France says facial recognition company Clearview breached privacy law

By Mathieu Rosemain 

PARIS (Reuters) - France's data privacy watchdog CNIL has ordered Clearview AI, a facial recognition company that has collected 10 billion images worldwide, to stop amassing and using data from people based in the country.

In a formal demand disclosed on Thursday, the CNIL stressed that Clearview's collection of publicly-available facial images on social media and the Internet had no legal basis and breached European Union rules on data privacy.

The regulator said the software company, which is used as a search engine for faces to help law enforcement and intelligence agencies in their investigations, failed to ask for the prior consent of those whose images it collected online.

"These biometric data are particularly sensitive, notably because they are linked to our physical identity (what we are) and allow us to be identified in a unique way," the authority said in a statement.

It added that the New York-based firm failed to give those concerned proper access to their data, notably by limiting access to twice a year, without justification, and by limiting this right to data racked up during the 12 months before any request.

Clearview did not immediately reply to a request for comment.

EU law provides for citizens to seek the removal of their personal data from a privately-owned database. The CNIL said Clearview had two months to abide by its demands or it could face a sanction.

The decision follows several complaints, among them one by advocacy group Privacy International. It follows a similar order by its Australian peer, which told Clearview to stop collecting images from websites and destroy data collected in the country.

The U.K. Information Commissioner's Office, which worked with the Australians on the Clearview investigation, also said last month it intended to fine Clearview 17 million pounds ($22.59 million) for alleged breaches of data protection law.

($1=0.7526 pounds)

(Reporting by Mathieu Rosemain)

The Log4j security flaw could impact the entire internet. Here's what you should know

A critical flaw in widely used software has cybersecurity experts raising alarms and big companies racing to fix the issue.

© 207766680/cendeced - stock.adobe.com

By Jennifer Korn 

The vulnerability, which was reported late last week, is in Java-based software known as "Log4j" that large organizations use to configure their applications -- and it poses potential risks for much of the internet.

Apple's cloud computing service, security firm Cloudflare, and one of the world's most popular video games, Minecraft, are among the many services that run Log4j, according to security researchers.

Jen Easterly, head of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), called it "one of the most serious flaws" seen in her career. In a statement on Saturday, Easterly said "a growing set" of hackers are actively attempting to exploit the vulnerability.

As of Tuesday, more than 100 hacking attempts were occurring per minute, according to data this week from cybersecurity firm Check Point.

"It will take years to address this while attackers will be looking... on a daily basis [to exploit it]," said David Kennedy, CEO of cybersecurity firm TrustedSec. "This is a ticking time bomb for companies."

Here's what you should know:

What is Log4j and why does it matter?

Log4j is one of the most popular logging libraries used online, according to cybersecurity experts. Log4j gives software developers a way to build a record of activity to be used for a variety of purposes, such as troubleshooting, auditing and data tracking. Because it is both open-source and free, the library essentially touches every part of the internet.

"It's ubiquitous. Even if you're a developer who doesn't use Log4j directly, you might still be running the vulnerable code because one of the open source libraries you use depends on Log4j," Chris Eng, chief research officer at cybersecurity firm Veracode, told CNN Business. "This is the nature of software: It's turtles all the way down."

Companies such as Apple, IBM, Oracle, Cisco, Google and Amazon, all run the software. It could present in popular apps and websites, and hundreds of millions of devices around the world that access these services could be exposed to the vulnerability.

Are hackers exploiting it?

Attackers appear to have had more than a week's head start on exploiting the software flaw before it was publicly disclosed, according to cybersecurity firm Cloudflare. Now, with such a high number of hacking attempts happening each day, some worry the worst is to yet come.

"Sophisticated, more senior threat actors will figure out a way to really weaponize the vulnerability to get the biggest gain," Mark Ostrowski, Check Point's head of engineering, said Tuesday.

Late Tuesday, Microsoft said in an update to a blog post that state-backed hackers from China, Iran, North Korea and Turkey have tried to exploit the Log4j flaw.


Why is this security flaw so bad?

Experts are especially concerned about the vulnerability because hackers can gain easy access to a company's computer server, giving them entry into other parts of a network. It's also very hard to find the vulnerability or see if a system has already been compromised, according to Kennedy.

In addition, a second vulnerability in Log4j's system was found late Tuesday. Apache Software Foundation, a nonprofit that developed Log4j and other open source software, has released a security fix for organizations to apply.


How are companies are trying to address the issue?

Last week, Minecraft published a blog post announcing a vulnerability was discovered in a version of its game -- and quickly issued a fix. Other companies have taken similar steps.

IBM, Oracle, AWS and Cloudflare have all issued advisories to customers, with some pushing security updates or outlining their plans for possible patches.

"This is such a severe bug, but it's not like you can hit a button to patch it like a traditional major vulnerability. It's going to require a lot of time and effort," said Kennedy.

For transparency and to help cut down on misinformation, CISA said it would set up a public website with updates on what software products were affected by the vulnerability and how hackers exploited them.


What can you do to protect yourself?

The pressure is largely on companies to act. For now, people should make sure to update devices, software and apps when companies give prompts in the coming days and weeks.


What's next?

The US government has issued a warning to impacted companies to be on high alert over the holidays for ransomware and cyberattacks.

There is concern that an increasing number of malicious actors will make use of the vulnerability in new ways, and while large technology companies may have the security teams in place to deal with these potential threats, many other organizations do not.

