Department of Justice indicts 12 Russian intelligence officers for Clinton email hacks

Just days before President Trump is set to meet with Russian President Vladimir Putin, the Department of Justice has leveled new charges against 12 Russian intelligence officers who allegedly hacked the Democratic National Committee and the presidential campaign of Hillary Clinton .

The charges were released by Rod J. Rosenstein, the deputy attorney general who’s leading the investigation into Russian election tampering because of the recusal of Attorney General Jeff Sessions from the investigation.

In January of last year, the intelligence community issued a joint statement affirming that Russia had indeed tampered with the U.S. presidential elections in 2016.

Russian Election Interference

Now the investigation is beginning to release indictments. Three former campaign aides for the president’s campaign have already pleaded guilty, and the president himself is under investigation by Special Investigator Robert Mueller for potential obstruction of justice.

According to the indictment, the Russians used spearphishing attacks to gain access to the network of the Democratic National Committee and the Democratic Congressional Campaign Committee.

Rosenstein also said that Russia’s military intelligence service was behind the leaks that distributed the information online under the aliases Guccifer 2.0 and DCLeaks.

Read the full indictment below.

 

Naspers is in talks to invest in Southeast Asia’s Carousell

Naspers, the South Africa-based firm that famously backed Chinese giant Tencent in its infancy, is in talks to invest in Singapore-based startup Carousell, according to two sources with knowledge of discussions.

Carousell offers a mobile app that combines listings with peer-to-peer selling across Southeast Asia, Taiwan and Hong Kong. That makes it well-aligned with Naspers’ portfolio, which features some of the world’s largest classifieds services including OLX, which covers 45 countries, Letgo in the U.S. and Avito in Russia.

TechCrunch understands that Naspers is pursuing a deal with Carousell with a view to making it the firm’s key play in Southeast Asia and other parts of the APAC region.

Discussions are at a relatively early stage so it isn’t clear what percentage of the company that Naspers is seeking to acquire, although it would be a minority investment that values the Carousell business at over $500 million. The deal could be a first step towards Naspers acquiring a controlling interest in the business further down the line, one source said.

Carousell declined to respond when asked for comment.

“It is our company’s policy to neither acknowledge nor deny our involvement in any merger, acquisition or divestiture activity, nor to comment on market rumors,” Naspers told TechCrunch in a statement.

Timing of the discussions is notable since Carousell announced a $85 million investment round in May. (TechCrunch broke news of the round the previous October.) That deal — the startup’s Series C — took it to $126 million from investors to date and added big names to the Carousell cap table. EDBI, the corporate investment arm of Singapore’s Economic Development Board, and Singapore’s DBS, Southeast Asia’s largest bank, took part in the Series C, which also included existing backers Rakuten Ventures, the VC linked to Japanese e-commerce giant Rakuten, Golden Gate Ventures, Sequoia India and 500 Startups.

Earlier this month, Carousell CEO and co-founder Siu Rui Quek told Bloomberg that the company had turned down acquisition offers in the past.

Carousell is highly-regarded in Singapore for being one of the first home-grown startups to show promise — its three founding members each graduated the National University of Singapore, NUS.

Aside from raising significant investor capital, it has scaled regionally it is battle against larger and better-funded e-commerce rivals Alibaba -owned Lazada and Shopee, a business from NYSE-listed Sea. In May, Quek told TechCrunch that Carousell has helped sell over 50 million items between users and it currently has over 144 million listings.

Naspers, meanwhile, has upped its focus on Southeast Asia in recent times, although its sole deal is a $5 million investment in crypto startup Coins.ph.

The firm remains best known for its Tencent deal, which is legendary in investment circles. Back in 2001, it bought 46.5 percent of Tencent for $32 million. Over time that was diluted to 33 percent, but it grew significantly in size as Tencent’s business took off, going on to become Asia’s first $500 billion company last November. Naspers resisted the urge to sell until March 2018 when it parted with two percent of the firm in exchange for around $9.8 billion.

