Facebook is using its vast legal muscle to silence one of its most prominent critics.
The Real Facebook Oversight Board, a group established last month in response to the tech giant’s failure to get its actual Oversight Board up and running before the presidential election, was forced offline on Wednesday night after Facebook wrote to the internet service provider demanding the group’s website — realfacebookoversight.org — be taken offline.
The group is made up of dozens of prominent academics, activists, lawyers, and journalists whose goal is to hold Facebook accountable in the run-up to the election next month. Facebook’s own Oversight Board, which was announced 13 months ago, will not meet for the first time until later this month, and won’t consider any issues related to the election.
In a letter sent to one of the founders of the RFOB, journalist Carole Cadwalladr, the ISP SupportNation said the website was being taken offline after Facebook complained that the site was involved in “phishing.”
[…]
It’s unclear what evidence Facebook presented to support its claim that RFOB was operating a phishing website.
Typically, ISPs have a dispute resolution process in place that allows the website operator to challenge the allegations. This process can normally take months and ultimately result in a court order being obtained to take a site offline. In this case, there was no warning given.
[…]
Facebook had previously forced another website the group set up — realfacebookoversight.com — offline over alleged copyright infringement.
Facebook denied that it was responsible for the website being taken offline. “This website was automatically flagged by a vendor because it contained the word “facebook” in the domain and action was taken without consulting with us,” a spokesperson told VICE News.
But, an email from the ISP, SupportNation, sent to the Real Facebook Oversight Board and viewed by VICE News, links to a message from the original complainant sent in the early hours of Friday morning after the website was taken offline.
The message tells SupportNation that “notices of trademark abuse/trademark infringement were sent out in error.” The message comes from what appears to be a Facebook email address.
Facebook said that while normally the ISP would confirm requests like this with Facebook first but “in this instance that did not happen.” A spokesperson added that the message to SupportNation was sent by “a generic email address used by the vendor.”
John Taylor, a spokesperson for Facebook’s actual Oversight Board told VICE News that the takedown wasn’t something it was “aware of or had any involvement in.” Taylor added that the group doesn’t “think this is a constructive approach. We continue to welcome these efforts and contributions to the debate.”
On Wednesday night, Facebook spokesperson Andy Stone responded to Cadwalladr’s post, saying: “Your fake thing that accuses us of fake things was caught in our thing to prevent fake things.”
Stone did not immediately respond to requests for comment to clarify what he meant by “fake things” in these instances.
“The most extraordinary thing about this whole affair is how it’s exposed the total Trumpification of Facebook’s corporate comms,” Cadwalladr told VICE News. “There is a brazen shamelessness at work here. It’s not just that a company that has used ‘free speech’ as a protective cloak would go after our ISP and drive us off the internet but that its official spokesman responds to such criticism by attacking and trolling journalists.”
The UK’s privacy watchdog has wrapped up its probe into Cambridge Analytica, saying it found no hard evidence to support claims the controversial biz used data scrapped from people’s Facebook profiles to influence the Brexit referendum nor the US 2016 presidential election. There was no clear evidence of Russian involvement, either.
However, the UK’s privacy watchdog acts in the interests of the UK and so it may be in their best interest to say: nothing to see here, carry on please…
In a letter [PDF] this month to Julian Knight – chairman of Parliament’s Digital, Culture and Media and Sport Select Committee – the Information Commissioner’s Office detailed the findings of its investigation, having gone through 700TB and more than 300,000 documents seized from the now-defunct company.
Crucially, the watchdog said Cambridge Analytica pretty much dealt with information and tools that anyone could have purchased or used if they had the right budget and know-how: there were no special techniques nor hacking. Its raison d’etre – profiling voters to target them with influential ads – was achieved by tapping into Facebook’s highly problematic Graph API at the time, via a third-party quiz app people were encouraged to use, and downloading data from their profile pages and their friends’ pages.
Facebook subsequently dynamited its overly leaky API – the real scandal here – to end any further such slurpage, was fined half a million quid by the ICO, and ordered to cough up $5bn by America’s consumer protection regulator, the FTC. If Cambridge Analytica achieved anything at all, it was blowing the lid off Facebook’s slipshod and cavalier approach to safeguarding netizens’ privacy.
Information Commissioner Elizabeth Denham’s team characterized Cambridge Analytica, and its related outfit SCL Elections, as a bit of a smoke-and-mirrors operation that lacked the sort of game-changing insight it sold to clients, who were told they could use the database of Facebook addicts to micro-target particular key voters with specific advertising to swing their political opinion in one direction or another.
“In summary, we concluded that SCL/CA were purchasing significant volumes of commercially available personal data (at one estimate over 130 billion data points), in the main about millions of US voters, to combine it with the Facebook derived insight information they had obtained from an academic at Cambridge University, Dr Aleksandr Kogan, and elsewhere,” the ICO wrote. Kogan and his company Global Science Research (GSR) was tasked with harvesting 87 million Facebook users’ personal data from the aforementioned quiz app.