"What I'm most concerned about is the school districts, the hospitals, the places where there's a single IT person who does security who doesn't have time or the security budget or tooling," said Katie Nickels, Director of Intelligence at cybersecurity firm Red Canary. "Those are the organizations I'm most worried about -- small organizations with small security budgets."

Kronos ransomware attack could impact employee paychecks and timesheets for weeks

Ultimate Kronos Group, one of the largest human resources companies, disclosed a crippling ransomware attack on Monday, impacting payroll systems for a number of workers. After noticing "unusual activity" on Saturday, Kronos noted that its systems were down and could remain that way for several weeks.

By Jennifer Korn 

Kronos has a long list of notable customers across the public and private sector, including the city of Cleveland, New York's Metropolitan Transportation Authority (MTA), Tesla and MGM Resorts International. It also works with many hospitals across the country.

Some employers find themselves having to make contingency plans in order to pay workers, such as shifting to paper checks. And some impacted employees have been unable to access payroll systems.

The ransomware attack impacts Kronos Private Cloud solutions, a data storing entity for several of the company's services, including UKG Workforce Central, which is used by employees to track hours and schedule shifts.

"UKG recently became aware of a ransomware incident that has disrupted the Kronos Private Cloud, which houses solutions used by a limited number of our customers. We took immediate action to investigate and mitigate the issue, have alerted our affected customers and informed the authorities, and are working with leading cybersecurity experts," a Kronos spokesperson told CNN Business.

"We recognize the seriousness of the issue and have mobilized all available resources to support our customers and are working diligently to restore the affected services," the spokesperson added.

It is still possible in most cases to log hours on the offline Kronos timesheet system, though it is unclear when these systems will come back online.

"[E]very employee will get paid for every hour they work. We have complete confidence that we will be able to determine how many hours employees work and pay them for those hours and we continue to ask employees to keep time the way they always have," MTA spokesperson Tim Minton told CNN Business.

News of the ransomware incident came after a security flaw in widely used software across the internet, called Log4j, was made public late last week, opening the door in many companies' systems to hackers. Kronos has not confirmed that the ransomware attack is linked to the Log4j vulnerability and did not respond to CNN Business's request for comment on a possible connection.

A separate banner on Kronos' website, which was not part of the HR company's specific messaging on the ransomware attack, warned about the potential impact of the Log4j vulnerability and noted that the company had "invoked emergency patching processes" to address it.

In addition to the potential payroll issues, there's also data privacy concerns. The city of Cleveland said in a statement Monday that Kronos alerted it that sensitive information may have been compromised in the attack. Employee names, addresses and the last four digits of social security numbers may have been stolen by the hackers inside Kronos's network.

In an FAQ page on its site about the security incident, Kronos said its "investigation is ongoing, and we are working diligently to determine whether customer data has been compromised."

AMERIKAN OLIGARCH
Ousted McDonald's CEO returns $105M after misconduct

Former McDonald’s CEO Steve Easterbrook has paid back more than $105 million in equity awards and cash to the burger giant after it learned that he had lied about the extent of his misconduct while he was its top executive.

© Provided by The Canadian Press

“During my tenure as CEO, I failed at times to uphold McDonald’s values and fulfill certain of my responsibilities as a leader of the company,” Easterbrook said in a prepared statement issued Thursday by McDonald’s. “I apologize to my former co-workers, the board and the company’s franchisees and suppliers for doing so.”

McDonald’s fired Easterbrook in late 2019 after he acknowledged exchanging videos and text messages in a non-physical, consensual relationship with an employee. At the time of his firing, Easterbrook told the company there were no other similar instances and an inspection of his cell phone seemed to back that up. McDonald’s board approved a separation agreement “without cause” that allowed Easterbrook to keep tens of millions in stock-based benefits and other compensation.

Then, in July 2020, the company received an anonymous tip from an employee claiming that Easterbrook had engaged in a sexual relationship with another employee. After an investigation, McDonald’s confirmed that relationship as well as two other physical, sexual relationships with employees in the year before it fired its top executive. The company said Easterbrook had removed evidence of those relationships from his phone.

McDonald’s board sued Easterbrook in August 2020, saying it wouldn’t have terminated him without cause if it had known the extent of his misconduct. The company sought the return of equity awards granted in 2018 and 2019, since Easterbrook’s separation agreement made clear he would forfeit those if the company determined he had engaged in “detrimental conduct.”

The settlement announced Thursday holds Easterbrook accountable and affirms the board’s decision to pursue the case, McDonald’s Chairman Enrique Hernandez Jr. said in a prepared statement.

“The resolution avoids a protracted court process and allows us to move forward,” Hernandez said.

The action against Easterbrook came amid a larger reckoning at the company over sexual harassment in its ranks. Over the last five years, at least 50 workers have filed charges against the company, alleging physical and verbal harassment and, in some cases, retaliation when they came forward.

In October 2019 __ a month before Easterbrook was fired __ McDonald’s introduced a new harassment training program for its 850,000 U.S. employees, but franchisees weren’t required to provide it.

McDonald’s went further this spring, saying it will mandate worker training to combat harassment, discrimination and violence in its restaurants starting next year. The training will be required for 2 million workers at 39,000 stores worldwide.

