A federal judge in Virginia ruled Tuesday that the City of Norfolk’s use of nearly 200 automated license plate readers (ALPRs) from Flock is constitutional and can continue, dismissing the entire case just days before a bench trial was set to begin.

The case, Schmidt v. City of Norfolk, was originally filed in October 2024 by two Virginians who claimed that their rights were violated when the Flock network of cameras captured their cars hundreds of times, calling the entire setup a “dragnet surveillance program.”

However, in a 51-page ruling, US District Court Judge Mark S. Davis disagreed, finding that the “…plaintiffs are unable to demonstrate that Defendants’ ALPR system is capable of tracking the whole of a person’s movements.” //

I intended to NOT drop what I was doing and just let the video play in the background. But after 1 minute, I dropped what I was doing to give the video my full attention. https://www.youtube.com/watch?v=vU1-uiUlHTo

See also "We’re All So F’d | NVIDIA x Palantir, Global Surveillance, 'Pre-Crime' Arrests, & AI." https://www.youtube.com/watch?v=5lYsO4k7OIY

It may well be that IP addresses are simply the wrong starting place to fulfil these desires relating to compliance, security, customisation and performance: "You cannot get to where you want to go to from where you appear to be!"

EFF is against age gating and age verification mandates, and we hope we’ll win in getting existing ones overturned and new ones prevented. But mandates are already in effect, and every day many people are asked to verify their age across the web, despite prominent cases of sensitive data getting leaked in the process.

At some point, you may have been faced with the decision yourself: should I continue to use this service if I have to verify my age? And if so, how can I do that with the least risk to my personal information? This is our guide to navigating those decisions, with information on what questions to ask about the age verification options you’re presented with, and answers to those questions for some of the top most popular social media sites. Even though there’s no way to implement mandated age gates in a way that fully protects speech and privacy rights, our goal here is to help you minimize the infringement of your rights as you manage this awful situation.

Introducing Confer, an end-to-end AI assistant that just works.

Moxie Marlinspike—the pseudonym of an engineer who set a new standard for private messaging with the creation of the Signal Messenger—is now aiming to revolutionize AI chatbots in a similar way.

His latest brainchild is Confer, an open source AI assistant that provides strong assurances that user data is unreadable to the platform operator, hackers, law enforcement, or any other party other than account holders. The service—including its large language models and back-end components—runs entirely on open source software that users can cryptographically verify is in place.

Data and conversations originating from users and the resulting responses from the LLMs are encrypted in a trusted execution environment (TEE) that prevents even server administrators from peeking at or tampering with them. Conversations are stored by Confer in the same encrypted form, which uses a key that remains securely on users’ devices. //

All major platforms are required to turn over user data to law enforcement or private parties in a lawsuit when either provides a valid subpoena. Even when users opt out of having their data stored long term, parties to a lawsuit can compel the platform to store it, as the world learned last May when a court ordered OpenAI to preserve all ChatGPT users’ logs—including deleted chats and sensitive chats logged through its API business offering. Sam Altman, CEO of OpenAI, has said such rulings mean even psychotherapy sessions on the platform may not stay private. Another carve out to opting out: AI platforms like Google Gemini may have humans read chats.

The result would be a "checkpoint society" where identity checks become an unavoidable part of daily life, Big Brother Watch says.

The group says such a system would fundamentally alter the relationship between citizen and state, creating a surveillance infrastructure vulnerable to abuse, discrimination, and hacking. A Big Brother Watch poll, carried out by YouGov, shows that 63 percent of Brits don't trust the government to protect their data – hardly surprising given Whitehall's track record of bungled IT projects, data leaks, and multi-billion-pound write-offs.

The group has also sounded the alarm over the UK's existing digital identification system, One Login, which underpins the credential issuing process in the so-called "BritCard" proposal, which it says is known to suffer from substantial cybersecurity and data protection weaknesses.

