> “It is completely absurd to inflict mass surveillance on the general public under the premise of fighting theft.”

> It comes at a cost to the privacy and civil liberties of the people of Britain.

> The right time to start protecting your digital privacy is before your trip […] The simplest and most reliable precaution against border searches is to reduce the amount of information that you carry across the border.

[!image](https://monero.town/pictrs/image/21c08bef-3967-4445-b9d2-9f0354ac14b7.webp "Click to Enlarge") *** > Sometimes law enforcement officials achieve so-called “consent” by being vague […] You can try to dispel this ambiguity by inquiring whether border agents are asking you or ordering you […] If an agent says it is a request only, you might politely but firmly decline to comply with the request. > > If you are a U.S. citizen, border agents cannot stop you from entering the country, even if you refuse to unlock your device, provide your device password, or disclose your social media information. However, agents may escalate the encounter if you refuse. > > If you elect to comply with a border agent’s order to unlock your device, provide your password, or disclose your social media information, you can inform the agent that you are complying under protest and that you do not consent. *** > It is possible that if you unlock your device, and agents then search your device, a court will rule that you consented to the search. […] As noted in Part 1, the best way to avoid an inadvertent “consent” to search is to decline to unlock your device, provide the device password, or provide any social media information. > > Technically, you don’t even need to admit that you know the password. > > If you believe that border agents violated your digital rights at the border, please contact EFF at borders@eff.org. *** See also:

• https://www.eff.org/document/eff-border-search-pocket-guide
• https://www.eff.org/issues/border-searches
• https://monero.town/post/402125 Fifth Circuit says law enforcement doesn’t need warrants to search phones at the border

> The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm. > > As usual, Google did not publish details about the attacks exploiting the flaw in the wild.

See also: https://www.cert.europa.eu/publications/security-advisories/2023-100/ > This vulnerability also affects Chromium-based web browser such as Microsoft Edge [3], Brave, Opera, and Vivaldi.

>“Some Hackers have figured out there is no quick and easy way for a company that receives one of these EDRs (emergency data request) to know whether it is legitimate,” he said. > >“The hackers will send a fake emergency data request along with an attestation that innocent people will likely suffer greatly or die unless the requested data is provided immediately.”

>privacy has nothing to do with having something to hide. Instead, privacy means protecting the human being that you are, all the personal details that make you, you. What you care about, what you love, what you hate, what you are curious about, what makes you laugh, what you fear. And most importantly, choosing when you decide to share that information and who you share it with.

>it is possible to build technology used by millions of people with privacy at the heart. We build technology to advance that right in order to help users reclaim their agency in digital spaces.

(But by default, Tor Browser is not shipped with uBlock Origin.)

PS: ONION LINK http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/tor-in-2023/index.html

NOTE: This is about the Fifth Amendment protection against self-incrimination after a search warrant for someone’s cell phone is procured; not about digital privacy in general at the U.S. Border (a warrantless search).

See also: https://monero.town/post/1134494 EFF to Supreme Court: Fifth Amendment Protects People from Being Forced to Enter or Hand Over Cell Phone Passcodes to the Police

>Now before the House, HR 6570 proposes to reauthorize Section 702 for three years — but with reforms including requiring all US intelligence agencies to obtain a warrant before conducting a US person query.

>a competing bill, the FISA Reform and Reauthorization Act of 2023 (HR 6611), doesn't include a warrant requirement — and, in fact, includes language that many worry could be used to force private US companies into assisting in government-directed surveillance

> House Intelligence Committee bill would also expand the definition of an electronic communication service provider include a broader range of providers, including those who “provide hardware through which people communicate on the Internet.”

See also: Tell Congress: They Must Defeat HPSCI’s Horrific Surveillance Bill | EFF Action Center

How FinCEN May Be Violating Your Rights\ A call to action against FINCEN proposal 2023-0016A\ Written By Preston Pysh

>Eroding Anonymity Through Additional Verification: The mandate for “Additional Customer Identity Verification Measures for Transactions Involving Unhosted Wallets” is a direct affront to privacy and anonymity. This requirement transgresses on the First Amendment’s sanctuary for anonymous speech > >A Direct Assault on Anonymity-Enhanced Currencies: The “Prohibition on the Use of Anonymity-Enhanced Convertible Virtual Currencies (AECVC)” is nothing short of a legislative bulldozer through the edifice of privacy.