Dee-ann Durbin, The Associated Press

THEY KNOW ITS  PONZI

The Russian central bank is gearing up to ban investment in cryptocurrencies, report says
insider@insider.com (Carla Mozée)

© Jack Taylor/Getty Images Jack Taylor/Getty Images
Russia's central bank is looking to prohibit investment in cryptocurrencies, Reuters reported Thursday.
The Bank of Russia is talking with market players and experts about the possible ban.
The ban could be applied to new cryptocurrency transactions but not prior ones.

Russian central bank officials are working on prohibiting cryptocurrency investment to tame financial stability risks that it sees from an increase in crypto transactions, Reuters reported Thursday.

The Bank of Russia is talking with market players and experts about the possible ban, the report said, citing two unnamed financial market sources close to the central bank.

One source said the ban may apply to new purchases of crypto assets but not prior transactions. Another source close to the central bank said its current position is a "complete rejection" of all cryptocurrencies.

The Bank of Russia, in reply to a Reuters request for comment, said it was preparing an advisory report to voice its stance on the issue. It didn't mention any specifics.

The increasing popularity of cryptocurrencies has raised concerns about financial stability, Central Bank First Deputy Governor Ksenia Yudaeva said earlier this month. The annual volume of crypto transactions carried out by Russians is about $5 billion, the central bank says, according to the report.

Russia for years has spoken against cryptocurrencies, saying the digital assets could be used to launder money or finance terrorism. The country in 2020 gave them legal status but banned them from being used as a means of payment, the report said.

A Russian crypto ban would follow China's. In September, Beijing declared all cryptocurrency transactions illegal amid an escalating crackdown on the sector.

Still, the crypto market has boomed this year as more institutional and retail investors jump in. Its valuation had risen to $3 trillion for the first time but has since pulled back about $2.3 trillion.

CRIMINAL CAPITALI$M 

Terry Glavin: Canada makes 'a start' in cleaning up its money-laundering mess

It was just another darkly amusing local story that didn’t attract much attention. Or at least it didn’t attract the kind of scrutiny it would have, had Vancouver not already richly earned its reputation as a money-laundering hub for international swindlers, drug dealers and well-connected high rollers who have helped turn Canada’s Pacific coast into one of the most absurdly overpriced real estate markets in the world.

© Provided by National Post Canada has earned a global reputation for being an offshore bolthole for dubiously earned and circuitously stashed money, writes Terry Glavin.

Last month, a local investigation by an independent media organization called Coastal Front revealed that a freedom-of-information request it filed a year earlier had obliged the City of Vancouver to disgorge 750 pages of documents showing that between 2012 and January of this year, city officials had accepted nearly 2,000 payments totalling $13.1 million for everything from property tax payments to municipal cemetery plots — all in stacks of cash.

In one case, back in 2014, a tax bill was paid with a big bag containing $47,000. In 2017, city staff accepted a property-tax payment of $44,463, all in cash. Each of the 1,905 payments recorded in the documents exceeded $5,000.

There was no rule requiring staff to ask a bag carrier for identification. There was no regulation requiring staff to report any of the weird transactions to anyone. There was no bylaw requiring a record of the payments to be passed on to the Financial Transactions and Reports Analysis Centre of Canada, known as Fintrac — Canada’s financial intelligence unit.

It was only two years ago when city councillor Melissa De Genova brought a motion banning cash transactions in excess of $10,000 — the reporting threshold Fintrac requires of casinos, banks and real estate companies — that Vancouver took any notice. De Genova had learned of the bags-of-cash payment method only after she was approached one day by a man carrying a shopping bag stuffed with stacks of cash who asked her for directions to the office in city hall where people pay their tax bills.

In another little-noticed story reported only three weeks ago — this one illustrative of the global reputation Canada has earned for itself as an offshore bolthole for dubiously earned and circuitously stashed money — filings in federal court by Fintrac and the Canada Border Services Agency outline a complex operation that appears to have moved more than $80 million from China via Hong Kong to the principals behind a Markham, Ont., startup that alternatively described itself as a tourism promotion venture, a property investment fund and a money-transfer firm.

That story , reported by the investigative journalist Sam Cooper, author of the bestselling Wilful Blindness: How a Network of Narcos, Tycoons and CCP Agents Infiltrated the West — begins with questions about how Zhang Guanqun, a 19-year-old foreign student attending a small college in Vancouver’s suburbs, managed to purchase a $2 million mansion shortly after arriving in Canada in 2012 with only $23,800 to his name.

Why Canada's money-laundering problem is far bigger than we think

B.C. money laundering inquiry hears plea for whistleblower protections

The allegations surrounding the ultimate source of Zhang’s fortune should be taken with a grain of salt, since they’re outlined in a “Ponzi scheme” fraud case involving bilked Chinese investors brought by the Chinese Communist Party’s notoriously untrustworthy Public Security Bureau. But the proximate source of the money was Zhang’s parents, the main players in that odd Markham enterprise.

Among the cast of characters in the story is Xin (Richard) Zhou, a former fundraising co-chair of the federal Liberal Party, community organizer for Prime Minister Justin Trudeau’s 2015 election campaign and “community outreach” worker for former Ontario premier Kathleen Wynne. In the court case involving Zhang’s parents, Fintrac noted Zhou’s suspicious account activity — with a stated income of $26,000, Zhou’s account showed transactions involving several million dollars, including a transfer of $2,999,985 from Zhang.

