basic anti-age bias law, the Age Discrimination in Employment Act (ADEA).

So we’ve sought to estimate the number, relying on one of the few remaining bits of company-provided information — a technique developed by a veteran financial analyst who follows IBM for investors — as well as patterns we spotted in internal company documents.

We began with a line in the company’s quarterly and annual filings with the U.S. Securities and Exchange Commission for “workforce rebalancing,” a company term for layoffs, firings and other non-retirement departures. It’s a gauge of what IBM spends to let people go. In the past five years, workforce rebalancing charges have totaled $4.3 billion.

The technique was used by veteran IBM analyst Toni Sacconaghi of Bernstein Research. Sacconaghi is a respected Wall Street analyst who has been named to Institutional Investor’s All-America Research Team every year since 2001. His technique and layoff estimates have been widely cited by news organizations including The Wall Street Journal and Fortune.

Some years ago, Sacconaghi estimated that IBM’s average per-employee cost for laying off a worker was $70,000.

Dividing $4.3 billion by $70,000 suggests that during the past five years IBM’s worldwide job cuts totaled about 62,000. If anything, that number is low, given IBM executives’ comments at a recent investor conference. Internal company documents we reviewed suggest that 50 to 60 percent of cuts were made in the U.S., with older workers representing roughly 60 percent of those. That translates to about 20,000 older American workers let go.

Our analysis suggests the total of U.S. layoffs is almost certainly higher.

First, as Sacconaghi said in a recent interview, IBM’s per-employee rebalancing costs are likely much lower now because, starting in 2016, the company reduced severance payments to departing employees from six months to just 30 days. That means IBM can lay off or fire more people for the same or lower overall costs.

Second, because, as those ex-IBMers told us, the company often converts their layoffs into retirements, the workplace rebalancing numbers don’t tell the whole story.

Right below the line for “workforce rebalancing” in its SEC filings, IBM adds another line for “retirement-related costs,” which reflects how much the company spends each year retiring people out. Some — perhaps a substantial amount of that — went to retirements that were less than fully voluntary. This could add up to thousands more people.

By coming up with answers and investigating in the open, we’ve gotten more sources

Many of the conversations we’ve had during our reporting didn’t make it into the final story. People allowed us to review internal company documents. They let us see long email exchanges with their managers. They dug back through closets and garages to find memos they had saved out of frustration or fatigue or just plain anger.

We can’t go into detail about all of the ways the community helped us report out this story, because we also promised many of our sources that we would protect their confidentiality. The beauty is that they talked to us anyway. They knew where to find us, because our contact information had been spread far and wide.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Airlines Want To Extend 'Dynamic Pricing' Capabilities To Set Ticket Prices By Each Person

In the near future, what you post on social media sites (e.g., Facebook, Instagram, Pinterest, etc.) could affect the price you pay for airline tickets. How's that?

First, airlines already use what the travel industry calls "dynamic pricing" to vary prices by date, time of day, and season. We've all seen higher ticket prices during the holidays and peak travel times. The Telegraph UK reported that airlines want to extend dynamic pricing to set fares by person:

"... the advent of setting fares by the person, rather than the flight, are fast approaching. According to John McBride, director of product management for PROS, a software provider that works with airlines including Lufthansa, Emirates and Southwest, a number of operators have already introduced dynamic pricing on some ticket searches. "2018 will be a very phenomenal year in terms of traction," he told Travel Weekly..."

And, there was a preliminary industry study about how to do it:

" "The introduction of a Dynamic Pricing Engine will allow an airline to take a base published fare that has already been calculated based on journey characteristics and broad segmentation, and further adjust the fare after evaluating details about the travelers and current market conditions," explains a white paper on pricing written by the Airline Tariff Publishing Company (ATPCO), which counts British Airways, Delta and KLM among its 430 airline customers... An ATPCO working group met [in late February] to discuss dynamic pricing, but it is likely that any roll out to its customers would be incremental."

What's "incremental" mean? Experts say first step would be to vary ticket prices in search results at the airline's site, or at an intermediary's site. There's virtually no way for each traveler to know they'd see a personal price that's higher (or lower) from prices presented to others.

With dynamic pricing per person, business travelers would pay more. And, an airline could automatically bundle several fees (e.g., priority boarding, luggage, meals, etc.) for its loyalty program members into each person's ticket price, obscuring transparency and avoiding fairness. Of course, airlines would pitch this as convenience, but alert consumers know that any convenience always has its price.

Thankfully, some politicians in the United States are paying attention. The Shear Social Media Law & Technology blog summarized the situation very well:

"[Dynamic pricing by person] demonstrates why technology companies and the data collection industry needs greater regulation to protect the personal privacy and free speech rights of Americans. Until Silicon Valley and data brokers are properly regulated Americans will continue to be discriminated against based upon the information that technology companies are collecting about us."

Just because something can be done with technology, doesn't mean it should be done. What do you think?


Report: Little Progress Since 2016 To Replace Old, Vulnerable Voting Machines In United States

We've know for some time that a sizeable portion of voting machines in the United States are vulnerable to hacking and errors. Too many states, cities, and town use antiquated equipment or equipment without paper backups. The latter makes re-counts impossible.

Has any progress been made to fix the vulnerabilities? The Brennan Center For Justice (BCJ) reported:

"... despite manifold warnings about election hacking for the past two years, the country has made remarkably little progress since the 2016 election in replacing antiquated, vulnerable voting machines — and has done even less to ensure that our country can recover from a successful cyberattack against those machines."

It is important to remember this warning in January 2017 from the Director of National Intelligence (DNI):

"Russian effortsto influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations. We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election. Russia’s goals were to undermine public faith in the US democratic process... Russian intelligence accessed elements of multiple state or local electoral boards. Since early 2014, Russian intelligence has researched US electoral processes and related technology and equipment. DHS assesses that the types of systems we observed Russian actors targeting or compromising are not involved in vote tallying... We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes... "

Detailed findings in the BCJ report about the lack of progress:

  1. "This year, most states will use computerized voting machines that are at least 10 years old, and which election officials say must be replaced before 2020.
    While the lifespan of any electronic voting machine varies, systems over a decade old are far more likely to need to be replaced, for both security and reliability reasons... older machines are more likely to use outdated software like Windows 2000. Using obsolete software poses serious security risks: vendors may no longer write security patches for it; jurisdictions cannot replace critical hardware that is failing because it is incompatible with their new, more secure hardware... In 2016, jurisdictions in 44 states used voting machines that were at least a decade old. Election officials in 31 of those states said they needed to replace that equipment by 2020... This year, 41 states will be using systems that are at least a decade old, and officials in 33 say they must replace their machines by 2020. In most cases, elections officials do not yet have adequate funds to do so..."
  2. "Since 2016, only one state has replaced its paperless electronic voting machines statewide.
    Security experts have long warned about the dangers of continuing to use paperless electronic voting machines. These machines do not produce a paper record that can be reviewed by the voter, and they do not allow election officials and the public to confirm electronic vote totals. Therefore, votes cast on them could be lost or changed without notice... In 2016, 14 states (Arkansas, Delaware, Georgia, Indiana, Kansas, Kentucky, Louisiana, Mississippi, New Jersey, Pennsylvania, South Carolina, Tennessee, Texas, and Virginia) used paperless electronic machines as the primary polling place equipment in at least some counties and towns. Five of these states used paperless machines statewide. By 2018 these numbers have barely changed: 13 states will still use paperless voting machines, and 5 will continue to use such systems statewide. Only Virginia decertified and replaced all of its paperless systems..."
  3. "Only three states mandate post-election audits to provide a high-level of confidence in the accuracy of the final vote tally.
    Paper records of votes have limited value against a cyberattack if they are not used to check the accuracy of the software-generated total to confirm that the veracity of election results. In the last few years, statisticians, cybersecurity professionals, and election experts have made substantial advances in developing techniques to use post-election audits of voter verified paper records to identify a computer error or fraud that could change the outcome of a contest... Specifically, “risk limiting audits” — a process that employs statistical models to consistently provide a high level of confidence in the accuracy of the final vote tally – are now considered the “gold standard” of post-election audits by experts... Despite this fact, risk limiting audits are required in only three states: Colorado, New Mexico, and Rhode Island. While 13 state legislatures are currently considering new post-election audit bills, since the 2016 election, only one — Rhode Island — has enacted a new risk limiting audit requirement."
  4. "43 states are using machines that are no longer manufactured.
    The problem of maintaining secure and reliable voting machines is particularly challenging in the many jurisdictions that use machines models that are no longer produced. In 2015... the Brennan Center estimated that 43 states and the District of Columbia were using machines that are no longer manufactured. In 2018, that number has not changed. A primary challenge of using machines no longer manufactured is finding replacement parts and the technicians who can repair them. These difficulties make systems less reliable and secure... In a recent interview with the Brennan Center, Neal Kelley, registrar of voters for Orange County, California, explained that after years of cannibalizing old machines and hoarding spare parts, he is now forced to take systems out of service when they fail..."

That is embarrassing for a country that prides itself on having an effective democracy. According to BCJ, the solution would be for Congress to fund via grants the replacement of paperless and antiquated equipment; plus fund post-election audits.

Rather than protect the integrity of our democracy, the government passed a massive tax cut which will increase federal deficits during the coming years while pursuing both a costly military parade and an unfunded border wall. Seems like questionable priorities to me. What do you think?


2017 FTC Complaints Report: Debt Collection Tops The List. Older Consumers Better At Spotting Scams

Earlier this month,, the U.S. Federal Trade Commission (FTC) released its annual report of complaints submitted by consumers in the United States. The report is helpful is understand the most frequent types of scams and reports consumers experienced.

The latest report, titled 2017 Consumer Sentinel Network Data Book, includes complaints from 2.68 million consumers, a decrease from 2.98 million in 2016. However, consumers reported losing a total of $905 million to fraud in 2017, which is $63 million more than in 2016. The most frequent complaints were about debt collection (23 percent), identity theft (14 percent), and imposter scams (13 percent). The top 20 complaint categories:

Rank Category # Of
Reports
% Of
Reports
1 Debt Collection 608,535 22.74%
2 Identity Theft 371,061 13.87%
3 Imposter Scams 347,829 13.00%
4 Telephone & Mobile Services 149,578 5.59%
5 Banks & Lenders 149,316 5.58%
6 Prizes, Sweepstakes & Lotteries 142,870 5.34%
7 Shop-at-Home & Catalog Sales 126,387 4.72%
8 Credit Bureaus, Information
Furnishers & Report Users
107,473 4.02%
9 Auto Related 86,289 3.23%
10 Television and Electronic Media 47,456 1.77%
11 Credit Cards 45,428 1.70%
12 Internet Services 45,093 1.69%
13 Foreign Money Offers &
Counterfeit Check Scams
31,980 1.20%
14 Health Care 27,660 1.03%
15 Travel, Vacations &
Timeshare Plans
22,264 0.83%
16 Business & Job Opportunities 19,082 0.71%
17 Advance Payments for
Credit Services
17,762 0.66%
18 Investment Related 15,079 0.56%
19 Computer Equipment
& Software
9,762 0.36%
20 Mortgage Foreclosure Relief
& Debt Management
8,973 0.34%

While the median loss for all fraud reports in 2017 was $429, consumers reported larger losses in certain types of scams: travel, vacations and timeshare plans ($1,710); mortgage foreclosure relief and debt management ($1,200); and business/job opportunities ($1,063).

The telephone was the most frequently-reported method (70 percent) scammers used to contact consumers, and  wire transfers was the most frequently-reported payment method for fraud ($333 million in losses reported). Also:

"The states with the highest per capita rates of fraud reports in 2017 were Florida, Georgia, Nevada, Delaware, and Michigan. For identity theft, the top states in 2017 were Michigan, Florida, California, Maryland, and Nevada."