Another of Nasper’s big wins this year was Flipkart’s sale to Walmart which earned it $2.2 billion in returns.

Kaspersky to move some core infrastructure out of Russia to fight for trust

Russian cybersecurity software maker Kaspersky Labs has announced it will be moving core infrastructure processes to Zurich, Switzerland, as part of a shift announced last year to try to win back customer trust.

It also said it’s arranging for the process to be independently supervised by a Switzerland-based third party qualified to conduct technical software reviews.

“By the end of 2019, Kaspersky Lab will have established a data center in Zurich and in this facility will store and process all information for users in Europe, North America, Singapore, Australia, Japan and South Korea, with more countries to follow,” it writes in a press release.

“Kaspersky Lab will relocate to Zurich its ‘software build conveyer’ — a set of programming tools used to assemble ready to use software out of source code. Before the end of 2018, Kaspersky Lab products and threat detection rule databases (AV databases) will start to be assembled and signed with a digital signature in Switzerland, before being distributed to the endpoints of customers worldwide.

“The relocation will ensure that all newly assembled software can be verified by an independent organization, and show that software builds and updates received by customers match the source code provided for audit.”

In October the company unveiled what it dubbed a “comprehensive transparency initiative” as it battled suspicion that its antivirus software had been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.

Since then Kaspersky has closed its Washington D.C. office — after a ban on its products for U.S. government use which was signed into law by president Trump in December.

Being a trusted global cybersecurity firm and operating core processes out of Russia where authorities might be able to lean on your company for access has essentially become untenable as geopolitical concern over the Kremlin’s online activities has spiked in recent years.

Yesterday the Dutch government became the latest public sector customer to announce a move away from Kaspersky products (via Reuters) — saying it was doing so as a “precautionary measure”, and advising companies operating vital services to do the same.

Responding to the Dutch government’s decision, Kaspersky described it as “very disappointing”, saying its transparency initiative is “designed precisely to address any fears that people or organisations may have”.

“We are implementing these measures first and foremost in response to the evolving, ultra-connected global landscape and the challenges the cyber-world is currently facing,” the company adds in a detailed Q&A about the measures. “This is not exclusive to Kaspersky Lab, and we believe other organizations will in future also choose to adapt to these trends. Having said that, the overall aim of these measures is transparency, verified and proven, which means that anyone with concerns will now be able to see the integrity and trustworthiness of our solutions.”

The core processes that Kaspersky will move from Russia to Switzerland over this year and next — include customer data storage and processing (for “most regions”); and software assembly, including threat detection updates.

As a result of the shift it says it will be setting up “hundreds” of servers in Switzerland and establishing a new data center there, as well as drawing on facilities of a number of local data center providers.

Kaspersky is not exiting Russia entirely, though, and products for the Russian market will continue to be developed and distributed out of Moscow.

“In Switzerland we will be creating the ‘worldwide’ (ww) version of our products and AV bases. All modules for the ww-version will be compiled there. We will continue to use the current software build conveyer in Moscow for creating products and AV bases for the Russian market,” it writes, claiming it is retaining a software build conveyor in Russia to “simplify local certification”.

Data of customers from Latin American and Asia (with the exception of Japan, South Korea and Singapore) will also continue to be stored and processed in Russia — but Kaspersky says the list of countries for which data will be processed and stored in Switzerland will be “further extended, adding: “The current list is an initial one… and we are also considering the relocation of further data processing to other planned Transparency Centers, when these are opened.”

Whether retaining a presence and infrastructure in Russia will work against Kaspersky’s wider efforts to win back trust globally remains to be seen.

In the Q&A it claims: “There will be no difference between Switzerland and Russia in terms of data processing. In both regions we will adhere to our fundamental principle of respecting and protecting people’s privacy, and we will use a uniform approach to processing users’ data, with strict policies applied.”

