Following the banning of Chinese short video sharing app TikTok from EU and US government devices, plus more trouble on the way in Canada, we look at some of the reasons why.

Banned From EU Government Devices 

The European Commission recently decided to ban the TikTok app from staff phones (work and personal devices). EC staff were informed of the decision by email.  The EC’s decision led to the EU executive and the EU Council following suit and also issuing a ban of the app from all personal mobile devices that have access to corporate services.

In both cases, the ban/suspension was issued on cybersecurity grounds, i.e. to protect data and increase cybersecurity. In a statement on the European Commission’s website, for example, the reason for the ‘suspension’ of TikTok is given as “to protect the Commission against cybersecurity threats and actions which may be exploited for cyber-attacks against the corporate environment of the Commission.” 

US And India 

The EU’s is not the first government body to ban TikTok from staff phones on similar grounds. For example, in December, the U.S. Senate passed a bill banning government employees from having the TikTok app on government-owned devices. Also, in June 2020, India banned TikTok and around 300 other Chinese apps from government devices.

Calls To Ban & Investigations 

TikTok is also facing calls to ban its app in Australia and Taiwan, and the Canadian government is launching a joint federal and provincial investigation into the app.

Why The Concerns About TikTok? 

The main concerns about TikTok are:

– Owned by Chinese company ByteDance, there are worries that TikTok has close links to the Chinese state and communist party. As such, there are worries that the app could be used for data harvesting, censorship, and propaganda purposes. In the US, for example, the concerns are related to national security, given that TikTok has become hugely popular among American teenagers and young adults, who share personal information and use the app to express their opinions and ideas.

– Concerns (especially in the US) that the Chinese government could use TikTok to collect sensitive personal data on Americans, including their location, contacts, and browsing history. This data could be used for surveillance, cyber espionage and even blackmail.

– Concerns that TikTok’s content moderation practices may not be transparent or consistent, and that the app may censor content that is critical of the Chinese government or otherwise sensitive topics.

– Concerns that the TikTok app could be used to spread propaganda and misinformation to manipulate public opinion. For example, as highlighted recently by Florida Republican Senate Intelligence Committee vice chair Marco Rubio, fears that Tik Tok could “weaponize data” collected from the app and use the app to “drive narratives in society that try to influence political debate.” Similarly, in Taiwan, a key worry is that the app may be used by Beijing to spread disinformation and wage cognitive warfare.

– As highlighted by the EU, in addition to the above concerns, that data collected by TikTok could be used for state sponsored cyber attacks against the EU and the EC’s corporate environment.

– The recent concerns in Canada are reported to relate to whether valid and meaningful consent is being obtained for the collection, use and disclosure of personal information of TikTok users.

Balloons 

Relations between China and the west have worsened in recent years with accusations about state links to Chinese tech communications businesses leading to other bans, e.g. the US ban on the sale and import of new Huawei communications equipment and the UK ban of Huawei equipment in 5G networks. The real mistrust of and sanctions against Chinese communications-related companies really escalated in the Trump era in the US. The recent sighting (and shooting down) of suspected Chinese spy balloons over the US earlier this month has put the spotlight back on fears over Chinese companies and re-ignited concerns about TikTok.

What Does TikTok Say? 

In response to the recent banning of the TikTok app from European Commission devices, a TikTok spokesperson has been quoted as saying that it had not been contacted directly by the Commission, or offered an explanation for its decision, and that it believed that the move was “misguided and based on fundamental misconceptions.” The same spokesperson was also reported to have said that TikTok had contacted the EC to explain how it protects the data of the 125 million users across the EU each month.

In response to an impending investigation in Canada, TikTok has been reported as saying that the privacy and safety of users “is always a top priority” and that the investigation would be an opportunity for it to “set the record straight” about its privacy and data protection.

In the past, following the signing of an executive order (in 2020) by then president Donald Trump that would have effectively banned TikTok in the US unless its ownership was transferred to an American company, TikTok tried to comply and allay fears by announcing a partnership with Oracle and Walmart, to see the US companies take a stake in the app (which was never finalised).

Other measures that TikTok has taken in recent times to try and comply and allay fears about how it handles user data include:

– The publishing of transparency reports that detail the requests they receive from governments and law enforcement agencies for user data or content removal, in order to provide greater transparency about the platform’s policies and practices.