So it’s all very intriguing, but why it matters is that last year the federal Criminal Intelligence Service released what it called a “National Criminal Intelligence Estimate on the Canadian Criminal Marketplace: Money Laundering and Fraud” that reckoned the amount of dirty money making its way into Canadian real estate and other ventures at perhaps $133 billion annually.

In British Columbia, the Cullen Inquiry into money laundering has concluded after two years of lurid evidence detailing the way hundreds of millions of dollars has flowed from drug kingpins and dodgy “whale gamblers” from China into B.C.’s real estate and luxury vehicle markets via provincially-regulated casinos — hockey bags full of cash, in many instances captured by CCTV cameras. The inquiry is scheduled to release its final report next May. But this is not just a British Columbia phenomenon. It’s countrywide, and Canada’s place is dropping on Transparency International’s global corruption rankings.

The Trudeau government has made a series of commitments flowing from U.S. President Joe Biden’s Summit for Democracy, convened in Washington last week. Titled “Summit for Democracy 2021 Submission and Commitments: Canada,” the document outlining those commitments gives the distinct impression that its authors were instructed to avoid addressing any of the real-world threats to democracy that have crippled, perhaps fatally, the “rules-based international order” the Trudeau government has consistently claimed to champion.

In meeting the global threats to democracy posed by belligerent and hostile police states and authoritarian regimes like China and Russia, the world’s democracies are being called on to clean up their own acts. Shutting down big-money boltholes and laundering schemes run by gangsters, kleptocrats and the cronies of the world’s dictators has emerged as central to the summit’s agenda.

Ottawa’s commitments “represent a broader resolve by Canada to strengthen democracy,” the document claims, and they will be implemented “as part of a year of action in consultation with stakeholders, including civil society.” Most of the Trudeau government’s promises are not new, and it still won’t be until 2025 that Ottawa expects to have a “beneficial ownership” registry in place. A publicly accessible registry would reveal the real owners behind all the shell outfits and numbered companies operating in Canada. But at least that Canadian commitment has been made in the presence of more than 100 countries invited to the summit. That’s something.

“At least it’s a start,” James Cohen, executive director of Transparency Canada International, told me. “It’s a start.”

National Post

Exclusive-Shareholder group pressures U.S. banks to drop fossil fuels faster


By Ross Kerber and Elizabeth Dilts Marshall

© Reuters/NICK OXFORD FILE PHOTO: Pump jacks operate at sunset in Midland

(Reuters) - Climate-focused investors are calling on the major U.S. banks to quickly scale back their financing of new fossil fuel development, saying current commitments by the banks to curb global emissions are not enough.

The investors have filed resolutions to try to bring the matter to shareholder votes at the annual meetings of the banks in 2022, according to documents seen by Reuters.

Banks receiving the resolutions include the nation's six largest by asset size -- JPMorgan Chase & Co, Bank of America, Wells Fargo & Co, Citigroup Inc, Morgan Stanley and Goldman Sachs Group Inc.

All six have already committed to curbing global emissions. The resolutions from members of the Interfaith Center on Corporate Responsibility (ICCR) go further, effectively seeking an immediate end to the financing of new fossil fuel development in line with calls this year from global watchdog the International Energy Agency.

Representatives for JPMorgan, Citigroup, Morgan Stanley, and Goldman Sachs declined to comment. Representatives from Bank of America did not respond to questions for this article.

A Wells Fargo representative declined to comment on the resolution but noted other climate-focused steps the bank has taken such as planning $500 billion in financing for sustainable businesses and projects by 2030.

"We're basically saying to banks that you've made those commitments, now you need to put in place the policies to achieve those commitments," said Jonas Kron, chief advocacy officer for one of the filers, Trillium Asset Management. Others include the Sierra Club Foundation and Mercy Investment Services.

Additional resolutions ask Bank of America and Citigroup to report on how a dire climate forecast could cause some assets to face premature devaluation, such as underground oil and gas reserves.

There is no guarantee the resolutions will come up for a vote. The banks will decide in coming weeks whether to accept the resolutions for inclusion in their proxy statements, or whether to seek regulators' permission to leave them aside.

Resolution sponsors account for just a small share of the total of $4 trillion managed by ICCR members, and a fraction of the banks' total market capitalizations.

But ICCR members often win backing from top investment funds for their proposals such as a call for a workforce diversity report that won support from more than 80% of votes cast at Union Pacific in May. Supporters included top asset manager BlackRock Inc.

Meanwhile banks have been receptive to some investor outreach. ICCR members withdrew all of the half-dozen resolutions they filed at top banks for spring 2021 meetings after receiving commitments like a target from Bank of America to reach net-zero emissions from its financing activities by 2050.

Many banks this year also signed up to the United Nations-backed Net-Zero Banking Alliance, committing to align their lending with targets to reach net-zero emissions by 2050 at the latest. But that is not as fast as the International Energy Agency has recommended.

"Everybody inside and outside the banks understands the direction of travel here. The only question is how quickly that can happen," said Ivan Frishberg, chief sustainability officer for union-affiliated Amalgamated Bank, who serves on a steering group for the banking alliance.