See also: Preston Pysh says proposed FinCEN crypto rules violate US Constitution

> Bis zum Jahr 2030 will die EU allen Bürger:innen eine „European Digital Identity Wallet“ (ID-Wallet) zur Verfügung stellen. Sie soll on- wie offline bei Verwaltungsgängen und Bankgeschäften, aber auch bei Arztbesuchen, Alterskontrollen oder beim Internetshopping zum Einsatz kommen.

(By 2030, the EU wants to provide all citizens with a “European Digital Identity Wallet” (ID wallet). It is intended to be used online and offline for administrative procedures and banking as well as medical visits, age verification, and internet shopping.)

The article (in German) is mostly about eIDAS 45\ Cf. https://monero.town/post/1018961 Last Chance to fix eIDAS: Secret EU law threatens Internet security

(There are many English articles about it; see e.g.\ https://mullvad.net/en/blog/eu-digital-identity-framework-eidas-another-kind-of-chat-control )

Though not the main topic of the article, this “ID wallet” thing sounds disturbing. (EU politicians calls a normal wallet “unhosted wallet” and don’t like it very much.)

>Many countries use censorship systems to block access to human rights resources

>.onion sites are particularly useful at maximizing internet users' privacy and anonymity because they never leave the Tor network.

While technically I2P might be better, it’s good news that a recognized human rights organization has adopted an onion, because that will improve the “shady” image of Tor, esp. hidden services (aka darknet), as in “privacy technology is good, not for criminals, but for you, for everyone. Using Tor is normal, and Monero is a great tool.”

> law enforcement has been using […] systems since 2015, in utmost secrecy. The software in question […] can track a person across a network of cameras, for instance, by the color of their sweater

> Any policeman […] can request to use [it]

> The potential use of facial recognition worries within the institution itself. […] In France, facial recognition is only authorized in rare exceptions

> This massive installation was carried out outside the legal framework provided by a European directive and the French Data Protection Act

The National Commission on Informatics and Liberty (CNIL), a French administrative regulatory body, started an investigation against the French Minister of the Interior [1][2]. The Minister, Gérald Darmanin ordered an investigation [2].

• [1] https://nitter.oksocial.net/CNIL/status/1724745047537488019 [French]
• [2] https://web.archive.org/web/20231121093507/https://www.ouest-france.fr/politique/gerald-darmanin/entretien-gerald-darmanin-lantisemitisme-le-signe-dune-societe-qui-ne-va-pas-tres-bien-938b76ce-856c-11ee-9632-b62f00689e79 [French] > La Cnil […] annonce l’ouverture d’une enquête contre le ministère de l’Intérieur. Elle soupçonne la police d’utiliser un logiciel de reconnaissance faciale, depuis 2015, en dehors de tout cadre légal. Qu’en est-il ?

(CNIL suspects the police are using facial recognition outside any legal framework. Comments? - Gérald Darmanin’s answer: The news is true. I ordered an investigation.)

>the White House has, for the past decade, provided more than $6 million to the program, which allows the targeting of the records of any calls that use AT&T’s infrastructure

>the program takes advantage of numerous “loopholes” in federal privacy law

>the DAS program has been used to produce location information on criminal suspects and their known associates, a practice deemed unconstitutional without a warrant

(This website is a bit annoying.)

> See https://monero.town/post/968066

Onion http://rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion/

This free email provider is not for everyone. Sometimes a Cockmail address is not accepted to register something. Sometimes, though not often, another email provider may indiscriminately block email from Cock.li. Afaik Cock.li<->Proton, Cock.li<->Tuta work. *** PS: Admin, Vincent Canfield @vc@shitposter.club

See also: Fifth Circuit says law enforcement doesn’t need warrants to search phones at the border https://monero.town/post/402125

> The app store “collects and sends data […] This includes information like device model, brand, country, timezone, screen size, view events, click events, logtime of events, and a unique KID ID,”

> Hancock didn’t return the tablet to her daughter until after making changes to protect her daughter’s privacy.

