Good Monday morning. It’s December 23rd. Hanukkah started last night, Wednesday is Christmas, and Kwanzaa begins Thursday. 

Today’s Spotlight takes about 5 minutes to read. Want to chat about something you see here? Here’s a contact form exclusively for you.

1. News To Know Now

1. Apple, Amazon, and Google are partnering with technology and furnishings companies to create standard protocols for smart homes. The move will help consumers avoid an Apple-DOS or Betamax-VHS conflict regarding interoperability of smart home devices in the future.

Smart link: Connected Home over IP announcement.

2. Microsoft users reused hacked login credentials 44 million times in 2019. You have to stop reusing passwords. Every data breach that you learn about leads to more login credentials being traded and sold. Most people don’t need to worry about some kid hiding in a bedroom pecking out passwords. You have to worry about sophisticated programs that criminals use to try many passwords at once. Don’t make it easier for them.

3. A Facebook investigation found that a pro-Trump group with ties to China and criminal organizations used doctored identities and profile pictures created automatically by computers. Facebook removed The Epoch Times and eighty groups related to Epoch Group. More than 900 accounts were created in batches a few minutes apart with content focused at U.S. and Vietnamese Facebook users. Even more frightening was the organization’s use of $9 million in advertising to continue spreading disinformation. At the time of its takedown, the network had 55 million followers on Facebook, Instagram, and Twitter but the administrative work was automated.

Smart links: Coverage at Wired, The New York Times, and the Graphika report detailing the findings.

2. Location Tracking 

Nearly half of all Americans attempt to control the amount of location data that they provide apps and websites. Yet we also know that less than half of people delete an app when they post their location data. Instad, they attempt to fix the problem some more.

Location tracking is a critical part of the Internet’s cash-free economic model. Nearly every advertising campaign has a geographic component, which can be as encompassing as a country or as narrow as a retail store. The chance of your physical location being tracked while you interact online or have a phone or connected car is excellent.

Americans believe they are constantly being tracked, and they are correct. Game app Pokemon Go was used by 150 million people worldwide and captured location data every five seconds. Use a coffee shop or hotel’s Wi-Fi, and you may have given them permission to match your device’s unique MAC id to your identity. And if you sign on to that company’s app with the same device, your digital visit can be matched to the record of your physical visit creating a rich location tracking record. Google even has the ability to track Android phones by Bluetooth after the user turns off Bluetooth.

An anonymous source gave The New York Times a file with 50 BILLION records from the phones of 12 million Americans over a several month period. The Times analyzed the data and created a stunning interactive feature that was published last week: One Nation, Tracked.

Excerpts from this must-read piece:

• One search turned up more than a dozen people visiting the Playboy Mansion, some overnight. Without much effort we spotted visitors to the estates of Johnny Depp, Tiger Woods and Arnold Schwarzenegger, connecting the devices’ owners to the residences indefinitely.
  
  
• We spotted a senior official at the Department of Defense walking through the Women’s March, beginning on the National Mall and moving past the Smithsonian National Museum of American History that afternoon. His wife was also on the mall that day, something we discovered after tracking him to his home in Virginia. Her phone was also beaming out location data, along with the phones of several neighbors.
  
  
• The official’s data trail also led to a high school, homes of friends, a visit to Joint Base Andrews, workdays spent in the Pentagon and a ceremony at Joint Base Myer-Henderson Hall with President Barack Obama in 2017 (nearly a dozen more phones were tracked there, too).
  
  
• In one case, we observed a change in the regular movements of a Microsoft engineer. He made a visit one Tuesday afternoon to the main Seattle campus of a Microsoft competitor, Amazon. The following month, he started a new job at Amazon. It took minutes to identify him as Ben Broili, a manager now for Amazon Prime Air, a drone delivery service.

The Times says that they are as concerned as the source that gave them the data. They will only say that the data source is not a telecom or Big Tech company nor is it a government agency. That doesn’t narrow the field as much as you think because there are literally dozens of data brokers operating in this area. And while everything involved in this data capture and subsequent sale and resale is legal, we agree with the authors that location tracking only remains legal because most consumers don’t fully understand what is available to any business willing to buy the data.

