What GDPR laws mean for you

AI of Things    25 July, 2018

Post written by Rodrigo Machado – Head of Technology, Mobile Advertising

General Data Protection Regulation – GDPR, the new EU regulation that has been designed to update the existing data privacy, security and protection rules, is an important matter that is changing the whole data industry. That’s why, it’s not a surprise that this subject has been raised already twice on our blog, once presenting the concept, and a secondly showing how data portability will affect the market. However, we are still missing how GDPR will affect the end user in their daily digital lives and how one can spot if a company isn’t complying. 

Thanks to GDPR, people that live within the EU will be able to access all the data that is collected on them. For good measure, many companies are extending this to all places where they provide services. Therefore, independent of where you live, it is already possible to request access to your data from big tech giants such as Google, Facebook, Apple, Microsoft and many others. It’s worth noting that this rule does not only apply to tech / internet companies but also to any other company that keeps any data on an end user. 

The same way you have the right to see your data, you also have the “Right to Erasure” (a.k.a. The Right to be Forgotten). EU individuals are allowed to enforce companies to stop processing their information and, more importantly, remove their data altogether.

In order to collect and process user data, companies will need to request consent from the end user. According to GDPR, consent must be valid, freely given, specific, informed and active. This is very relevant and one should pay attention on the next few items as part of digital daily life:

1. The end users needs to do an explicit action, such as ticking an unchecked opt-in box, to be considered as providing consent. If a tick box comes pre checked, consent is not valid. For example, when making the purchase from a site one has the option to receive future related offers on the same e-mail the purchase is registered with. This option cannot be pre checked, the tick box has to be actively ticked.

2. Consent needs to be given for a specific purpose and not bundled up as a condition of service unless it is necessary for that service. For example, if a site offers, free, a white paper you want to read, this offer can ask you your e-mail to send it but can’t impose you to subscribe to their newsletter.

3. Any consent can be easily withdrawn at any time. Imposing obstacles to withdraw consent is now unlawful.

4. Lastly, it is companies’ obligation to keep a record of your consent. The burden to prove the consent is on the companies’ side. Therefore, anytime, a dispute arises, they need to provide: information of when consent was granted, what information was given during the consent process, how the consent was given (check box during the checkout for example), among other pertinent information.

Figure 2. Companies are obliged to keep a record of user’s information and provide it to them, if necessary

GDPR expects the companies that hold and process end user data to take all the measures to protect it. Organizations must embrace a number of recommended practices already recognised by IT and security experts as part of the information governance methods being put in place. The most important measures are: implementation of risk management, policies focused on enabling data security, technical controls for secure data management, effective data breach prevention, detection and response procedures in the case a breach happens. Furthermore, data protection safeguards should be in place from the earliest stage of product and services development.  Companies now state their security governance and compliance with GPDR on their sites. Access Facebook and Google  for good examples of it.

In the case of a data breach, even if all the measures listed above are in place, the company that holds your data is expected to report it to the relevant EU authorities within 72 hours of the detection. Furthermore, if the breach is likely to affect the right of end users the company must also inform the end user. 

Organizations are being “incentivized” to comply. Failure of a company to notify of a breach will mean they will be imposed fines of up to EUR 10,000,000 or 2% of its annual worldwide net sales, whichever is higher. Additional fines will be imposed for also failing to take adequate security measures to safeguard personal data, which can be up to EUR 20,000,000 or 4% of its annual worldwide net sales.

The digital ecosystem has experienced a spectacular transformation in our recent times, and the growth of data volumes collection and management represents a great opportunity for societal advancement. Consequently, this means the right management of any kind of information: personal, anonymous or aggregate by the organizations handling user data. GPDR rules this management, and end users start to have more information to verify if the organization managing user data are complying.

Telefonica, as an important participant in this ecosystem, acknowledge the previous paragraph statements and is committed to their customers with regard to their privacy and security. Telefonica works relentlessly towards generating a relationship of “digital trust”. For more information on Telefonica’s privacy and data security positioning access here.

Don’t miss out on a single post. Subscribe to LUCA Data Speaks.