However other pre-emptive responses in the document underline the trust challenge it is likely to face — such as a question asking what kind of data stored in Switzerland that will be sent or available to staff in its Moscow HQ.

On this it writes: “All data processed by Kaspersky Lab products located in regions excluding Russia, CIS, Latin America, Asian and African countries, will be stored in Switzerland. By default only aggregated statistics data will be sent to R&D in Moscow. However, Kaspersky Lab experts from HQ and other locations around the world will be able to access data stored in the Transparency Center. Each information request will be logged and monitored by the independent Swiss-based organization.”

Clearly the robustness of the third party oversight provisions will be essential to its Global Transparency Initiative winning trust.

Kaspersky’s activity in Switzerland will be overseen by an (as yet unnamed) independent third party which the company says will have “all access necessary to verify the trustworthiness of our products and business processes”, including: “Supervising and logging instances of Kaspersky Lab employees accessing product meta data received through KSN [Kaspersky Security Network] and stored in the Swiss data center; and organizing and conducting a source code review, plus other tasks aimed at assessing and verifying the trustworthiness of its products.

Switzerland will also host one of the dedicated Transparency Centers the company said last year that it would be opening as part of the wider program aimed at securing customer trust.

It expects the Swiss center to open this year, although the shifting of core infrastructure processes won’t be completed until Q4 2019. (It says on account of the complexity of redesigning infrastructure that’s been operating for ~20 years — estimating the cost of the project to be $12M.)

Within the Transparency Center, which Kaspersky will operate itself, the source code of its products and software updates will be available for review by “responsible stakeholders” — from the public and private sector.

It adds that the details of review processes — including how governments will be able to review code — are “currently under discussion” and will be made public “as soon as they are available”.

And providing government review in a way that does not risk further undermining customer trust may also provide a tricky balancing act for Kaspersky, given multi-directional geopolitical sensibilities, so the devil will be in the policy detail vis-a-vis “trusted” partners and whether the processes it deploys can reassure all of its customers all of the time.

“Trusted partners will have access to the company’s code, software updates and threat detection rules, among other things,” it writes, saying the Center will provide these third parties with: “Access to secure software development documentation; Access to the source code of any publicly released product; Access to threat detection rule databases; Access to the source code of cloud services responsible for receiving and storing the data of customers based in Europe, North America, Australia, Japan, South Korea and Singapore; Access to software tools used for the creation of a product (the build scripts), threat detection rule databases and cloud services”; along with “technical consultations on code and technologies”.

It is still intending to open two additional centers, one in North America and one in Asia, but precise locations have not yet been announced.

On supervision and review Kaspersky also says that it’s hoping to work with partners to establish an independent, non-profit organization for the purpose of producing professional technical reviews of the trustworthiness of the security products of multiple members — including but not limited to Kaspersky Lab itself.

Which would certainly go further to bolster trust. Though it has nothing firm to share about this plan as yet.

“Since transparency and trust are becoming universal requirements across the cybersecurity industry, Kaspersky Lab supports the creation of a new, non-profit organization to take on this responsibility, not just for the company, but for other partners and members who wish to join,” it writes on this.

Next month it’s also hosting an online summit to discuss “the growing need for transparency, collaboration and trust” within the cybersecurity industry.

Commenting in a statement, CEO Eugene Kaspersky, added: In a rapidly changing industry such as ours we have to adapt to the evolving needs of our clients, stakeholders and partners. Transparency is one such need, and that is why we’ve decided to redesign our infrastructure and move our data processing facilities to Switzerland. We believe such action will become a global trend for cybersecurity, and that a policy of trust will catch on across the industry as a key basic requirement.”

What we can learn from the 3,500 Russian Facebook ads meant to stir up U.S. politics

On Thursday, Democrats on the House Intelligence Committee released a massive new trove of Russian government-funded Facebook political ads targeted at American voters. While we’d seen a cross section of the ads before through prior releases from the committee, the breadth of ideological manipulation is on full display across the more than 3,500 newly released ads — and that doesn’t even count still unreleased unpaid content that shared the same divisive aims.

