The blog of The Document Foundation (TDF) has today announced the sixth point release of LibreOffice 24.2 for Linux MacOS and Windows, which it is describing as “the best choice for privacy-conscious users and digital sovereignty“.
This point release includes over 40 bug and regression fixes over LibreOffice 24.2.5 to improve the software’s stability, plus interoperability with legacy and proprietary document formats. LibreOffice 24.2.6 is aimed at mainstream users and business environments.
Next week, power users and technology enthusiasts will be able to download LibreOffice 24.8.1, the first minor release of the recently announced new version with many bug and regression fixes.
As per usual, LibreOffice users, free software advocates and community members are invited to support The Document Foundation with a donation.
Download LibreOffice 24.2.6. Please note that the minimum requirements for proprietary operating systems are Windows 7 SP1 and macOS 10.15.
The Dutch Autoriteit Persoonsgegevens (Personal Data Protection Authority) has announced today that it has imposed a fine of €30.5 mn. on the US company Clearwiew AI, as well as a non-compliance penalty in excess of €5 mn.
Clearview is an American company that offers facial recognition services, which has, inter alia, built up an illegal database with billions of photos of faces, including those of Dutch citizens. Furthermore, the authority has warned that using the services of Clearview is also prohibited.
Clearview offers facial recognition services to intelligence and investigative services. Moreover, Clearview customers can provide camera images to find out the identity of people shown in the images. To this end, Clearview has a database with more than 30 billion photos of people, which it has scraped automatically from the internet and then converted into a unique biometric code per face, all without the knowledge and consent of its victims.
According to the authority’s chair Aleid Wolfsen, “Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world. If there is a photo of you on the internet – and doesn’t that apply to all of us? – then you can end up in the database of Clearview and be tracked. This is not a doom scenario from a scary film. Nor is it something that could only be done in China. This really shouldn’t go any further. We have to draw a very clear line at incorrect use of this sort of technology.’
Clearview says that it provides services to intelligence and investigative services outside the European Union (EU) only.
Clearwiew’s services illegal and in breach of the the GDPR
Clearview has seriously violated the privacy law General Data Protection Regulation (GDPR) on several points: the company should never have built the database and is insufficiently transparent. It should never have built the database with photos, the unique biometric codes and other information linked to them. This especially applies to the codes. Like fingerprints, these are biometric data. Collecting and using them is prohibited. There are some statutory exceptions to this prohibition, but Clearview cannot rely on them.
Clearview is an American company without an established presence n Europe. Other data protection authorities have already fined Clearview on various earlier occasions, but the company has not changed its conduct. For this reason the Dutch regulator is investigating ways to ensure the violations stop, including whether the company’s directors can be held personally liable for data protection violations.
Wolfsen: ‘Such [a] company cannot continue to violate the rights of Europeans and get away with it. Certainly not in this serious manner and on this massive scale. We are now going to investigate if we can hold the management of the company personally liable and fine them for directing those violations. That liability already exists if directors know that the GDPR is being violated, have the authority to stop that, but omit to do so, and in this way consciously accept those violations.’
Clearview has not objected to the decision and is therefore unable to appeal against the fine.
Today the blog of The Document Foundation (TDF), the organisation behind the free and open source LibreOffice suite. announced the release of LibreOffice 24.8, the second version of the software to be released under the new calendar-based (YY.MM) release numbering system, for immediate download for Linux, macOS (Apple and Intel) and Windows (Intel, AMD and ARM).
The release announcement lays heavy emphasis on the suite’s privacy features. LibreOffice is the only office suite, i.e. software that can create files containing personal or confidential information that respects user privacy – thus ensuring users themselves can decide if and with whom to share the content they have created. LibreOffice is thus the best option for the privacy-conscious office suite user and provides a feature set comparable to the ubiquitous MS Office. LibreOffice also offers a range of interface options to suit different user habits, from traditional to contemporary.
New features
There’s a handy little video that highlights the new features incorporated in LibreOffice 24.8.
Privacy
If the option Tools ▸ Options ▸ LibreOffice ▸ Security ▸ Options ▸ Remove personal information on saving is enabled, then personal information will not be exported (author names and timestamps, editing duration, printer name and configuration, document template, author and date for comments and tracked changes).