IOT Worker’s Diary

Beatriz Sanz Baños    20 July, 2018

07:00 am. Daniel opens his eyes for the first time while he’s listening to his favourite song and he goes back to sleep with a big smile. “Only five minutes more”, he thinks to himself. With the purchase of his smart mattress he has recovered deep sleep and can consult the details of his sleeping quality, back position, and temperature. In addition, he’s calm because he knows Internet of Things, which makes his home a connected place, will make him arrive punctual one more day after three marvelous months. With the difficulty of waking up that has chased him for ages finally gone, now he can rarely remember those days in which the alarm went on and on. His wearable vibrates and he uses the phone to lift up the blinds which help him and his wife to wake up peacefully.

07:05. ¡Clonk! The coffee capsule falls into the coffee pot. It’s his second alarm, much more subtle but what opens his eyes this time is the smell of fresh coffee. He is calm because he knows how many spare capsules of his favorite coffee flavor are left; the coffee maker warned him about it, only a few remain, he will need to buy more. Now he only has to worry about deciding if the toast he’s going to make will be salty or sweet.

07:30. Taking advantage of the little time he has until the children wake up, he goes to walk take his dog, Cronos, for a walk. Both go perfectly equipped, Daniel is wearing his connected shoes that measure the steps he takes and he can control Cronos exercise by using the wellness app. Another task that the Internet of Things has facilitated is that when Cronos hides behind the bushes, Daniel can find him easily by using the tracker. That scares him more because he knows that Cronos has slept perfectly and his mood is excellent. Today it’s time to run!

07:45. Back home he hears a second clonck! Yes, the coffee maker also warned him that the children’s hot chocolate was running low and he includes it in the shopping list. Another task that has become much easier with smart appliances, because thanks to the fridge warnings about lack of food or expirations dates he can make more efficient purchases. Also, smart appliances have changed their habits, which have become much healthier, both in food and exercise. It’s time to wake up little beasts. Meanwhile, IoT is not helping Daniel and Candela in their clothing, but hopes that breakfast will appease them.

7:50. Candela leaves Daniel in the kids room and she goes to the shower. The sensors detect that is Candela, so they start to prepare the water in a 37 degrees temperature, perfect for her. The shower has also adjusted the pressure of the water. This is her favorite moment of the day.

8:10. Daniel’s wife says goodbye to her family. Like him, she has to carry the kids to school in the family car. She has chosen a nearby car of the neighborhood through an app of car-sharing and she booked it to go to the office. This decision has helped a lot with the organization of her chaotic mornings and she can do it easily from the smartwatch. Once she gets to the car she only has to put de seatbelt on. Her track-record is loaded thanks to the connectivity of the wearables; the mirrors and the seat are perfectly adapted for her comfort. She doesn’t even have to touch the radio or the temperature; it has been adjusted automatically with her profile. In the meantime, Daniel and the kids are preparing the schoolbags and filling the dishwasher. 

8:30. “I am getting out through the door!” Is Daniel’s battle cry every morning to make his kids to run to the car. The access to the garage is already open. The vehicle detects the keys in Daniel’s pocket so it opens inviting the kids to enter, fasten the seatbelt, and go to school.

8:31. Daniel opens the garage door with an app of his mobile. Once the door is closed, the security system detects that there is nobody at home (except Cronos) and puts on the alarm, warning Daniel with a text message. When he receives it, he calms down. He gives the mobile to his kids to let them have a good time and choose the music on the way to school. “Music is said to calm beasts”, thinks the dad while he looks how the temperature is automatically regulated because the wearable has said that Daniel is a little cold. The three of them are travelling better, even though it’s to the school. Once there Daniel is at peace because his kids’ schoolbags have a locator.

9:00. He has arrived at Telefónica IoT just in time. The GPS has offered him the best route to get to the office, avoiding an unexpected construction site in the usual route. So there is a double purpose: avoid the traffic jam and learn a new way to go to work. In addition, the traffic lights are slowly including the technology of the Internet of Things, so the GPS adaptation to the traffic and the pedestrians is noticeable in the daily journeys. Driving every morning is safer and going to school or to the office is much more efficient. Daniel goes in to work dreaming about the day when the cars “speak” between them, creating an even better driving experience.

Data Roles: Which is the right one for you?

AI of Things    17 July, 2018

The world of Data, Machine Learning and Artificial Intelligence is so vast and varied, that it becomes necessary to define different profiles. Throughout this post we will describe each of these roles, explain their functions and what type of knowledge is necessary to carry them out successfully; and explain what part each role will play in a data-driven project. 