What's new in this report is that it details financial losses by age group. The FTC report concluded:

"Consumers in their twenties reported losing money to fraud more often than those over age 70. For example, among people aged 20-29 who reported fraud, 40 percent indicated they lost money. In comparison, just 18 percent of those 70 and older who reported fraud indicated they lost any money. However, when these older adults did report losing money to a scammer, the median amount lost was greater. The median reported loss for people age 80 and older was $1,092 compared to $400 for those aged 20-29."

Detailed information supporting this conclusion:

2017 FTC Consumer Sentinel complaints report. Reports and losses by age group. Click to view larger image

2017 FTC Consumer Sentinel complaints report. Median losses by age group. Click to view larger image

The second chart is key. Twice as many younger consumers (40 percent, ages 20 - 29) reported fraud losses compared to 18 percent of consumers ages 70 and older. At the same time, those older consumers lost more money. So, older consumers were more skilled at spotting scams and few fell victim to scams. It seems both groups could learn from each other.

CBS News interviewed a millennial who fell victim to a mystery-shopper scam, which seemed to be a slick version of the old check scam. It seems wise for all consumers, regardless of age, to maintain awareness about the types of scams. Pick a news source or blog you trust. Hopefully, this blog.

Below is a graphic summarizing the 2017 FTC report:

Ftc-complaints-report-2017


Security Experts: Artificial Intelligence Is Ripe For Misuse By Bad Actors

Over the years, bad actors (e.g., criminals, terrorists, rogue states, ethically-challenged business executives) have used a variety of online technologies to remotely hack computers, track users online without consent nor notice, and circumvent privacy settings by consumers on their internet-connected devices. During the past year or two, reports surfaced about bad actors using advertising and social networking technologies to sway public opinion.

Security researchers and experts have warned in a new report that two of the newest technologies can be also be used maliciously:

"Artificial intelligence and machine learning capabilities are growing at an unprecedented rate. These technologies have many widely beneficial applications, ranging from machine translation to medical image analysis... Less attention has historically been paid to the ways in which artificial intelligence can be used maliciously. This report surveys the landscape of potential security threats from malicious uses of artificial intelligence technologies, and proposes ways to better forecast, prevent, and mitigate these threats. We analyze, but do not conclusively resolve, the question of what the long-term equilibrium between attackers and defenders will be. We focus instead on what sorts of attacks we are likely to see soon if adequate defenses are not developed."

Companies currently use or test artificial intelligence (A.I.) to automate mundane tasks, upgrade and improve existing automated processes, and/or personalize employee (and customer) experiences in a variety of applications and business functions, including sales, customer service, and human resources. "Machine learning" refers to the development of digital systems to improve the performance of a task using experience. Both are part of a business trend often referred to as "digital transformation" or the "intelligent workplace." The CXO Talk site, featuring interviews with business leaders and innovators, is a good resource to learn more about A.I. and digital transformation.

A survey last year of employees in the USA, France, Germany, and the United Kingdom found that they, "see A.I. as the technology that will cause the most disruption to the workplace." The survey also found: 70 percent of employees surveyed expect A.I. to impact their jobs during the next ten years, half expect impacts within the next three years, and about a third percent see A.I. as a job creator.

This new report was authored by 26 security experts from a variety of educational institutions including American University, Stanford University, Yale University, the University of Cambridge, the University of Oxford, and others. The report cited three general ways bad actors could misuse A.I.:

"1. Expansion of existing threats. The costs of attacks may be lowered by the scalable use of AI systems to complete tasks that would ordinarily require human labor, intelligence and expertise. A natural effect would be to expand the set of actors who can carry out particular attacks, the rate at which they can carry out these attacks, and the set of potential targets.

2. Introduction of new threats. New attacks may arise through the use of AI systems to complete tasks that would be otherwise impractical for humans. In addition, malicious actors may exploit the vulnerabilities of AI systems deployed by defenders.

3. Change to the typical character of threats. We believe there is reason to expect attacks enabled by the growing use of AI to be especially effective, finely targeted, difficult to attribute, and likely to exploit vulnerabilities in AI systems."

So, A.I. could make it easier for the bad guys to automated labor-intensive cyber-attacks such as spear-fishing. The bad guys could also create new cyber-attacks by combining A.I. with speech synthesis. The authors of the report cited examples of more threats:

"The use of AI to automate tasks involved in carrying out attacks with drones and other physical systems (e.g. through the deployment of autonomous weapons systems) may expand the threats associated with these attacks. We also expect novel attacks that subvert cyber-physical systems (e.g. causing autonomous vehicles to crash) or involve physical systems that it would be infeasible to direct remotely (e.g. a swarm of thousands of micro-drones)... The use of AI to automate tasks involved in surveillance (e.g. analyzing mass-collected data), persuasion (e.g. creating targeted propaganda), and deception (e.g. manipulating videos) may expand threats associated with privacy invasion and social manipulation..."

BBC News reported even more possible threats:

"Technologies such as AlphaGo - an AI developed by Google's DeepMind and able to outwit human Go players - could be used by hackers to find patterns in data and new exploits in code. A malicious individual could buy a drone and train it with facial recognition software to target a certain individual. Bots could be automated or "fake" lifelike videos for political manipulation. Hackers could use speech synthesis to impersonate targets."

From all of this, one can conclude that the 2016 elections interference cited by intelligence officials is probably mild compared to what will come: more serious, sophisticated, and numerous attacks. The report included four high-level recommendations:

"1. Policymakers should collaborate closely with technical researchers to investigate, prevent, and mitigate potential malicious uses of AI.

2. Researchers and engineers in artificial intelligence should take the dual-use nature of their work seriously, allowing misuse-related considerations to influence research priorities and norms, and proactively reaching out to relevant actors when harmful applications are foreseeable.

3. Best practices should be identified in research areas with more mature methods for addressing dual-use concerns, such as computer security, and imported where applicable to the case of AI.

4. Actively seek to expand the range of stakeholders and domain experts involved in discussions of these challenges."

Download the 101-page report titled, "The Malicious Use Of Artificial Intelligence: Forecasting, Prevention, And Mitigation" A copy of the report is also available here (Adobe PDF; 1,400 k bytes)here.

To prepare, both corporate and government executives would be wise to both harden their computer networks and (re)train their employees to recognize and guard against cyber attacks. What do you think?


I Approved This Facebook Message — But You Don’t Know That

[Editor's note: today's guest post, by reporters at ProPublica, is the latest in a series about advertising and social networking sites. It is reprinted with permission.]

Facebook logo By Jennifer Valentino-DeVries, ProPublica

Hundreds of federal political ads — including those from major players such as the Democratic National Committee and the Donald Trump 2020 campaign — are running on Facebook without adequate disclaimer language, likely violating Federal Election Commission (FEC) rules, a review by ProPublica has found.

An FEC opinion in December clarified that the requirement for political ads to say who paid for and approved them, which has long applied to print and broadcast outlets, extends to ads on Facebook. So we checked more than 300 ads that had run on the world’s largest social network since the opinion, and that election-law experts told us met the criteria for a disclaimer. Fewer than 40 had disclosures that appeared to satisfy FEC rules.

“I’m totally shocked,” said David Keating, president of the nonprofit Institute for Free Speech in Alexandria, Virginia, which usually opposes restrictions on political advertising. “There’s no excuse,” he said, looking through our database of ads.

The FEC can investigate possible violations of the law and fine people up to thousands of dollars for breaking it — fines double if the violation was “knowing and willful,” according to the regulations. Under the law, it’s up to advertisers, not Facebook, to ensure they have the right disclaimers. The FEC has not imposed penalties on any Facebook advertiser for failing to disclose.

An FEC spokeswoman declined to say whether the commission has any recent complaints about lack of disclosure on Facebook ads. Enforcement matters are confidential until they are resolved, she said.

None of the individuals or groups we contacted whose ads appeared to have inadequate disclaimers, including the Democratic National Committee and the Trump campaign, responded to requests for comment. Facebook declined to comment on ProPublica’s findings or the December opinion. In public documents, the company has urged the FEC to be “flexible” in what it allows online, and to develop a policy for all digital advertising rather than focusing on Facebook.

Insufficient disclaimers can be minor technicalities, not necessarily evidence of intent to deceive. But the pervasiveness of the lapses ProPublica found suggests a larger problem that may raise concerns about the upcoming midterm elections — that political advertising on the world’s largest social network isn’t playing by rules intended to protect the public.

Unease about political ads on Facebook and other social networking sites has intensified since internet companies acknowledged that organizations associated with the Russian government bought ads to influence U.S. voters during the 2016 election. Foreign contributions to campaigns for U.S. federal office are illegal. Online, advertisers can target ads to relatively small groups of people. Once the marketing campaign is over, the ads disappear. This makes it difficult for the public to scrutinize them.

The FEC opinion is part of a push toward more transparency in online political advertising that has come in response to these concerns. In addition to handing down the opinion in a specific case, the FEC is preparing new rules to address ads on social media more broadly. Three senators are sponsoring a bill called the Honest Ads Act, which would require internet companies to provide more information on who is buying political ads. And earlier this month, the election authority in Seattle said Facebook was violating a city law on election-ad disclosures, marking a milestone in municipal attempts to enforce such transparency.

Facebook itself has promised more transparency about political ads in the coming months, including “paid for by” disclosures. Since late October it has been conducting tests in Canada that publish ads on an advertiser’s Facebook page, where people can see them even without being part of the advertiser’s target audience. Those ads are only up while the ad campaign is running, but Facebook says it will create a searchable archive for federal election advertising in the U.S. starting this summer.

ProPublica found the ads using a tool called the Political Ad Collector, which allows Facebook users to automatically send us the political ads that were displayed on their news feeds. Because they reflect what users of the tool are seeing, the ads in our database aren’t a representative sample.

The disclaimers required by the FEC are familiar to anyone who has seen a print or television political ad — think of a candidate saying, “I’m ____, and I approved this message,” at the end of a TV commercial, or a “paid for by” box at the bottom of a newspaper advertisement. They’re intended to make sure the public knows who is paying to support a candidate, and to prevent people from falsely claiming to speak on a candidate’s behalf.

The system does have limitations, reflecting concerns that overuse of disclaimers could inhibit free speech. For starters, the rules apply only to certain types of political ads. Political committees and candidates have to include disclaimers, as do people seeking donations or conducting “express advocacy.” To count as express advocacy, an ad typically must mention a candidate and use certain words clearly campaigning for or against a candidate — such as “vote for,” “reject” or “re-elect.” And the regulations only apply to federal elections, not state and local ones.

The rules also don’t address so-called “issue” ads that advocate a policy stance. These ads may include a candidate’s name without a disclaimer, as long as they aren’t funded by a political committee or candidate and don’t use express-advocacy language. Many of the political ads purchased by Russian groups in 2016 attempted to influence public opinion without mentioning candidates at all — and would not require disclosure even today.

Enforcement of the law often relies on political opponents or a member of the public complaining to the FEC. If only supporters see an ad, as might be the case online, a complaint may never come.

The disclaimer law was last amended in 2002, but online advertising has changed so rapidly that several experts said the FEC has had trouble keeping up. In 2002, the commission found that paid text message ads were exempt from disclosure under the “small-items exception” originally intended for buttons, pins and the like. What counts as small depends on the situation and is up to the FEC.

In 2010, the FEC considered ads on Google that had no graphics or photos and were limited to 95 characters of text. Google proposed that disclaimers not be part of the ads themselves but be included on the web pages that users would go to after clicking on the ads; the FEC agreed.

In 2011, Facebook asked the FEC to allow political ads on the social network to run without disclosures. At the time, Facebook limited all ads on its platform to small, “thumbnail” photos and brief text of only 100 or 160 characters, depending on the type of ad. In that case, the six-person FEC couldn’t muster the four votes needed to issue an opinion, with three commissioners saying only limited disclosure was required and three saying the ads needed no disclosure at all, because it would be “impracticable” for political ads on Facebook to contain more text than other ads. The result was that political ads on Facebook ran without the disclaimers seen on other types of election advertising.

