Author: bacohido

Los Angeles, Calif.,  Sept. 27, 2023 — Citing organized crime statutes, attorneys with Wisner Baum have filed the first RICO class action alleging that H&R Block, Meta, and Google jointly schemed to install spyware on the H&R Block site, scraping customers’ private tax return information for profit.

The suit comes on the heels of a July 2023 congressional report which found “a shocking breach of taxpayer privacy” when tax preparation companies shared millions of customers’ personal and financial information with Meta and Google, which used that information to create targeted ads.

The congressional report describes how Meta and Google helped H&R Block and other tax prep firms place “pixels” on the websites where customers entered tax information, in order to share that information with Meta and Google. The report found firms like H&R Block were “shockingly careless with their treatment of taxpayer data,” and that Meta had used this data to target ads to taxpayers, and also to train Meta’s AI algorithms.

The report further detailed a long list of troubling findings connected to Meta’s Pixel, including its default settings which provided “a broad set of sensitive information, from taxpayer reporting rental income to alimony.” Despite Meta’s claims that it “attempted” to filter sensitive data, including contact information, bank account and credit card numbers, and Social Security numbers, the congressional investigation “revealed serious gaps in this filtering mechanism,” and concluded that it “did not seem to work.” The congressional report recommended regulatory and criminal investigations.

With allegations that hew closely to congressional findings, Wisner Baum’s filing seeks damages from the three firms under the Racketeering Influenced and Corrupt Organizations Act, alleging that the three companies’ joint conduct constitutes a “pattern of racketeering activity” on “a massive scale.”

H&R Block, an international firm, reports that it prepares more than 20 million tax returns annually. The Internal Revenue Code specifies that tax preparation companies may not disclose any information furnished to them for any purpose other than to prepare a tax return.

The suit seeks to hold the three firms accountable, alleging a coordinated plan to install spyware which would give Meta and Google access to virtually all information submitted by customers through HRBlock.com. H&R Block, which describes itself as “a company that strives to do the right thing for our clients, our employees, and the community,” then made clients’  addresses, income, filing status, birthdates, dependents, and all tax return information available to Meta and Google for use in selling lucrative targeted advertising, the suit alleges.

James

“People have become more aware of issues like online privacy violations and identity theft in recent years, but it’s still shocking to see a household name like H&R Block being so reckless, and so flagrantly violating the law,” said Harrison James, Wisner Baum attorney who filed the lawsuit. “People gave H&R Block Social Security numbers, income information, and bank statements for tax prep, not to sell to the highest bidder.”

Wisner

“Most people would never post their kids’ college account or their retirement savings on Facebook, but H&R Block did something just like that when they handed customer income tax information over to a bunch of advertisers,“ said R. Brent Wisner, Wisner Baum’s managing partner. “It’s like your income tax guy handing your pay stubs and tax returns over to a marketing firm. H&R Block, Google, and Meta ignored data privacy laws, and passed information about people’s financial lives around like candy.”

The suit alleges that H&R Block, Meta and Google failed to adequately warn consumers in privacy policies that their data was being sold, and instead intentionally engaged in a comprehensive program to mislead consumers and share the data for their own financial gain, breaking an array of laws in the process.

The suit has been jointly filed with Pendley, Baudin & Coffin LLC and Coffin Law LLC in U.S. District Court, Northern District of California. The case number is 3:23-cv-04953.

About Wisner Baum: Wisner Baum represents over 18,000 plaintiffs in a broad range of civil litigation and has won more than $4 billion across all practice areas, including class action litigation, mass torts, commercial transportation cases, pharmaceutical product liability, and more. The firm has earned a reputation for breaking new legal ground, holding major corporations accountable, influencing public policy, and raising public awareness about important safety issues. Learn more at WisnerBaum.com.

London, UK and Austin, Tex., Sept. 27, 2023 — Organisations around the world are rushing to build API (application programming interface) marketplaces to foster greater connectivity between them and their partners and users.

Global spend on API marketplaces is set to reach $50b by 2030 and helping organizations make them a success, DigitalAPICraft is today announcing their partnership with Google and the appointment of HSBC exec Marco Tedone as CTO as they scale the business.

APIs form the connection points between platforms and ecosystems. Every connected mobile app, every website and every application deployed on a cloud service uses APIs and the number of APIs within organizations is growing rapidly. This has led to the prominence of API marketplaces which provide numerous benefits to developers and organizations. They simplify the process of designing and developing new applications and integrating and managing existing ones.