Writer
UI: handling of formatting characters, width of comments panel, selection of bullets, new dialog for hyperlinks, new Find deck in the sidebar.
Navigator: adding cross-references by drag-and-drop items, deleting footnotes and endnotes, indicating images with broken links.
Hyphenation: exclude words from hyphenation with new contextual menu and visualisation, new hyphenation across columns, pages or spreads, hyphenation between constituents of a compound word.
Calc
Addition of FILTER, LET, RANDARRAY, SEQUENCE, SORT, SORTBY, UNIQUE, XLOOKUP and XMATCH functions.
Improvement of threaded calculation performance, optimisation of redraw after a cell change by minimising the area that needs to be refreshed.
Cell focus rectangle moved apart from cell content.
Comments can be edited and deleted from the Navigator’s right-click menu.
Impress & Draw
In Normal view, it is now possible to scroll between slides, and the Notes are available as a collapsible pane under the slide.
By default, the running Slideshow is now immediately updated when applying changes in EditView or in PresenterConsole, even on different Screens.
Chart
New chart types “Pie-of-Pie” and “Bar-of-Pie” break down a slice of a pie as a pie or bar sub-chart respectively (this also enables import of such charts from OOXML files created with Microsoft Office).
Text inside chart’s titles, text boxes and shapes (and parts thereof) can now be formatted using the Character dialog.
Accessibility
Several improvements to the management of formatting options, which can be now announced properly by screen readers.
Security
New mode of password-based ODF encryption.
Interoperability
Support importing and exporting OOXML pivot table (cell) format definitions.
PPTX files with heavy use of custom shapes now open faster.
Minimum requirements for proprietary operating systems are Microsoft Windows 7 SP1 and Apple MacOS 10.15.
To coincide with the new version release, the LibreOffice Getting Started guide has been updated and is also available for download.
As usual, users are encouraged to support the TDF’s work with a donation.
From your ‘umble scribe’s social media timeline today.
My Firefox browser not only has an ad-blocker extension installed (uBlock Origin), but also additional privacy protection extensions to mop up anything that uBlock Origin manages to miss.
No further comment to the original post is required.
Today’s Guardian reports that civil servants at Whitehall’s Ministry of Defence (MoD) inadvertently sent classified emails intended for the United States military to Mali.
How did this happen? Email addresses for the US military come under the .milTLD. By omitting the letter i from this TLD, one is left with the two letter country code top level domain.ml, denoting Mali.
To cover its blushes from this glaring example of digital dyslexia, the Ministry has commented as follows:
We have opened an investigation after a small number of emails were mistakenly forwarded to an incorrect email domain.
We are confident they did not contain any information that could compromise operational security or technical data.
All sensitive information is shared on systems designed to minimise the risk of misdirection.
The MoD constantly reviews its processes and is currently undertaking a programme of work to improve information management, data loss prevention, and the control of sensitive information.
Whitehall is currently illuminated bright red by all the embarrassed faces lurking behind all the impressive military statues of senior dead white squaddies fronting its main building in SW1.
Maybe such a cock-up would not have happened had the ministry’s civil servants paid proper attention to what they were typing on their email clients instead of constantly reviewing their processes!
The company has been given five months to implement changes to such data transfers.
The DPC said Meta had infringed the GDPR by continuing to transfer EU user data to the US despite a ruling by the European court of justice requiring strong protection of such information, adding that the data transferred by Facebook under a measure called standard contractual clauses “did not address the risks to the fundamental rights and freedoms of data subjects that were identified by the [European Court of Justice] in its judgment”.
Meta has said it will appeal the decision, as well as commenting that it was disappointed to have been singled out when using the same legal mechanisms as thousands of other companies providing services in Europe.
The EU and the USA have agreed a new data transfer framework which is expected to be in place later this year.
This is the largest ever fine levied in the EU for a privacy breach. The previous record penalty of €746 mn was imposed on Amazon in 2021.
Your ‘umble scribe is a great fan of the free and open source Firefox web browser and has been using the desktop version since version 0.x many years ago. One of its major attractions has been its emphasis on security and privacy.