Since then, though, ads on Facebook have expanded. They can now include much more text, as well as graphics or photos that take up a large part of the news feed’s width. Video ads can run for many minutes, giving advertisers plenty of time to show the disclaimer as text or play it in a voiceover.

Last October, a group called Take Back Action Fund decided to test whether these Facebook ads should still be exempt from the rules.

“For years now, people have said, ‘Oh, don’t worry about the rules, because the FEC doesn’t enforce anything on Facebook,’” said John Pudner, president of Take Back Action Fund, which advocates for campaign finance reform. Many political consultants “didn’t think you ever needed a disclaimer on a Facebook ad,” said Pudner, a longtime campaign consultant to conservative candidates.

Take Back Action Fund came up with a plan: Ask the FEC whether it should include disclosures on ads that the group thought clearly needed them.

The group told the FEC it planned to buy “express advocacy” ads on Facebook that included large images or videos on the news feed. In its filing, Take Back Action Fund provided some sample text it said it was thinking of using: “While [Candidate Name] accuses the Russians of helping President Trump get elected, [s/he] refuses to call out [his/her] own Democrat Party for paying to create fake documents that slandered Trump during his presidential campaign. [Name] is unfit to serve.”

In a comment filed with the FEC in the matter, the Internet Association trade group, of which Facebook is a member, asked the commission to follow the precedent of the 2010 Google case and allow a “one-click” disclosure that didn’t need to be on the ad itself but could be on the web page the ad led to.

The FEC didn’t follow that recommendation. It said unanimously that the ads needed full disclaimers.

The opinion, handed down Dec. 15, was narrow, saying that if any of the “facts or assumptions” presented in another case were different in a “material” way, the opinion could not be relied upon. But several legal experts who spoke with ProPublica said the opinion means anyone who would have to include disclaimers in traditional advertising should now do so on large Facebook image ads or video ads — including candidates, political committees and anyone using express advocacy.

“The functionality and capabilities of today’s Facebook Video and Image ads can accommodate the information without the same constrictions imposed by the character-limited ads that Facebook presented to the Commission in 2011,” three commissioners wrote in a concurring statement. A fourth commissioner went further, saying the commission’s earlier decision in the text messaging case should now be completely superseded. The remaining two commissioners didn’t comment beyond the published opinion.

“We are overjoyed at the decision and hope it will have the effect of stopping anonymous attacks,” said Pudner, of Take Back Action Fund. “We think that this is a matter of the voter’s right to know.” He added that the group doesn’t intend to purchase the ads.

This year, the FEC plans to tackle concerns about digital political advertising more generally. Facebook favors such an industry-wide approach, partly for competitive reasons, according to a comment it submitted to the commission.

“Facebook strongly supports the Commission providing further guidance to committees and other advertisers regarding their disclaimer obligations when running election-related Internet communications on any digital platform,” Facebook General Counsel Colin Stretch wrote to the FEC.

Facebook was concerned that its own transparency efforts “will apply only to advertising on Facebook’s platform, which could have the unintended consequence of pushing purchasers who wish to avoid disclosure to use other, less transparent platforms,” Stretch wrote.

He urged the FEC to adopt a “flexible” approach, on the grounds that there are many different types of online ads. “For example, allowing ads to include an icon or other obvious indicator that more information about an ad is available via quick navigation (like a single click) would give clear guidance.”

To test whether political advertisers were following the FEC guidelines, we searched for large U.S. political ads that our tool gathered between Dec. 20 — five days after the opinion — and Feb. 1. We excluded the small ads that run on the right column of Facebook’s website. To find ads that were most likely to fall under the purview of the FEC regulations, we searched for terms like “committee,” “donate” and “chip in.” We also searched for ads that used express advocacy language such as, “for Congress,” “vote against,” “elect” or “defeat.” We left out ads with state and local terms such as “governor” or “mayor,” as well as ads from groups such as the White House Historical Association or National Audubon Society that were obviously not election-oriented. Then we examined the ads, including the text and photos or graphics.

Of nearly 70 entities that ran ads with a large photo or graphic in addition to text, only two used all of the required disclaimer language. About 20 correctly indicated in some fashion the name of the committee associated with the ad but omitted other language, such as whether the ad was endorsed by a candidate. The rest had more significant shortcomings. Many of those that didn’t include disclosures were for relatively inexperienced candidates for Congress, but plenty of seasoned lawmakers and major groups failed to use the proper language as well.

For example, one ad said, “It’s time for Donald Trump, his family, his campaign, and all of his cronies to come clean about their collusion with Russia.” A photo of Donald Trump appeared over a black and red map of Russia, overlaid by the text, “Stop the Lies.” The ad urged people to “Demand Answers Today” and “Sign Up.”

At the top, the ad identified the Democratic Party as the sponsor, and linked to the party’s Facebook page. But, under FEC rules, it should have named the funder, the Democratic National Committee, and given the committee’s address or website. It should also have said whether the ad was endorsed by any candidate. It didn’t. The only nod to the national committee was a link to my.democrats.org, which is paid for by the DNC, at the bottom of the ad. As on all Facebook ads, the word “Sponsored” was included at the top.

Advertisers seemed more likely to put the proper disclaimers on video ads, especially when those ads appeared to have been created for television, where disclaimers have been mandatory for years. Videos that didn’t look made for TV were less likely to include a disclaimer.

One ad that said it was from Donald J. Trump consisted of 20 seconds of video with an American flag background and stirring music. The words “Donate Now! And Enter for a Chance To Win Dinner With Trump!” materialized on the screen with dramatic thuds and crashes. The ad linked to Trump’s Facebook page, and a “Donate” button at the bottom of the ad linked to a website that identified the president’s re-election committee, Donald J. Trump for President, Inc., as its funder. It wasn’t clear on the ad whether Trump himself or his committee paid for it, which should have been specified under FEC rules.

The large majority of advertisements we collected — both those that used disclosures and those that didn’t — were for liberal groups and politicians, possibly reflecting the allegiances of the ProPublica readers who installed our ad-collection tool. There were only four Republican advertisers among the ads we analyzed.

It’s not clear why advertisers aren’t following the FEC regulations. Keating, of the Institute for Free Speech, suggested that advertisers might think the word “Sponsored” and a link to their Facebook page are enough and that reasonable people would know they had paid for the ad.

Others said social media marketers may simply be slow in adjusting to the FEC opinion.

“It’s entirely possible that because disclaimers haven’t been included for years now, candidates and committees just aren’t used to putting them on there,” said Brendan Fischer, director of the Federal and FEC Reform Program at the Campaign Legal Center, the group that provided legal services to Take Back Action Fund. “But they should be on notice,” he added.

There were only two advertisers we saw that included the full, clear disclosures required by the FEC on their large image ads. One was Amy Klobuchar, a Democratic senator from Minnesota who is a co-sponsor of the Honest Ads Act. The other was John Moser, an IT security professional and Democratic primary candidate in Maryland’s 7th Congressional District who received $190 in contributions last year, according to his FEC filings.

Reached by Facebook Messenger, Moser said he is running because he has a plan for ending poverty in the U.S. by restructuring Social Security into a “universal dividend” that gives everyone over age 18 a portion of the country’s per capita income. He complained that Facebook doesn’t make it easy for political advertisers to include the required disclosures. “You have to wedge it in there somewhere,” said Moser, who faces an uphill battle against longtime U.S. Rep. Elijah Cummings. “They need to add specific support for that, honestly.”

Asked why he went to the trouble to put the words on his ad, Moser’s answer was simple: “I included a disclosure because you're supposed to.”

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


New Data Breach Legislation Proposed In North Carolina

After a surge in data breaches in North Carolina during 2017, state legislators have proposed stronger data breach laws. The National Law Review explained what prompted the legislative action:

"On January 8, 2018, the State of North Carolina released its Security Breach Report 2017, which highlights a 15 percent increase in breaches since 2016... Health care, financial services and insurance businesses accounted for 38 percent, with general businesses making up for just more than half of these data breaches. Almost 75 percent of all breaches resulted from phishing, hacking and unauthorized access, reflecting an overall increase of more than 3,500 percent in reported hacking incidents alone since 2006. Since 2015, phishing incidents increased over 2,300 percent. These numbers emphasize the warning to beware of emails or texts requesting personal information..."

So, fraudsters have tricked many North Carolina residents and employees into both opening fraudulent e-mail and text messages, and then responding by disclosing sensitive personal information. Not good.

Details about the proposed legislation:

"... named the Act to Strengthen Identity Theft Practices (ASITP), announced by Representative Jason Saine and Attorney General Josh Stein, attempts to combat the data breach epidemic by expanding North Carolina’s breach notification obligations, while reducing the time businesses have to comply with notification to the affected population and to the North Carolina Attorney General’s Office. If enacted, this new legislation will be one of the most aggressive U.S. breach notification statutes... The Fact Sheet concerning the ASITP as published by the North Carolina Attorney General proposes that the AG take a more direct role in the investigation of data breaches closer to their time of discovery...  To accomplish this goal, the ASITP proposes a significantly shorter period of time for an entity to provide notification to the affected population and to the North Carolina Attorney General. Currently, North Carolina’s statute mandates that notification be made to affected individuals and the Attorney General without “unreasonable delay.” Under the ASITP, the new deadline for all notifications would be 15 days following discovery of the data security incident. In addition to being the shortest deadline in the nation, it is important to note that notification vendors typically require 5 business days to process, print and mail notification letters... The proposed legislation also seeks to (1) expand the definition of “protected information” to include medical information and insurance account numbers, and (2) penalize those who fail to maintain reasonable security procedures by charging them with a violation under the Unfair and Deceptive Trade Practices Act for each person whose information is breached..."

Good. The National Law Review article also compared the breach notification deadlines across all 50 states and territories. It is worth a look to see how your state compares. A comparison of selected states:

Time After Discovery of Breach Selected States/Territories
10 calendar days Puerto Rico (Dept. of Consumer Affairs)
15 calendar days North Carolina (Proposed)
15 business California (Protected Health Information)
30 calendar days Florida
45 calendar days Ohio, Maryland
90 calendar days Connecticut
Most expedient time & without
unreasonable delay
California (other), Massachusetts, New York, North Carolina, Pennsylvania, Puerto Rico (other)
As soon as possible Texas

To learn more, download the North Carolina Security Breach Report 2017 (Adobe PDF), and the ASITP Fact Sheet (Adobe PDF).


Report: Air Travel Globally During 2017 Was The Safest Year On Record

The Independent UK newspaper reported:

"The Dutch-based aviation consultancy, To70, has released its Civil Aviation Safety Review for 2017. It reports only two fatal accidents, both involving small turbo-prop aircraft, with a total of 13 lives lost. No jets crashed in passenger service anywhere in the world... The chances of a plane being involved in a fatal accident is now one in 16 million, according to the lead researcher, Adrian Young... The report warns that electronic devices in checked-in bags pose a growing potential danger: “The increasing use of lithium-ion batteries in electronics creates a fire risk on board aeroplanes as such batteries are difficult to extinguish if they catch fire... The UK has the best air-safety record of any major country. No fatal accidents involving a British airline have happened since the 1980s. The last was on 10 January 1989... In contrast, sub-Saharan Africa has an accident rate 44 per cent worse than the global average, according to the International Air Transport Association (IATA)..."

Read the full 2017 aviation safety report by To70. Below is a chart from the report.

Accident Data Chart from To70 Air Safety Review for 2017. Click to view larger version


What We Discovered During a Year of Documenting Hate

[Editor's note: today's guest blog post, by the reporters at ProPublica, is second in a series about law enforcement and hate crimes in the United States. Today's post is reprinted with permission.]