The first two roles, Database Administrator and Data Architect, are both in charge of where the data is (making sure it is in the right place) and if it is in the correct format. On the other hand, there are also those in charge of exploiting the potential the data has, unleashing its power and putting it to work. This is the task of the Data Analyst and Data Scientist. 

Database administrator, DBA

Definition: The one responsible for the design (physical and logical) of the management and administration of the database

Functions: Security, optimization, monitoring, problem resolution, analysis, and forecasting of present and future capabilities 

Requisites: This is a very technical role, and requires profound knowledge of SQL, and over time, more knowledge of noSQL databases. Likewise, management skills may be necessary to design policies and procedures for the use, management, maintenance and security of databases.

In short, their function is to make sure that “the machine works”.

Entreprise Data Architect, EDA

Definition: They are responsible for creating the capture infrastructure, and access to the data. Define how the data moves.

Functions: Design of the environment for the use of the data. How they are stored, how they are accessed and how they are shared / used by different departments, systems or applications, in line with the business strategy.

Requisites: It is a strategic role, for which a vision of the entire life cycle is required. Therefore, you should consider aspects of data modeling, database design, SQL development, and software project management. It is also important to know and understand how traditional and emerging technologies can contribute to the achievement of business objectives.

In short, their function is to ensure that “define the global vision.”

Data Governance Manager

Definition: They are in charge of defining and organizing the process of collection, storage, and access to data, guaranteeing at all times its security and confidentiality.

Functions: Define and verify compliance with policies and compliance with standards. Manage the life cycle of the data and make sure that they are guarded in a safe and organized fashion and that only authorized people have access to. 

Requisites: For this role, it is necessary to combine functional knowledge of how databases and other associated technologies work, with a deep knowledge of the regulations of each particular industry (financial, pharmaceutical, telecommunication, etc.)

In short, their function is “Define and ensure compliance of the rules that define the flow of data “.

Once we have a system in which the data is well organized, accessible and securely guarded, what interests us is to take advantage of them, extracting from them those valuable “Insights” or keys about patterns of behavior that, applied to our processes of day by day they make them more efficient and innovative. This is the moment when two new roles come into play.

Data Analyst

Definition: Is responsible for analyzing statistical techniques (among others) historical data of the organization to make better informed future decisions (from how to avoid the flight of customers, to the definition of pricing strategies).

Functions: Analyze historical data to detect patterns of behavior or trends. (Descriptive and / or predictive analysis)

Requisites: For this role, knowledge about statistics, together with critical thinking skills are fundamental. Communication skills are also of great importance.

In short, their function is “Understanding what has happened in the past to make better decisions in the future.”

Data Scientist

Definition: They are in charge of carrying out a prescriptive analysis of the business data history, so that he/she can not only anticipate what will happen in the future and when, but also give a reason why. This way they can suggest what decisions need to be taken, to take advantage of a future business opportunity or mitigate a possible risk and showing the implication of each option on the result.

Functions: Build and apply Machine Learning models capable of continuing to learn and improving their predictive capacity as the volume of data collected increases.

Requisites: For this role, it is important to have advanced knowledge of mathematics in general (and of statistics in particular), as well as knowledge of Machine Learning, and knowledge of programming in SQL, Phyton, R or Scala is necessary.

On occasion, the Data Analyst can be considered a Data Scientist “in training”. Therefore, the border between the tasks and functions of both roles is sometimes not so clear.

In short, its function is “Modeling the future”.

Finally yet importantly, we have left a fundamental role for the end, the Chief Data Officer (CDO)

Chief Data Officer (CDO)

Definition: They are responsible for directing, planning and controlling the digital transformation of any brand. For this reason, they are most responsible for the areas of Data Governance, Information Management and Security.

Functions: Establish the strategy that guarantees the digital growth of the company in a sustainable way over time, able to adapt fluidly to the continuous changes in the digital landscape. They should also encourage the internal and external relations of the organization, attract the best talent, lead teams and solve with diplomacy the potential tensions that may arise between the different departments of the company.