Until recently it was also the default browser on my smartphone, until I discovered Firefox Focus. Firefox Focus is a free and open-source privacy-focused mobile browser based on Firefox which is available for Android and iOS devices. First released in December 2015, it was initially a tracker-blocking application for mobile iOS devices, but was developed into a minimalistic web browser shortly afterwards.
According to Mozilla, Firefox Focus is a dedicated privacy browser with automatic tracking protection. meaning web pages load faster and your data stays private. It’s also easy to delete history, passwords and cookies, so advertisers and other ne’er-do-wells don’t follow you around online. Just tap the erase button on the search field and all that data is gone. Tracking protection is also very strong. The browser blocks a wide range of common trackers by default, including social trackers and those sticky ones that come from things like Facebook ads.
After using Firefox Focus for one week, I can say I’m impressed with the way it works. Although it required me to learn how to use tabbed browsing (hint: hold down a link in your search results and a menu appears, offering the option to open the link in a new tab. Ed.), once that was cracked, I was away. As for fast page loading, that’s not disappointing either, even on notoriously slow-loading sites, like that of Bristol City Council, which still seems to be powered by a horse turning a shaft in the basement of the Counts Louse (which some call City Hall. Ed.). 😉
If you value your privacy and security, I’d recommend Firefox Focus on your mobile device.
French IT news site Le Monde Informatique reports that the French Customs authorities have been sent a formal notice by the CNIL, France’s data privacy regulator, in respect of an illegal data file containing the details of more than 45,000 people, including copies of identity documents and records of criminal offences.
Businesses are not the only organisations with which the CNIL has found fault for holding illegal files containing personal data. Public sector organisations can also fall foul of the law.
The French Customs authorities, which come under the control of the Ministry for the Economyhave been caught red-handed following a report in respect of Customs’ file used for recording information about vessels and their crews which is known as SIRENE. Intended to identify all the people checked at sea or in port in order to combat fraud, this system was in fact developed and implemented with no legal basis and not in accordance with the law, according to the CNIL
Checks were carried out by Customs’ Channel-North Sea-Atlantic coastguard service and inspections revealed that recourse to this system did not comply with France’s Data Protection Act. This data system actually lists information about the vessels checked and their passengers, including personal information such as marital status, address, occupation and copies of identity documents, as well as criminal convictions (drug trafficking, counterfeiting, off-the-books employment, failure to co-operate, sexual assault, possession of illegal weapons, intentional homicide and murder).
6 months to comply or be fined
All told, the details of 45,793 persons – including 392 minors – are included in the SIRENE file. “The creation and use of the SIRENE file are not provided for by any legislation (for example a law or a decree). In addition, the CNIL has not received a request for an opinion concerning its implementation, in violation of the Data Protection Act (articles 87 and 89, the CNIL explained. Other grievances have also been lodged against the Ministry for the Economy, such as the failure to send an impact assessment in respect of the protection of personal data and the lack of a clear distinction between the data of the different categories of persons concerned. or the fact that the latter were not made aware that their data had been included.
Following the CNIL’s formal notice, the Ministry for the Economy and Customs have 6 months to comply otherwise a penalty could be issued.
This change will ensure that the data by the sites collected will stay within the EU and, as the Czech administration will be using its own instance of Matomo, it will retain full control of the records.
The change was triggered by an open letter sent by the Czech the digital freedom watchdog luridicum Remedium after it noticed the Czech state vaccination system website was using Google Analytics during the COVID-19 crisis. The Czech Data Protection Authority and public sector strategic partner NAKIT then pursued the matter and replaced Google Analytics with Matomo on Czechia’s Ministry of Health website. This move later led to further action and the country will continue following this trend on public sector websites.
Previously named Piwik, Matomo has been in development since 2007 and is presently deployed on 1.4 million websites, including those of NASA, the European Commission, the United Nations and Amnesty International.
Following the announcement anti-trust action by the United States Department of Justice along with the Attorneys General of California, Colorado, Connecticut, New Jersey, New York, Rhode Island, Tennessee, and Virginia against Google, Meta (owners of Facebook and Instagram), Microsoft and Twitter have all made statements seeking to defend their actions.
In their legal opinions, the big US tech giants, including Microsoft, Meta and Twitter, are warning the Supreme Court against amending Section 230 of the Communications Decency Act (CDA). This would enable actions against content recommendation algorithms, French IT news site Le Monde Informatique reports.