A major advantage of the API marketplace is improved collaboration, as APIs facilitate seamless communication among various cloud applications and platforms. This allows for automated workflows and enhanced collaboration in the workplace, bridging the gaps between disconnected systems and preventing information silos that can hamper productivity.

Bharath Kumar, CEO and founder of Digital API Craft: “Large organizations often operate in isolated silos, each composed of numerous factory teams. One recurring challenge faced by these enterprises is the need for standardization of tools and the consolidation of platforms and runtimes.

Kumar

“This issue is compounded by the growing complexity of APIs, including various types such as Rest, GraphQL, AsyncAPI, gRPC,  SOAP and others. Enterprises grapple with multiple API platforms such as Apigee, Kong, Mulesoft, Azure, AWS spanning the multi-cloud and On-Premises environments. This diversity poses API security risks, with numerous unmanaged and unsecured APIs, as well as ad-hoc API development practices, further complicated by irregular developer and partner onboarding processes.

“An API Marketplace would serve as a unified platform to consolidate existing tools and API platforms used by various teams and groups, providing a consolidated API catalog view and fostering collaboration and standardization throughout the enterprise.”

To address these challenges businesses, DigitalAPICraft’s One API product suite is an Enterprise-grade, white labeled API Marketplace to efficiently publish, consume, collaborate, govern and monetize internal and external APIs for developers, product owners, and 3^rd Party Partners & developers.

Today, DigitalAPICraft is partnering with Google Cloud as an ISV (Independent Software Vendor) partner and the DigitalAPICraft white-labeled enterprise API Marketplace is now available on Google Cloud marketplace. This partnership presents Google Cloud customers to quickly integrate with DigitalAPICraft and underlines the strength and depth of the offer. It offers a unique scale-up opportunity for the company.

DigitalAPICraft has also appointed Marco Tedone as CTO. He joins the company with nearly two decades banking experience, the last 12 of which while working for HSBC, where he led the API Strategy and Governance as well as Modern Architectures for the group. He brings extensive experience in running successful API Programmes and knows the dynamics that power API programmes in large and successful enterprises.

DigitalAPICraft was founded in 2017 by Bharath Kumar. He and the core technical team were part of the team that built the Apigee Edge API platform (part of Google Cloud). Today, they are a global team of over 100 spread across the US, UK and India.

Bharath Kumar added: “APIs play a crucial role in enabling digitization. They provide the foundation for modernization and help organizations build successful business ecosystems. Software engineering leaders must develop a systematic approach to manage and govern the use of APIs across their organization”.

About DigitalAPICraft: DigitalAPICraft is a leading provider of white-labeled private API Marketplace ??products. With its products in the API and cloud engineering space, helping organizations worldwide to optimize their API adoption and scalability. With its comprehensive Suite of APIMarketplace Products, DigitalAPICraft enables enterprises to publish, consume, collaborate, govern and monetize APIs effectively, ensuring seamless integration and enhanced customer experiences.For more information please visit: https://digitalapicraft.com/ or follow via LinkedIn, X or YouTube.

New York, NY, Sept. 27, 2023 – ACM, the Association for Computing Machinery has released “TechBrief: Generative Artificial Intelligence.”

It is the latest in the quarterly ACM TechBriefs series of short technical bulletins that present scientifically grounded perspectives on the impact and policy implications of specific technological developments in computing.

“TechBrief: Generative AI” begins by laying out a core challenge: the rapid commercialization of GenAI poses multiple large-scale risks to individuals, society, and the planet that require a rapid, internationally coordinated response to mitigate.

Leslie

“While generative AI technologies have seemingly burst onto the scene, we’ve long been familiar with many of the risks they pose, though at a smaller scale,” explains David Leslie, Director of Ethics and Responsible Innovation Research at The Alan Turing Institute, Professor of Ethics, Technology and Society at Queen Mary University of London, and co-lead author of the new TechBrief. “We need swift and global policy action to regulate generative AI applications as well as the so-called foundation models upon which they are built. We see this ACM TechBrief as a first step in that direction.”

The TechBrief defines GenAI as “a broad set of computing technologies and techniques that enable a computer to create content such as text, code, image, audio, speech, voice, music, and video,” also noting that “over the past decade, the development of sophisticated neural network architectures, combined with increasing computing capacity and access to vast bodies of training data, has led to a great expansion in their utility and uptake.”

