#CRA
My blog post asking the @EU_Commission why they made no attempt to consult the #OpenSource community about the #CRA has now been posted to the @osi blog
https://blog.opensource.org/why-the-european-commission-must-consult-the-open-source-communities/
Parquer des humains dans des hangars, tels des vaches dans des fermes industrielles est inhumain et inefficace.
À Ciudad Juarez comme en France dans les #CRA , les migrants sont nos frères.
On ne traite pas ainsi ses frères.
After sustained advocacy,
the Government of Canada has taken positive steps toward fixing its Risk Assessment Model that carried clear systemic bias against marginalized communities.
We had long raised concerns about out discrimination in Ottawa's anti-terror approach,
Including in major institutions like the CRA,
Which we critiqued in a 2021 joint report with the University of Toronto,
"Under Layered Suspicion."
| #Canada #Ottawa #CRA #FinanceCanada #RiskAssessment #cdnpoli
The Taxpayers' Ombudsman released his long-awaited report on racism and Islamophobia at the Canada Revenue Agency (CRA).
It tells us we have a problem.
The Ombudsman was not able to get everything he needed to conduct a thorough review of the CRA and its practice targeting particular communities.
This is alarming.
The CRA is not transparent.
It did not release everything needed for the Ombudsman to do his job.
| #CanadaRevenueAgency #CRA #Islamophobia #MuslimCharities #Canada #cdnpoli
Today, the Taxpayers’ Ombudsperson's Office released their report of systemic racism and Islamophobia at the CRA.
It paints a clear picture of a system where transparency and accountability are extremely difficult to ascertain.
Read our full statement.
| #Islamophobia #SystemicRacism #CanadaRevenueAgency #CRA #cdnpoli #Canada #NCCM
EU #policy people say not to worry about #CRA compliance because the EU #standards bodies will streamline it. But the ESOs are corporate-controlled, patent-loving & expensive to engage. Shouldn't the EU address this if they want #OpenSource accommodated?
https://the.webm.ink/cra-compliance-engaging-standards-bodies
Europe's standards bodies have no functional relationships with #OpenSource charities and do not consult them. So how can they create standards that aid open source projects in #CRA compliance?
https://the.webm.ink/cra-compliance-engaging-standards-bodies
Big news for the Cyber Resilience Act!
---
RT @bertuzluca
#CRA: The CCC finally submitted its recommendation to the CoP (which will not be challenged). Here is an overview:
▶️ITRE: lead
▶️IMCO: exclusive competencies on Art 7 and 9 & shared competencies on Art 4, 8, 21, 22 and 25-40 ▶️LIBE: shared competencies Art 41(5)
https://twitter.com/BertuzLuca/status/1639177097531850752
… That's a natural tension between the legitimate need to build and experiment (or if you're a suit, "innovate"), and legitimate policy needs like privacy and security.
We're seeing that play out right now, in the EU Cyber Resilience Act legislation debates. #CRA
3/3
HT @EDPS @OpenForumEurope
Another review is not enough by itself,
to hold the CRA accountable for its unfair targeting of Muslim organizations.
We are calling for an immediate suspension of the Agency's Review and Analysis Division pending the conclusion of the review and implementation of systemic reforms.
Things cannot go on as they have.
It is time to stop systemic Islamophobia in our institutions.
| #CRA #CanadaRevenueAgency #RAD #Canada #Islamophobia #Muslim #cdnpoli #NCCM
“An internal report prepared for Canada Revenue Agency suggests many Canadians believe ordinary people are subject to one set of rules on paying their taxes while wealthy individuals and corporations are held to a different standard.”
The EU might effectively ban the development of free software, including Linux - by introducing mandatory bureaucracy for software development in the "cyber resilience act".