Requisites: For this role, it is very important to have a great experience in the digital world, strategic vision, communication skills for teamwork and creativity. The CDO must be innovative, sometimes even disruptive, and have decision-making power and resources. For this reason, it is usually under the orders of the CEO.

The CDO role can have some “overlaps” with the figure of the CIO (“Chief Information Officer”), but in the case of the CDO, this role combines the aspects of technological innovation, with a clear marketing component aimed at exploiting “Digital Assets”.

Now that you know more about all the different data roles, with which one do you identify most? 

Don’t miss out on a single post. Subscribe to LUCA Data Speaks.

CryptoClipWatcher, our new tool against crypto clipboard hijacking techniques

ElevenPaths    17 July, 2018
Since 2017, this technique is becoming quite popular. Cryptocurrency in general is a new target for malware, and mining Bitcoins is not profitable anymore in regular computers (maybe Monero is). But, targeting the clipboard to steal cryptocurrency is a new, easy and interesting way that malware creators are exploiting. We have created a simple tool that watches your clipboard to alert you if the destination cryptocurrency address changes.

CryptoClipWatcher tool cybersecurity

By the end of 2017, malware creators launched Cryptoshuffle. It was a malware able to hijack the clipboard and modify the cryptocoin address in it. Poisoning clipboard was nothing new, but this was one of the first times that attackers used it as a way to steel bitcoins, modifying the destination address of the transaction. A bit later, someone saw some business in it and started to sell the platform itself “as a service” calling it “Evrial“. That was around the beginning of 2018 when Cryptoshuffle started to “disappear” and Evrial saw light. It was a .NET malware able to steal passwords from browsers, FTP clients, Pidgin and, the best part, able to modify the clipboard on the fly and change any cryptocurrency address to whatever address the attacker wanted to. So, the malware is checking the format of whatever is in the clipboard. If the victims copies for example a Bitcoin or Litecoin address, it is quickly replaced by another, on the fly and dynamically (the new address is requested to a server).

In March, ESET discovered that there was some software hosted for years in download.com that used this technique.

Aside, not that long ago, ElevenPaths analyzed N4O botnet, which, among other very interesting techniques, used clipboard hijacking as a way to steal bitcoins, although it was focused in banking.

Since then, we have seen some more examples, like this sample that monitored 2.3 million addresses and replaced them if they were in the clipboard. We know, this makes no sense since it could just use a regular expression and monitor them all but this is how the malware works.

This other sample, called ClipboardWalletHijacker, did that. But, interestingly, it distinguished between the day of the month. If the current date was earlier than 8th of the month, it replaced the address to “19gdjoWaE8i9XPbWoDbixev99MvvXUSNZL”. Otherwise, used “1FoSfmjZJFqFSsD2cGXuccM9QMMa28Wrn1” instead.

This ctrl-c and ctrl-v way of hijacking has become popular even in “traditional” Trojan bankers. They inject javascript into the bank webpages implementing some quick keyboard shortcuts in the computer and modifying the legitimate webpage. This malware sets the clipboard of the victim with some malicious javascript, opens the developer console of the target web, and pastes there the javascript. It even works pasting javascript into the address bar.

Introducing CryptoClipWatcher

This a very very simple program, still in beta phase. Install it and it will check if, once you have copied a cryptocurrency wallet or address into your clipboard, it is modified before you replace it from your clipboard. If so, a warning will pop up. If you did it on purpose, you may add that address to a list that the program will remember, so it does not disturb you anymore with that particular wallet.
This is pretty much it. Of course, we have implemented some security checks so the malware (if it is aware of the tool) has to elevate privileges to kill the watcher).

Here is a little video that explains how it works.

You can download it from here.

This a preliminary beta version that we plan to improve. We will try to make it easier to use and even more secure with each version. For you to be up to date as soon as possible, the program will check for updates everytime is run. We have great plans for it!

Please send us improves or bugs if you find them to [email protected].

Innovation and laboratory

The future of Internet of Things

Beatriz Sanz Baños    16 July, 2018

Looking at just how much the internet has changed our lives, it’s incredible to imagine how some people didn’t took it seriously at the beginning. One of the reasons is that our endless appetite for information, and how much the quick sharing of such information could improve our life, was underestimated.  As such, the Internet keeps expanding to all the areas of our day to day activities to keep up with our increasing demand. Nowhere is this clearer than in the phenomenon known as IoT or Internet of Things.