– In some countries, TikTok has set up local data storage facilities to comply with local regulations and data protection laws. This means that user data is stored within the country rather than being sent to servers located elsewhere.

– TikTok has also said that it has  implemented stronger content moderation policies and tools to identify and remove harmful or inappropriate content. They have also created a content moderation centre in Dublin, Ireland, to oversee content moderation efforts across Europe.

– User education has been another way TikTok has tried to protect itself. For example, it launched several educational campaigns to help users understand how to use the app safely and protect their personal information. These campaigns include videos and other resources that provide guidance on privacy and security best practices.

– TikTok has promised to provide greater transparency and oversight of its algorithm, which is used to recommend content to users, and committed to providing explanations for why certain content is recommended to users, and to give users more control over the content they see.

Overall, it could be said that TikTok has made efforts to address concerns about privacy and security in different countries. However, many critics still argue that the measures taken are not enough and that more needs to be done to protect user data and ensure the platform is not used for harmful purposes.

What Does This Mean For Your Business? 

The future and fortunes on TikTok in the west, and of other Chinese companies (e.g. Huawei) are inextricably linked to the political and diplomatic relations between China and the west, and there is of course, an element of competition with foreign firms. In particular, since the worsening of relations with China during the Trump era, fears of close links between the Chinese state and tech and comms companies, plus the fear that the data they have access to and collect could be weaponised against western governments and companies and that apps like TikTok could be used to influence opinion and spread disinformation have all led to TikTok’s current predicament.

China’s apparent support for Russia over the war against Ukraine is also unlikely to help the Chinese companies operating in the west and the recent spying-balloon incidents have amplified existing fears and arguments. Some have argued that the bans on TikTok won’t make users any safer as nearly all digital platforms and e-commerce sites around the world collect and buy and sell data via third parties anyway. The bans, however, are one way that governments can be seen to be plugging a potential security and privacy gap while sending a strong political message at the same time.

Meta has announced it’s launching its own version of Twitter’s Blue Tick called ‘Meta Verified’ for Facebook and Instagram where users pay a monthly subscription to be verified on the platforms.

Announcement 

On February 19, Meta’s CEO, Mark Zuckerberg, announced that Meta is starting the rollout of its new ‘Meta Verified’ subscription service for Facebook and Instagram, staring in Australia and New Zealand. For a monthly subscription of $11.99 / month on web or $14.99 / month on iOS., Meta Verified lets users verify their account “with a government ID” in return for which they get a blue badge, i.e. extra impersonation-protection against accounts claiming to be them, plus direct access to customer support.

Meta says that the new feature “is about increasing authenticity and security across our services” and Mark Zuckerberg says that a blue badge “effectively find and remove any imposter accounts since we know which account is the real you.” 

Imposter Accounts Problem 

Facebook and Twitter (two of the most widely used social media platforms) and other platforms have suffered from the issue of people setting up imposter accounts. Imposter accounts on social media platforms like Facebook or Twitter can pose several problems, including:

– Misrepresentation. Imposter accounts often pretend to be someone else, such as a celebrity or a public figure, and use their name, image, or brand to mislead people. This misrepresentation can damage the reputation of the person or brand being impersonated.

– Identity theft. Imposter accounts can also use stolen personal information to create fake accounts, which can lead to identity theft and other fraudulent activities.

– The spreading of misinformation. Imposter accounts can also spread false information, rumours or propaganda, which can harm individuals or groups and influence public opinion.

– Cyberbullying. Imposter accounts can also use fake identities to harass or bully people, which can cause emotional distress and harm mental health.

– Security concerns. Imposter accounts can be used to gain access to personal information or to spread malware or viruses, which can compromise the security of social media users.

Like Twitter’s ‘Blue Tick’ Service 

Meta’s Blue Badge service appears to be remarkably similar to Twitter’s Blue service.

Twitter’s Blue service, often referred to as ‘Blue Tick’ was originally introduced back in 2021 following reports that perhaps as much as 19 per cent of Twitter accounts could be fake and untrustworthy. The problem persisted and became an issue last year when Elon Musk was buying Twitter when it was estimated that spam and fake accounts / bot accounts (not run by humans) made up 5 per cent of Twitter accounts.

With Musk also needing a revenue stream in addition to advertising, a revamped, subscription Blue service was introduced in November 2022 with users able to verify (by use of a blue tick next to their name) that their account is genuine and get editing and customisation options that free accounts don’t have. Despite the service experiencing a backlash that alarmed some advertisers, and being temporarily halted, it was resumed it in December 2022.