See: https://blog.nlnetlabs.nl/open-source-software-vs-the-cyber-resilience-act/
#EU #FreeSoftware #OpenSource #FLOSS #Linux #Software #Development #CRA
Canadians Believe Canada Revenue Agency Goes Too Easy on Wealthy Tax Dodgers, Internal CRA Report Says
Experts say CRA needs more auditors and resources to crack down on ‘complex’ tax schemes run by corporations and wealthy tax dodgers
by @llebrun via @pressprogress
#CdnPoli #CRA #FairTax
https://pressprogress.ca/canadians-believe-canada-revenue-agency-goes-too-easy-on-wealthy-tax-dodgers-internal-cra-report-says/?__s=rhstafiki2afq4pacd86&utm_source=drip&utm_medium=email&utm_campaign=Passage+Digest+-+2023+-+March+21+-+Members&utm_content=Canada+Was+Involved
A very worrying development in the latest #CRA compromise is that the EU will now demand that products ship "without known vulnerabilities" <period>. The previous draft spoke about "without known *exploitable* vulnerabilities", which was a lot better. https://berthub.eu/articles/posts/eu-cra-practicalities/
[RAPPEL] Manif contre les LRA et les CRA au LRA de Choisy
samedi 18 à 14h, Créteil Pompadour
https://www.agendamilitant.org/Manif-contre-les-LRA-et-les-CRA-au-LRA-de-Choisy.html #abaslescra #CRA #LRA
[URGENT] Manif contre les LRA et les CRA au LRA de Choisy
samedi 18 à 14h, Créteil Pompadour
https://www.agendamilitant.org/Manif-contre-les-LRA-et-les-CRA-au-LRA-de-Choisy.html #abaslescra #CRA #LRA
Who won and lost with the Canada Emergency Response Benefit
#Canada #Economy #CERB #COVID19 #COVID19Pandemic #Win #Lose #VulnerableCitizens #CRA #Workers #GigWorkers
https://the-14.com/who-won-and-lost-with-the-canada-emergency-response-benefit/
Helder stukje over de aankomende EU Cyber Resilience Act #CRA & waarom de gedachte goed is, maar de uitvoering voorlopig niet (vind ik dan):
https://www.agconnect.nl/artikel/cyber-resillience-act-volgende-fase-ondanks-grote-kritiek
BSI fordert bessere IT-Sicherheit für Verbraucher | heise online https://www.heise.de/news/BSI-fordert-bessere-IT-Sicherheit-fuer-Verbraucher-7545818.html #CyberResilienceAct #CRA #CyberCrime #Phishing @bsi
BREAKING: We have long been asking for the CRA's Review and Analysis Division,
Or RAD,
To be suspended pending a fulsome review of the CRA's unfair targeting of Muslim organizations.
Yet another review for systemic racism at the CRA is simply not enough.
The RAD needs to be suspended, period,
Until the review is finished and recommendations made.
We will continue to call for the suspension of the RAD and its work.
| #CRA #CanadaRevenueAgancy #Muslim #Canada #cdnpoli #SenCA #NCCM
Intelligence watchdog investigating CRA following Islamophobia claims | CBC News https://bit.ly/3mOYipk #NSIRA #CRA #Islamophobia #NationalRevenue #terrorism #cdnpoli @cdnpoli
Check out my previous weekend project on the Cyber Resilience Act and the readability of policy files:
---
RT @gregoiregaonach
Cyber Resilience Act Annotated.
Based on data mining, and simple algorithms, I have created an automatically annotated version of the #CRA.