The Internet of Things is the network that connects us to everything around us, from devices, to vehicles, appliances…, and thanks to it, things can exchange data with each other. This allows them to work together and become more efficient in the process, freeing us to do what we really want. An example is the idea of the smart house. A home where everything is connected and cooperating to make our life easier: a fridge that refills itself when its empty, a coffee machine that turns on when the alarm in our smartphone tells it we’ve woken up, etc.

Now, we’re still far away from the futuristic houses that we see in science fiction movies where everything is automated, but we’re getting there. The questions are at what point are we in its evolution? What are the specific changes that the Internet of Things is going to bring to our lives? Will the IoT be just another fad or will it become something more?

According to Karl Smith; futurist, influencer, and CEO of Ubinet IoT has lots of potential but there are still some barriers to overcome. For starters, we won’t have a full Internet of Things till the gap between the virtual world and the real world is solved. Sadly, we haven’t yet reached a fully integrated 360 experience. According to Smith, “when it comes to machine to machine communication things are moving fast and with great efficiently, but that’s not the case with the human factor of IoT”.

People still engage with machines through many devices. As a result, the process is still slow, cumbersome, and it´s not organic. The problem is that people still have a very utilitarian and suspicious view of machines. They only see how they can be used at the moment and not the potential of improvement they can bring. The key to change this is a good user experience, that’s what will decide the adoption of the IoT by the public. After all, people don’t buy things just because, but for the benefits they bring to their lives.  

One way that this could be solved is by merging IoT, blockchain and Artificial Intelligence in order to create something called an UBINET or integrated system. When they’re combined, they help streamline the process by removing unnecessary activities and increase the automation of easy tasks. Humanity will become part of an orderly and efficient ecosystem instead of just being part of a machine. The easier the process becomes, the less reluctant people are to try it.

Because of all of these benefits, Karl Smith is convinced that IoT is not a mere trend or just another aspect of our lives. It will become the backbone of everything, the next stage in human civilization. Information is useless without an efficient management and good integration with our daily lives, and that’s what IoT will bring to our lives.

Traffic spikes before football games? The effect of the World Cup in Germany

AI of Things    16 July, 2018

Post written by Telefónica NEXT 

Once every four years, The FIFA World Cup brings fans together in a month of surprising events. Every game is different, but each is filled with the same emotion, anxiety and anticipation. Telefónica NEXT observed the behavior of fans in Germany, and drew many interesting insights from anonymized mobile data; From the way traffic was affected in the country, to the age groups that were most engaged with the games. 

World Cup reduces traffic in Germany by 37 percent

The FIFA World Cup with the unexpected exit for the German team in the group stages has moved Germany these days. How moved exactly was analyzed by Telefónica NEXT on behalf of the Bundesverband Digitale Wirtschaft e.V. (BVDW). During the three World Cup matches of the German national football team, travel movements sank by 37 percent on average, as Telefónica NEXT and analysis partner Teralytics calculated. Public viewing events of the World Cup attracted women and men alike.

During the game Germany versus Mexico on Sunday, traffic decreased by 38 percent, by 39 percent on Saturday against Sweden and by 36 percent on Wednesday against South Korea, compared to a reference day without football match. On Wednesday and Sunday, traffic showed above average spikes before the games. This suggests that people traveled to other places to watch the games, such as visiting friends or attending public viewing parties.

Women almost as excited about the World Cup as men

Telefónica NEXT analyzed three of Germany’s largest public viewing events on behalf of the BVDW for the first two games of the German team: the Fanmeile between the Victory Column and the Brandenburg Gate in Berlin, as well as the events at the Heiliggeistfeld in Hamburg and at the Commerzbank Arena in Frankfurt.

The public viewing data shows that women were almost as enthusiastic about the World Cup as men: 54 percent of the visitors were male and 46 female. The highest proportion of women was found on the Heiliggeistfeld in Hamburg, where 47.5 percent of the spectators were female. In Frankfurt, the public viewers were slightly older than at the other events examined. While the 25 to 29-year-olds were the strongest age group in Berlin, the 30 to 34-year-olds were in Frankfurt.