By Rachel Glickhouse, ProPublica

The days after Election Day last year seemed to bring with them a rise in hate crimes and bias incidents. Reports filled social media and appeared in local news. There were the letters calling for the genocide of Muslims that were sent to Islamic centers from California to Ohio. And the swastikas that were scrawled on buildings around the country. In Florida, “colored” and “whites only” signs were posted over water fountains at a high school. A man assaulted a Hispanic woman in San Francisco, telling her “No Latinos here.”

But were these horrible events indicative of an increase in crimes and incidents themselves, or did the reports simply reflect an increased awareness and willingness to come forward on the part of victims and witnesses? As data journalists, we went looking for answers and were not prepared for what we found: Nobody knows for sure. Hate crimes are so poorly tracked in America, there’s no way to undertake the kind of national analysis that we do in other areas, from bank robberies to virus outbreaks.

There is a vast discrepancy between the hate crimes numbers gathered by the FBI from police jurisdictions around the country and the estimate of hate crime victims in annual surveys by the Bureau of Justice Statistics. The FBI counts 6,121 hate crimes in 2016, and the BJS estimates 250,000 hate crimes a year.

We were told early on that while the law required the Department of Justice to report hate crime statistics, local and state police departments aren’t bound to report their numbers to the FBI — and many don't. Complicating matters further is that hate crime laws vary by state, with some including sexual orientation as a protected class of victims and some not. Five states have no hate crime statute at all.

We decided to try collecting data ourselves, using a mix of social media news gathering and asking readers to send in their personal stories. We assembled a coalition of more than 130 newsrooms to help us report on hate incidents by gathering and verifying tips, and worked on several lines of investigation in our own newsroom.

Along the way, we’ve learned a lot about how hate crimes fall through the cracks:

We’ve received thousands of tips so far through our embeddable incident reporting form. We’ve also added tips sent to us by civil rights groups such as the Southern Poverty Law Center.

ProPublica and reporters in newsrooms around the country used those tips to tell the stories of people who’ve come forward as victims or witnesses. They’ve identified a number of patterns:

Impact

Our mission at ProPublica is to do journalism that has impact. We’ve seen significant impact from Documenting Hate.

  • The official Virginia state after-action report on the Charlottesville rally cited ProPublica’s reporting and made recommendations for better police practices based on our journalism.
  • Cloudflare changed their complaint policies following a ProPublica story on how the company helps support neo-Nazi sites. The company cited our reporting when they later shut down The Daily Stormer, a major neo-Nazi site.
  • After we asked for their records, the Jacksonville Sheriff’s Office, which had not sent a hate crime report to the state of Florida in years, began reporting hate crime data for the first time since 2013.
  • The Miami-Dade Police Department started an internal audit after we talked to them in October. Detective Carlos Rosario, a spokesman for the department, told us they found four hate crimes that they had failed to report to the state. Rosario also told us that they are in the process of creating a digital hate crime reporting process as a result of our reporting.
  • The Colorado Springs, Colorado, police department fixed a database problem that had caused the loss of at least 18 hate crime reports. The error was discovered after we asked them questions about their records.
  • The Madison, Wisconsin, police department changed how they categorize hate crimes before they send them to the FBI based on our records request.
  • A group of nine senators led by Sen. Patty Murray, D-Wash., sent a letter to Education Secretary Betsy DeVos asking what the administration will do in response to racist harassment in schools and universities, citing Buzzfeed’s reporting for the project.
  • The Daily Stormer in Spanish removed the name of a popular Spanish forum from its site after legal action was threatened following a Univision story.
  • The Matthew Shepard Foundation said it would increase resources dedicated to training police officers to identify and investigate hate crimes, citing our project.

Even after the 100 news stories produced by the Documenting Hate coalition, we’re by no means finished. ProPublica and our partners will spend next year collecting and telling more stories from victims and witnesses. And we still have a lot of questions that demand answers. You can help.

Filed under: Civil Rights

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.

 


The Limitations And Issues With Facial Recognition Software

We've all seen television shows where police technicians use facial recognition software to swiftly and accurately identify suspects, or catch the bad guys. How accurate is that? An article in The Guardian newspaper discussed the promises, limitations, and issues with facial recognition software used by law enforcement:

"The software, which has taken an expanding role among law enforcement agencies in the US over the last several years, has been mired in controversy because of its effect on people of color. Experts fear that the new technology may actually be hurting the communities the police claims they are trying to protect... "It’s considered an imperfect biometric," said Clare Garvie, who in 2016 created a study on facial recognition software, published by the Center on Privacy and Technology at Georgetown Law, called The Perpetual Line-Up. "There’s no consensus in the scientific community that it provides a positive identification of somebody"... [Garvie's] report found that black individuals, as with so many aspects of the justice system, were the most likely to be scrutinized by facial recognition software in cases. It also suggested that software was most likely to be incorrect when used on black individuals – a finding corroborated by the FBI's own research. This combination, which is making Lynch’s and other black Americans’ lives excruciatingly difficult, is born from another race issue that has become a subject of national discourse: the lack of diversity in the technology sector... According to a 2011 study by the National Institute of Standards and Technologies (Nist), facial recognition software is actually more accurate on Asian faces when it’s created by firms in Asian countries, suggesting that who makes the software strongly affects how it works... Law enforcement agencies often don’t review their software to check for baked-in racial bias – and there aren’t laws or regulations forcing them to."


Report: Several Impacts From Technology Changes Within The Financial Services Industry

For better or worse, the type of smart device you use can identify you in ways you may not expect. First, a report by London-based Privacy International highlighted the changes within the financial services industry:

"Financial services are changing, with technology being a key driver. It is affecting the nature of financial services from credit and lending through to insurance and even the future of money itself. The field known as “fintech” is where the attention and investment is flowing. Within it, new sources of data are being used by existing institutions and new entrants. They are using new forms of data analysis. These changes are significant to this sector and the lives of the people it serves. We are seeing dramatic changes in the ways that financial products make decisions. The nature of the decision-making is changing, transforming the products in the market and impacting on end results and bottom lines. However, this also means that treatment of individuals will change. This changing terrain of finance has implications for human rights, privacy and identity... Data that people would consider as having nothing to do with the financial sphere, such as their text-messages, is being used at an increasing rate by the financial sector...  Yet protections are weak or absent... It is essential that these innovations are subject to scrutiny... Fintech covers a broad array of sectors and technologies. A non-exhaustive list includes:

  • Alternative credit scoring (new data sources for credit scoring)
  • Payments (new ways of paying for goods and services that often have implications for the data generated)
  • Insurtech (the use of technology in the insurance sector)
  • Regtech (the use of technology to meet regulatory requirements)."

"Similarly, a breadth of technologies are used in the sector, including: Artificial Intelligence; Blockchain; the Internet of Things; Telematics and connected cars..."

While the study focused upon India and Kenya, it has implications for consumers worldwide. More observations and concerns:

"Social media is another source of data for companies in the fintech space. However, decisions are made not on just on the content of posts, but rather social media is being used in other ways: to authenticate customers via facial recognition, for instance... blockchain, or distributed ledger technology, is still best known for cryptocurrencies like BitCoin. However, the technology is being used more broadly, such as the World Bank-backed initiative in Kenya for blockchain-backed bonds10. Yet it is also used in other fields, like the push in digital identities11. A controversial example of this was a very small-scale scheme in the UK to pay benefits using blockchain technology, via an app developed by the fintech GovCoin12 (since renamed DISC). The trial raised concerns, with the BBC reporting a former member of the Government Digital Service describing this as "a potentially efficient way for Department of Work and Pensions to restrict, audit and control exactly what each benefits payment is actually spent on, without the government being perceived as a big brother13..."

Many consumers know that you can buy a wide variety of internet-connected devices for your home. That includes both devices you'd expect (e.g., televisions, printers, smart speakers and assistants, security systems, door locks and cameras, utility meters, hot water heaters, thermostats, refrigerators, robotic vacuum cleaners, lawn mowers) and devices you might not expect (e.g., sex toys, smart watches for children, mouse traps, wine bottlescrock pots, toy dolls, and trash/recycle bins). Add your car or truck to the list:

"With an increasing number of sensors being built into cars, they are increasingly “connected” and communicating with actors including manufacturers, insurers and other vehicles15. Insurers are making use of this data to make decisions about the pricing of insurance, looking for features like sharp acceleration and braking and time of day16. This raises privacy concerns: movements can be tracked, and much about the driver’s life derived from their car use patterns..."

And, there are hidden prices for the convenience of making payments with your favorite smart device:

"The payments sector is a key area of growth in the fintech sector: in 2016, this sector received 40% of the total investment in fintech22. Transactions paid by most electronic means can be tracked, even those in physical shops. In the US, Google has access to 70% of credit and debit card transactions—through Google’s "third-party partnerships", the details of which have not been confirmed23. The growth of alternatives to cash can be seen all over the world... There is a concerted effort against cash from elements of the development community... A disturbing aspect of the cashless debate is the emphasis on the immorality of cash—and, by extension, the immorality of anonymity. A UK Treasury minister, in 2012, said that paying tradesman by cash was "morally wrong"26, as it facilitated tax avoidance... MasterCard states: "Contrary to transactions made with a MasterCard product, the anonymity of digital currency transactions enables any party to facilitate the purchase of illegal goods or services; to launder money or finance terrorism; and to pursue other activity that introduces consumer and social harm without detection by regulatory or police authority."27"

The report cited a loss of control by consumers over their personal information. Going forward, the report included general and actor-specific recommendations. General recommendations:

  • "Protecting the human right to privacy should be an essential element of fintech.
  • Current national and international privacy regulations should be applicable to fintech.
  • Customers should be at the centre of fintech, not their product.
  • Fintech is not a single technology or business model. Any attempt to implement or regulate fintech should take these differences into account, and be based on the type activities they perform, rather than the type of institutions involved."

Want to learn more? Follow Privacy International on Facebook, on Twitter, or read about 10 ways of "Invisible Manipulation" of consumers.


Report: Patched Macs Still Vulnerable To Firmware Hacks

Apple Inc. logo I've heard numerous times the erroneous assumption by consumers: "Apple-branded devices don't get computer viruses." Well, they do. Ars Technica reported about a particular nasty hack of vulnerabilities in devices' Extensible Firmware Interface (EFI). Never heard of EFI? Well:

"An analysis by security firm Duo Security of more than 73,000 Macs shows that a surprising number remained vulnerable to such attacks even though they received OS updates that were supposed to patch the EFI firmware. On average, 4.2 percent of the Macs analyzed ran EFI versions that were different from what was prescribed by the hardware model and OS version. 47 Mac models remained vulnerable to the original Thunderstrike, and 31 remained vulnerable to Thunderstrike 2. At least 16 models received no EFI updates at all. EFI updates for other models were inconsistently successful, with the 21.5-inch iMac released in late 2015 topping the list, with 43 percent of those sampled running the wrong version."

This is very bad. EFI hacks are particularly effective and nasty because:

"... they give attackers control that starts with the very first instruction a Mac receives... the level of control attackers get far exceeds what they gain by exploiting vulnerabilities in the OS... That means an attacker who compromises a computer's EFI can bypass higher-level security controls, such as those built into the OS or, assuming one is running for extra protection, a virtual machine hypervisor. An EFI infection is also extremely hard to detect and even harder to remedy, as it can survive even after a hard drive is wiped or replaced and a clean version of the OS is installed."

At-risk EFI versions mean that devices running Windows and Linux operating systems are also vulnerable. Reportedly, the exploit requires plenty of computing and technical expertise, so hackers would probably pursue high-value targets (e.g., journalists, attorneys, government officials, contractors with government clearances) first.

The Duo Labs Report (63 pages, Adobe PDF) lists the specific MacBook, MacBookAir, and MacBookPro models at risk. The researchers shared a draft of the report with Apple before publication. The report's "Mitigation" section provides solutions, including but not limited to:

"Always deploy the full update package as released by Apple, do not remove separate packages from the bundle updater... When possible, deploy Combo OS updates instead of Delta updates... As a general rule of thumb, always run the latest version of macOS..."