After viewing the ads, which stretch from 2015 to late 2017, some clear trends emerged.

Russia focused on black Americans

Many, many of these ads targeted black Americans. From the fairly large sample of ads that we reviewed, black Americans were clearly of particular interest, likely in an effort to escalate latent racial tensions.

Many of these ads appeared as memorials for black Americans killed by police officers. Others simply intended to stir up black pride, like one featuring an Angela Davis quote. One ad posted by “Black Matters” was targeted at Ferguson, Missouri residents in June 2015 and only featured the lyrics to Tupac’s “California Love.” Around this time, many ads targeted black Facebook users in Baltimore and the St. Louis area.

Some Instagram ads targeted black voters interested in black power, Malcolm X, and the new Black Panther party using Facebook profile information. In the days leading up to November 8, 2016 other ads specifically targeted black Americans with anti-Clinton messaging.

Not all posts were divisive (though most were)

While most ads played into obvious ideological agendas, those posts were occasionally punctuated by more neutral content. The less controversial or call-to-action style posts were likely designed to buffer the politically divisive content, helping to build out and grow an account over time.

For accounts that grew over the course of multiple years, some “neutral” posts were likely useful for making them appear legitimate and build trust among followers. Some posts targeting LGBT users and other identity-based groups just shared positive messages specific to those communities.

Ads targeted media consumers and geographic areas

Some ads we came across targeted Buzzfeed readers, though they were inexplicably more meme-oriented and not political in nature. Others focused on Facebook users that liked the Huffington Post’s Black Voices section or Sean Hannity.

Many ads targeting black voters targeted major U.S. cities with large black populations (Baltimore and New Orleans, for example). Other geo-centric ads tapped into Texas pride and called on Texans to secede.

Conservatives were targeted on many issues

We already knew this from the ad previews, but the new collection of ads makes it clear that conservative Americans across a number of interest groups were regularly targeted. This targeting concentrated on stirring up patriotic and sometimes nationalist sentiment with anti-Clinton, gun rights, anti-immigrant and religious stances. Some custom-made accounts spoke directly to veterans and conservative Christians. Libertarians were also separately targeted.

Events rallied competing causes

Among the Russian-bought ads, event-based posts became fairly frequent in 2016. The day after the election, an event called for an anti-Trump rally in Union Square even as another ad called for Trump supporters to rally outside Trump tower. In another instance, the ads promoted both a pro-Beyoncé and anti-Beyoncé event in New York City.

Candidate ads were mostly pro-Trump, anti-Clinton

Consistent with the intelligence community’s assessment of Russia’s intentions during the 2016 U.S. election, among the candidates, posts slamming Hillary Clinton seemed to prevail. Pro-Trump ads were fairly common, though other ads stirred up anti-Trump sentiment too. Few ads seemed to oppose Bernie Sanders and some rallied support for Sanders even after Clinton had won the nomination. One ad in August 2016 from account Williams&Kalvin denounced both presidential candidates and potentially in an effort to discourage turnout among black voters. In this case and others, posts called for voters to ignore the election outright.

While efforts like the Honest Ads Act are mounting to combat foreign-paid social media influence in U.S. politics, the scope and variety of today’s House Intel release makes it clear that Americans would be well served to pause before engaging with provocative, partisan ideological content on social platforms — at least when it comes from unknown sources.

House Democrats release more than 3,500 Russian Facebook ads

Democrats from the House Intelligence Committee have released thousands of ads that were run on Facebook by the Russia-based Internet Research Agency.

The Democrats said they’ve released a total of 3,519 ads today from 2015, 2016 and 2017. This doesn’t include 80,000 pieces of organic content shared on Facebook by the IRA, which the Democrats plan to release later.

What remains unclear is the impact that these ads actually had on public opinion, but the Democrats note that they were seen by more than 11.4 million Americans.