Public viewing events of the World Cup matches were also popular with foreign tourists in Germany. The football-loving visitors mostly came from the United States and the United Kingdom. BVDW Managing Director Marco Junk: “A World Cup inspires the whole country, spanning all age groups across the sexes. It is all the more important for businesses, retail and transport to be prepared for the mass movements and actions. The anonymized use of movement data serves for better planning.

Data analysis benefits transport planning and retail

The analytic tools that Telefónica NEXT used on behalf of the BVDW to analyze traffic and public viewing events are usually used by public transport providers, retail and tourism to better adapt transportation or customer service to actual needs. “Our data analyses help commuters to get a seat on public transport more easily, or retailers find the perfect location for a new outlet,” explains Jens Lappoehn, Managing Director Advanced Data Analytics at Telefónica NEXT.

Figure 2. For all games and all cities in Germany, the viewer distribution was 54% male and 46% female 

Methodology of the World Cup analysis

In daily operations, the mobile network of Telefónica Germany generates data of more than 45 million mobile lines. These arise when cell phones communicate with mobile phone towers. Telefónica Germany anonymizes these about five billion data points per day in a three-step process with the so-called Data Anonymization platform. The platform was developed by Telefónica Germany in coordination with the Federal Commissioner for Data Protection and Freedom of Information and is TÜV-certified. Anonymous socio-demographic data, such as age and gender, derived from contract data can also be included. Anonymization protects the privacy of individuals at all times, while maintaining the statistical description of group behavior. Individual movements cannot be traced.

To understand the impact of the German team’s games on traffic, Telefónica NEXT and Teralytics compared the total number of movements in Germany during the matches of the national team with the same time the week before. Movements are detected starting with two kilometers in length, by train, road or air. The analyses support new solutions for smart cities, transport, retail and tourism.

Don’t miss out on a single post. Subscribe to LUCA Data Speaks.

Say goodbye to traffic jams

Beatriz Sanz Baños    10 July, 2018

The hours that we lose in traffic jams in big cities would be better used in what really matters to us thanks to the Internet of Things. We are talking about advances not only to gain time, but also to improve our quality of life by avoiding the stress that comes with wasting time. The technological innovation that have appeared so far, and the ones that will come, will improve traffic movement all around the world.

The biggest change will come when 5G connection is incorporated in our facilities and vehicles. This will allow the cars to communicate between them with no interruptions, something only possible thanks to 5G technology.  It’s success relies in the instantaneous communication, the most useful feature for the users.  So if someone is stuck in a traffic jam entering Madrid, connected cars will send signals between them so they can reorganize and take other ways. This advances are not as far in future as we could expect, cars from the same factory can already do it.

The process could be accelerated if all cities were also smart and each element of our environment was connected with all the others. With this, not only will the vehicles “talk” to each other, but also a lamppost or even a column will be able to tell us the state of the traffic in the area. If we add to this the inclusion of autonomous vehicles in the market within a few years, people will only have to worry about putting on the safety belt when entering the car because they will know that they will arrive in to their destiny safely and in shortest time possible.

We can already see the positive impact of the implementation of the Internet of Things in the environment. Less traffic jams thanks to smart mobility solutions also means less pollution. The sensors that control the automatic irrigation in a Smart City save a lot of water, a very important resource. Environmental sensors informs about when to activate the antipollution plan in Madrid by detecting when the air contamination standards have been exceeded. The IoT helps us take care of our planet. When will this bright future come? Well, it is closer than you think.  We won’t have to wait too long to say goodbye to traffic jams once and for all, and motorists are proof of it. A very useful accessory has been manufactured for them: Smart headphones that project information on the helmet and within the field of vision of the pilot, so that they can look at the information without taking his eyes off the road. Thanks to the connectivity with intelligent operating systems, you can also discover new routes; know the quality of the roads or the state of traffic in certain areas of the city.

Another significant advance, which has already been put into practice in many cities, is the ability to know through our mobile devices what parking garages have free parking lots and go directly to them. You can already book from your mobile phone one of those places with just one click.

The key is to incorporate intelligence to everything around us, so that the things that surround us can collect data which will allow them to predict and reprogram their behavior to better serve our needs. It seems that in a few years we could live with a more pleasant traffic, and perhaps with no more traffic jams whatsoever. A great world of connectivity and Internet of Things is opening up to us, which is constantly evolving.  All these advances leave us eager fora future that we see closer and closer every day, in the Marty McFly style.