Scary, huh? The nature of the attack means that hackers probably can disable the anti-virus software on your device(s), and you probably wouldn't know you've been hacked.


What We Know -- And Don't Know -- About Hate Crimes in America

[Editor's Note: today's guest blog post explores the problem of hate crimes. Recent surveys about harassment found that what happens online often doesn't stay online. Hopefully, future reports by ProPublica will explore the linkages. Today's blog post is reprinted with permission.]

By Rachel Glickhouse, ProPublica

"Go home. We need Americans here!" white supremacist Jeremy Joseph Christian yelled at two black women -- one wearing a hijab -- on a train in Portland, Oregon, in May. According to news reports, when several commuters tried to intervene, he went on a rampage, stabbing three people. Two of them died.

If the fatal stabbing was the worst racist attack in Portland this year, it was by no means the only one. In March, Buzzfeed reported on hate incidents in Oregon and the state's long history as a haven for white supremacists. Some of the incidents they found were gathered by Documenting Hate, a collaborative journalism project we launched earlier this year.

Documenting Hate is an attempt to overcome the inadequate data collection on hate crimes and bias incidents in America. We've been compiling incident reports from civil-rights groups, as well as news reports, social media and law enforcement records. We've also asked people to tell us their personal stories of witnessing or being the victim of hate.

It's been about six months since the project launched. Since then, we've been joined by more than 100 newsrooms around the country. Together, we're verifying the incidents that have been reported to us -- and telling people's stories.

We've received thousands of reports, with more coming every day. They come from cities big and small, and from states blue and red. People have reported hate incidents from every part of their communities: in schools, on the road, at private businesses, in the workplace. ProPublica and our partners have produced more than 50 stories using the tips from the database, from New York to Seattle, Minneapolis to Phoenix. Some examples:

Univision, HuffPost, and The New York Times opinion section identified a common thread in the reports we've received in which people of color are harassed "Go back to your country." This type of harassment affects both immigrants and U.S. citizens alike, reporters found.

Several stories published by our partners focused on racial harassment on public transportation, using tips to illustrate something officials were also seeing. The New York City Commission on Human Rights observed a 480 percent increase in claims of discriminatory harassment between 2015 and 2016, according to The New York Times Opinion section. The Massachusetts Bay Transportation Authority recorded 24 cases of offensive graffiti through April, compared to 35 in all of last year, the Boston Globe found. Univision covered multiple incidents involving Latinos targeted in incidents on the New York City subway.

Combing through our database, Buzzfeed discovered there were dozens of reported incidents in K-12 schools in which students cited President Donald Trump's name or slogans to harass minority classmates. This echoed a pattern Univision had reported on: In November, the Teaching Tolerance project at the Southern Poverty Law Center received more than 10,000 responses to an educator survey indicating an uptick in anti-Semitic, anti-Muslim and anti-immigrant activity in schools.

Our local partners reported on how hate incidents affect communities across the country: anti-Semitic graffiti in Phoenix, Islamophobia in Minneapolis, racist vandalism and homophobic threats in Seattle, white supremacist activity at a California university, racist harassment and vandalism in Boston, racism in the workplace in New Orleans, and hate incidents throughout Florida.

There are a few questions for which answers continue to elude us: How many hate crimes happen each year, and why is the record keeping so inadequate?

The FBI, which is required to track hate crimes, counts between 5,000 and 6,000 of them annually. But the Bureau of Justice Statistics estimates the total is closer to 250,000. One explanation for the gap is that many victims -- more than half, according to a recent estimate -- don't report what happened to them to police.

Even if they do, law enforcement agencies aren't all required to report to the FBI, meaning their reports might never make it into the national tally. The federal government is hardly a model of best practices; many federal agencies don't report their data, either -- even though they're legally required to do so.

We'll spend the next six months continuing to tackle these questions and more. And we and our partners will keep working our way through the tips in our database, telling people's stories and doing our best to understand what's happening.

There are ways that you can help us move the project forward:

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


'If You Hemorrhage, Don't Clean Up': Advice From Mothers Who Almost Died

[Editor's note: today's guest post is part of the ongoing "Lost Mothers" investigation by ProPublica because, "The U.S. has the highest rate of deaths related to pregnancy and childbirth in the developed world. Half of the deaths are preventable, victimizing women from a variety of races, backgrounds, educations and income levels." It is reprinted with permission.]

by Adriana Gallardo and Nina Martin, ProPublica, and Renee Montagne, NPR

Four days after Marie McCausland delivered her first child in May, she knew something was very wrong. She had intense pain in her upper chest, her blood pressure was rising, and she was so swollen that she barely recognized herself in the mirror. As she curled up in bed that evening, a scary thought flickered through her exhausted brain: "If I go to sleep right now, I don't know if I'm gonna be waking up."

What she didn't have was good information about what might be wrong. The discharge materials the hospital sent her home with were vague and confusing -- "really quite useless," she said. Then she remembered a ProPublica/NPR story she'd recently read about a New Jersey nurse who died soon after childbirth. Lauren Bloomstein had developed severe preeclampsia, a dangerous type of hypertension that often happens during the second half of her pregnancy. But it can also emerge after the baby is delivered, when it is often overlooked -- accounting for dozens of maternal deaths a year. McCausland realized that she might have preeclampsia, too.

The 27-year-old molecular virologist and her husband bundled up their newborn son and raced to the nearest emergency room in Cleveland. But the ER doctor told her that she was feeling normal postpartum symptoms, she said. Even as her blood pressure hovered at perilous heights, he wanted to send her home. Several hours passed before he consulted with an OB-GYN at another hospital and McCausland's severe preeclampsia was treated with magnesium sulfate to prevent seizures. Without Bloomstein's story as a warning, McCausland doubts she would have recognized her symptoms or persisted in the face of the ER doctor's dismissiveness. "I had just come home with the baby and really didn't want to go back to the hospital. I think I probably would have just wrote it off." In that case, she added, "I don't know if I'd be here. I really don't."

McCausland's experience is far from unique. In the months since ProPublica and NPR launched our project about maternal deaths and near-deaths in the U.S., we've heard from 3,100 women who endured life-threatening pregnancy and childbirth complications, often suffering long-lasting physical and emotional effects. (Tell us your story.)

The same themes that run though McCausland's story echo through many of these survivors' recollections. They frequently told us they knew little to nothing beforehand about the complications that nearly killed them. Even when the women were convinced something was terribly amiss, doctors and nurses were sometimes slow to believe them. Mothers especially lacked information about risks in the postpartum period, when medical care is often disjointed or difficult to access and the baby is the focus of attention. "Every single nurse, pediatrician, and lactation consultant dismissed my concerns as hormones and anxiety," wrote Emily McLaughlin, who suffered a stroke and other complications after giving birth in Connecticut in 2015.

These survivors make up an important, and largely untapped, source of knowledge about the dangers that expectant and new mothers may face -- and how to avoid disaster. Every day in the U.S., two to three women die from pregnancy- or childbirth-related causes, including preeclampsia, hemorrhage, infection, blood clots and cardiac problems -- the highest rate of maternal mortality among wealthy nations. As many as 60 percent of these deaths are preventable, a new report suggests; more than half occur after delivery. (See our story on the lost mothers of 2016.) Each day, another 175 women suffer complications severe enough to require major medical intervention such as massive transfusions, emergency surgery or admission to an intensive care unit -- equivalent to about 65,000 close calls annually, according to the Centers for Disease Control and Prevention.

Hospitals, medical organizations and maternal safety groups are introducing a host of initiatives aimed at educating expectant and new mothers and improving how providers respond to emergencies. But as McCausland's experience illustrates, self-advocacy is also critically important.

We asked survivors: What can people do to ensure that what happened to Lauren Bloomstein doesn't happen to them or their loved ones? How can they help prevent situations like Marie McCausland's from spiraling out of control? What do they wish they had known ahead of their severe complications? What made a difference in their recovery? How did they get medical professionals to listen? Here is a selection of their insights, in their own words.

Choosing a Provider

"A lot of data on specific doctors and hospitals can be found publicly. Knowing how your physician and hospital rates as compared to others (cesarean rates, infection rates, readmission rates) can give you valuable insight into how they perform. 'Liking' your doctor as a person is nice, but not nearly as important as their and their facility's culture and track record."

-- Kristen Terlizzi, 35, survivor of placenta accreta (a disorder in which the placenta grows into or through the uterine wall) in 2014 and cofounder of the National Accreta Foundation

"Key pieces of information every woman should know before choosing a hospital are: What are their safety protocols for adverse maternal events? No one likes to think about this while pregnant, and providers will probably tell you that it's unlikely to happen. But it does happen and it's good to know that the hospital and providers have practiced for such scenarios and have proper protocols in place."

-- Marianne Drexler, 39, survived a hemorrhage and emergency hysterectomy in 2014

"Ask your doctors if they have ever experienced a case of an amniotic fluid embolism [an abnormal response to amniotic fluid entering the mother's bloodstream] or other severe event themselves. If a birthing center is your choice, discuss what happens in an emergency -- how far away is the closest hospital with an ICU? Because a lot of hospitals don't have them. Another thing many women don't realize is that not every hospital has an obstetrician there 24/7. Ask your doctors: If they're not able to be there the whole time you're in labor, will there be another ob/gyn on site 24 hours a day if something goes wrong?"

-- Miranda Klassen, 41, survivor of amniotic fluid embolism in 2008 and founder/executive director of the Amniotic Fluid Embolism Foundation

"While my doctor was amazing, we live in a smaller town and they don't carry enough blood/platelets on hand for very emergent situations. They have patients shipped to larger hospitals when they need more care. Had I been aware of that we would have decided to deliver at a larger hospital so in case something happened to me or our daughter we wouldn't be separated, which we were when I was life-flighted out."

-- Kristina Landrus, 26, survived a hemorrhage in 2013

"My best advice for getting a medical professional to listen is to keep searching for one that is willing to listen. Because of my insurance and personal circumstances at the time I felt I had no option but to take whoever my providers [assigned] me, despite several red flags even before my delivery. I was not aware of my right to change providers until it was too late."

-- Joy Huff, 39, survived a blood infection in 2013

Preparing for an Emergency

"A conversation about possible things that could go wrong is prudent to have with your doctor or in one of these childbirth classes. I don't think that it needs to be done in a way to terrify the new parents, but as a way to provide knowledge. The pregnant woman should be taught warning signs, and know when to speak up so that she can be treated as quickly and accurately as possible."

-- Susan Lewis, 33, survived multiple blood clots and severe hemorrhage in 2016

"Always have somebody with you in a medical setting to ask the questions you might not think of and to advocate on your behalf if your ability to communicate is compromised by being in poor health. ... And get emotional support to steel you against the naysayers. It may feel really unnatural or difficult to push back [against doctors and nurses]. Online forums and Facebook groups can be helpful to ensure you're not losing your mind."

-- Eleni Tsigas, survivor of preeclampsia in 1998 and 1999 and executive director of the Preeclampsia Foundation

"Know your rights. Know what kind of decisions you might have to make and what you want to do before you go. Doctors and nurses are there to make quick decisions, they're not worried about how you will feel about it afterward. They are worried about a lawsuit, whether they can get you stable quickly so they can move on. I'm not saying they are heartless, far from it. My mother is a nurse, I know what sort of heart goes into that profession. But they have a lot to do and a lot to worry about, your feelings are not at the top of that list. At least not as far as they are concerned in the moment."

-- Carrie Anthony, 36, survived two pregnancies with placenta accreta and hemorrhage in 2008 and 2015

"It isn't just important to know how you feel about blood transfusions and life-saving measures 2014 you have to communicate these things to your spouse or family member. I was given six blood transfusions, but I was barely conscious when asked if I wanted them. Of course, I wanted any life-saving measures, but my husband should have been consulted, given that I was not of a clear mind."