Potential harms from generative AI identified by the new TechBrief include misinformation, cyberattacks, and even environmental damage. To mitigate these risks, the authors contend that AI law and policy should incorporate end-to-end governance approaches that address risks comprehensively and “by design.” Specifically, laws and policies must address how to govern the multiphase character of GenAI systems, and the foundation models (FMs) used to construct them.

Rossi

“Although the innovation potential of generative AI is clear, so too are risks of this technology that we must address through a complete, end-to-end governance approach that protects business and society,” said Francesca Rossi, IBM AI Ethics Global Leader and co-lead author of the TechBrief. “From critical early design-stage mechanisms such as stakeholder engagement and bias self-assessment, to implementation of guardrails in the application and post-deployment phases grounded in legal and policy measures, as well as technical features such as traceability, auditability and third-party oversight, we must establish a holistic process that ensures a GenAI system’s behavior improves how we live, learn, and work while being aligned to human values.”

Noting that a few major companies have taken the lead in developing and deploying generative AI technologies, the TechBrief also emphasizes that policymakers must pay close attention to potential power imbalances at the ecosystem level that could substantially affect the public interest. The TechBrief states “…when large-scale private sector organizations control the critical digital infrastructures on which the production and use of FMs and GenAI applications depend, this may create distorted financial incentives to further centralize economic power and disadvantage smaller or less well-resourced commercial, academic, and public sector stakeholders. Effective AI policy should consider addressing such power asymmetries directly.”

The key conclusions of “TechBrief: Generative AI” are:

•AI policy should incorporate end-to-end governance approaches that address risks “by design” and regulate at all stages of the design-to-deployment life cycle of AI products.

•Governance mechanisms for GenAI technologies must address the entirety of their complex supply chains.

•Actors should be subject to controls that are proportionate to the scope and scale of the risks their products pose, with corresponding legal liability and other concrete consequences for irresponsible practices.

ACM’s TechBriefs—which collectively have been downloaded to date nearly 40,000 times—are designed to inform policymakers, the public, and others about the nature and implications of information technologies. As with other TechBriefs in the ACM series, “Generative AI” includes an overview of the major policy implications of the technology, key statistics to put the issues in context, a narrative introduction to educate the public, and key conclusions. Previous ACM TechBriefs focused on the data trust deficit  , safer algorithmic systems  , climate change, facial recognition, smart cities, quantum simulation  , and election security  . Topics under consideration for future issues include media disinformation, content filtering, blockchain, accessibility and more.

About the ACM Technology Policy Council: ACM’s global Technology Policy Council sets the agenda for ACM’s global policy activities and serves as the central convening point for ACM’s interactions with government organizations, the computing community, and the public in all matters of public policy related to computing and information technology. The Council’s members are drawn from ACM’s global membership. It coordinates the activities of ACM’s regional technology policy groups and sets the agenda for global initiatives to address evolving technology policy issues. 

About ACM: ACM, the Association for Computing Machinery, is the world’s largest educational and scientific computing society, uniting educators, researchers, and professionals to inspire dialogue, share resources, and address the field’s challenges. ACM strengthens the computing profession’s collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking.

Media contact: Yeabsira Aklilu, Program Coordinator, yaklilu@wireside.com

Washington, DC, Sept.26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate.

The goal is to help avoid oversights, misunderstandings, or vague legislation that could invite abuses of power and short-sighted legislation of helpful technology.

As a result of collaborative efforts, the VTI Principles serve as a comprehensive set of best practices for VPN providers that bolster consumer confidence and provider accountability, promoting wider VPN adoption and access to the technology’s benefits.

Today VTI is announcing the launch of the VPN Trust Seal accreditation program, which provides a clear public indicator that a participating VPN provider follows established best practices for delivering service in the following five areas:

•Security: VPNs will use the necessary security measures, including strong encryption and authentication protocols, to appropriately address the risks.

•Advertising Practices: Given the complexity and different use cases for VPNs, claims must not mislead.

•Privacy: VPNs should keep as little data as they deem necessary to provide the service and only produce data to law enforcement when legally required.

•Disclosure and Transparency: To foster trust, member companies must take steps toward informing users and the public about their actions and procedures.

•Social Responsibility: VPN providers will promote VPN technology to support access to the global Internet and freedom of expression.