A recent tweet suggesting that Meta’s ‘Meta Verified’ subscription service (Blue Badge) is essentially a copy of Twitter’s idea was met with a reply from Elon Musk saying that Meta’s move was “inevitable.” 

What Does This Mean For Your Business? 

For Meta, in addition to being a competitive move, it’s also a way to increase revenue, tackle the problem of fake accounts and the spreading of disinformation and misinformation that Facebook, along with other platforms, has suffered from, while increasing trust in the platform. That said, the Meta Verified service is just in Australia and New Zealand at the moment, so it remains to be seen what kind of reaction there is to it, and how successful it looks likely to be if rolled out elsewhere.

It may initially be more useful and more popular among some user groups than others, e.g. celebrities, political leaders, well known businesses, and content creators wanting to increase their presence on Facebook and Twitter. For those who subscribe to Meta Verified, it may be the case that access to customer support is a large part of the real value of the service, and not just the blue badge.

With OpenReach now ‘throttling’ broadband speeds and limiting phone calls as measures designed to gently “nudge” customers to upgrade as the “Big Switchoff” approaches, we look at exactly what’s happening, why, and when.

What Is The Great Switchoff? 

The “Big Switchoff” refers to the switch from the old copper phone network to a new ‘Digital Voice’ alternative. Back in April 2021, BT Openreach announced that starting from the end of the year and finishing in 2025, it would be “switching off the UK telephone network as we know it” by moving 15 million lines (some figures say switching 29 million home landlines) from analogue to a VoIP (Voice over Internet Protocol) based replacement telephone service. The “Big Switchover” to digital was branded ‘Digital Voice.’

This means that the Internet (broadband) will be used to digitally carry telephone calls rather than traditional copper wires – i.e. landline voice calls will be transmitted digitally.  In individual homes, this will mean that people will plug a new digital phone, powered by mains electricity, into their router rather than a socket in the wall.

Also Means The End For ISDN 

Switching off the UK’s traditional public switched telephone network (PSTN) will also mean the end for ISDN because it uses the copper wire phone network. Also, BT Openreach will not be accepting new orders for PSTN, and ISDN2 and ISDN30 services after September 2023.

Why? 

The old PSTN is reaching the end of its life and is becoming increasingly difficult and costly to maintain, therefore Openreach is looking to ditch the legacy copper network completely so it won’t have to pay to run two parallel networks. Also, there are now more up-to-date alternatives that are compatible with how we communicate today, i.e. mobile and Internet communications. Some advantages for customers of the switch-over to VoIP could include:

– VoIP offers a greater breadth of capabilities.

– Cost savings and fewer system failures and outages and reduced complexity for providers.

– Scalability and portability (VoIP phone systems can go wherever the company goes).

– Greater communications-mobility, flexibility, and increased productivity and collaboration.

– Better security that’s continuously updated.

– Greater reliability.

– Improved customer experiences.

– Clearer calls, making it easier to keep existing numbers, and the choice to have broadband provided separately from the telephone service.

– Better identification and prevention of nuisance calls, thereby saving businesses time and money and potentially protecting against scammers.

Now The Throttling Starts 

Throttling refers to the intentional slowing down of internet speeds by an internet service provider (ISP) during certain times or for certain types of online activities. In the context of the impending “Big Switchoff”, Openreach has announced that it is planning to trial a set of service management measures to encourage customers still using analogue phone lines to contact their provider and upgrade to new, digital alternatives.

The trials in Salisbury, Wiltshire, and Mildenhall, Suffolk, will see “restrictions” introduced that will prevent out-bound telephone calls (calls to the emergency services will not be affected) and the limiting of broadband speeds (throttling), in order to prompt customer action.

A Nudge 

James Lilley, Director for Managed Customer Migrations at Openreach said of the trials: “A small minority of customers are yet to upgrade despite several attempts by their service provider to contact them, so we’re planning some gentle measures which will nudge them to contact their provider and have a conversation about their future service.” 

Deadlines 

Openreach notified its Communications Providers (CP) customers in January last year that the analogue services would be withdrawn in the trial areas by 19 April 2023, but that deadline has been extended to October 9 this year to test the new service measures.