-- Rachel Stuhler, 36, survived a hemorrhage in 2017

"In case you ever are unable to respond, someone needs to step in and be your voice! Know as much thorough medical history as possible, and let your spouse or support person know [in depth] your history as well."

-- Kristina Landrus

"Also be sure your spouse and your other family members, like your parents or siblings, are on the same page about your care. And if you aren't married, who will be making the decisions on your behalf? You should put things in order, designate the person who will be the decision maker, and give that person power of attorney. Other important things to have are a medical directive or a living will 2014 be sure to bring a copy with you to the hospital. I also recommend packing a journal to record everything that happens."

-- Miranda Klassen

"Make a list of your questions and make sure you get the full answer. I went to every appointment the second time around with a notebook. I would apologize for being 'that patient,' but I had been through this before and I wasn't going to be confused again. I wanted to know everything. Honestly, it was as harmful as it was helpful. I knew what I was getting into, which made it much scarier. The first time, my ignorance was bliss. I didn't realize I almost died until two weeks after I had left the hospital. I didn't even start researching what had happen to me until months later. The second time I was an advocate for myself. Medical journals and support groups were a part of every single visit. And thankfully, I was in good hands."

-- Carrie Anthony

"Write down what each specialty says to you. When I was hospitalized for six weeks prior to giving birth, I was visited 2-3 times a week by someone from each department that would be involved in my life-saving surgery. This means that I saw someone from the neonatal intensive care unit as well as reps from gynecologic oncology, maternal fetal medicine, interventional radiology and anesthesiology. They paraded in on a schedule, checked up on me, asked if I had any questions. I always did, but I regret not writing down what each said each time (along with names!). I got so many different answers regarding how I would be anesthetized, and on the day it all had to happen in an emergency, there were disagreements above me in the OR. between the specialists. It was like children arguing on a playground and my life was in danger. Had I kept a more vigilant record of what each specialty reported to me, perhaps prior to the day I could have confronted each with the details that weren't matching up."

-- Megan Moody, 36, survived placenta percreta (when the placenta penetrates through the uterine wall) in 2016

"People should know that they have a right to ask for more time with the doctor or more follow up if they feel something is not right. The ob-gyns (at least in Pennsylvania) are so busy and sometimes appointments are quite quick and rushed. Make the doctors slow down and take the time with you."

-- Dani Leiman, 37, survived HELLP syndrome (a particularly dangerous variant of preeclampsia) in 2011

"You have a legal right to your medical records throughout pregnancy and anytime afterwards. Get a copy of your lab results each time blood is drawn, and a copy of your prenatal and hospital reports. Ask about concerning or unclear results."

-- Eleni Tsigas

Getting Your Provider to Listen

"Understand the system. Ask a nurse or a trusted loved one in the 'industry' how it all works. I've found that medical professionals are more likely to listen to you if you demonstrate an understanding of their roles and the kind of questions they can/cannot answer. Know your 'silos.' Don't ask an anesthesiologist how they plan on stitching up your cervix. Specialists are often incredibly impatient. You need to get the details out of them regarding their very specific roles."

-- Megan Moody

"Let doctors know you care about your health and safety as much as they do. Tell them you want to be a partner in your health care. Do not act as an adversary to your doctor."

-- Tricia Fitzgerald, 40, survived a hemorrhage caused by severe preeclampsia in 2014

"First you have to be armed with concrete knowledge with examples about your illness and have a firm attitude. This is why it is important to know your body. Do your research before your appointment, but make it personal. Do not present your case as if you just went on WebMD for the information. Create a log of your health activities. This log should contain all illnesses you are concerned about, when they occurred and how did you feel. Have your questions and concerns written down. You should always carry a list of your medications, dosage, and milligrams. Include any side effects. Ask concrete questions and have the doctors present their findings to you in a language you can understand. If you do not agree [with what one doctor tells you], ask another doctor. Remember, knowledge is power and you must have that power."

-- Anner Porter, 55, survivor of peripartum cardiomyopathy in 1992 and founder of the advocacy organization Fight PPCM

"If your provider tells you, 'You are pregnant. What you're experiencing is normal,' remember -- that may be true. [But it's also true] that preeclampsia can mimic many normal symptoms of pregnancy. Ask, 'What else could this be?' Expect a thoughtful answer that includes consideration of 2018differential diagnoses' -- in other words, other conditions that could be causing the same symptoms."

-- Eleni Tsigas

"They only listen if the pain is a 10 or higher. Most of us don't understand what a 10 is. I'd always imagined a 10 would feel like having a limb blown off in combat. When asked to evaluate your pain on a scale of 1 to 10, when you are in your most vulnerable moment, it is very hard to assess this logically, for you and for your partner witnessing your pain. I later saw a pain chart with pictures. A 10 was demonstrated with an illustration of a crying face. You may not actually be shedding tears, but you are most likely crying on the inside in pain, so I suggest to always say a 10. My pain from the brain hemorrhage was probably a 100, but I'm not sure if I even said 10 at the time."

-- Emily McLaughlin, 34, survived a postpartum stroke in 2015

"Crying! I'm only slightly kidding. I truly think the only way to get them to listen is to be adamant and don't back down. I had a situation where I felt no one was paying attention to me, and I cried out of frustration over the phone. Then they listened to me and snapped into action."

-- Dani Leiman

"So many women do speak up about the strange pain they have, and a nurse may brush it off as normal without consulting a doctor and running any tests. Be annoying if you must, this is your life. ... Thankfully, I never had to be so assertive. I owe my life to the team of doctors and nurses who acted swiftly and accurately, and I am eternally grateful."

-- Susan Lewis

"If you have a hemorrhage, don't clean up after yourself! Make sure the doctor is fully aware of how much blood you are losing. I had a very nice nurse who was helping to keep me clean and helping to change my (rapidly filling) pads. If the doctor had seen the pools of blood himself, rather than just being told about them, he might not have been so quick to dismiss me."

-- Valerie Bradford, 30, survived hemorrhage in 2016

Paying Attention to Your Symptoms

"I had heard of preeclampsia but I was naïve. [I believed] that it was something women developed who didn't watch what they ate and didn't focus on good health prior and/or during pregnancy. I was in great health and shape prior to getting pregnant, during my pregnancy I continued to make good food choices and worked out up until 36 hours before the baby had to be taken. I gained healthy weight and kept my BMI at an optimum number. I thought due to my good health, I was not susceptible to anything and my labor would be easy. So although I had felt bad for 1 1/2 weeks, I chalked it up to the fact that I was almost 8 months into this pregnancy, so you're not supposed to feel great. 2026 I walked into my doctor's office that Friday and not one hour later I was in an emergency C-section delivering a baby. I had to fully be put under due to the severity of the HELLP, so I didn't wake up until the next day."

-- Kelli Davis, 31, survived HELLP syndrome in 2016

"Understand that severe, sustained pain is not normal. So many people told me that the final trimester of pregnancy is sooo uncomfortable. It was my first pregnancy, I have a generally high threshold for pain, and my son was breech so I thought his head was causing bad pain under my ribs [when it was really epigastric pain from the HELLP syndrome]. I kept thinking it was normal to be in pain and I let it go until it was almost too late."

-- Dani Leiman

"I wish I would have known what high blood pressure numbers were. I had a pharmacist take my blood pressure at a pharmacy and let me walk out the door with a blood pressure of 210/102. She acted like it was no big deal ('it's a little high'), and so I believed her. Even after telling my husband, we really thought nothing of it."

-- Melissa McFadden, 36, survived preeclampsia in 2013

"Know the way your blood pressure should be taken. And ask for the results. Politely challenge the technician or nurse if it's not being done correctly or if they suggest 'changing positions to get a lower reading.' Very high blood pressure (anything over 160/110) is a 'hypertensive crisis' and requires immediate intervention."

-- Eleni Tsigas

"Please ask for a heart monitor for yourself while in labor, not just for the baby. I think if I had one on, seconds or minutes could have been erased from reaction time by the nurses. They were alerted to an issue because the baby's heart stopped during labor, and while the nurse was checking that machine, my husband noticed I was also non-responsive. That's when everything happened (cardiac arrest due to AFE)."

-- Kristy Kummer-Pred, 44, survived amniotic fluid embolism and cardiac arrest in 2012

After the Delivery

"My swelling in my hands and feet never went away. My uterus hadn't shrunk. I wasn't bleeding that bad, but there was a strange odor to it. My breasts were swollen and my milk wasn't coming in. I was misdiagnosed with mastitis [a painful inflammation of the breast tissue that sometimes occurs when milk ducts become plugged and engorged]. The real problem was that I still had pieces of placenta inside my uterus. Know that your placenta should not come out in multiple pieces. It should come out in one piece. If it is broken apart, demand an ultrasound to ensure the doctors got it all. If you have flu-like symptoms, demand to be seen by a doctor. If you don't like your doctor, demand another one."

-- Brandi Miller, 32, survived placenta accreta and hemorrhage in 2015

"There is a period in the days and weeks after delivery where your blood pressure can escalate and you can have a seizure, stroke, or heart attack, even well after a healthy birth. You should take your own blood pressure at home if your doctor doesn't tell you to. ... Unfortunately, I went home from [all my postpartum] appointments with my blood pressure so high that I started having a brain hemorrhage. Not one single person ever thought of taking my blood pressure when I was complaining about my discomfort and showing telltale warning signs of [preeclampsia]."

-- Emily McLaughlin

"The ER doctor that I had was not treating me as a postpartum case. He was just thinking of me as a 27-year-old with high blood pressure. I think, if you have the opportunity, the ideal thing would be to go back to the same hospital where you had your baby, because they have a labor and delivery unit and they have your records. But if the closest emergency room isn't at the hospital where you delivered, then you have to be more vigilant. Make sure they know you just gave birth. If you know something is wrong with you, don't take no for an answer. Just keep saying, 'I think this is something serious' and don't let them discharge you, especially if it's someone who isn't familiar with pregnant women."

-- Marie McCausland

"The postpartum period is when a lot of pregnancy-related heart problems like cardiomyopathy emerge. If there is still difficulty breathing, fluid buildup in ankles, shortness of breath and you are unable to lie flat on your back, go see a cardiologist ASAP. If you have to go to an emergency room, request to have the following tests performed: echocardiogram (echo) test, ejection fraction test, B-type natriuretic peptides (BNP), EKG test and chest x-ray test. These tests will determine if your heart is failing and will save your life."

-- Anner Porter

"Rest as much as possible -- for as long as possible. Being in too big a rush to get 'back to normal' can exacerbate postpartum health risks. Things that are not normal: heavy bleeding longer than 6 weeks, or bleeding that stops and starts again, not producing milk, fevers, severe pain (especially around incision sites), excessive fatigue, and anxiety/depression. If you don't feel like yourself, get help."

-- Amy Barron Smolinski, 37, a survivor of preeclampsia, postpartum hemorrhage and other complications in three pregnancies in 2006, 2011 and 2012 and executive director of Mom2Mom Global, a breastfeeding support group

"Know that your preexisting health conditions may be impacted by having a baby (hormone changes, sleep deprivation, stress). Record your health and your baby's in a journal or app to track any changes. Reach out to the nurse or doctor when there are noticeable changes that you have tracked."

-- Noelle Garcia, 33, survived placental abruption (placenta separating from the uterine wall during pregnancy) in 2007

"If your hospital discharges you on tons of Motrin or pain killers, be aware that this can mask the warning signs of headache, which is sometimes the only warning sign of preeclampsia coming on postpartum."

-- Emily McLaughlin

Grappling With the Emotional Fallout

"I wish I had known that postpartum PTSD was possible. Most people associate PTSD with the effects of war, but I was diagnosed with PTSD after my traumatic birth and near-death experience. Almost 6 years later, I still experience symptoms sporadically."