Big Brother Watch also warns of mission creep, arguing that once a system is live, "voluntary" quickly becomes mandatory. Those who fail or refuse to enrol risk being locked out of jobs, housing, or healthcare, while errors could leave people wrongly excluded from essential services.

"The notion that digital ID will provide a magic-bullet solution for unauthorised immigration is ludicrous," said Rebecca Vincent, interim director of Big Brother Watch. "It will not stop small boat crossings, and it will not deter those intent on using non-legal means of entering the country from doing so. But digital ID will create a huge burden for the largely law-abiding 60 million people who already live here and insert the state into many aspects of our everyday lives."

That led to a quick trip to an 'Urgent Care' - the frontline medical center for most Americans. At the check-in counter, the check-in nurse asked to see some ID, so I handed over my Australian driver's license. The nurse looked at the license and typed some of the info on it into a computer, then they looked up at me and asked: "Are you the same Mark Pesce who lived at...?" and then proceeded to recite an address that I resided at more than half a century ago.

Dumbstruck, I said, "Yes...? And how did you know that? I haven't lived there in nearly 50 years. I've never been in here before - I've barely ever been in this town before. Where did that come from?"

"Oh," they replied. "We share our patient data records with Massachusetts General Hospital. It's probably from them?"

I remembered having a bit of minor surgery as an 11 year old, conducted at that facility. 51 years ago. That's the only time I'd ever been a patient at Massachusetts General Hospital.

Somehow that had never been forgotten.

We seem perfectly willing to accept that everything we do today leaves a permanent record. It appears that long before Eric Schmidt declared, "Privacy is dead," any of our pretensions to privacy had already joined the Choir Invisible. //

I don’t much care how my records made it into 2025. I am interested in why nobody ever decided to delete them.

I realize we all want our medical records instantly available to inform treatment in moments of great need. But half a century of somewhat senseless recordkeeping strains credulity. Most likely my record remained in that database simply because it's never been cleaned out - an operation that would take time and budget that would never be approved because, why would you ever delete patient data?

This has the feel of a situation we had no idea we were making for ourselves - countless sensible decisions culminating in a ridiculous outcome. Go forward another fifty years, when it's quite likely I, too, will have joined the Choir Invisible. Will my patient record still be in that database? What purpose would that serve? If my records as a child are in there, half a century later, it's easy to imagine this database holds records of many other people who have passed on and therefore shouldn't be in there at all. Privacy lost to laziness. //

Alex 72
Reply Icon
Medical records should be kept but access should be controlled
I agree yes you want medical records kept, patient history is always useful and provided they are only shared with the patient or a doctor or other professional they have consented to be cared for by, and who is not engaged in malpractice, it's not harmful. The hard part is drawing the line on how much anonymised data can be used for research, ensuring that data remains anonymous and managing consent for sharing data when patients are treated elsewhere or researchers want to use data from multiple sources.

and if you keep them for someone's entire lifespan then you should provided they did not object in their lifetime and next of kin explicitly consent or at least don't object probably archive it for future research in the near/medium term and historical value in the long term. Again managing consent, allowing reasonable anonymised research in the public interest, preventing de-anonymisation and deciding the limits of how long parts of it stay private vs when genealogists and historians can have unrestricted access.. is the challenge.

To do any of this effective durable storage, access control, authentication and authorisation are just some of the challenges. I have seen data analytics firms who's job is just this struggle to get everything correct so a group of organisation just trying to provide healthcare, research, treatments, disease, prevention.... Having to do this as an add on with a limited budget I am honestly impressed its only now with ransomware we are starting to see issues and paper records were not being stolen and abused on a massive scale in the past...

I don't know the answer but I don't think its the delete key

Gene CashSilver badge
Why would you ever delete patient data?
Yes, seriously.

I can understand other records, but not medical ones.

I was able to get proper medical care, including surgery, for a broken coccyx after proving I had fallen off a hay bale in 1973 and seriously injured myself, and thus it was a chronic thing and not just the minor recent incident my doctor insisted it was. I would have otherwise not been considered eligible for the surgery.