🔗 https://go.gregoiregaonach.eu/cra
https://twitter.com/GregoireGaonach/status/1574440105787461640
Flight: #WZZ1LM
Reg: HA-LYJ
ICAO: #471F85
Callsign: #WIZZAIR
Wizz Air Hungary - AIRBUS A320-232 🇭🇺
#CRA to #LTN
Speed: 729 kmh
Alt: 10973 m
Dist: 9.0 km
∆: 50.6°
->: WNW
Track: http://globe.adsbexchange.com/?icao=471F85&lat=50.983&lon=4.447&zoom=10.5&showTrace=2023-03-13
Seen: 1st x
http://bit.ly/3wpU8Fg
Réunion publique de l'assemblée d'IDF contre les CRA
mercredi 15 à 19h, CICP, Paris
https://www.agendamilitant.org/Reunion-publique-de-l-assemblee-d-IDF-contre-les-CRA-2387.html #CRA
Dear Dutch software & hardware companies: The ministry of Economic Affairs will hold an online meeting on the upcoming EU Cyber Resilience Act on Thursday 23rd of March. The #CRA is guaranteed to impact your company. The meeting is in Dutch, but I share this news in English for maximum reach. If you want an invite to the meeting, please let me know (bert@hubertnet.nl) and I'll send over the details (or contact the ministry directly). Meanwhile, for all about the act: https://berthub.eu/articles/posts/eu-cra-secure-coding-solution/
Flight: #WZZ1LM
Reg: HA-LYK
ICAO: #471F86
Callsign: #WIZZAIR
Wizz Air Hungary - AIRBUS A320-232 🇭🇺
#CRA to #LTN
Speed: 706 kmh
Alt: 11590 m
Dist: 9.5 km
∆: 50.7°
->: WNW
Track: http://globe.adsbexchange.com/?icao=471F86&lat=50.983&lon=4.447&zoom=10.5&showTrace=2023-03-08
Seen: 8x
http://bit.ly/3wpU8Fg
Flight: #WZZ84YK
Reg: HA-LYK
ICAO: #471F86
Callsign: #WIZZAIR
Wizz Air Hungary - AIRBUS A320-232 🇭🇺
#CRA to #BHX
Speed: 671 kmh
Alt: 10973 m
Dist: 6.9 km
∆: 57.8°
->: WNW
Track: http://globe.adsbexchange.com/?icao=471F86&lat=50.983&lon=4.447&zoom=10.5&showTrace=2023-03-07
Seen: 7x
http://bit.ly/3wpU8Fg
@dymaxion The Swedish presidency in the EU certainly went from concerning to fiasco quickly. https://berthub.eu/articles/posts/eu-cra-secure-coding-solution #ChatControl #CRA
Le Monde
« Les centres de rétention sont devenus des lieux de violations systématiques des droits et d’atteintes graves à la dignité humaine »
CRA investigating or firing 10 employees who received CERB benefits though employed | Ottawa Citizen https://bit.ly/3ye5Kg4 #CRA #CERB #Termination #cdnpoli @cdnpoli
Flight: #WZZ84YK
Reg: 9H-WAN
ICAO: #4D2422
Callsign: #WIZZAIR
Wizz Air Hungary - AIRBUS A320 271NSL 🇭🇺
#CRA to #BHX
Speed: 786 kmh
Alt: 11575 m
Dist: 3.1 km
∆: 75.2°
->: WNW
Track: http://globe.adsbexchange.com/?icao=4D2422&lat=50.983&lon=4.447&zoom=10.5&showTrace=2023-03-04
Seen: 5x
http://bit.ly/3wpU8Fg
@streetpress a visité le centre de rétention administratif du Mesnil-Amelot
#Retenus #CRA #ConditionsIndignes #France
"À côté de l’aéroport Paris CDG, des exilés sont enfermés dans le centre de rétention du Mesnil-Amelot en attendant d’être expulsés. Le mois dernier, la Cimade, seule asso sur place, s’est retirée pour dénoncer les conditions indignes des retenus."
Infomigrants
"Ils étaient les seuls à nous aider" : au Mesnil-Amelot, les migrants désemparés après le départ de La Cimade
France TV Info
"Le droit n’est pas respecté" : pourquoi les Centres de rétention administrative français sont pointés du doigt par une association de défense des étranger
Parliamentary work on the Cyber Resilience Act is finally starting!