> [She] even installed Tor, a browser that is designed to protect the anonymity of its user.

An awesome Mom, like Mrs. Roberts from xkcd!

EDIT: Don’t take this too seriously; do not actually send a donation (unless you really want to, like admiring “Nice photoshopping!” “Thanks for the fun pic”). While it’s entertaining and thought-provoking, using their work this way is ethically questionable too. As @z0rg0n pointed out, one could even see this as a scam. Although it’s a fine work and freedom of expression is more important, this may more properly belong to “Memes”. *** EDIT2: This post and “cool if real” by @alphonse https://monero.town/post/1122495 were created almost at the same time. That was a coincidental post conflict; @alphonse’s post was actually earlier by about 1 hour! *** Is someone crowdfunding a Monero ad in India’s economic newspaper? > Interestingly, a Monero ad could be circulating in India’s traditional English newspaper: The Economic Times. The pseudonymous Stoic, author of “The Monero Standard,” shared a picture of the newspaper’s November 16th edition. In the picture, it is possible to see the paper’s opened front page with a large ad about XMR. > >> “Monero transactions respect your privacy. Can you say that about the INDIAN RUPEE or the U.S. DOLLAR?” > > Moreover, the image also includes a QR-Code for donations in “XMR only,” which suggests its owner is expecting to crowdfund what was spent for this supposed insertion.

! !

>A storefront, said Ortis, is a fake business or entity, either online or bricks-and-mortar, set up by police or intelligence agencies. > >The plan, he said, was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them.

Tutanota (now Tuta) denies this: https://tuta.com/blog/tutanota-not-a-honeypot

> the onchain activities of the attackers were monitored and […] action was taken to freeze the wallets held by the attackers by working with other cryptocurrency exchanges

> a member of the cryptocurrency community questioned how Binance could freeze these funds despite the fact that cryptocurrencies are marketed as not being confiscable by third parties

> Changpeng Zhao […] said that the whole thing is a matter of balance. […] CZ implied that a solution to events such as theft cannot be found in a system that cannot be completely frozen.

> CZ stated that if users use privacy coins such as Monero (XMR), such freezes will not occur, but the stolen funds cannot be returned.

Cf.

• Almost entire balance (2675 XMR) of Community Crowdfunding System (CCS) Monero wallet has been stolen https://monero.town/post/983106
• Monero Project admits thieves stole 6-figure sum from a wallet in mystery breach https://monero.town/post/1045387

PS. See also: Bitcoin can be traced, If you use XMR, then there isn’t much anyone can do https://monero.town/post/1069626

> regulatory scrutiny is shifting towards privacy coins […] Understanding how they will be implemented in systems that are decentralized, where the developers and maintainers often maintain anonymity, is complex.

E.g. Bisq, Haveno

> compliance with these regulations becomes a paradox for such projects since the crux of privacy coins lies in their ability to mask transaction details, which inherently contradicts the essence of regulations […] Therefore, achieving full regulatory compliance for privacy coins may sometimes seem impossible. […] in the UK, the Financial Conduct Authority (FCA) has been proactive in educating consumers about the risks associated with privacy coins but has not implemented bans or specific regulations concerning them.

> in the United States, proposed legislation such as the STABLE Act could further extend the regulatory framework […] it’s plausible that the provisions of the STABLE Act […] could potentially mean that transactions involving privacy coins would need some form of identity verification

> A prime example of a regulatory shift impacting privacy coins is the European Union’s Fifth Anti-Money Laundering Directive (5AMLD) […] these platforms are now obliged to implement customer due diligence measures, […] verifying user identities and monitoring transactions for any signs of activity.

Potentially:

• Alice (unhosted wallet) sends coins to Bob (CEX) -> Alice is also KYCed by the CEX
• Alice (CEX) sends coins to Bob (unhosted) -> Bob is KYCed too