-- Meagan Raymer, 31, survived severe preeclampsia and HELLP syndrome in 2011

"I recommend therapy with a female therapist specializing in trauma. Honestly, I avoided it for 8 months. I was then in therapy for 12 months. I still have ongoing anxiety... but I would be in a very bad place (potentially depression and self-harm due to self-blame) were it not for therapy. It was so hard to admit [what was happening]. I started to get a suspicion when I heard an NPR story about a veteran with PTSD. I thought... that sounds like me. And I started Googling."

-- Jessica Rae Hoffman, 28, survived severe sepsis and other complications in 2015

"The emotional constructs our society puts around pregnancy and childbirth make the ideas of severe injury and death taboo. Childbirth is a messy, traumatic experience. ... Many women don't seek care even when they instinctively believe something is wrong because they're supposed to 'be happy.' Awareness and transparency are so important."

-- Leah Soule, 33, survived a hemorrhage in 2015

"Having an incredible support network made the greatest impact with my near-death experience, but my family and friends needed their own support as they coped. My mom didn't leave my side, but she also had a team of friends supporting her so that she could let her guard down and cry when she needed to do so. My husband was at my bedside or with the baby constantly that first week, but he was also suffering from the trauma of everything and was having a really hard time coping and needed to leave the hospital environment. My best friend is an ICU nurse and quickly became the person everyone asked clarifying questions, but she didn't want to be a nurse in that moment but rather someone who was scared for her friend."

-- Susan Lewis

"I wish I had understood how significant the impact was on my husband. Emotionally, the experience was much more difficult and long-lasting for him than for me, and it continued to affect his relationship with both me and our baby for quite a while, at a time when I didn't think it was a thing at all."

-- Elizabeth Venstra, 44, survived HELLP syndrome in 2014

"I would suggest establishing yourself ahead of time with a doula or midwife that can make postpartum visits to your home, which can promote health even if everything goes smoothly. Many communities have those services available if you can't afford them. [A doula] wasn't covered through our insurance, but the social worker at the hospital arranged for someone paid for by [San Diego County] to come and do several checks on me and my son, which was very reassuring to both my husband and me."

-- Miranda Klassen

"If you're given a diagnosis of a life-threatening pregnancy complication, line up a therapist immediately so can start getting the support you need as soon as you give birth. Don't wait until your six-week [postpartum] appointment when they do a depression screen and you realize you're not coping well. You'll have to wait at least another week for the appointment to be made. Why not have that in place? I wish I did."

-- Megan Moody

"Don't assume everyone gets it. Don't assume everyone wants to hear it. My story is scary. Some soon-to-be moms have looked horrified by my story. Some already moms have been scared away by it. Most people are happy to listen, like to be informed. But some do not. Some people are happier thinking it's all going to be ok, not me, I'll be fine. They should at least know, but that's their choice. You can't force people to open their eyes. Be there. Offer help. But don't force it."

-- Carrie Anthony

Other Resources

  • The Leapfrog Group provides performance data on more than 1,800 hospitals and publishes an annual Maternity Care Report. Consumer Reports offers C-section data from more than 1,300 hospitals by ZIP code.
  • The California Maternal Quality Care Collaborative's "toolkits" of protocols to treat life-threatening obstetric complications include infographics, checklists and lengthy backup materials but require (free) registration for access. The Alliance for Innovation on Maternal Health's "bundles" offer similar information in a condensed, easily downloadable form.
  • The Association of Women's Health, Obstetric and Neonatal Nurses (AWHONN)'s Health4Mom site has a "Save Your Life" campaign, including a one-page checklist, to help new mothers recognize post-birth warning signs.
  • Childbirth Connections provides evidence-based information on maternity care. The Preeclampsia Foundation's "Wonder Woman" posts (here and here) put the U.S. maternal mortality numbers in context and offer more strategies for self-advocacy.
  • Postpartum Support International offers many resources for women suffering from pregnancy-related depression, anxiety and mood disorders.
  • Facebook is a gathering place for thousands of women who've experienced life-threatening complications, but many groups are condition-specific and/or closed to non-survivors. One open group worth checking out: The Unexpected Project.
  • Social justice groups are also becoming active around the issue of maternal deaths and near-deaths, with a focus on why African-American women are disproportionately affected. They include the Black Mamas Matter Alliance and Moms Rising.

Correction, August 4, 2017: In an earlier version of this story, a quote was incorrectly attributed to Kristy Kummer-Pred. It has been deleted.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Study: Police Officers Talk More Respectfully To White Residents Than Non-White Residents

Researchers analyzed the language recorded by body cameras during police stops, and concluded that police officers talk more respectfully to White residents than non-White residents. The study, published Monday in the Proceedings of the National Academy of Sciences, included 183 hours of body camera footage taken during 981 routine traffic stops in April 2014 by 245 different officers in the Oakland Police Department.

The researchers found:

"Police officers speak significantly less respectfully to black than to white community members in everyday traffic stops, even after controlling for officer race, infraction severity, stop location, and stop outcome. This paper presents a systematic analysis of officer body-worn camera footage, using computational linguistic techniques to automatically measure the respect level that officers display to community members. This work demonstrates that body camera footage can be used as a rich source of data rather than merely archival evidence, and paves the way for developing powerful language-based tools for studying and potentially improving police–community relations. "

The study included random selections of 312 utterances spoken to black residents and 102 utterances spoken to white residents. Next, 10 volunteers rated each interaction without knowing the names, races, or identifying information of the police officers. Then, the researchers used a computer model to analyze the ratings based upon scientific literature about respect.

Why this study is important:

"Despite the rapid proliferation of body-worn cameras, no law enforcement agency has systematically analyzed the massive amounts of footage these cameras produce. Instead, the public and agencies alike tend to focus on the fraction of videos involving high-profile incidents, using footage as evidence of innocence or guilt in individual encounters... Previous research on police–community interactions has relied on citizens’ recollection of past interactions or researcher observation of officer behavior to assess procedural fairness. Although these methods are invaluable, they offer an indirect view of officer behavior and are limited to a small number of interactions...

Key findings from the full report:

"... white community members are 57% more likely to hear an officer say one of the most respectful utterances in our dataset, whereas black community members are 61% more likely to hear an officer say one of the least respectful utterances in our dataset. (Here we define the top 10% of utterances to be most respectful and the bottom 10% to be least respectful.) This work demonstrates the power of body camera footage as an important source of data, not just as evidence, addressing limitations with methodologies that rely on citizens’ recollection of past interactions..."

Perhaps, most importantly (bold emphasis added):

"The racial disparities in officer respect are clear and consistent, yet the causes of these disparities are less clear. It is certainly possible that some of these disparities are prompted by the language and behavior of the community members themselves, particularly as historical tensions in Oakland and preexisting beliefs about the legitimacy of the police may induce fear, anger, or stereotype threat. However, community member speech cannot be the sole cause of these disparities... We observe racial disparities in officer respect even in police utterances from the initial 5% of an interaction, suggesting that officers speak differently to community members of different races even before the driver has had the opportunity to say much at all."

"Regardless of cause, we have found that police officers’ interactions with blacks tend to be more fraught, not only in terms of disproportionate outcomes (as previous work has shown) but also interpersonally, even when no arrest is made and no use of force occurs. These disparities could have adverse downstream effects, as experiences of respect or disrespect in personal interactions with police officers play a central role in community members’ judgments of how procedurally fair the police are as an institution, as well as the community’s willingness to support or cooperate with the police."

The findings indicate training opportunities for law enforcement, and apply only to the Oakland, California police department. Additional studies are needed to draw conclusions about other police departments. CNN interviewed Rob Voigt, the lead author of the study at Stanford University:

"We're also hoping it inspires police departments to consider cooperating with researchers more. And facilitating this kind of analysis of body camera footage will help police departments improve their relationship with the community, and it will give them techniques for better communication... When people feel they're respected by the police, they are more likely to trust the police, they are more likely to cooperate with the police, and so on and so forth. So we have reason to expect that these differences that we find have real-world effects."

I look forward to future studies. What are your opinions?


The Top Complaints About Financial Services. One Complaint Type Grew 325 Percent

Logo for Consumer Financial Protection Bureau After encountering unresolved issues with financial services, many consumers file complaints with the Consumer Financial Protection Bureau (CFPB). After each complain, the CFP works hard to get each consumer a reply within 15 days. This process allows the CFPB to track which issues affect most consumers, and to identify emerging problems.

According to its April Monthly Complaint Report, debt collection issues generated the most complaints on average, and complaints about student loans grew the fastest:

"As of April 1, 2017, the CFPB has handled approximately 1,163,200 complaints, including approximately 28,000 complaints in March 2017... Student loan complaints showed the greatest percentage increase from January - March 2016 (773 complaints) to January - March 2017 (3,284 complaints), representing about a 325 percent increase. Part of this year-to-year increase can be attributed to the CFPB updating its student loan complaint form to accept complaints about Federal student loan servicing in late February 2016. The CFPB also initiated an enforcement action against a student loan servicer during this time period."

CFPB Monthly Compalint Report. April, 2017. Table 1. Click to view larger version

The top five categories of complaints about during March, 2017:

  1. Debt collection: 8,711
  2. Credit reporting: 5,498
  3. Mortgages: 3,965
  4. Credit cards: 2,522
  5. Bank account or service: 2,476

Also during March: debt collection complaints represented about 31 percent of complaints; debt collection, credit reporting and mortgage were the top three most-complained-about consumer financial products and services. Together, these three categories represented 65 percent of complaints during March.

The top five categories of complaints since the CFPB began:

  1. Debt collection: 316,810
  2. Mortgages: 272,153
  3. Credit reporting: 195,826
  4. Credit cards: 118,732
  5. Bank account or service: 115,055

The CFPB began accepting complaints for different products and services at different times:

There were regional differences in complaint volume:

"Montana (54 percent), Georgia (46 percent), and Wyoming (45 percent) experienced the greatest complaint volume percentage increase from January - March 2016 to January - March 2017. New Mexico (-20 percent), Iowa (-5 percent), and Kansas (-0.7 percent) experienced the greatest complaint volume percentage decrease... Of the five most populated states, Texas (35 percent) experienced the greatest complaint volume percentage increase and Florida (8 percent) experienced the least complaint volume percentage increase from January - March 2016 to January - March 2017."

The report also tracks complaints by company:

CFPB Monthly Complaint Report. April, 2017. Figure 1. Click to view larger version

The CFPB reported additional details about student loan complaints:

"Approximately 32,700 (or 74 percent) of all student loan complaints handled by the CFPB from July 21, 2011 through March 31, 2017 were sent by the CFPB to companies for review and response. The remaining complaints have been found to be incomplete (7 percent), referred to other regulatory agencies (19 percent), or are pending with the CFPB or the consumer (0.5 percent and 0.4 percent, respectively)... The most common issues identified by consumers are problems dealing with their lenders or servicers (64 percent) and being unable to repay their loans (33 percent)."

"Federal student loan borrowers reported that when contacting their loan servicers regarding financial distress, servicers provided them with information on hardship forbearance or deferment, instead of potentially more beneficial repayment options like income-driven repayment plans... loan borrowers complained of difficulty enrolling in income-driven repayment plans. Borrowers reported lost documentation, extended application processing times, and unclear guidance when seeking to switch from one income-driven repayment plan to another."

Federal student loan borrowers described their experiences when trying to obtain guidance in completing annual income recertification for their income-driven repayment plan. Borrowers reported receiving insufficient information from their servicers to meet recertification deadlines and lengthy processing times. Some federal student loan borrowers stated their payments were misapplied. Borrowers reported overpayments were not applied to specified accounts but rather applied to all accounts managed by the servicer. Additionally, some borrowers’ overpayments—intended to reduce principal balance—were credited to the account as an early payment, resulting in their ac count reflecting a paid ahead status..."

To read more, download the full "April 2017: CFPB Monthly Complaint Report: Vol. 22" (Adobe PDF).