📅 IMCO deadline for AMs: 26 April
📅 IMCO vote: 28-29 June
📅 ITRE vote: September (TBC)
Recommended read: A(nother) sobering take on the #CRA legislation proposed in the EU and the harm it could do to #OpenSource, by @mmilinkov https://eclipse-foundation.blog/2023/02/23/cyber-resilience-act-good-intentions-and-unintended-consequences/
Agencies that use a cryptic language in their correspondence to you 🤑
There is something materially wrong with the #CRA #CanadaRevenueAgency. My father passed and it’s still taking time to resolve Trillium payout. First I owe so I pay, then I don’t so here’s a cheque. Then I have to pay, but a different amount so I pay. Now I’m getting a refund. All after a year in a half. #WTF #Cdnpoli #Canada #Taxes
« On a dépassé une ligne rouge. On n’est pas censé voir ces profils en CRA », souligne Julie Aufaure. Depuis, le juge des libertés et de la détention a d’ailleurs confirmé l’irrégularité de ces placements au #CRA.
---
RT @rachelknaebel
La France s’obstine à vouloir expulser Afghans, Iraniens et Syriens en toute illégalité, par @maia_courtois https://basta.media/la-france-s-obstine-a-vouloir-expulser-afghans-iraniens-et-syriens-en-to…
https://twitter.com/rachelknaebel/status/1630193146356269056
I have a 3500 word draft blog post on the new EU's Cyber Resilience Act that could really do with some more proofreading/fact checking by experts. If you are about the #CRA & want to help (thanks!), please hit me up in DM or bert@hubertnet.nl - thanks!
Any other fellow-Canadian-people having an issue with their CRA website partner sign-in not working?
I'm tryna file my faxes and the bank login I've been using for years keeps throwing an error. "Can not decrypt your saved card".
#taxes #canada #intuit #turbotax #ontario #cra #responsiblecitizen #taxymctaxface
Reading "Cyber Resilience Act: Good Intentions and Unintended Consequences" by Mike Milinkovich of
@EclipseFdn
#OpenSource #FreeSoftware #FOSS #CRA
https://eclipse-foundation.blog/2023/02/23/cyber-resilience-act-good-intentions-and-unintended-consequences/
"Europe’s Cyber Resilience Act was developed with the best of intentions. ... However, the #CRA legislation (along with the companion revisions to the Product Liability Directive) in its current form will have enormous negative effects on both the #OpenSource community and the European economy."
Proprietary software is made in secret and only goes (somewhat) public on sale. Open source software is made in public from the start.
So rules that assume they are dealing with consumer-facing products because the product is public will discriminate unnecessarily against #OpenSource production.
Let's fix that in the #CRA and wider #policy.
https://the.webm.ink/fixing-the-cra-for-open-source
Après les mobilisations d'aujourd'hui contre les #CRA : mobilisations partout en France le #4mars contre la loi #Darmanin !
Pour #Tours, lieu et heure à venir !
#NoBorders #NoNations #StopDeportations
#RefugeesWelcome #AbolishICE #defundFRONTEX
Whenever you receive an E-Mail from the Canada Revenue Agency #CRA telling you to check your online account because they have sent you a new email, their website is guaranteed to be offline. Because they have "hours of service" and "hours of disservice".
It's like 1922, but online.
#Canada #Government
New Cyber Resilience Act (partial) compromise:
---
RT @bertuzluca
#CRA: The 🇸🇪 Presidency shared a new compromise to be discussed at the Cyber Working Party on Wednesday, introducing a significant rethinking of the critical and highly critical categories.
https://www.euractiv.com/section/cybersecurity/news/eu-council-reconsiders-critical-products-in-new-cybersecurity-law/
https://twitter.com/BertuzLuca/status/1625190458300239885
It was nice to have European Commission folks at #FOSDEM to discuss #EU legislative proposals (#PLD and #CRA). Kudos to Benjamin Bögel (#DGCNECT) and Omar Ennija (#DGGROW).
https://fosdem.org/2023/schedule/event/cyber_resilience/
However I fell from my chair when I heard things like "commercial is a well understood legal concept". On what planet?
Tax season is barely just getting started in Canada, but that's no impediment to a #spam campaign targeting Canadian taxpayers with #phishing links. In just a few days in January, we received hundreds of examples of #malspam purporting to originate with the Canada Revenue Agency (or #CRA).