(Reporting by Ross Kerber in Boston and Elizabeth Dilts Marshall in New York; Editing by Greg Roumeliotis and Lisa Shumaker)

RIGHT TO WORK, VOTER SUPPRESSION Sources: Rivian to build $5B electric truck plant in Georgia

ATLANTA (AP) — Electric vehicle maker Rivian Automotive will announce Thursday that it's building a $5 billion battery and assembly plant east of Atlanta that's projected to employ 7,500 workers, sources briefed on the decision told The Associated Press.

Rivian, based in Irvine, California, is a startup manufacturer of electric trucks and commercial delivery vans, challenging both established automakers like Ford and General Motors and electric vehicle leader Tesla.

The plant could grow to as many as 10,000 workers, sources said, which would make it among the largest auto assembly complexes in the United States, rivaled by behemoths such as the 11,000-worker BMW complex in Spartanburg, South Carolina, and Ford Motor Co.’s 8,600-worker plant in Louisville, Kentucky.

Rivian will be the largest industrial announcement in Georgia history, surpassing the 4,400-worker Kia complex that opened in West Point in 2009. Georgia has had a number of failed auto plant recruitments. Rivian will give Georgia Gov. Brian Kemp another point to bolster his claims that he has been an excellent steward of Georgia's economy, even as faces Republican and Democratic challengers when he runs for reelection next year.

The city of Fort Worth, Texas, offered Rivian a $440 million incentive package to lure the plant during the summer, while published reports indicate Rivian also considered sites in Arizona and Michigan.

Rivian told Fort Worth its plant would make 200,000 vehicles per year, with workers paid at least $56,000 a year.

The Atlanta Journal-Constitution was the first to report Rivian's decision.

Founder and CEO Robert Scaringe told Bloomberg Television in November that the ability to recruit good workers was the most important factor in the decision. Rivian's existing plant in Normal, Illinois, like most auto plants that have opened in recent decades, is not unionized.

Georgia officials are unlikely to detail the full incentive package offered to Rivian on Thursday, but the company could max out what Georgia calls its “mega project tax credit,” for companies that hire at least 1,800 people or invest at least $450 million. That could be worth $118 million in state income tax credits. Local governments are likely to abate property taxes.

Kia got more than $450 million in incentives for its plant southwest of Atlanta. Georgia has promised $300 million of incentives to the $2.6 billion, 2,600-worker battery plant being built by SK Innovation in Commerce, Georgia, northeast of Atlanta.

Rivian, like Tesla, deals with its customers directly instead of through dealers. Its arrival in Georgia could prompt the state to loosen a law that mostly prohibits manufacturers from selling directly.

Rivian currently plans two models for consumers — the R1T pickup with a base price of $67,500 and the R1S SUV, with a base price of $70,000. The truck was recently named Motor Trend’s 2022 truck of the year.

Amazon, which owns a slice of the company, has ordered 100,000 delivery vans, launching Rivian into the commercial vehicle business.

Rivian is flush with cash following a $11.9 billion stock offering Nov. 10 that took the company public, allowing it to finance the new plant. Its market value is nearly $95 billion, more than either General Motors or Ford.

The company argues that electric vehicle adoption is at the “tipping point” and it is well positioned for success because trucks and SUVs have long been the most profitable vehicles sold. But some analysts question whether it needs another plant besides the former Mitsubishi plant in Illinois, that Rivian bought for $16 million in 2017. Rivian says it has a yearly capacity of 150,000 vehicles, but is looking to expand there as well.

"It seems like it might be a little premature to invest that much in another large plant just yet,” said Sam Abuelsamid, principal mobility analyst for Guidehouse Insights, who said Rivian also may be looking for a manufacturing site in Europe.

Given the size of the Georgia plant, Abuelsamid expects it to make other parts for the vehicles, similar to electric vehicle leader Tesla making seats at its factory in Fremont, California.

Rivian has cash in the bank, but will burn through that quickly unless it starts delivering vehicles and generating cash, jeopardizing its market darling status, Abuelsamid said. The company needs more retail customers and commercial vehicle buyers other than Amazon, he said.

“If actual deliveries don’t start picking up, the markets could turn against them as they have with some other EV startups not called Tesla,” Abuelsamid said. “Unlike Tesla, Rivian will be facing serious competition in a much shorter time frame than the near- decade head start that Tesla had.”

Ford and GM plan to start selling their own electric pickup trucks in the next year or two, while Tesla also plans a new pickup. That's part of a wave of electric vehicle investment, with SK's $5 billion battery plant northeast of Atlanta just one example. Ford announced in September it would spend $11.4 billion to build three battery factories and an assembly plant in Kentucky and Tennessee.

The LMC Automotive consulting firm expects U.S. sales of new fully electric vehicles to hit nearly 400,000 this year, nearly double last year’s figures. But they still make up only about 2.6% of sales. The firm expects sales to grow to more than 730,000 next year and more than 2 million by 2025. Even at 2 million, EV sales still would be only about 12% of U.S. new vehicle sales.

___

Associated Press auto writer Tom Krisher in Detroit contributed to this report.

Jeff Amy, The Associated Press

Latin American oil auctions kick off after two-year lull

By Marianna Parraga and Sabrina Valle

© Reuters/PILAR OLIVARES FILE PHOTO: A worker walks inside the Brazil's Petrobras P-66 oil rig in the offshore Santos Basin in Rio de Janeiro

HOUSTON (Reuters) - Latin America's oil frontiers are back in the spotlight with auctions coming up in Brazil, Guyana and the Andean region that are expected to attract bids from major oil firms despite a global call to end fossil fuel development.