One week after Google’s filing of a defence statement with the US Supreme Court warning that amending Section 230 of the Communications Decency Act (CDA) “would upend the internet“, several companies including Twitter, Meta and Microsoft, have filed their own legal opinions. They support Google’s argument that a restriction of the law could have disastrous consequences for the content editors. By virtue of the 1996 CDA, the companies are shielded from liability for content posted by their users, including comments, criticism and advertising.
US Supreme Court. Image courtesy of Wikimedia Commons and UpstateNYer
However, the Supreme Court has been asked to examine whether Section 230 was still pertinent and appropriate, given that it was promulgated before the internet became part of everyday life. The law was subject to a minute before the suit filed by the family of Nohemi Gonzalez, a 23 year-pld US citizen killed in Paris during the 13th November 2015 terrorist attacks claimed by ISIS. The Gonzalez family asserts that the algorithms should be regarded as editorial content not covered by the immunity from liability granted by Section 230 and thus Google’s YouTube subsidiary has violated the US Anti-Terrorism Act (ATA) when its algorithms have recommended ISIS-linked content to users. The Supreme Court is set to hear oral arguments in the case on 21st February next.
Criticisms of the protections of Section 230 for websites
Both Democratic and Republican members of Congress have criticised the protections provided for by the law. The Republicans believe that those in respect of liability make websites take partial decisions regarding content removal, whilst the Democrats would like the same sites to take more responsibility as regards moderation. In a statement President Biden has stated that his administration would support the position that Section 230 protections should not apply to recommendation algorithms. In its petition of 19th January, Microsoft asserts that if the Supreme Court makes amendments to Section 230, it would “strip these digital publishing decisions suit—and it would do so in illogical ways that are inconsistent with how algorithms actually work.“.
The company added that any decision aimed at restricting the law “thereby expose interactive computer services to liability for publishing content to users whenever a plaintiff could craft a theory that sharing the content is somehow harmful“. In its own petition Meta stated that the plaintiffs’ argument is “deeply flawed from a legal point of view”; by interpreting Section 230 as a means of protecting sites from liability for content posted by its users whilst removing protection from content “ignores the way in which the internet works“. The company continued by describing the plaintiffs’ position as “regrettable from a practical point of view” and by stating that a ruling in their favour would ultimately prompt “online services to remove important, provocative and controversial content on matters of general interest“.
Protection from liability essential for website operation according to Twitter
Twitter has said that the current interpretation of Section 230 “ensures that sites such as Twitter and YouTube can work in spite of the unfathomable amount of information they make available and the potential liability that might result from this“. Since Twitter’s acquisition by Elon Musk, the site has been criticised for having reinstated the accounts of people it previously banned, such as disgraced former president Donald Trump or alpha male par excellence and all-round amateur human being Andrew Tate who is currently under investigation in Romania for alleged human trafficking.
However, the review of several other high-profile cases will have to take place before the law is changed. Last week the Supreme Court was set to discuss its jurisdiction in two cases that challenge Texas and Florida laws prohibiting online platforms from removing certain political content. In addition, a Twitter vs. Taamneh case, which has many similarities with the Gonzalez vs. Google case, is due to oral pleadings on 2nd February. In this case Twitter, Facebook and YouTube are accused of having aided and abetted another attack claimed by Islamic State.
The Dutch Autoriteit Persoonsgegevens (Personal Data Protection Authority) has 
Clearview is an American company that offers facial recognition services, which has, inter alia, built up an illegal database with billions of photos of faces, including those of Dutch citizens. Furthermore, the authority has warned that using the services of Clearview is also prohibited.
Minimum requirements for proprietary operating systems are Microsoft Windows 7 SP1 and Apple MacOS 10.15.
Today’s 
Meta, the parent company of social media platform Facebook, has been fined a record €1.2 bn. by Ireland’s 
French IT news site 
Businesses are not the only organisations with which the 
Joinup, the EU’s open source news site, 
Following the announcement anti-trust action by the United States Department of Justice along with the Attorneys General of California, Colorado, Connecticut, New Jersey, New York, Rhode Island, Tennessee, and Virginia against Google, Meta (owners of Facebook and Instagram), Microsoft and Twitter have all made statements seeking to defend their actions.