How Germany Moves project wins at the German Online Communications Awards

AI of Things    10 July, 2018

In another post from the start of this year, which you can read here, we presented the interactivty mobility map that our colleagues at Telefónica NEXT in Germany had created. The map, called “How Germany Moves“, combines mobility data, data analysis and big data that presents in information as a fully interactive data visualization. The information is incredibly useful for a variety of parties, from cities to transport companies, who are interesting in mobility patterns.

Now, only five months later, we are pleased to share that this project has been recognized for its quality with two awards. Telefónica NEXT was recognized with a German Online Communications Award in Gold at Berlin’s Radialsystem on June 14th. In the Transport & Logistics category, Telefónica NEXT won the coveted award for its communications around the data visualization “How Germany moves” (“So bewegt sich Deutschland”).

As mentioned in the introduction, at the beginning of the year, Telefónica NEXT had created an interactive map visualizing Germany-wide traffic flows from anonymous mobile data. The aim was to highlight the potential of big data to the public as well as to cities and providers of mobility.

The launch of the website in January 2018 was accompanied with extensive public relations. Media channels such as Wired covered the results on a broad basis, with trade press, local newspapers as well as multiple radio morningshows adding to the list.

The German Online Communications Award (“Deutscher Preis für Onlinekommunikation”) honors outstanding achievements of organizations in the field of digital communication. It is awarded annually by the magazine “Pressesprecher” and Quadriga

If you would like to discover more details, you can view the project online at http://so-bewegt-sich-deutschland.de. Also, to keep up to date with all things LUCA, check out our website, and don’t forget to follow us on TwitterLinkedIn and YouTube.

Don’t miss out on a single post. Subscribe to LUCA Data Speaks.

#CyberSecurityPulse: Private enterprise’s sad contribution to sharing threat intelligence in the United States

ElevenPaths    10 July, 2018
social networks image

After just over two years of Congress passed a major bill that encouraged businesses to share with the government how and when threat actors were trying to get into their systems, only six companies and other non-Federal entities have shared that information, according to Nextgov media. These figures have been compared to the 190 entities and 60 federal departments and agencies that are receiving threat data from the automated national security indicators exchange program. This low level of private sector involvement is an additional blow to the program, which has struggled to provide businesses and government agencies with the kind of actionable intelligence promised by the 2015 Cybersecurity Act.

The law promised liability protections to businesses if they shared cyberthreat indicators with the government and each other. In this sense, it did not protect companies from being sued if they were breached, but it prohibited customers from suing the company simply for sharing their information with the government. The idea was for the government to organize and prioritize all the information on corporate threats, combine it with the government’s own threat data repository, collected by the intelligence and national security services, and share the results with anyone interested, strengthening the nation’s collective defense.

According to experts, the problem boils down to incentives. CISA gave companies legal protection to share threat information with the government, but did not justify why they would be interested in doing so. It is very easy to consume the data that others produce, but the problem lies in convincing companies that they have a social responsibility to do so.

More information available at Nextgov

Highlighted News

California, looking for a new privacy law

anti-doping imagen

California lawmakers unanimously passed a new privacy bill on Thursday that would give residents of the state more control over the information businesses collect on them and impose new penalties on businesses that don’t comply. The new legislation gives Californians the right to see what information businesses collect on them, request that it be deleted, get access to information on the types of companies their data has been sold to, and direct businesses to stop selling that information to third parties. On the other hand, it creates “Spotify exception,” which allows companies to offer different services or rates to consumers based on the information they provide—for instance, a free product based on advertising. But, the bill states, the difference must be “reasonably related to the value provided to the consumer by the consumer’s data.”

More information available at Wired

WhatsApp Research Awards for social science and misinformation

EI-ISAC imagen

WhatsApp is commissioning a competitive set of awards to researchers interested in exploring issues that are related to misinformation on WhatsApp. These awards will be used to fund independent research proposals designed to be shared with WhatsApp, Facebook, the academic community and wider political communities. In this sense, WhatsApp will prioritize among the following research areas: information processing of problematic content, election related information, network effects and virality, digital literacy and misinformation, detection of problematic behavior within encrypted systems. Applications are due by August 12, 2018, 11:59pm PST. Award recipients will be notified of the status of their application by email by September 14, 2018.