Smart links
Most American Think They’re Constantly Being Tracked at MIT Tech Review
The State of Location Tracking Mobile Apps in 2019 at The Manifest
The Creators of Pokemon Go Mapped the World at Kotaku
Santa isn’t the Only One Tracking You This Holiday Season at Recode
Twelve Million Phones, One Dataset, Zero Privacy at The New York Times

3. Google Search Updates

Bing search results contain an “alarming amount of disinformation” according to a new report authored by Stanford’s Internet Observatory. The report faults Bing for publishing disinformation and misinformation at a much higher rate than Google. In analyzing 600 search results from each, researchers found that Bing reported 125 bad sources while Google reported 13 including anti-Semitic theories, vaccine misinformation, and white supremacist conspiracy theories. The study also found that student essay sites were shown as authoritative sites more often in Bing results than in Google.

Separately, SEO Roundtable published the results of an informal poll showing that only a small percentage of marketing agencies share Bing search performance with clients. You can add us to that group. We have the data, but it’s so small for our clients that we never highlight it.  

4. Debugged: RFK, Jr. Advertising Anti-Vax Information

Robert F. Kennedy, Jr. is leading the organizations responsible for more than half of the Facebook advertising that promotes misinformation and conspiracy theories about vaccines. His siblings including a former lieutenant governor and current member of Congress wrote an open letter in May stating that their brother “has helped to spread dangerous misinformation over social media and is complicit in sowing distrust of the science behind vaccines.”

Again, no link between autism and vaccines. Here’s the RFK Jr. info.

5. Also in the Spotlight: Causing a Seizure on Twitter

Writer Kurt Eichenwald suffered a seizure three years ago when someone angered by his tweet about recently-elected Donald Trump sent him a direct message tweet with a flashing pattern and a message. “YOU DESERVE A SEIZURE FOR YOUR POSTS.”

The man who sent the message is expected to plead guilty in a criminal case next month. He knew from Eichenwald’s writings that the writer has epilepsy and wrote others to tell them what he had done in the hopes of harming the writer remotely.

The Washington Post has the full story.

6. Great Data: Tracking the President’s Location

As part of its amazing coverage last week, the Times found a data set that it tracked to a Secret Service agent traveling with the president. The Times then mapped the agent’s movements and compared them to the president’s movements that day. 

The data is mind boggling, and the Times shows the same thing at military bases, nuclear plants, and the C.I.A.

Check it out here.

7. Protip: AVG & Avast Removed by Google

Google took a very public step and removed four Chrome anti-virus extensions using AVG and Avast, which are owned by the same company. A security researcher says that the programs collect more information than necessary or expected. They join Kaspersky as anti-virus programs you don’t want to risk using.

Read more at 9 to 5 Google.

8. Following Up: Influencers & Ring Cameras

We told you the Truth about Influencers at the beginning of this month. Now Instagram has banned advertisers from paying influencers to promote vaping or guns, according to NBC News.

And we told you last week that Ring was blaming user error for security problems related to its popular cameras. Motherboard’s article last Tuesday disputes that notion. It’s headline: We Tested Ring’s Security. It’s Awful.

9. ICYMI — Top links from the past 30 days

Tinder Lets Known Sex Offenders Use The App at ProPublica.

Securing Smart TVs at the FBI’s Portland Oregon office.

The Fried Chicken-Scented Fire Log at KFC.

10. Coffee Break: The Deep Sea

Start scrolling and you’ll immediately see images of a salmon and a manatee. Around 132 meters, you’ll see a snapper and a stingray. Other creatures of the deep await: the wolf eel, gummy shark, and sea angel.

Have fun with this final frontier, Cap’n.

When you’re done, click here for a free Spotlight subscription.

Good Monday morning. It’s December 16th. The Rise of Skywalker, Disney’s final installment in the Star Wars Skywalker Trilogy, premieres Friday. Analysts expect that this will be Disney’s seventh film in 2019 to generate at least one billion dollars in revenue.

Today’s Spotlight takes about 4 minutes to read. Want to chat about something you see here? Press your email reply button or click the silver “Write George” button below.

1. News To Know Now

1. New Orleans and Pensacola were hit by ransomware attacks. New Orleans officials said that emergency services were not affected but that all city employees were required to log off their computers. City officials expect lingering issues to continue disrupting services this week. Pensacola didn’t fare as well and experienced disruptions in sanitation, energy, and city management. New Orleans joins Atlanta and Baltimore as major city governments disrupted by ransomware attacks since 2018.