Many of the messages shared distinctive characteristics with one another, like the use of oddly placed Trademark and Registered symbols in both the From: and Subject: headers. #Sophosxops #threatintel #ioc 1/9
https://fosdem.org/2023/schedule/event/cyber_resilience/
That was really eye-opening.
The good news: the European Commission knows that Open-Source Software is a thing.
The bad news: they write proposals for new regulations knowing it will hurt open-source development.
E.g. they don't get that "commercial" is not a useful way to create an exception for open-source software.
Panel discussion! Everyone appreciates legislative intent. Legislators appreciate #oss and don't want to overburden the community. Let's see where the discussion goes.... @fosdem #digitaleurope #cra #productliability
very good policy work by @nlnetlabs on the #CRA, just presented in Janson at #FOSDEM
Another TIL... TIL that create-react-app is effectively a dead project, having had no merges in months. And its maintainers agree. Wow.
I'm really glad I recommended Vite over CRA for a project at work a month or two ago.
"The CRA presumes that the only barrier to shipping secure software is a lack of organizational will, which it mandates via regulation. This might be an issue with some commercial products, but a lack of will on the part of its maintainers is hardly the biggest obstacle to improving the security of open source in general."
https://www.isc.org/blogs/2023-cyber-resilience-act-comment/
"We are deeply concerned that the #CRA could fundamentally alter the social contract which underpins the entire open source ecosystem: OSS provided for free, for any purpose, which can be modified and further distributed for free, but without warranty or liability to the authors, contributors, or open source distributors. Legally altering this arrangement through legislation can reasonably be expected to cause unintended consequences to the innovation economy in Europe"
Excellent post @mmilinkov!
I went through the #CRA and the comments on the @EU_Commission site (https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13410-Cyber-resilience-act-new-cybersecurity-rules-for-digital-products-and-ancillary-services_en) and I concur with your analysis. I'm concerned about it as an individual passionate about #OpenSource, a CEO of a start-up and as a member of the board of director at TDF as it does affect also @libreoffice.
While better security for Open Source software is desirable it is also important to exempt or find ways to support small projects comply with the CRA.
The Eclipse Foundation has studied the Cyber Resilience Act and is very worried about the implications for open source foundations.
@jens
I'm pretty concerned about the Cyber Resilience Act, which has a positively intended but ambiguously worded open source exception. @osi will be engaging.
References:
https://blog.nlnetlabs.nl/open-source-software-vs-the-cyber-resilience-act/
https://www.internetsociety.org/blog/2022/10/the-eus-proposed-cyber-resilience-act-will-damage-the-open-source-ecosystem/
I've gotten a number of requests for help this week from victims of fraud. One involves a known data breach but I don't see where the entity offered people any dark web monitoring services or anything. This person has already had multiple fraudulent accounts opened using old info on her and she definitely needs some help. They tell me that Experian won't even tell them how many fraudulent accounts have been opened.
Is there any firm that offers any free assistance to ID theft victims in monitoring to see if their name/creds shows up on dark web/forums, marketplaces, etc.?
🇪🇺 Tomorrow 6 December @OpenForumEurope is hosting a community discussion on the #EU Cyber Resilience Act #CRA from 17:00-18:00 CET.
💬 There will be a panel discussion with people from 6 #OpenSource organizations and 1 proprietary software corporation, followed by open discussions.
:opensource: The event will be hosted on BigBlueButton; send me a DM if you are interested in the link.
My piece on the proposed EU "Cyber-Resiliency Act" in which much internet and critical software and hardware sold anywhere in the EU would have to have a "CE" mark, and meet mandatory standards (eg submission of a software bill of materials). IMHO _huge_ implications for the tech sector (tech giants, mobile device manufacturers) and for innovation (eg open source software) in the EU. Public comment period is open until January.... #innovation #EU #digital #technology #CRA https://www.irishtimes.com/business/innovation/2022/12/01/cyber-resilience-act-signals-big-change-in-commercial-software-development/