You can find all the ads here, though it’ll take some time just to download them. As has been noted about earlier (smaller) releases of IRA ads, they aren’t all nakedly pro-Trump, but instead express a dizzying array of opinions and arguments, targeted at a wide range of users.

“Russia sought to weaponize social media to drive a wedge between Americans, and in an attempt to sway the 2016 election,” tweeted Adam Schiff, who is the Democrats’ ranking member on the House Intelligence Committee. “They created fake accounts, pages and communities to push divisive online content and videos, and to mobilize real Americans,”

He added, “By exposing these Russian-created Facebook advertisements, we hope to better protect legitimate political expression and safeguard Americans from having the information they seek polluted by foreign adversaries. Sunlight is always the best disinfectant.

In conjunction with this release, Facebook published a post acknowledging that it was “too slow to spot this type of information operations interference” in the 2016 election, and outlining the steps (like creating a public database of political ads) that it’s taking to prevent this in the future.

“This will never be a solved problem because we’re up against determined, creative and well-funded adversaries,” Facebook said. “But we are making steady progress.”

How 3D printing is revolutionizing the housing industry 

If you build it, they will come. And if you 3D-print it, they will come faster, cheaper and more sustainably.

We live in an era of overpopulation and mass housing shortages. Yet we also live in a time of phenomenal digital innovation. On the one hand we have major crises affecting the health, liberty and happiness of billions of people. But look at the other hand, where we have potential for life-changing technological breakthroughs at a rate never before seen on this planet.

Our challenges are vast, but our capabilities to produce solutions are even greater. In the future, we will remember this moment in time as a pivotal one. It is now — not tomorrow, and certainly not five years from now — when technology and innovation are disrupting multiple major industries, including those of housing and construction, at breathless and breakneck speed.

Innovators around the world are hard at work to change the way we design, build and produce our homes, and all of this will result in massive change to the housing status quo. Harnessing the revolutionary power of 3D printing, companies from Russia to China, the U.S. and the Netherlands have already proven that not only can a home be 3D-printed, it can be done cheaply, efficiently and easily.

Here are just a few ways 3D printing is already transforming the way we live.

Speed

In March 2017, Apis Cor, 3D-printing specialists with offices in Russia and San Francisco, announced they had produced a 3D-printed home in just 24 hours. That means that from the time you drank your coffee yesterday to the time you sat down for cereal this morning, they produced the self-bearing walls, partitions and building envelopes of an entire home, installed it on site and added the roof and interior finishings. It happened in the dead of winter in a tiny Russian town named Stupino, and it was done using Apis Cor’s on-site printer, which means that the massive cost and logistical hurdle of transporting parts and building materials from factories to a home site was almost entirely eliminated.

Think about the possibilities: You select the site where you want to build your home, Apis Cor brings in their 4.5-meter-long printer, the raw materials are set up and within one single day, your home is printed and ready for you. Compare that to the traditional six- or seven-month construction time the industry is used to, and you’ll begin to understand the scope of potential disruption.

The speed of technological innovation here is also exponential and mind-blowing; just one year before Apis Cor’s breakthrough, we in the 3D-printing industry were marveling over Chinese construction company HuaShang Tengda, who set their own record by 3D-printing a two-story home in a month and a half. Consider that, for a moment: This industry is moving so quickly that construction time has been slashed from 45 days to 24 mere hours in the span of a single year.

Image: shanelinkcom/iStock

Cost

Housing prices in America have skyrocketed over the past 50 years, with the average price for a home now surpassing $200,000. And remember, that’s just the average — if you live on the East or West Coast, chances are you’re going to be shelling out something closer to the half-million dollar mark (or more!).

According to a report from the McKinsey Global Institute, a full one-third of people who live in cities will find decent housing out of their reach due to cost by the year 2025. And construction costs are the primary barrier — the report also states that it will take between $9 trillion and $11 trillion just to build the necessary houses to flip that supply-demand ratio and make housing affordable in that time.