© Reuters/ANDREA DE SILVA FILE PHOTO: The installations of an oil refinery operated by state-run Petrotrin are seen in Point-a-Pierre

Brazil is set to receive bids on Friday for offshore oil reserves that analysts say are some of the most promising to ever come to market. In other countries in the region, more flexible bidding and fiscal terms have piqued the interest of oil companies after a two-year bidding lull.

© Reuters/LUC COHEN FILE PHOTO: Vessels carrying supplies for an offshore oil platform operated by Exxon Mobil are seen at the Guyana Shore Base Inc wharf on the Demerara River south of Georgetown

Latin America has been the source of some of the largest oil and gas finds this century, but several governments postponed or canceled auctions in 2019 and 2020 because of weak oil prices and falling demand due to the coronavirus pandemic.

Now, the rebound in energy prices this year coupled with a sense of urgency about getting oil and gas reserves out of the ground before the world shifts to renewable energy mean development projects are back on the agenda.

"The last two years have been hard for the region," said Andres Armijos, the Latin America chief at energy consultancy Welligence. "There is now the message that time is running out."

The International Energy Agency, whose members are mostly rich oil-importing nations, said in May that investors should not fund https://reut.rs/3yu1vwe any new oil and gas projects if they want to achieve net zero emissions by 2050.

© Reuters/Andrea De Silva FILE PHOTO: A view of a drilling rig and distant production platform in the Soldado Field off Trinidad's southwest coast

"Companies are undoubtedly being more selective," Rodolfo Saboia, the head of Brazil's oil regulator, told Reuters, saying many firms wanted to develop projects that could deliver returns fast, rather than the mega oil ventures of old.

Altogether, seven Latin American countries are looking to secure additional investment over the next two years by offering new blocks, and pushing legal and tax reforms that could give producers larger and faster returns.

Welligence Vice President Andre Fagundes said the region's improved development terms would remain key for luring bidders.



ONLY FOR BIG PLAYERS

Eleven companies including Exxon Mobil Corp, Royal Dutch Shell and Equinor have signed up to participate in Brazil's auction on Friday.

The government expects to collect almost $2 billion in licensing fees and a portion of production.

In 2022, Brazil plans to strengthen its auctions by adding the coveted offshore pre-salt oil areas where most of its crude now comes from to an existing system that permanently offers numerous blocks.

Still, analysts said companies may have to pick and chose among Brazil, Suriname and Guyana for offshore oilfields - some of which are up for auction for the first time - due to the high levels of investment required.

An Exxon-led consortium has found 10 billion barrels of recoverable oil and gas off Guyana, and there could be double that in the basin that extends to Suriname, Exxon Senior Vice President of Exploration and New Ventures Mike Cousins said last week at a Houston energy conference.

"There will be competition among countries, but each one has its virtues," said Brazil's Saboia. "The energy transition will take time and companies want to secure supply in the meantime."



BUOYANT COMPETITION

Colombia kicked off the new auction wave earlier this year with its 2021 Round, which was a surprise success https://reut.rs/3dT0JQ2

 It received bids in December for 30 onshore and offshore blocks, which is expected to move it one step closer to energy self-sufficiency.

"Since the price crash of 2002-2003, Colombia has made regulatory reforms, created the ANH (National Hydrocarbons Agency) and introduced new contract models. 660 contracts have been signed since then," ANH President Armando Zamora said at the World Petroleum Congress (WPC) last week.

Days after Colombia accepted the bids, Trinidad and Tobago offered 17 deepwater blocks and announced two more oil auctions for exploration and production rights would be held next year in for onshore https://reut.rs/3dWt1t2 and shallow water areas.

Over the next two years, Ecuador will hold also a series of auctions https://reut.rs/3GNfccK to allocate oil blocks and look for a private operator for the nation's largest state-owned refinery, hoping to land $19 billion in investments and to boost oil output.

On the table in Ecuador will be three offshore blocks in the Gulf of Guayaquil including the vast Amistad gas field; the mature Sacha oilfield; and another five onshore areas - as well as the second phase of the Intracampos onshore oil round.

Peru, meanwhile, is drafting legislation to revamp its royalty model https://reut.rs/3yAbXST for the oil industry and regulate the influence of energy projects over communities, which have created obstacles for foreign investment and oil rounds.

"Peru is getting ready to offer a round of contracts in the north for oil and gas exploration and production," Energy Minister Eduardo Gonzalez said at the WPC.

The country also is planning to ramp up production in the prolific natural gas regions of Camisea in the Amazon Rainforest and Aguaytia, following projects for new distribution lines.

(Reporting by Marianna Parraga and Sabrina Valle in Houston; Additional reporting by Alexandra Valencia in Quito and Marcelo Rochabrun in Lima; Editing by David Clarke)

Harris announces Biden administration's new lead pipe and paint removal effort

By Kevin Liptak and Kate Sullivan, CNN 

Vice President Kamala Harris on Thursday announced a new administration push to eliminate lead from water pipes and homes in the next decade using billions in new funding allocated through the new bipartisan infrastructure law.