And after you're dead, it's no longer a privacy issue and becomes historical records. It's no different than census records.

Should this data be held indefinitely? Yes.

This is the same sort of data that let me piece together that my great^9 grandfather was Edward Reavis, born 1680 in Paddington, England, and left to come to Virginia, after being held in Newgate prison for his religious beliefs. He moved to Henrico county, Virginia in 1721 and died in Northampton county, North Carolina in 1751. I've also found 454 other relatives down to me, through a ton of things including bible notes, estate papers, census records, marriage records, medical records, military records, family papers, private letters, obituaries, social security records, tombstones, and even old wedding invitations.

The Solid protocol, invented by Sir Tim Berners-Lee, represents a radical reimagining of how data operates online. Solid stands for “SOcial LInked Data.” At its core, it decouples data from applications by storing personal information in user-controlled “data wallets”: secure, personal data stores that users can host anywhere they choose. Applications can access specific data within these wallets, but users maintain ownership and control.

Solid is more than distributed data storage. This architecture inverts the current data ownership model. Instead of companies owning user data, users maintain a single source of truth for their personal information. It integrates and extends all those established identity standards and technologies mentioned earlier, and forms a comprehensive stack that places personal identity at the architectural center.

This identity-first paradigm means that every digital interaction begins with the authenticated individual who maintains control over their data. Applications become interchangeable views into user-owned data, rather than data silos themselves. This enables unprecedented interoperability, as services can securely access precisely the information they need while respecting user-defined boundaries.

Solid ensures that user intentions are transparently expressed and reliably enforced across the entire ecosystem. Instead of each application implementing its own custom authorization logic and access controls, Solid establishes a standardized declarative approach where permissions are explicitly defined through control lists or policies attached to resources. Users can specify who has access to what data with granular precision, using simple statements like “Alice can read this document” or “Bob can write to this folder.” These permission rules remain consistent, regardless of which application is accessing the data, eliminating the fragmentation and unpredictability of traditional authorization systems. //

Peter Galbavy • July 24, 2025 9:30 AM

Maybe I have failed to have boned up on Solid, but the charming naivete that people will maintain their own personal data stores in an honest and trustworthy way is only slightly less laughable than how it’s done right now. Or maybe not.

Again, perhaps, because I have not spent any time looking at the actual protocol details I am confused where the veracity comes from? Or am I suddenly able to call myself an Admiral with a law degree and a healthy trust fund as a credit line?

Financial criminality would be democratised overnight, if nothing else.

atanas entchev • July 24, 2025 11:01 AM

The Solid protocol is charmingly naive. It assumes — like the early internet — good-will participation from everyone. We know that this is not how the real world functions.

What is to stop bad actors from building and presenting a fake profile / history / whatever?

Peter A. • July 24, 2025 11:11 AM

There’s also another problem: partial identities, pseudonymous/fake identities, companies that collect too much data, etc. Having a data store that has it all is a bit risky, as you can accidentally share too much, especially the people that are a little less competent with all that computer stuff.

Shashank Yadav • July 24, 2025 8:57 AM

People like to own things which accord them status or meaningful utility – which is where all expectations of users considering data ownership falter.

Moreover, for enterprise users this may work, the vast majority of individual users cannot be expected to maintain such personal data pods. Hypothetically, let us say you make a law requiring this way of data management, there will immediately be third-parties who people would prefer to handle this for them. Kind of like the notion of consent managers in India’s data protection laws, because competent and continuous technical administration cannot be expected from ordinary users.

Encrypted chat apps like Signal and WhatsApp are one of the best ways to keep your digital conversations as private as possible. But if you’re not careful with how those conversations are backed up, you can accidentally undermine your privacy.