Of course, that’s taking only traditional methods of construction into account. But Apis Cor’s 24-hour home was made for around $10,000. HuaSheng Tenga’s homes were made with only 40 percent of the materials traditional construction usually requires, in 30 percent of the time. That represents massive savings in labor and material costs. And these companies aren’t alone — dozens of other firms are exploring cheaper and less complicated methods for building the roofs we all need over our heads, and slashing prices in the process. 

New Story, a Silicon Valley-based nonprofit that builds housing in the developing world, just unveiled a new 3D printer at SXSW that can print a house in less than a day for $4,000. DUS Architects — a Dutch architecture studio that has been 3D-printing houses since 2012 — has unveiled the KamerMaker, a huge 3D printer that can build using local recycled materials. This slashes transport, material and manufacturing costs, all driving down costs. 

The bottom line

What’s so revolutionary about 3D printing is that its potential is limited only by our imaginations. If the past few years have taught us anything about this industry, it’s that barriers of size, scope and material do not apply to the potential that 3D printing brings to the manufacturing market. From cars to food, to the houses we live in, the industry isn’t just gearing up for a shakeup. It’s in the throes of it already, because change is happening now.

Google confirms some of its own services are now getting blocked in Russia over the Telegram ban

A shower of paper airplanes darted through the skies of Moscow and other towns in Russia today, as users answered the call of entrepreneur Pavel Durov to send the blank missives out of their windows at a pre-appointed time in support of Telegram, a messaging app he founded that was blocked last week by Russian regulator Roskomnadzor (RKN) that uses a paper airplane icon. RKN believes the service is violating national laws by failing to provide it with encryption keys to access messages on the service (Telegram has refused to comply).

The paper plane send-off was a small, flashmob turn in a “Digital Resistance” — Durov’s preferred term — that has otherwise largely been played out online: currently, nearly 18 million IP addresses are knocked out from being accessed in Russia, all in the name of blocking Telegram.

And in the latest development, Google has now confirmed to us that its own services are now also being impacted. From what we understand, Google Search, Gmail and push notifications for Android apps are among the products being affected.

“We are aware of reports that some users in Russia are unable to access some Google products, and are investigating those reports,” said a Google spokesperson in an emailed response. We’d been trying to contact Google all week about the Telegram blockade, and this is the first time that the company has both replied and acknowledged something related to it.

(Amazon has acknowledged our messages but has yet to reply to them.)

Google’s comments come on the heels of RKN itself also announcing today that it had expanded its IP blocks to Google’s services. At its peak, RKN had blocked nearly 19 million IP addresses, with dozens of third-party services that also use Google Cloud and Amazon’s AWS, such as Twitch and Spotify, also getting caught in the crossfire.

Russia is among the countries in the world that has enforced a kind of digital firewall, blocking periodically or permanently certain online content. Some turn to VPNs to access that content anyway, but it turns out that Telegram hasn’t needed to rely on that workaround to get used.

“RKN is embarrassingly bad at blocking Telegram, so most people keep using it without any intermediaries,” said Ilya Andreev, COO and co-founder of Vee Security, which has been providing a proxy service to bypass the ban. Currently, it is supporting up to 2 million users simultaneously, although this is a relatively small proportion considering Telegram has around 14 million users in the country (and, likely, more considering all the free publicity it’s been getting).

As we described earlier this week, the reason so many IP addresses are getting blocked is because Telegram has been using a technique that allows it to “hop” to a new IP address when the one that it’s using is blocked from getting accessed by RKN. It’s a technique that a much smaller app, Zello, had also resorted to using for nearly a year when the RKN announced its own ban.

Zello ceased its activities earlier this year when RKN got wise to Zello’s ways and chose to start blocking entire subnetworks of IP addresses to avoid so many hops, and Amazon’s AWS and Google Cloud kindly asked Zello to stop as other services also started to get blocked. So, when Telegram started the same kind of hopping, RKN, in effect, knew just what to do to turn the screws. (And it also took the heat off Zello, which miraculously got restored.)