Smart links:   Nola.com’s latest coverage, Bleeding Computer’s tech analysis

2. Security troubles also plagued Amazon’s Ring camera this week. People in four states have reported that their Ring device has been used by an outside person who has called them names or interacted with their children. Ring said this weekend that consumers are using login ids and passwords they have used on other systems and that their system has not been compromised.

Our take: Anyone using smart home technology should understand that the system will be compromised at some point, even if only by a house guest who mistakenly accesses the wrong information. Use strong passwords, a password management system, and two factor authentication on everything possible to minimize your exposure.

3. Project Maven is an advanced drone image recognition system that Google withdrew from last year after pressure from its employees. Bloomberg reported Friday that defense contractor Palantir has been awarded the contract to resume the project. 

2. Internet Censorship

The Palantir-Google difference over Project Maven is at the heart of an inflection point technology companies are wrestling with. Working on projects your organization’s ethics support is an easy call. The dilemma companies face today is whether their scientists will work on projects used by governments to do ethically questionable things. 

Palantir’s Peter Thiel likens it to the same dilemma organizations faced when deciding whether to work on atomic weapons. Speaking at the Reagan National Defense Forum, Thiel said today’s technologists lack the perspective previous generations had during the 1960s and 1970s when the concept of a military-industrial complex took hold in the public’s awareness.

As the internet becomes required for more activities, governments are finding new ways to practice internet censorship. A new Chinese law requires every person establishing mobile phone service to submit to a facial scan. Critics have argued that facial recognition has played a large role in China’s handling of monthslong protests in Hong Kong.

In Russia, President Vladimir Putin signed a bill last Monday requiring that all internet-capable devices, including televisions, have pre-installed Russian apps. The law takes effect next summer and will require companies such as Apple and Samsung to comply. Refusing means being shut out from sales in the world’s ninth most populous country.

India uses spot internet outages to control information in areas with political unrest. Prime Minister Narendra Modi cut Internet access this summer to an area where seven million people live. His actions are not unique. An excellent overview at Ozy describes 196 internet shutdowns in 2018. Here’s a map they created showing countries (in red) that have experienced internet censorship.

3. Google Search Update

The biggest commitment Google has made to idea diversity is reflected in the latest version of its search quality evaluator guidelines released this month. These guidelines are used by specially trained employees who provide a human check on how the search engine’s algorithms rank websites.

Make no mistake: search is automated. Evaluators don’t even overrule the algorithms. Instead their ratings are used to refine the algorithms that create search results.

Google now includes political affiliations when describing its users having different ages, genders, races, and religions. Evaluators are constantly cautioned to rate sites in as neutral a manner as possible while being wary of allowing age, gender, or political affiliation to bias their reports.

Smart links: Search Engine Land coverage, Search Evaluator Guidelines (168 page PDF)

4. Debugged: That Was Not a Paid Celebrity Breakup

Consumers can now buy celebrity video shoutouts online at prices ranging from $25 to $1,000. Former Sugar Ray frontman and TV host Mark McGrath made headlines when a video he made appeared to be paid for by a woman breaking up with her boyfriend.

It was a hoax done by someone to jump start his Twitter account. That failed too.

5. Also in the Spotlight: DNA Database Sold

DNA kits purportedly showing a person’s heritage are always hot items during gift giving holidays. You may want to hold off uploading your results elsewhere though after industry site GEDmatch was sold to Verogen, a DNA analysis company that works with law enforcement.

How: GEDmatch is a third-party service that people voluntarily use to find relatives. Disclosure: I’m a user of the free service, and it does work. Smart police officials have begun using DNA obtained in criminal investigations to find relatives too, a process that GEDmatch users can opt out of. California police found the Golden State Killer in 2018 by matching DNA on the site and using genealogy to identify possible suspects.

Then: GEDmatch quickly created a process to allow people to opt out of sharing their DNA with law enforcement, which seemed like the best solution. Then a state judge forced GEDmatch last month to comply with a warrant allowing police to find people related to a serial rapist whose DNA police had. 

What’s next: GEDmatch is convenient because more than one million people participate by uploading their DNA results but there’s no reason why a judge couldn’t issue warrants to the major companies selling DNA kits.