When a conversation is properly encrypted end-to-end, it means that the contents of those messages are only viewable by the sender and the recipient. The organization that runs the messaging platform—such as Meta or Signal—does not have access to the contents of the messages. But it does have access to some metadata, like the who, where, and when of a message. Companies have different retention policies around whether they hold onto that information after the message is sent.

What happens after the messages are sent and received is entirely up to the sender and receiver. If you’re having a conversation with someone, you may choose to screenshot that conversation and save that screenshot to your computer’s desktop or phone’s camera roll. You might choose to back up your chat history, either to your personal computer or maybe even to cloud storage (services like Google Drive or iCloud, or to servers run by the application developer).

Those backups do not necessarily have the same type of encryption protections as the chats themselves, and may make those conversations—which were sent with strong, privacy-protecting end-to-end encryption—available to read by whoever runs the cloud storage platform you’re backing up to, which also means they could hand them at the request of law enforcement.

“…as a condition of participating in the modern economy, Americans are forced to disclose details of their private lives to a financial industry that has been too eager to pass this information along to federal law enforcement.”

A report from the House Judiciary Committee and Government Weaponization Subcommittee exposed the FBI for abusing the Bank Secrecy Act (BSA) to spy on Americans’ bank accounts without a warrant.

“Documents show that federal law enforcement increasingly works hand-in-glove with financial institutions, obtaining virtually unchecked access to private financial data and testing out new methods and new technology to continue the financial surveillance of American citizens,” according to the report.

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

At issue is the way that Apple collects and publicly shares information about the precise location of all Wi-Fi access points seen by its devices. Apple collects this location data to give Apple devices a crowdsourced, low-power alternative to constantly requesting global positioning system (GPS) coordinates.

Both Apple and Google operate their own Wi-Fi-based Positioning Systems (WPS) that obtain certain hardware identifiers from all wireless access points that come within range of their mobile devices. Both record the Media Access Control (MAC) address that a Wi-FI access point uses, known as a Basic Service Set Identifier or BSSID.

Access Your LexisNexis® Consumer Disclosure Report

See what information about you is maintained in our files by requesting a Consumer Disclosure Report. The report includes items such as real estate transaction and ownership data, lien, judgment, and bankruptcy records, professional license information, and historical addresses.

Verisk no longer receives driving behavior data from automakers to generate Driving Behavior Data History Reports. Verisk no longer provides Driving Behavior Data History Reports to insurers. If you’re interested in receiving a copy of your Driving Behavior Data History Report, please click on the link at the bottom of the page. The driving behavior related data Verisk can offer you will vary by auto manufacturer. See table below.

To find out how it happened, I called our dealership, a franchise of General Motors, and talked to the salesman who had sold us the car. He confirmed that he had enrolled us for OnStar, noting that his pay is docked if he fails to do so. He said that was a mandate from G.M., which sends the dealership a report card each month tracking the percentage of sign-ups.

G.M. doesn’t just want dealers selling cars; it wants them selling connected cars.

Our Bolt automatically came with eight years of Connected Access, a feature we didn’t know about until recently. It allows G.M. to send software updates to our car but also to collect data from it — actions consented to during OnStar enrollment. //

What I can say is that, regardless of who pushed the consent button, this screen about enrolling in notifications and Smart Driver doesn’t say anything about risk-profiling or insurance companies. It doesn’t even hint at the possibility that anyone but G.M. and the driver gets the data collected about how and where the vehicle is operated, which it says will be used to “improve your ownership experience” and help with “driving improvement.” //

A new car, like mine, has hundreds of sensors, the former employee said, so even just a 15-minute trip creates millions of data points, including GPS location — all of which is broadcast in near real time to G.M. He expressed concerns about the insurance industry’s use of this data because it lacked context about the situation that might have led a driver to slam on the brakes or swerve out of a lane. //

The House of Representatives failed to pass legislation renewing Section 702 of the Foreign Intelligence Surveillance Act (FISA), a controversial provision allowing federal agencies to spy on noncitizens without a warrant.