So far, Telegram’s cloud partners have held strong and have not taken the same route, although getting its own services blocked could see Google’s resolve tested at a new level.

Some believe that one outcome could be the regulator playing out an elaborate game of chicken with Telegram and the rest of the internet companies that are in some way aiding and abetting it, spurred in part by Russia’s larger profile and how such blocks would appear to international audiences.

“Russia can’t keep blocking random things on the Internet,” Andreev said. “Russia is working hard to make its image more alluring to foreigners in preparation for the World Cup,” which is taking place this June and July. “They can’t have tourists coming and realising Google doesn’t work in Russia.”

We’ll update this post and continue to write on further developments as we learn more.

Twitter banned Russian security firm Kaspersky Lab from buying ads

The U.S. government isn’t the only one feeling skittish about Kaspersky Lab. On Friday, the Russian security firm’s founder Eugene Kaspersky confronted Twitter’s apparent ban on advertising from the company, a decision it quietly issued in January.

“In a short letter from an unnamed Twitter employee, we were told that our company ‘operates using a business model that inherently conflicts with acceptable Twitter Ads business practices,'” Kaspersky wrote.

“One thing I can say for sure is this: we haven’t violated any written – or unwritten – rules, and our business model is quite simply the same template business model that’s used throughout the whole cybersecurity industry: We provide users with products and services, and they pay us for them.”

He noted that the company has spent around than €75,000 ($93,000 USD) to promote its content on Twitter in 2017.

Kaspersky called for Twitter CEO Jack Dorsey to specify the motivation behind the ban after failing to respond to an official February 6 letter from his company.

More than two months have passed since then, and the only reply we received from Twitter was the copy of the same boilerplate text. Accordingly, I’m forced to rely on another (less subtle but nevertheless oft and loudly declared) principle of Twitter’s – speaking truth to power – to share details of the matter with interested users and to publicly ask that you, dear Twitter executives, kindly be specific as to the reasoning behind this ban; fully explain the decision to switch off our advertising capability, and to reveal what other cybersecurity companies need to do in order to avoid similar situations.

In a statement about the incident, Twitter reiterated that Kaspersky Lab’s business model “inherently conflicts with acceptable Twitter Ads business practices.” In a statement to CyberScoop, Twitter pointed to the late 2017 Department of Homeland Security directive to eliminate Kaspersky software from Executive Branch systems due to the company’s relationship with Russian intelligence.

“The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS asserted in the directive at the time.

France to move ministers off Telegram, WhatsApp over security fears

The French government has said it intends to move to using its own encrypted messaging service this summer, over concerns of the risks that foreign entities could spy on officials using popular encrypted apps such as Telegram and WhatsApp .

Reuters reports that ministers are concerned about the use of foreign-built encrypted apps which do not have servers in France. “We need to find a way to have an encrypted messaging service that is not encrypted by the United States or Russia,” a digital ministry spokeswoman told the news agency. “You start thinking about the potential breaches that could happen, as we saw with Facebook, so we should take the lead.”

Telegram’s founder, Pavel Durov, is Russian, though the entrepreneur lives in exile and his messaging app has just been blocked in his home country after the company refused to hand over encryption keys to the authorities.

WhatsApp, which (unlike Telegram) is end-to-end encrypted across its entire platform — using the respected and open sourced Signal Protocol — is nonetheless owned by U.S. tech giant Facebook, and developed out of the U.S. (as Signal also is).

Its parent company is currently embroiled in a major data misuse scandal after it emerged that tens of millions of Facebook users’ information was passed to a controversial political consultancy without their knowledge or consent.

The ministry spokeswoman said about 20 officials and top civil servants in the French government are testing the new messaging app, with the aim of its use becoming mandatory for the whole government by the summer.