Food for thought: Maybe being able to identify a serial rapist or murderer using DNA and genealogy is a good thing.

6. Great Data: Big Media Owners

Great data provides context. Recode heeded that axiom with their most recent infographic about media and communications ownership. Giants like Google and Facebook are tucked neatly to the side to show how relatively tiny Lionsgate compares with giants like AT&T, Verizon, and Disney. Each company’s major assets are shown so that users can understand that MGM owns the Epix cable network and the James Bond film franchise.

The color-coding, scale, and notes make this great.

7. Protip: Send Websites & Docs Between Desktop & Android

Google Chrome has a new feature that allows you to share a clipboard between your devices. You can send a website page from your phone to your computer or vice versa without emailing them. It’s really a timesaver.

The Next Web has the step-by-step details.

8. Bizarre Bazaar: LED Bow Ties and Suspenders

With New Year’s Eve barreling towards us far too fast, who else needs a snazzy LED bow tie and suspender set?  They even blink if you’re so inclined.

Seven colors to choose from too

9. ICYMI — Top links from the past 30 days

Animated bar chart showing social media use by age – at Visual Capitalist

Step-by-step instructions on protecting fitness tracker data – at Wired

When Baltimore’s mayor repeated a hoax about white vans – at CNN

10. Coffee Break:  Canada’s Worst Artichoke Dip

From the oldie but goodies file, this is a two minute video segment on holiday potluck sharing on Canada’s Global News. Seems one of the broadcasters isn’t a fan of cooking and botched an artichoke dip recipe. Thanks to the glory that is live television, you get to laugh too.

Oh, Leslie, what did you put in there?

When you’re done, click here for a free Spotlight subscription.

Good Monday morning. It’s December 9th. The Fed’s Open Market Committee meets for two days starting tomorrow. The entire financial world seems to expect interest rates to remain unchanged. 

Today’s Spotlight takes about 4 minutes to read. Want to chat about something you see here? Here is a contact form.

1. News To Know Now

1. Uber faces more scrutiny after an internal report released Thursday detailed nearly 6,000 incidents of sexual assault or misconduct for 2017-2018. The company is betting big that transparency and education will help it address the issue. Meanwhile Match Group, which owns 45 dating sites including Tinder, OK Cupid, and Plenty of Fish, acknowledged that it does not verify user information against a sex offender registry. 

Smart links: Uber safety report, ProPublica dating app investigation

2. Domain registration fees for dot org names are expected to climb next year for the first time in sixteen years. The companies that sell organizations those domains pay a capped $9.05 wholesale price, but the registry has been purchased by a venture capitalist. Various government agencies and NGOs report that they lack any authority to get involved with the deal. 

Our take: Expect but don’t worry about a price increase. Even if the price doubled, it’s probably not worth renewing all your domains now.

3. We told you this summerabout Samsung warning consumers about viruses on smart TVs. We even give you a link to check your TV and caught some flack from very cool tech friends who insisted that we move along because there was nothing to see here. Then the FBI’s Oregon office issued a news release last week that said an unsecured television can provide a path for hackers to reach your router. The bottom line is that this is still a long shot, but it’s possible. Aren’t you glad you’re a Spotlight reader?

Smart links:Our July 1 issue, FBI: Securing Smart TVs

2. TikTok Explained

Think of video app TikTok as a child of YouTube and Snapchat. Users can post video stories of up to one minute — a relative eternity in video. Arising from the roots of karaoke, lip syncing, and stupid human tricks, TikTok is enjoying its doubling phase when user growth each quarter makes year-over-year comparisons worthless.

TikTok has 800 million active monthly users. About 60% of those are in China. Another 26 million are in the U.S., and sixty percent of those users are between the ages of 16 and 24. The market share of the teen-to-24 group is remarkable. There are 43 million U.S. residents in that age bracket, and more than 15 million of them use TikTok.

You have probably heard about Congressional hearings where TikTok’s Chinese ownership and its perceived security threat make for great headlines. We have no knowledge that would suggest Chinese mind control is possible or that the Chinese government doesn’t already have ridiculously robust data about all Americans since it’s available all over the dark web. There are certainly more serious digital sercurity issues.