Amid a strong push to “KILL FISA” from former President Donald Trump, more than a dozen Republican lawmakers voted against the measure, which would have renewed Section 702 for another five years. //

If Congress fails to pass legislation renewing Section 702 by the April 19 deadline, it is poised to sunset. This could signal that the tool might no longer be available for federal agencies to use for surveillance purposes.

Think of it as the modern form of,

“Give me six lines…”

[1] Contrary to what people think, guard labour [police] has little or no interest in either justice or correctly solving crime. As I’ve noted before their process is,

1, Build a list of suspects.
2, Prune the list down.
3, Look not for evidence but what a prosecutor can use to confound a jury thus get them to believe in nonsense to obtain a conviction.
4, Get any kind of conviction to keep politicians / funds holders happy.

That is once you are on the guard labours short list they immediately fail to carry out one of their primary requirments which is that of “impartiality”. That is they don’t look for, ignore, or hide information that might show you are innocent, so they can get the case closed quickly and most importantly as cheaply as possible.

This legislation is a Joe Biden Special, signed off after a bipartisan statute was delivered to his desk. Rep. Thomas Massie attempted to defund the mandate but his amendment was defeated in a 229 - 201 vote.

The kicker is that the technology demanded by Congress to accurately detect whether a person is intoxicated or incapacitated doesn't exist yet. It's effectively Congress taking control of private industry and demanding that they meet a requirement with a technology that they now have to develop quickly, and I can't imagine it being accurate or even safe right out the gate. //

If you think this is about drunk drivers you're sadly mistaken. That's just how it's being sold. What this will swiftly develop into is a way to control the movement of the populace. This is a technology that can be abused with reckless abandon. Authorities and politicians will be able to stop your car from moving for many different reasons.

For instance, if you're suspected of belonging to a group a politician in power doesn't agree with and has labeled as dangerous, they could find an excuse to shut down your vehicle in the name of public safety. They will follow the same guidelines as red flag laws for guns, requiring you to prove that you're not a danger to the public before they reactivate your vehicle.

This could also open the door for usage limits. Politicians may attempt to push environmental policies that involve fewer cars on the road for less time, forcing your vehicle to shut down after a certain amount of miles or time in use, and pushing you to utilize public transit for the sake of the "environment."

The possibilities for expansion and abuse of this are many, but at the core of it is the ability to monitor you while you're in your car. Your car is often considered an extension of your home, and while many state laws differ in the particulars on this, your car is your private property. What the government is doing is effectively installing a monitoring system in your car by which they can watch your performance and track your movements.

While arguing against the kill-switch provision, Rep. Massie referred to it “a backseat driver” for American drivers. During an appearance with Fox News’ Laura Ingraham, he laid out the issues with the requirement.

People said I’m a conspiracy theorist for saying this is in the legislation, but I actually had to read the Democrats the bill that they passed two years ago. They passed this in 2021 as part of a 1,039-page bill to require that your car can monitor your driving performance and if it thinks you are not driving well, it could disable your vehicle. //

The provision is included in Section 24220 and mandates that all cars manufactured after 2026 would have to feature the kill-switch. Massie’s amendment would have removed this provision, but it was defeated by a 229 to 201 vote. Interestingly enough, 19 Republicans voted to keep the kill-switch requirement in the legislation. //

I’m reminded of Benjamin Franklin’s famous line: “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” This requirement almost perfectly embodies Franklin’s warning and presents a deceptive trade-off: Allow the government to have control over your car in exchange for possibly saving a few lives from drunk driving. //

stickdude90
a day ago
Great way to make sure you don't drive more than your allotted mileage each week - to save the environment, of course...