WASHINGTON, DC - OCTOBER 12: Vice President Kamala Harris delivers remarks to the National Congress of American Indians 78th Annual Convention, in the Eisenhower Executive Office Building on October 12, 2021 in Washington, DC. Harris spoke on how the Biden-Harris Administration is helping tribal nations through the the President's Budget, the Bipartisan Infrastructure Deal, the Build Back Better Agenda, and the American Rescue Plan. (Photo by Kevin Dietsch/Getty Images)

"Here's the truth, and it's a hard truth: Millions of people in our country, many of them children, are still exposed to lead every day," Harris said at the American Federation of Labor and Congress of Industrial Organizations in Washington.

The vice president said many parents across the country have told her they were worried "that every time they turned on the faucet to give their child a glass of water that they may be filling that glass with poison."

"The science is clear about what drinking water from a lead pipe can do to the human body," Harris said. "For adults, it can cause an increase in blood pressure and decreased kidney function. In children, it can severely harm mental and physical development. It can stunt growth, slow down learning and cause irreparable damage to the brain."

Through the administration's new Lead Pipe and Paint Action Plan, agencies will take a number of steps meant to remove the toxic metal from places where people live, work or go to school. Harris said the push would focus on communities that have "historically been left out or left behind."

The Environmental Protection Agency will begin the process of writing new regulations that would protect communities from lead in drinking water; the Department of Labor will form technical assistance hubs to fast-track removal projects with union workers; agencies will commit to removing lead service lines and paint in federally assisted housing; and a new Cabinet group will focus on lead removal in schools and child care facilities.

Harris said up to 10 million American households and 400,000 schools and child care centers could be exposed to lead through service lines or other fixtures. Low-income communities, and communities of color, are disproportionately affected.

The administration is allocating $15 billion from the bipartisan infrastructure law for lead service line replacements at the EPA through the Drinking Water State Revolving Fund. It will also allocate an additional $11.7 billion in state revolving funding, which is funding administered by a state to provide low-interest loans for investing in water and sanitation infrastructure.

The EPA will allocate $3 billion of this $15 billion to states, tribes and territories to replace lead pipes next year, Harris said. The EPA is also launching a new regulatory process to protect communities from lead in drinking water.

When the drinking water for the city of Flint, Michigan, was contaminated in 2014 it put a national spotlight on the issue of lead in drinking water. The water contamination in Flint lasted for years, and many advocates say race and poverty factored into how Flint wasn't adequately protected.

The US Department of Treasury will clarify that the $350 billion for the State and Local Fiscal Recovery Fund that was in the emergency Covid-19 relief bill, known as the American Rescue Plan, can be used to replace lead service lines as well as lead faucets and fixtures.

The EPA and Department of Labor will establish regional technical assistance hubs to help fast track lead pipe removals in coordination with labor unions and local water agencies. The Department of Housing and Urban Development will also award grants in low-income communities to remove lead paint and other home health hazards.

The administration also outlined billions of dollars in funding in the President's Build Back Better bill, which passed the House but faces an uncertain path in the Senate, that will go toward this goal.

White House unveils plan to replace every lead pipe in the U.S.

Josh Lederman 

WASHINGTON — President Joe Biden promised his infrastructure proposal would replace every lead pipe in the country. Now the White House says it has a plan to deliver, despite a significant funding gap.

© Provided by NBC News

The administration’s plan for lead pipes and paints, unveiled by Vice President Kamala Harris in a speech Thursday, illustrates how officials are hoping to cobble together enough money to meet Biden’s goal through sources like the infrastructure law, Covid relief funding and the president’s stalled Build Back Better bill.

As many as 10 million U.S. households, schools and care facilities get their drinking water through lead pipes, and each pipe can cost thousands of dollars to replace. Lead poisoning can cause serious health problems, especially for children, whose physical and mental development can be severely affected.

The amount of funding at Biden’s disposal may determine whether the president can deliver on an issue that has come to symbolize how infrastructure shortfalls have disproportionately put low-income and minority communities at risk, especially in the wake of water crises in Flint, Mich., and Newark, N.J.

Senior administration officials briefing reporters ahead of Harris’ speech insisted they have sufficient resources to replace within a decade what they estimated were between 6 million and 10 million lead pipes and service lines. The exact number is unknown.

Replacing all of them could cost more than $60 billion, according to an estimate from the American Water Works Association, which represents water suppliers.

Biden initially sought $45 billion from Congress to complete the task. In the end, Biden got only $15 billion for lead pipes as part of the bipartisan infrastructure bill he signed into law last month.

Earlier in the year, Biden had cast the project as an economic win, saying it would “put plumbers and pipefitters to work.”

“It’s going to replace 100 percent of the nation’s lead water pipes so that every child and every American could turn on the faucet at home or at school and drink clean water,” Biden said in June.

The White House plan says the administration intends to augment the $15 billion from the infrastructure law with another $15 billion for pipes and paint in the Build Back Better Act, Biden’s domestic spending package that’s currently stalled in the Senate after passing the House in a largely party-line vote.

Senate Democrats are struggling to get everyone on their side of the aisle behind the $1.7 trillion bill, with moderate Sen. Joe Manchin, D-W.Va., balking over the price tag and economic effects of another massive surge in federal spending.

The White House plan for lead pipes and paints also counts on states deciding to use their share of a $350 billion pot of money from the American Rescue Plan, a Covid-relief stimulus bill passed in March, on removing lead pipes. On Thursday, the Treasury Department is expected to publicly clarify that states, territories and tribes may use that funding for lead pipes. Still, the administration can’t force states to use it for that purpose, and it’s likely much of it has already been spent on other projects.

