Kaspersky, EULA Companies, and Influence Operations

The article FBI pushes private sector to cut ties with Kaspersky discusses specific concerns about Kaspersky, but I think the issues are much broader.

In the briefings, FBI officials also raise the issue of Russia’s increasingly expansive surveillance laws and what they charge is a distinct culture wherein powerful Russian intelligence agencies are easily able to reach into private sector firms like Kaspersky with little check on government power.

This is not unique to Russia as governments and organizations all over the world want greater access to network activity, metadata, and contents on servers. The book After On: A Novel of Silicon Valley describes the fictitious social networking company Phluttr as a "EULA company" - a company where users essentially abdicate any 4th Amendment right to privacy when they agree to the End User License Agreement (which no one reads) and then contribute tons of information about themselves and their social connections.

Antivirus companies shipping metadata about all your files and network activity to their cloud servers, cloud-based file services (think about how they do de-duping), cloud-based email & messaging services, social networks, etc. all leak huge amounts of data about you.

The large amount of details users voluntarily give to companies is ripe for use in influence operations. For more details on the potential when analytics is applied to troves of data voluntarily provided, see The Data That Turned the World Upside Down:

The strength of their modeling was illustrated by how well it could predict a subject's answers. Kosinski continued to work on the models incessantly: before long, he was able to evaluate a person better than the average work colleague, merely on the basis of ten Facebook "likes." Seventy "likes" were enough to outdo what a person's friends knew, 150 what their parents knew, and 300 "likes" what their partner knew.
Source: https://www.cyberscoop.com/fbi-kaspersky-p...