In that ecosystem of advertisers, content consumers, ad networks, and content distributors, ad blockers aren't the disease, they're the symptom. Trying to neutralize a symptom alone leaves the disease thriving while the host just gets sicker. In this case, the disease isn't cynical freeloading by users, it's the basic dishonesty of online advertising. It promises things to advertisers that it cannot deliver, while blocking better ways of working. It promises revenue to content providers while keeping them teetering on the brink of unviability, while maximizing its own returns. Google has revenues in the hundreds of billions of dollars, while publishers struggle to survive, and users have to wear a metaphorical hazmat suit to stay sane. None of this is healthy. //

Content providers have to be paid. We get that. Advertising is a valid way of doing that. We get that too. Advertisers need to reach audiences. Of course they do. But like this? YouTube needs its free, ad-supported model, or it would just force Premium on everyone, but forcing people to watch adverts will not force them to pony up for what's being advertised.

The pre-internet days saw advertising directly support publishers who knew how to attract the right audiences who would respond well to the right adverts. Buy a computer magazine and it would be full of adverts for computer stuff – much of which you'd actually want to look at. The publisher didn't demand you have to see ads for butter or cars or some dodgy crypto. That model has gone away, which is why we need ad blockers.

all the tags from https://b.plas.ml

1st-amendment 2nd-amendment 4th-amendment 5th-amendment 9/11 a8 abortion acl adhd afghanistan africa a/i air-conditioning amateur-radio amazon america american android animals anti-americanism antifa anti-semitism antiv antivirus aoip apollo apple appliances archaeology architecture archive art astronomy audio automation avatar aviation backup bash batteries belleville bible biden bill-of-rights biology bookmarks books borg bush business calibre camping capitalism cellphone censorship chemistry children china christianity church cia clinton cloud coldwar communication communist composed computers congress conservatives constitution construction cooking copyleft copyright corruption cosmology counseling creation crime cron crypto culture culture-of-death cummins data database ddt dd-wrt defense democrats depression desantis development diagrams diamonds disinformation diy dns documentation dokuwiki domains dprk drm drm-tpm drugs dvd dysautonomia earth ebay ebola ebook economics education efficiency electricity electronics elements elwa email energy engineering english environment environmentalism epa ethernet ethics europe euthanasia evolution faa facebook family fbi fcc feminism finance firewall flightsim flowers fonts français france fraud freebsd free-speech fun games gardening genealogy generation generators geography geology gifts git global-warming google gop government gpl gps graphics green-energy grounding hdd-test healthcare help history hollywood homeschool hormones hosting houses hp html humor hunting hvac hymns hyper-v imap immigration india infosec infotech insects instruments interesting internet investing ip-addressing iran iraq irs islam israel itec j6 journalism jumpcloud justice kindle kodi language ldap leadership leftist leftists legal lego lgbt liberia liberty linguistics linux literature locks make malaria malware management maps markdown marriage mars math media medical meshcentral metatek metric microbit microsoft mikrotik military minecraft minidisc missions moon morality mothers motorola movies mp3 museum music mythtv names nasa nature navigation navy network news nextcloud ntp nuclear obama ocean omega opensource organizing ortlip osmc oxygen paint palemoon paper parents passwords patents patriotism pdf petroleum pets pews photography photo-mgmt physics piano picasa plesk podcast poetry police politics pollution pornography pots prayer pregnancy presentations press printers privacy programming progressive progressives prolife psychology purchasing python quotes rabbits rabies racism radiation radio railroad reagan recipes recording recycling reference regulations religion renewables republicans resume riots rockets r-pi russia russiagate safety samba satellites sbe science sci-fi scotus secularism security servers shipping ships shooting shortwave signal sjw slavery sleep snakes socialism social-media software solar space spacex spam spf spideroak sports ssh statistics steampowered streaming supplement surveillance sync tarsnap taxes tck tds technology telephones television terrorism tesla theology thorium thumbnail thunderbird time tls tools toyota trains transformers travel trump tsa twitter typography ukraine unions united.nations unix ups usa vaccinations vangelis vehicles veracrypt video virtualbox virus vitamin vivaldi vlc voting vpn w3w war water weather web whatsapp who wifi wikipedia windows wordpress wuflu ww2 xigmanas xkcd youtube zfs