Espionage Groups Target Apple Devices With New Malware

ZDNet reported about a group performing multiple online espionage campaigns which targeted:

"... Mac users with malware designed to steal passwords, take screenshots, and steal backed-up iPhone data. This malware, discovered by cybersecurity researchers at Bitdefender, is thought to be linked to the APT28 group, which was accused of interferring in the United States presidential election. Bitdefender notes a number of similarities between the malware attacks against Macs -- which have been taking place since September 2016 -- and previous campaigns by the group, believed to be closely linked to Russia military intelligence and also dubbed Fancy Bear. Known as Xagent, the new form of malware targets victims running Mac OS X and installs a modular backdoor onto the system which enables the perpetrators to carry out cyberespionage activities... Xagent is also capable of stealing iPhone backups stored on a compromised Mac, an action which opens up even more capabilities for conducting cyberespionage, providing the perpetrators with access to additional files..."


Federal Reserve Study: Noncash Payments In The United States

Americans still love to use the plastic in their wallets and purses. Just before the holidays, the Federal Reserve Board (FRB) released the results of its study about how Americans use non-cash payment methods: debit cards, credit cards, prepaid cards, ACH payments, and checks. The study included the total number and value of non-cash payments by consumers and businesses through 2015.

The total number of U.S. non-cash payments was more than 144 billion payments with a value of almost $178 trillion in 2015. That represented an increase of almost 21 billion payments or about $17 trillion since 2012. Other key findings from the study:

"The number of debit card payments (including payments with prepaid and non-prepaid cards) grew to 69.5 billion in 2015 with a value of $2.56 trillion, up 13.0 billion or $0.46 trillion since 2012. This was the largest increase in number of payments among the payment types considered. Debit card payments grew at an annual rate of 7.1 percent by number or 6.8 percent by value from 2012 to 2015 with most of the growth occurring in non-prepaid debit card payments. The number of credit card payments reached 33.8 billion in 2015 with a value of $3.16 trillion, up 6.9 billion or $0.61 trillion since 2012. Credit card payments grew at an annual rate of 8.0 percent by number or 7.4 percent by value from 2012 to 2015, the largest growth rates among the payment types considered... The number of check payments fell to 17.3 billion with a value of $26.83 trillion, down 2.5 billion or $0.38 trillion since 2012. Check payments fell at an annual rate of 4.4 percent by number or 0.5 percent by value from 2012 to 2015. The decline of checks over the period was slower than previous studies had shown for prior periods since 2003."

Prepaid cards typically include gift cards and payroll cards which consumers load money onto and which aren't linked to bank accounts (e.g., checking, savings). Past studies have documented numerous fees with prepaid cards while some consumers use prepaid cards instead of traditional bank accounts. "Non-prepaid debit cards" refer to debit cards linked to traditional bank accounts.

There are significant differences between the volume and value for each non-cash payment type. For example, debit cards generated the largest share of payment volume and the smallest share by value:

Figure 1: Distribution of noncash payments by type, volume and value in 2015. FRB Study 2016. Click to view larger version

Another way of looking at the variety of non-cash payment types is the volume of payments over time:

Figure 2: Volume of noncash payments from 2000 to 2015. FRB Study 2016. Click to view larger version

Additional findings about prepaid cards:

"The number of prepaid debit card payments reached 9.9 billion with a value of $0.27 trillion in 2015, up 0.6 billion or $0.04 trillion since 2012. Almost all of the growth in prepaid debit card payments by number and value came from general-purpose prepaid cards, which can be used over the same general-purpose networks as non-prepaid debit cards. General-purpose prepaid card payments increased to 3.7 billion in 2015 by number, up 0.6 billion from 2012 to 2015, which was much less than the growth of 1.8 billion from 2009 to 2012... The average value of payments using these types of cards dropped slightly from $35 in 2012 to $34 in 2015.

Private-label prepaid card payments declined slightly by number, but rose somewhat by value from 2012 to 2015. In 2012, such payments totaled 3.7 billion by number or $0.05 trillion by value, while, in 2015, they totaled 3.6 billion by number or $0.07 trillion by value. Private-label prepaid card payments dropped at an annual rate of 0.3 percent by number but rose 15.0 percent by value. Hence, the average value of these payments rose from $13 to $20.

Payments made by prepaid EBT cards increased slightly from 2.5 billion in 2012 to 2.6 billion in 2015, or 1.7 percent per year, while the value of these payments also increased slightly from $0.07 trillion to $0.08 trillion, or 0.20 percent per year. The average value of prepaid EBT card payments declined slightly, from $30 to $29.

In 2015, non-prepaid debit and general-purpose prepaid cards were used in 5.8 billion cash withdrawals at ATMs, virtually the same level as in 2012, after dropping from 6.0 billion ATM cash withdrawals in 2009. The average value of ATM cash withdrawals rose from $118 to $122 between 2012 and 2015, continuing an upward trend in average value since 2003."

To minimize fraud and waste, banks and retailers began the migration to chip cards in the United States in 2015. The FRB study included findings about fraud:

"Payments with general-purpose cards using embedded microchips, which improve the security of in-person payments to help prevent fraud, have grown by 230 percent per year since 2012. But payments with the chip-based cards amounted to only about 2 percent share of total in-person general-purpose card payments in 2015, reflecting the early stages of a broad industry effort to roll out chip card technology. In 2015, the proportion of total general-purpose card fraud by value attributed to counterfeiting, the most prevalent type of in-person card fraud in the United States, was substantially greater than in countries where chip technology has been more widely adopted."

The United States was one of the last developed countries to switch to chip cards. So, chip card usage in the United States still has a long way to go. The types of fraud with debit/credit/prepaid cards:

  • Counterfeit card: Fraud is perpetrated using an altered or cloned card.
  • Lost or stolen card: Fraud is undertaken using a lost or stolen card.
  • Card issued but not received: A newly issued card sent via postal mail to a cardholder is intercepted and used to commit fraud.
  • Fraudulent application: A new card is issued based on a fake identity or on someone else’s identity.
  • Other: “Other” fraud includes account takeover and other types of fraud not covered above.
  • Fraudulent use of account number: Fraud is perpetrated without using a physical card.

Fraud is perpetrated via two channels: 1) in-person when the cardholder has their card, and 2) remote when the cardholder is not present (e.g., postal mail, online, telephone). To learn more, download the "2016 Federal Reserve Payments Study" (Adobe PDF) and/or read the FRB announcement.


Researchers Conclude Voting Systems In the USA Are Vulnerable To Hacking And Errors

McClatchyDC reported:

"Pennsylvania is one of 11 states where the majority of voters use antiquated machines that store votes electronically, without printed ballots or other paper-based backups that could be used to double-check the balloting. There's almost no way to know if they've accurately recorded individual votes — or if anyone tampered with the count... These paperless digital voting machines, used by roughly 1 in 5 U.S. voters last month, present one of the most glaring dangers to the security of the rickety, underfunded U.S. election system."

I strongly suggest that all voters read the entire McClatchyDC article. It is an eye-opener. Let's unpack the above paragraph. There's plenty to consider.

First, a significant number of voting districts across the nation use only paperless digital voting machines. A prior blog post confirmed this usage:

"... half of registered voters (47%) live in jurisdictions that use only optical-scan as their standard voting system, and about 28% live in DRE-only jurisdictions... Another 19% of registered voters live in jurisdictions where both optical-scan and DRE systems are in use... Around 5% of registered voters live in places that conduct elections entirely by mail – the states of Colorado, Oregon and Washington, more than half of the counties in North Dakota, 10 counties in Utah and two in California. And in more than 1,800 small counties, cities and towns – mostly in New England, the Midwest and the inter-mountain West – more than a million voters still use paper ballots that are counted by hand."

That prior blog post also included a map with voting technologies by district. Second, the paperless digital voting machines make recounts difficult to impossible. Why? They lack printed ballots or paper backups to re-scan and verify against the machines' recorded totals. Optical-scan voting machines are better since they use paper ballots. Those paper ballots can be re-scanned during a recount to verify the machines' totals. Reportedly, advanced countries including Germany, Britain, Japan and Singapore all require scannable paper ballots.

Third, all of this means paperless digital voting machines are a hacker's delight. Or a corrupt politician's delight. If one is going to hack voting systems with a low to zero chance of getting caught, then smart hackers would target machines without paper backups where tampering would be impossible to detect during recounts.

Fourth, the vulnerabilities aren't just theory, or what-ifs. The McClathcyDC article also reported:

"But a cadre of computer scientists from major universities backed Stein's recounts to underscore the vulnerability of U.S. elections. These researchers have been successfully hacking e-voting machines for more than a decade in tests commissioned by New York, California, Ohio and other states."

You can easily find reports online about the vulnerable machines, such as the Sequoia AVC Advantage used in Louisiana, New Jersey, Virginia, and Pennsylvania. Another example: last year, the State of Virginia de-certified using the AVS WINVote made by Advanced Voting Solutions, which had previously been used also in Pennsylvania and Mississippi. The security review by the Virginia Information Technologies Agency (Adobe PDF) is available online.

The Brennan Center for Justice (BCJ) produced a report in 2015: "America's Voting Machines At Risk" (Adobe PDF). The BCJ interviewed more than 30 state and 80 local election officials, plus dozens of election technology, administration and security experts. They also gathered input from "computer scientists, policy analysts, usability experts, election security experts, voting equipment vendors, and various innovators in the field of election technology." The BCJ's report summarized the problem:

"... an impending crisis... from the widespread wearing out of voting machines purchased a decade ago... Jurisdictions do not have the money to purchase new machines, and legal and market constraints prevent the development of machines they would want even if they had funds..."

The BCJ found:

"Unlike voting machines used in past eras, today’s systems were not designed to last for decades. In part this is due to the pace of technological change... although today’s machines debuted at the beginning of this century, many were designed and engineered in the 1990s... experts agree that for those purchased since 2000, the expected lifespan for the core components of electronic voting machines is between 10 and 20 years, and for most systems it is probably closer to 10 than 20... 43 states are using some machines that will be at least 10 years old in 2016. In most of these states, the majority of election districts are using machines that are at least 10 years old. In 14 states, machines will be 15 or more years old.

Nearly every state is using some machines that are no longer manufactured and many election officials struggle to find replacement parts. The longer we delay purchasing new equipment, the more problems we risk. The biggest risk is increased failures and crashes, which can lead to long lines and lost votes.

Older machines can also have serious security and reliability flaws that are unacceptable today. For example, Virginia recently decertified a voting system used in 24 percent of precincts after finding that an external party could access the machine’s wireless features to “record voting data or inject malicious data... Several election officials mentioned “flipped votes” on touch screen machines, where a voter touches the name of one candidate, but the machine registers it as a selection for another... Election jurisdictions in at least 31 states want to purchase new voting machines in the next five years. Officials from 22 of these states said they did not know where they would get the money to pay for them."

The USA can do better. It must do better. State and local elections officials must find the money. Elected politicians must help them find the money. Our democracy is at stake.

There is a glimmer of good news. Researchers at Rice University have developed a digital voting machine prototype that prints a paper trail. The paper trail provide verification of voters' selections, which would facilitate recounts and should replace the paperless DRE equipment. It is one of three publicly funded projects across the country. Bidding is open for manufacturers to produce the equipment.

While Stein's recount efforts ultimately failed, the vulnerabilities still exist. As McClatchyDC reported:

"The U.S. voting system — a loosely regulated, locally managed patchwork of more than 3,000 jurisdictions overseen by the states — employs more than two dozen types of machinery from 15 manufacturers.

So, something needs to be done soon to increase the security of DRE or paperless digital voting machines. It's time for voters to demand better voting security and accountability from state and local elections officials (and their politicians) who selected paperless voting equipment for their districts. It seems foolish to tighten voter ID and registration procedures while both under-funding and ignoring the vulnerabilities with paperless digital voting machines.

What are your opinions?