Harris announced the strategy during a visit to AFL-CIO headquarters, just down the street from the White House on Black Lives Matter Plaza.

“There is no reason in the 21st century for why people are still exposed to this substance that was poisoning people back in the 18th century,” Harris said. She added that more than half of American children under six are at risk of lead exposure.

In a parallel step to accelerate the replacement of dangerous old pipes, the Environmental Protection Agency is expected to announce Thursday it will put forth new, stronger regulations on drinking water and lead and copper pipes, senior administration officials said.

Rep. Debbie Dingell, D-Mich., said her suburban Detroit district has at least 10,000 lead service lines, and possibly twice that number.

“I’ve had parents come up to me with tears in their eyes, worried for the wellbeing of their children because there is lead in the school’s water,” Dingell said. “This is unacceptable.”

EPA details push to tighten rules for lead in drinking water

WASHINGTON (AP) — The Biden administration took steps Thursday aimed at reducing lead in drinking water, announcing plans to release $2.9 billion in infrastructure bill funds next year for lead pipe removal and impose stricter rules to limit exposure to the health hazard.

Vice President Kamala Harris made the case for the administration’s push to eliminate every lead service line in the country, reiterating the administration's pledge that the effort would create jobs across the country and begin to undo the harm pollution has caused in poor, often minority communities.

“The challenge that we face is, without any question, great. Lead is built into our cities. It is laid under our roads and it is installed in our homes," Harris said in remarks at AFL-CIO headquarters in Washington.

The White House estimates between 6 million and 10 million U.S. households and 400,000 schools get water through lead service lines, which connect buildings to the water main and can leach particles of the neurotoxin into drinking water and potentially cause severe developmental and neurological issues — especially when consumed by children. In recent years, the risks facing cities with lead service lines have come into focus, most notably after the Flint, Michigan, water crisis.

The administration estimates 24 million homes are at risk of having lead paint, which can pose significant health risks even when absorbed at low levels.

While the EPA considers how to strengthen the nation's lead-in-water rules, it will allow the previous Trump administration’s overhaul of lead regulations to move forward, officials said Thursday. The Biden EPA's requirements are expected to be finalized by 2024, and would require the replacement of remaining lead drinking water pipes “as quickly as is feasible."

“The science on lead is settled — there is no safe level of exposure and it is time to remove this risk to support thriving people and vibrant communities,” said EPA administrator Michael Regan in a statement.

Some environmental advocates were lukewarm to the administration’s announcement, saying the 10-year goal for replacing lead lines and other provisions were vague on commitments and detail.

“The top priority must be to require removal of all lead pipes within the decade and to set a strict at-the-tap standard, which is the only way to prevent another generation of kids from drinking water through what is essentially a lead straw,” said Erik Olson, senior strategic director of health at the Natural Resources Defense Council. "Good intentions won’t be enough to get the job done,” he added.

John Rumpler, senior attorney with Environment America, called the administration’s plans “long-overdue and an indispensable step toward securing safe water.” He also said the EPA should set a 10-year deadline to replace lead service lines, as New Jersey did in July.

At a Thursday briefing, deputy White House national climate adviser Ali Zaidi acknowledged the difficulty of locating and mapping out lead lines, which can be hard to assess in older cities and towns.

“A little bit of this ... is mapping the topography of the mountain as we’re starting to climb it,” Zaidi said. “We have to go out there, we have to collect the data. There are communities around the United States where we do not know where the pipes are.”

The White House also has plans to commit $5 billion for the removal of lead-based paint in Democrats' $2 trillion social and environmental package. That bill remains stalled in the Senate.

The Trump-era rule said public water systems should replace 3% of their lead service lines each year if lead levels exceed 15 parts per billion. That rate is lower than the previous 7% standard established in 1991, but Trump administration officials said at the time that the rule eliminated loopholes that allowed water systems to avoid removing pipes and would actually make the replacement process faster.

But environmental groups were critical, saying it allowed removal to happen too slowly.

The Trump administration also set requirements to ensure water systems prevent lead in pipes from corroding into drinking water. And it revamped lead testing to make sure the samples water systems use in testing come from water sitting in lead pipes instead of near the faucet — a move that experts say could push lead level results higher for many utilities around the country.

The Biden EPA said it is considering ways to strengthen key parts of the regulation, including the 15 parts-per-billion threshold,

Congress approved $15 billion for lead service line replacement in the infrastructure bill — about a third less than what the White House and water experts say it would cost to replace them nationally.

Administration officials spoke about additional efforts being taken to limit lead exposure, including more childhood surveillance testing for lead exposure by the Centers for Disease Control and Prevention and grants from the Department of Housing and Urban Development to remove lead paint in public housing. The Treasury Department is also announcing that surplus COVID-19 relief funds can be used for lead service line replacement projects.

“There is no reason in the 21st century for why people are still exposed to this substance that was poisoning people back in the 18th century,” Harris said.

___

Phillis contributed from St. Louis.

___

The Associated Press receives support from the Walton Family Foundation for coverage of water and environmental policy. The AP is solely responsible for all content. For all of AP’s environmental coverage, visit https://apnews.com/hub/environment

Suman Naishadham And Michael Phillis, The Associated Press