Dawson

Principles guiding VPN Trust Seal accreditation are informed by input from businesses, legislators, free speech advocates, and other outside experts to protect the privacy and security of VPN users; offer practical policy guidelines for VPN providers; and ensure policymakers, regulators, and the wider market have access to clear criteria for evaluating these technologies.

The inaugural group of VPN providers that have earned accreditation includes Certida, FastVPN, IvacyVPN, NordVPN, PureVPN, Surfshark, Texas.net, IPVanish, StrongVPN, eVenture Ltd, and ExpressVPN.

“Now when VPN customers try to determine which providers align with their ethics, they can look for the VPN Trust Seal and gain some assurances about the commitments behind the products they are looking to purchase,” said Christian Dawson, Co-Founder & Executive Director, i2Coalition.

For more detailed information on each of these principles and how to get the VPN Trust Seal, please visit the VTI website.

About i2Coalition’s VPN Trust Initiative: i2Coalition’s VPN Trust Initiative (VTI) is an industry-led consortium that promotes consumer safety and privacy online by increasing understanding of VPNs and strengthening business practices in an industry that already protects millions of Internet users. The VTI leverages first-hand knowledge to advocate, create, vet, and validate guidelines that strengthen trust and transparency and mitigate risk for users. To learn more about the VTI, please visit vpntrust.net.

About the i2Coalition: The Internet Infrastructure Coalition (“i2Coalition”) ensures that those who build the infrastructure of the Internet have a voice in public policy. We are a leading voice for web hosting companies, data centers, domain registrars and registries, cloud infrastructure providers, managed services providers, and related tech. We protect innovation and the continued growth of the Internet’s infrastructure which is essential to the global economy. Our coalition launched at a significant time in our industry’s history. The genesis of the organization began in 2011 when many of the i2Coalition founding and charter members joined forces during the successful effort to prevent SOPA and PIPA from becoming United States law. After mobilizing to ensure the Internet’s free flow of information and commerce, we realized the ongoing need for an industry voice, founding formally in 2012. To learn more about the i2Coalition and explore membership, please visit i2Coalition.com.

Helsinki, Finland, Sept. 22, 2023 – A leading global financial institution has selected PrivX as its privileged access management (PAM) solution. The customer is one of the largest and most important financial institutions in the world.

This is third major new significant lighthouse customer for PrivX in the USA. The initial contract value is approximately USD 0.25 million of annual recurring subscription revenue (ARR), including professional services. The contract is automatically renewable. Our approach with this customer is following our land-and-expand strategy.

Scalability, ease of use

The customer selected PrivX after a thorough evaluation of several leading PAM solutions. PrivX was chosen for its ease of use, scalability, and ability to help the customer eliminate static credentials and improve operational efficiency. Because of PrivX’s modern technology, it is also one of the easiest solutions to deploy in large environments. Often, organizations are not implementing PAM comprehensively, leaving some of their privileged user accounts under a risk of being compromised for criminal purposes.

Tunkelo

“We are excited to have this leading global financial institution enter their Zero Trust journey with our help,” said Dr. Teemu Tunkelo, CEO of SSH. “This organization is a highly demanding customer. PrivX is the most advanced hybrid lean PAM solution on the market.”

Benefits of PrivX

•Eliminates static credentials with passwordless authentication and just-in-time access, enabling easy implementation of Zero Trust access management solution.

•Easy to use for administrators and users.

•Seamless solution for certificate-based access.

•Improved operational efficiency through the elimination of “jump servers”.

Core of  SSH Zero Trust

PrivX is a modern PAM solution that helps organizations to control and manage access to their critical systems and data. PrivX is the core of our recently launched biometric, credential-less, and borderless solution – Zero Trust Suite.

Zero Trust Suite combines SSH’s proven-in-use communications security products into a modern passwordless, keyless, and borderless solution and further fortifying solutions with quantum-safe cryptography. Borderless means that today, cybersecurity threats are equally significant in internet, extranet, and intranet networks. Learn more about PrivX, Learn more about Zero Trust Suite

About SSH: SSH is a defensive cybersecurity company that safeguards communications and access between systems, automated applications, and people. We have 5,000+ customers worldwide, including 40 percent of Fortune 500 companies and major organizations in the Finance, Government, Retail, and Industrial segments. We help our customers secure their business in the age of hybrid cloud and distributed IT and OT infrastructures. Our passwordless and keyless Zero Trust solutions reduce costs and complexity while quantum-safe encryption keeps critical connections future-proof. Our teams and partners in North America, Europe, and Asia ensure customer success. The company’s shares (SSH1V) are listed on Nasdaq Helsinki. www.ssh.com.

