COVID-19 Surveillance: Crossing The Line?

 In Anti-Money Laundering, Compliance, Cybersecurity, Trending

As healthcare professionals continue to face an uphill climb in treating the effects of this unprecedented pandemic, and citizens at the international level do their best to stay safe and decrease their exposure to potential infection, it appears that the impact of the novel Coronavirus has extended well beyond the domain of health and wellness. Last week, Global RADAR touched on new threats to financial security continuing to arise amidst the ongoing COVID-19 saga. The exponential increase in online activity seen recently, specifically in regards to mobile and online banking over the past month alone, has lead to a sharp uptick in cases of financial fraud. Cybercriminals have successfully capitalized on the current state of hysteria, exploiting the widespread lack of financial security seen across multiple sectors in churning out new scams with the power to leave unsuspecting individuals and even entire institutions in further financial ruin. While steps are being taken by the United States government to crack down on these activities, other potential risks still loom large, and have already begun to unfold without much notice from the average consumer.

With international government bodies desperate to “flatten the curve” of new infections seen within their jurisdictions to help kick-start their respective economies at a faster rate, public health experts have been consulted to weigh in on ways to make this happen. The consensus? Increase availability to testing and screenings, continue to practice appropriate social distancing, and consider the adoption of a controversial (bordering-on-unethical) practice; that practice being “contact tracing.” Originally employed in the eastern world where the virus itself initially arose, South Korea implemented contact tracing legislation that allowed “health officials to aggressively trace the footsteps of citizens who test positive for an emerging infectious disease.”1 In doing so, these officers have utilized a variety of methods that included (but most likely are not limited to) security camera footage, credit-card records, GPS data from cellphones and car-navigation systems” allowing them to directly pinpoint where the infected individuals they are tracking have been.1 Once this information is acquired, South Korean citizens residing in the specific district of an infected individual are then provided with notice of the diagnosis, as well as information about the whereabouts of the subject that includes areas where they have been, whether they took public transportation, and even whether or not they wore a mask that day.

While the South Korean government stops short of releasing the names of the diagnosed individuals, the fact that the practice as a whole goes on without informed consent from their citizens makes it contentious to say the least. While many eastern countries do not have stringent privacy laws that exist in the west, it is fair to say that these methods have the potential to be abused without a system of checks and balances in place for those overseeing these operations. While the methods employed in South Korea are drastic, it is somewhat unsurprising that China has taken surveillance of its citizens to the next level. China reportedly traced every individual who left Wuhan following the outbreak, and also released their names to local officials and “neighborhood minders”, who essentially act as government informants. Security cameras and drones are also confirmed as having been used. Given the way the Chinese government operates behind closed doors, it is frightening to speculate on what they are doing with this information.

 

While arguably not as extreme, the approaches taken by the European and American governments and many of the powerful companies incorporated within them have evolved into their own distinct forms of contact tracing. Several European countries have reportedly begun to create programs to help track individuals exposed to COVID-19 who must be quarantined. Furthermore, the Wall Street Journal writes that “European health agencies are gathering anonymized geolocation and cell-tower data directly from telecom companies”, as many governments across Europe are urging their citizens to voluntarily download tracking apps to help manage the spread of the disease. In an interesting statement released on similar measures passed in her country within the past month, Slovak Justice Minister Maria Koliková stated, “We realize that this is an infringement of fundamental rights and freedoms, let’s not pretend it is not,” noting that “in a democratic state, an interference with fundamental rights and freedoms is possible if the measure is proportionate to the purpose.”4

The U.S. has too been implicated in this growing pattern. The recent developments seen across the United States have all but forced America’s “big tech” powerhouses such as Google and Apple into action. While many of America’s largest tech firms have begun to use the innumerable resources at their disposal to assist in thwarting the spread of coronavirus cases however, they have failed to openly disclose that in doing so, they have the potential to gain access to mounds of personal information from millions upon millions of U.S. citizens. Nevertheless, by way of a two-phase unveiling expected to occur by the end of May, both companies have announced the expected launches of updates to the operating systems (OS) of their respective smartphones which will use Bluetooth technology to track the locations of potential coronavirus cases — not just those who have already been diagnosed. MarketWatch writer Elisabeth Buchwald writes that this new technology will function by “harnessing short-range Bluetooth signals, known as Bluetooth beacons. Using the Apple-Google technology, contact-tracing apps would gather a record of other phones with which they came into close proximity.”1 This data will only be collected on individuals who have installed the apps and agreed to share their data with public-health authorities, however. While this information is expected to be used for good to help alert individuals who may have inadvertently become infected, and the fact that these enterprises claim that they plan to phase out the tool as the pandemic ends (though no concrete date for this action has yet been set), it does not take much imagination to see how this technology could be exploited.

Times of crisis often force individuals and companies alike to adapt – in this case by altering their basic freedoms on a “temporary” basis. Time will tell however what the effects of this forfeiture of privacy may have on life as we know it moving forward. If one thing is certain, it is that the times we are living in are truly unique to say the least.