It could also eventually be made available to all citizens, she added.

Reuters reports the spokeswoman also said a state-employed developer has designed the app, using free-to-use code available for download online (which presumably means it’s based on open source software) — although she declined to name the code being used or the messaging service.

Late last week, ZDNet also reported the French government wanted to replace its use of apps like Telegram — which president Emmanuel Macron is apparently a big fan of.

It quoted Mounir Mahjoubi, France’s secretary of state for digital, saying: “We are working on public secure messaging, which will not be dependent on private offers.”

The French government reportedly already uses some secure messaging products built by defense group and IT supplier Thales. On its website Thales lists a Citadel instant messaging smartphone app — which it describes as “trusted messaging for professionals”, saying it offers “the same recognisable functionality and usability as most consumer messaging apps” with “secure messaging services on a smartphone or computer, plus a host of related functions, including end-to-end encrypted voice calls and file sharing”.

Facebook, AggregateIQ now being jointly probed by Canada, B.C. data watchdogs

Privacy watchdogs in Canada and British Columbia are combining existing investigations into Facebook and AggregateIQ. The latter being a Victoria-based ad targeting tech company that has been linked to Cambridge Analytica, the political consultancy at the center of the Facebook data misuse storm.

CA whistleblower Chris Wylie — who last month gave public testimony revealing how millions of Facebook users’ data was passed to his former employer for political ad targeting — has described AggregateIQ as the Canadian arm of CA’s parent entity, SCL. (Although AggregateIQ has denied any affiliation with CA or SCL, claiming on its website “it is and has always been 100% Canadian owned and operated”.)

“The investigations will examine whether the organizations [Aggregate IQ and Facebook] are in compliance with Canada’s Personal Information Protection and Electronic Documents Act(PIPEDA) and BC’s Personal Information Protection Act (PIPA),” said Canada’s watchdog in a statement about the now joint investigation.

“The Office of the Information and Privacy Commissioner for BC opened its investigation into AggregateIQ late last year. Last month, the Office of the Privacy Commissioner of Canada launched an investigation into allegations about unauthorized access and use of Facebook user profiles.

“The two offices decided to jointly investigate these matters as Facebook and AggregateIQ are subject to both PIPEDA and PIPA.”

The statement does not go into any new detail about the investigations as it notes they are ongoing.

The OPCC’s Facebook investigation, which was launched on March 20, followed a complaint against the company. Facebook has since confirmed that more than 620k Canadian users had their data scraped and passed to CA — the majority of whom would not have consented or even known their information was being shared in this way.

Meanwhile AggregateIQ’s role in the UK’s 2016 Brexit referendum vote has been the subject of increasing scrutiny in the country, following a lengthy investigation by the Observer of London looking at links between the various entities involved and how money was spent by different groups campaigning for the UK to leave the European Union.

The company received £3.5M from leave campaign groups in the run up to the 2016 referendum, and has been described by leave campaigners as instrumental in securing their win.

AggregateIQ is now among 30 companies being investigated by the UK’s data watchdog, the ICO, as part of an ongoing (and now almost year-long) investigation into the use of data analytics for political purposes. Facebook and Cambridge Analytica are also part of that probe.

Giving an update on the investigation yesterday, the ICO said it looking at “how data was collected from a third party app on Facebook and shared with Cambridge Analytica”.

The watchdog secured a warrant to enter and search the London offices of CA last month.

The UK’s Electoral Commission is also investigation Brexit campaign spending — and has previously asked Facebook, Twitter and Google to provide information about ad spending linked to Russia.

Earlier this month Facebook revealed it had removed 70 Facebook accounts, 138 Facebook Pages, and 65 Instagram accounts run by the Russian government-connected troll farm the Internet Research Agency.

The company did not immediately respond to a request for comment on the now joint Canadian and British Columbian data probe.

Facebook is also facing shareholder lawsuits and a probe by the FTC into the data misuse scandal, among others.