The trials are reported to have been running since December 2020 and May 2021 respectively to test a set of processes for upgrading the UK’s decades old analogue network to new digital products and services.

Openreach says that “for those remaining on the legacy network who don’t have an agreed exemption, Openreach will introduce a reduction in broadband download speeds to around 2Mbps from April 24, followed by a barring of out-bound calls, from June 5. The changes will be introduced in batches to better manage customer responses.” 

Openreach also says that it’s still on track for the UK wide switch off at the end of 2025.

What Does This Mean For Your Business? 

The “Big Switchoff” at the end of 2025 of the old PTSN network and the move to ‘Digital Voice’ and VoIP should mean a more flexible, reliable, scalable, and more secure communications service that’s more capable of keeping up with the demands of the modern digital world which hopefully could deliver cost savings. At the current time, however, many businesses in the UK are still frustrated by not having particularly fast broadband speeds, plus the fact that the UK is lagging behind in terms of the 5G network, and at that many rural areas have no reliable broadband anyway. Also, they still have to wait until the end of 2025 to enjoy the full benefits of the digital switchover.

However, on the positive side, at least Openreach has allowed time to conduct enough tests and trials to hopefully iron any issues and ensure a smooth switchover from analogue that minimises costly disruption to businesses.

A Mimecast spokesman has warned that in a labour market already stretched by shortages, Dutch digital resilience could be threatened if more attention isn’t paid to the mental well-being of cyber security professionals.

Wanting To Change Jobs 

Recent research commissioned by Mimecast in the Netherlands showed that a quarter of Dutch IT professionals are considering changing jobs in two years due to the risk of ‘burnout.’ Although burnout rates in the Netherlands among cyber security specialists are lower that the global average – 35 per cent as compared to 56 per cent – the research revealed that stress levels are high. It is thought that burnout rates are only as low as they are due to a ‘part-time’ culture, a good national work-life balance, and an innate cultural directness that highlights issues early.

What Kind Of Stresses? 

The kind of stresses and fears identified by the Mimecast research that cyber security professionals are facing, are reported to be:

– Security cutbacks at organisations.

– An increasing threat of cyber attacks.

– Feeling unrecognised in their work.

– Increasing media coverage of ransomware attacks making security professionals feel pressure to prepare properly.

– Fears about cyber insurance coverage and fear of potentially devastating attacks on critical infrastructure.

– Added pressure from the high workload caused by a chronic shortage of cyber specialists.

Could Affect Dutch Cyber Resilience 

The implications of cyber security professionals leaving the industry due to burnout and changing careers could be that Dutch businesses and organisations may be more at risk of successful cybers attacks, the loss of valuable knowledge and expertise in the industry, greater pressure on those left behind, plus making it more difficult for many  companies to find and afford cyber security professionals – i.e. low supply and high demand.

In Australia Too 

An Australian study from not-for-profit cyber mental health support initiative Cybermindz.org in December last year reached similar conclusions. For example:

– The rapidly evolving, relentless attack environment defying any sense of ‘job well done’ among cyber professionals and creating a sense of hopelessness.

– Early evidence of burnout in cyber professionals, signalling a potential loss of skills to a critical part of the economy which could lead to “systemic weaknesses in our human cyber defences would tend to impact society at mass levels, especially if essential services like water, energy, telecommunications, health, financial services, food distribution and transportation are affected.” 

What Can Be Done To Help? 

Some of the measures that can be taken to help the situation include:

– A serious acknowledgement of the conditions and challenges IT professionals face.

– Giving more board-level attention to the issue, which could create safer workplace conditions.

– The use of stress-reducing tools such as CyberMindz’s Integrative Restoration or iRest protocol.

– Greater promotion of mental health help options in the cyber community.

– Providing clear job descriptions and expectations to help cyber professionals to understand what is expected of them and what their responsibilities are, which can reduce ambiguity and stress.

– Encouraging work-life balance by promoting flexible working hours, remote work options, and setting realistic deadlines.

– Offering training and development opportunities to help cyber professionals stay up to date with the latest technologies and best practices, thereby improving job satisfaction, reducing stress, and increasing motivation.

– Ensuring that cybersecurity teams have access to the necessary resources and tools to perform their job effectively, e.g. by providing access to the latest software, hardware, and equipment, as well as providing support staff to help with administrative tasks.