 

Weekly Roundup

 

U.S. Government Warns of North Korean Cyber-Threats 

On April 15th, several of the United States executive department’s issued a joint advisory warning Americans and their international counterparts of the increasing threats posed by North Korea (DPRK) via the cyber realm. Together, the U.S. Departments of State, Homeland Security, and Treasury, and the Federal Bureau of Investigation (FBI) aimed to call attention to the Republic’s calculated cyber-activities that they believe pose a significant threat to the general health of the international financial system, while also providing recommendations for ways to mitigate risk in this regard. The guidance reads that while being under the pressure of “robust U.S. and United Nations sanctions, the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs”, adding that North Korea has the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure.”2 These bodies have discovered that the East Asian country has successfully utilized sophisticated cyber-technologies to steal and subsequently launder funds from various financial institutions around the world, while also attacking other prominent corporations (including Sony Pictures Entertainment (SPE) in 2014) to steal confidential information via use of ransomware and hacking tactics.

To date, North Korea has demonstrated a general unwillingness to back down from these activities secondary to the immense revenue generation these practices have created under the regime of Supreme Leader Kim Jong-un. As such, the U.S. has published a list of relevant actions for international government agencies, businesses and individuals to take to better protect themselves from these significant threats. The complete list of mitigation actions can be found via the following link: https://www.us-cert.gov/ncas/alerts/aa20-106a

 

 

Kenyan Bank Penalized For AML Lapses

Absa Bank Kenya Plc was recently orderedby Kenya’s central bank  o cease all foreign exchange trading during the time period of April 9th to April 15th as punishment for violating current anti-money laundering regulations on some of its trades. The Central Bank of Kenya (CBK) found Absa to have been negligent in regards to foreign exchange trades carried out in March of 2020 where the bank failed to follow adequate anti-money laundering (AML), counter-terror financing (CFT) or “know your customer” (KYC) checks.5 The lender – formerly known as Barclays Bank of Kenya – is “expected to reverse the market positions created as a result of the flagged transactions and put in place adequate measures to ensure compliance.”7

While the CBK has not revealed the entities involved, nor the total amount of money involved in these unethical transactions, Absa ultimately canceled multiple ForEx forward transactions with two “reputable global financial institutions” to further address the concerns of the regulatory body. Absa Kenya remains in ongoing discussion with the CBK in regards to the investigatory findings and the issuance of any additional penalties to resolve these matters.

 

U.S. Returns More 1MDB Cash to Malaysia

Last Tuesday, the United States Department of Justice (DOJ) announced the repatriation of an additional $300 million in recovered money from the notorious 1-Malasyia Development Berhad (1MDB) Fund back to the Malaysian government. The DOJ estimated that approximately $4.5 billion was siphoned out of the reserve by high-ranking fund officials over a five year span dating back to the early 2010’s, with the majority of these funds being laundered through financial institutions in various well-developed jurisdictions across the globe including the United States. Reuters, citing a statement from the DOJ, reports that this latest payment “brings the total the United States has returned or assisted Malaysia in recovering to more than $600 million (2.6 billion ringgit).”6 Summing up this action, Calvin Shivers, Assistant Director of the FBI’s Criminal Investigative Division, stated, “the repatriation announced today is a direct result of an FBI international corruption investigation, conclusively demonstrating that criminals will not be allowed to prosper in the United States.  This money is now being returned to its rightful place – the country and people of Malaysia.”8

 

 

Citations

  1. Buchwald, Elisabeth. “’This Could Be Abused.’ Privacy Experts Take Cautious Approach to Apple and Google’s Coronavirus Contact-Tracing Technology.”MarketWatch, MarketWatch, 16 Apr. 2020.
  2. “Guidance on the North Korean Cyber Threat: Alert (AA20-106A).” Cyber Infrastructure | CISA, U.S. Department of Homeland Security, 15 Apr. 2020.
  3. Lin, Liza, and Timothy W. Martin. “How Coronavirus Is Eroding Privacy.” The Wall Street Journal, Dow Jones & Company, 15 Apr. 2020.
  4. Marson, James, et al. “U.S. and Europe Turn to Phone-Tracking Strategies to Slow Spread of Coronavirus.” The Wall Street Journal, Dow Jones & Company, 3 Apr. 2020.
  5. Obulutsa, George. “UPDATE 2-Regulator Penalises Absa Bank Kenya over Anti Money-Laundering Lapses.”Reuters, Thomson Reuters, 9 Apr. 2020.
  6. Prentice, Chris, and Rozanna Latiff. “U.S. Returns Another $300 Million of Recovered 1MDB Funds to Malaysia.”Reuters, Thomson Reuters, 15 Apr. 2020.
  7. Sunday, Frankline. “CBK Suspends Absa Bank for Violating Forex Market Rules.”The Standard, 10 Apr. 2020.

“U.S. Repatriates $300 Million to Malaysia in Proceeds of Funds Misappropriated from 1Malaysia Development Berhad.” U.S. Embassy in Malaysia, 15 Apr. 2020.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text.

Start typing and press Enter to search