More information available at Whatsapp

News from the rest of the week

Facebook rolls out API restrictions, discloses blocking bug

In addition to implementing stricter standards within its app review process, the social networking giant is requiring advanced developer permissions on some APIs and shutting others down entirely. In a separate blog post, Facebook disclosed the existence of a bug in both Messenger and Facebook that cleared out some people’s blocked users list. “The bug was active between May 29 and June 5 and, while someone who was unblocked could not see content shared with friends, they could have seen things posted to a wider audience. For example pictures shared with friends of friends,” wrote Erin Egan, chief privacy officer for Facebook.

More information available at Facebook

Thunderbird recibe su parche para EFAIL

Thunderbird ha introducido las correcciones para una docena de vulnerabilidades de seguridad, incluyendo el correspondiente a la vulnerabilidad de EFAIL descubierta el pasado mes de mayo. Las correcciones específicas de EFAIL abordan dos errores en el manejo de mensajes cifrados por parte de Thunderbird: CVE-2018-12372, en el que un atacante puede construir oráculos de descifrado S/MIME y PGP en mensajes HTML, y CVE-2018-12373, en el que se puede filtrar texto plano S/MIME si se reenvía un mensaje.

More information available at Mozilla

New virus decides if your computer good for mining or ransomware

Security researchers have discovered an interesting piece of malware that infects systems with either a cryptocurrency miner or ransomware, depending upon their configurations to decide which of the two schemes could be more profitable. Researchers at Russian security have discovered a new variant of Rakhni ransomware family, which has now been upgraded to include cryptocurrency mining capability as well.

A history of Lisp and its use in neural networks – Part I

AI of Things    9 July, 2018

Written by Sergio Sancho Azcoitia, Security Researcher for ElevenPaths

Today we kick off a new series that will consist in two articles in which we will briefly introduce you to Lisp. We are going to look at its origins and history and then we will teach you how to create a small neural network for yourself using this programming language.

Since the 50’s, functional programming has been increasingly used in the field of artificial intelligence, and this owes a lot to the emergence of Lisp. This “high-level” language was created by John McCarthy, now seen by many as the father of Artificial Intelligence. His idea was to optimize the functioning and use of the resources that the computers of the era had available, and List Processor (Lisp) was born as a result.

This new language, based in part on the already-existing Fortran, used some innovative technique such as data “trees” (a hierarchical data structure), or the use of “symbolic computation” (also known as “computer algebra”), out of which symbolic programming would later been born.  As mentioned before, functional programming had its beginnings in the 50’s, more or less at the same time as Lisp. This new programming style was the one that the IBM 700/7000 series computers were based upon.

The way Lisp functions is largely based upon lambda calculus, which is a universal computational model that can be used to simulate any Turing machine. Its name, due to the Greek letter lambda, is used to refer to linking one variable to a function. This type of calculus is surprisingly simple and powerful. Its core foundation is two simple fundamentals: the abstraction of functions (which serves to generalize expressions by introducing variables) and applying a function (used to evaluate an expression by given names to given values).

Lisp didn’t take long before it became the favorite language of the world of Artificial Intelligence. At MIT, for example, it regularly became used in research projects. Unlike other languages, its mathematical base allowed it to solve operations and to test theorems.

Throughout history, many of the most revolutionary languages and programs in the field of Artificial Intelligence have been based on Lisp. In fact, regularly used terms such as If, Else and Then were invested by John McCarthy.

Despite the terms mentioned previously, Lisp uses a different structure of other programming languages, notably in what the mathematical algorithms refer to. However, it is not a complicated language to learn.

To finish this first article, we will briefly explain how a small neural network works. Neural networks are based on a series of small nodes (artificial neurons) that are connected to each other in a series of layers. It attempts to simulate the behavior of a human brain when it solves a problem. As the entry signal moves through the layers, it will go one way or the other based on a number of established parameters until a result is reached. Neural networks have been used over the years to carry out various tasks such as voice recognition and creating expert systems. This technology marked a change in the course of artificial intelligence in the 80’s.

No te pierdas ninguno de nuestros posts. Suscríbete a LUCA Data Speaks.

You can also follow us on Twitter, YouTube and LinkedIn