– Fostering a positive work environment by promoting a culture of collaboration, recognition, and appreciation, as well as providing opportunities for team building and socialising.

– Managers and supervisors regularly checking-in with their cybersecurity professionals to gauge their wellbeing, discuss any concerns or issues they may be facing, and provide support when needed. This can help to build trust and rapport and can help to identify and address issues before they escalate into burnout.

What Does This Mean For Your Business? 

Research into this subject has highlighted a mostly hidden but important issue which, if not addressed, could have serious knock-on effects for many businesses, organisations and society as a whole. In addition to the relatively unrecognised human cost of the increasing stresses faced in today’s cyber professions, plus the potential loss of expertise from the cyber security industry, failing to address this issue could leave whole countries and societies open to devastating cyber attacks. As Cybermindz pointed out, these could impact society at mass levels through disruption to essential services like water, energy, telecommunications, health, financial services, food distribution and transportation.

Now that studies have revealed the extent of the issue, businesses may want to take a close look at how their own cyber professionals are feeling and identify what could be done to reduce their stress and the risk of them leaving. For example, measures such as providing clear job expectations, encouraging work-life balance, offering training and development opportunities, providing adequate resources, fostering a positive work environment, plus regularly checking in with employees could all help. By adopting these strategies, companies could help to improve the job satisfaction and wellbeing of their cybersecurity professionals, while also enhancing their performance and productivity.

Researchers at the Swiss Federal Institute of Technology Lausanne (EPFL) have developed a way for using a 3D-printing ink that contains calcium carbonate-producing bacteria, giving a result similar to mollusc shells or bone.

‘BacktoInk’ – Environmentally Friendly 

Researchers at EPFL’s Soft Materials Laboratory in the School of Engineering have successfully added the Sporosarcina pasteurii bacterium to 3D printing ink. When mixed with a urea-containing solution, it triggers a mineralisation process that produces calcium carbonate (CaCO3) that is light, strong, porous, and rigid, just bone or shells. This means that, using the new ‘BactoInk’, it’s now possible to produce a 3D-printed product of virtually any shape, using environmentally friendly materials and processes, which will gradually mineralise over the course of a few days to a solid state.

Mineral Particle Inks Failed In The Past 

Inks containing mineral particles have been tried in the past but have not been able to meet the flow conditions needed for successful 3D printing i.e., behaving like a solid when at rest, but still be extrudable through a 3D printing nozzle. Also, previous efforts have resulted in structures that were soft, or shrunk upon drying, leading to cracking and loss of control over the shape of the final product.

The Answer – A Polymeric ‘Scaffold’ Using BactoInk 

Lab head Esther Amstad explained why the bacteria-based ink method from the EPFL team has been successful where other mineral inks have failed, saying: “We came up with a simple trick: instead of printing minerals, we printed a polymeric scaffold using our BactoInk, which is then mineralised in a second, separate step. After about four days, the mineralisation process triggered by the bacteria in the scaffold leads to a final product with a mineral content of over 90 per cent.” 

The Result – A Strong And Resilient Bio-composite 

EPFL has reported that using BactoInk in a 3D printer produces a “strong and resilient bio-composite, which can be produced using a standard 3D printer and natural materials, and without the extreme temperatures often required for manufacturing ceramics.” 

No Living Bacteria In Final Product 

For those concerned about any possible dangers of the bacterial element of the ink, the EPFL researchers report that: “Final products no longer contain living bacteria, as they are submerged in ethanol at the end of the mineralisation process.” 

What Does This Mean For Your Organisation? 

This method of mineralising ink appears to have succeeded where others have failed and it’s believed that the versatility of BactoInk, combined with its low environmental impact and the excellent mechanical properties of the mineralised materials, could bring new possibilities for fabricating lightweight, load-bearing composites that are more like natural materials than to today’s synthetic composites. As such, the BactoInk method could have applications across a broad range of fields, including art, ecology, and biomedicine. The research team, for example, have suggested that it could be used in restoration of artworks e.g., by being directly injected into a mold or target site such as a crack in a vase or a chip in a statue. BactoInk’s mechanical properties such as its strength and shrinkage resistance mean that it could be well suited to both the repair a work of art, and preventing further damage during the restoration process.

One other very interesting environmental possibility for BactoInk could be in the building of artificial corals to help regenerate damaged marine reefs. Its bone-like structure may also lend itself to biomedical applications.