The app is fast-moving, often seeing memes and fads rise and dissipate within days. Users are spending a very long average of five minutes per session on the app and open the app multiple times per day. You’re not wrong if you think that sounds like your mother’s Candy Crush fix. U.S. General Manager Vanessa Pappas spent a big chunk of her career as a YouTube exec where she was also blessed with an app that has ubiquitous reach and great engagement. TikTok claims U.S. users spend a total of 46 minutes on the app each day.

Advertisers are rushing to reach this audience of young, addicted community members. Bytedance, TikTok’s parent company, booked more than $7 billion in revenue for the first half of 2019. The company had been using a traditional advertising model but is quickly moving to a self-service advertising platform like Google, Facebook, and other digital platforms use. The catch for now is that most advertisers — most adults, for that matter — still don’t have the understanding of the platform that would allow it to spend money wisely.

Congress aside, the waters are still choppy for TikTok. News came last week that a group of parents have filed a class action suit against the company regarding its data practices with minors. We also learned that moderator guidelines for the site instruct staff and contractors to restrict amplifying videos made by overweight, disabled, or LGBTQ contributors. Meanwhile growth at the company is creating an acute need for technical staff. The company has recently hired more than two dozen staffers from nearby Facebook and is reportedly paying salaries of 20% more.

Learn more:The leaked pitch deck at AdAge, revenues at CNBC, hiring at NBC, moderation guidelines screen out disabled, overweight people at Netzpolitik.

3. Google Search Updates

• Continuing its quest to have searchers stay on Google’s search results pages instead of visit websites, Google is asking shippers to supply them with a feed of logistics data. Google can currently understand which carrier used which tracking number. Now it wants to give you the tracking information without sending you to the company. As a consumer, you won’t care. As a business leader, you may be starting to feel horror at the amount of non-Google information that Google is attempting to become the provider for.
  
  
• Song lyrics are a popular fact-based item that has gotten Google in trouble before. Now lyrics site Genius is suing the search engine for allegedly taking the company’s transcriptions. Genius apparently seeded its song lyrics in a way that allows them to tell when they’ve been copied. Neither Genius nor Google own the song lyrics. This is a messy harbinger of the fights to come between search and organizations over what can appear in search results.

4. Debugged: The White Van Myth

CNN seemed incredulous when Baltimore Mayor Jack Young warned Monday that people should not park near a white van and should keep their phones handy in case they were abducted. The tip wasn’t from the FBI or the Baltimore police but the mayor said he saw it “all over Facebook.”

Here’s the debunking, if you really needed a fact check.

5. Also in the Spotlight: Don’t Romanticize Plantations

The Knot, Brides, and Pinterest are telling couples planning weddings that they will remove references to plantations on their websites. They also now prohibit content that romanticizes plantations. The sites are also working to remove existing content from appearing in search engines.

BuzzFeed broke the story early last week.

6. Great Data: Who Wrote Shakespeare?

Literature professors have long told people that Shakespeare likely had a collaborator of some sort. A Czech data scientist has written an algorithm that suggests a playwright named John Fletcher was that man. The algorithm is able to identify each author’s style and credits Fletcher with writing nearly half of Henry VIII.

MIT Technology Review has details.

7. Protip: Protect Your Health & Fitness Data

If you’re ready for a new fitness app or gadget during the holidays or hope to make some great resolutions this new year, then you’ll want to pay attention to how much of your health and fitness data is being shared.

Wired has step-by-step directions for each major platform.

8. Bizarre Bazaar: Fried Chicken Log

Oh, KFC, why you wanna hurt me like this? 

The food chain is selling an Enviro-Log made from recycled material that smells like fried chicken. It’s available for $18.99 (yes, really) exclusively at Walmart (insert your own joke here).

The copy cautions that the smell may attract bears or hungry neighbors.

9. ICYMI — Top links from the past 30 days

See how your web browser shares information about you — at Robin Linus

The funniest things photographed by street mapping cars — at Street View Fun

Learn how locals are fighting climate change — at Moms Clean Air Force

10. Coffee Break: That Pizza Commercial

Twenty-one years ago, Mikhail Gorbachev made a commercial for Pizza Hut. There were only eight leaders of the Soviet Union, including Lenin, Stalin, and Khrushchev, and the one who made this pizza commercial.

When you’re done, click here for a free Spotlight subscription.