Media contact: Teemu Tunkelo, CEO, tel. +358 40 5499605, email Teemu.Tunkelo@ssh.com

Chicago, Ill., Sept. 21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement. Organizations gathered to discuss courses and programs to address the critical cybersecurity workforce needs in the United States.

Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing. As a part of this effort, each organization made the following commitments:

MxD, in collaboration with the University of Maryland, Baltimore County, created the Cybersecurity for Manufacturing Operational Technology (CyMOT) program to increase the security of U.S. manufacturers from cyber-attacks by providing role-based training to the next generation of cybersecurity workers in manufacturing.  The 60-hour live-instruction course series targets roles in Artificial Intelligence engineering and cybersecurity and has been utilized by MxD partners, including Boeing, Dow, and Rolls-Royce to provide more than 175 current and future workers with skills unique to securing the manufacturing floor.

The CyMOT course series is tailored to meet the needs of each learner, including current manufacturing workers looking to upskill and future workers still learning the basics.  MxD commits to use the CyMOT curriculum and other courses to train, certify, and provide employment opportunities to underserved students at community colleges and historically Black colleges and universities across the United States.

Access Living is committed to launching an Independent Living Technology Program to address the gap in digital skills in the disability community to reach 150 disabled participants by the end of 2024. Participants identify an independent living goal to achieve using technology, like looking for work, job training, or accessing information and services. They then attend Access Living’s disability centered technology training course and receive one-on-one support.

Upon completion, participants who need it are given their own laptop or tablet and a year of free internet access. Funding for this program is in part from a Federal grant. Access Living is also committed to expanding its consulting and training services to include a team of certified digital accessibility specialists, all of whom have disabilities themselves. The team aims to improve the Internet and digital product accessibility not just for Access Living’s clients but overall by centering lived experience with disability in its consultation, evaluation, and remediation of websites, portals, apps, and other digital content and interfaces to ensure they meet or exceed accessibility standards.

CyberSkills2Work, a nationally scalable program led by the University of West Florida and supported by a coalition of 10 National Centers of Academic Excellence-designated higher ed institutions across the country, commits to adding 1,520 cybersecurity professionals to the nation’s cyber workforce over the next two years.  The program also commits to providing free training for transitioning military, first responders, veterans, military spouses, women, underrepresented minorities, and government personnel. The program will offer 22 additional training pathways that prepare learners for 16 cybersecurity work roles and 17 industry certifications. A $2.5 million NSA expansion grant funds this effort.

The College of Lake County (CLC) in Grayslake, IL, commits to using funds received through a Federal grant to convene a group of 50 manufacturing employers to grow the manufacturing sector and expand education and training, including cyber skill development, in the second largest manufacturing county in the state of Illinois. CLC also commits to expanding its Advanced Technology Center (ATC), dedicated to Industry 4.0 training and education, to incorporate critical, complementary workforce needs such as cybersecurity, data analytics, mechatronics, and robotics.

NIWC, a regional consortium of 11 community colleges connected to local workforce boards, commits to developing an IT training program to prepare individuals for entry to cybersecurity certificate and degree programs from which graduates have the appropriate knowledge to thrive in this sector. The approach intends to remove barriers, accelerate entry into highly specialized cybersecurity careers, and create greater access to a diverse talent pool for the IT industry.

Task Force Movement (TFM) prepares Transitioning Service Members, Veterans, disabled Veterans, and Military families with the tools they need to engage in cybersecurity career pathways via scholarships and public and public-private partnerships. In addition to the 50 scholarships TFM previously announced it will award over the next year, TFM is committing to expand this effort to directly support state and local leaders in implementing their own Task Force Movement programs, starting with two states in the first year.

About MxD: MxD (Manufacturing x Digital) is where innovative manufacturers go to forge their futures. In partnership with the Department of Defense, MxD equips U.S. factories with the digital tools, cybersecurity, and workforce expertise needed to begin building every part better than the last. As a result, our nearly 300 partners increase their productivity, win more business, and strengthen U.S. manufacturing. The partnership with the Department of Defense helps better equip the nation’s warfighter.

Media Contact: Mackie Hill, Marketing and Communications Manager, MxD, mackie.hill@mxdusa.org 312.281.6872