“In the main their models were also built from ‘off the shelf’ analytical tools and there was evidence that their own staff were concerned about some of the public statements the leadership of the company were making about their impact and influence.”
El Reg has heard on good authority from sources in British political circles that Cambridge Analytica’s advertised powers of online suggestion were rather overblown and in fact mostly useless. In the end, it was skewered by its own hype, accused of tangibly influencing the Brexit and presidential votes on behalf of political parties and campaigners using Facebook data. Yet, no evidence could be found supporting those claims.
On Brexit, the ICO reckoned Cambridge Analytica just had information on Americans from the social network:
It was suggested that some of the data was utilised for political campaigning associated with the Brexit Referendum. However, our view on review of the evidence is that the data from GSR could not have been used in the Brexit Referendum as the data shared with SCL/Cambridge Analytica by Dr Kogan related to US registered voters.
Cambridge Analytica did appear to do a limited amount of work for Leave.EU but this involved the analysis of UKIP membership data rather than data obtained from Facebook or GSR.
For what it’s worth, the ICO observed that a Canadian outfit called AggregateIQ, which was closely linked to Cambridge Analytica, was recruited by pro-Brexit campaigners to target adverts at British Facebook users.
And on the US elections, we’re told a database of voters was assembled from Facebook records, and that “targeted advertising was ultimately likely the final purpose of the data gathering but whether or which specific data from GSR was then used in any specific part of campaign has not been possible to determine from the digital evidence reviewed.”
And as for Russia: “We did not find any additional evidence of Russian involvement in our analysis of material contained in the SCL / CA servers we obtained,” the ICO stated, adding that this is kinda outside its remit and something for the UK’s National Crime Agency to probe.
Were Cambridge Analytica still around, we imagine some details of the report would be a little embarrassing. Alas, it shut down all operations (sort of) back in 2018.
Their models were also built from ‘off the shelf’ analytical tools and there was evidence that their own staff were concerned about some of the public statements the leadership of the company were making about their impact and influence
The ICO report noted how Cambridge Analytica was probably also less than honest with the sales pitches it made to both the Trump and Leave EU campaigns, overstating the amount of data it had collected.
“SCL’s own marketing material claimed they had ‘Over 5,000 data points per individual on 230 million adult Americans’,” the ICO noted. “However, based on what we found it appears that this may have been an exaggeration.”
The company was also taken to task for poor data practices that, even had the political marketing stuff not blown up in public, likely would have landed it in hot water with the ICO.
While Cambridge Analytica may be gone and the ICO investigation concluded, Denham also warned that the tools and techniques it claimed could tip elections are not going away, and are likely to be used in the very near future… and may even work this time.
“What is clear is that the use of digital campaign techniques are a permanent fixture of our elections and the wider democratic process and will only continue to grow in the future,” the commissioner wrote. “The COVID-19 pandemic is only likely to accelerate this process as political parties and campaigns seek to engage with voters in a safe and socially distanced way.”
Europe’s top court has delivered another slap-down to indiscriminate government mass surveillance regimes.
In a ruling today the CJEU has made it clear that national security concerns do not exclude EU Member States from the need to comply with general principles of EU law such as proportionality and respect for fundamental rights to privacy, data protection and freedom of expression.
However the court has also allowed for derogations, saying that a pressing national security threat can justify limited and temporary bulk data collection and retention — capped to ‘what is strictly necessary’.
While threats to public security or the need to combat serious crime may also allow for targeted retention of data provided it’s accompanied by ‘effective safeguards’ and reviewed by a court or independent authority.
#ECJ: Judgment in cases C-511/18 La Quadrature du Net, C-512/18 French Data Network, C-520/18 Ordre des barreaux francophones et germanophone and C-623/17 Privacy International pic.twitter.com/eB95ymLyCt
The reference to the CJEU joined a number of cases, including legal challenges brought by rights advocacy group Privacy International to bulk collection powers baked into the UK’s Investigatory Powers Act; a La Quadrature du Net (and others’) challenge to a 2015 French decree related to specialized intelligence services; and a challenge to Belgium’s 2016 law on collection and retention of comms data.
Civil rights campaigners had been eagerly awaiting today’s judgements from the Grand Chamber, following an opinion by an advisor to the court in January which implied certain EU Member States’ surveillance regimes were breaching the law.
At the time of writing key complainants had yet to issue a response.
Of course a government agency’s definition of how much data collection is ‘strictly necessary’ in a national security context (or, indeed, what constitutes an ‘effective safeguard’) may be rather different to the benchmark of civil rights advocacy groups — so it seems unlikely this ruling will be the last time the CJEU is asked to clarify where the legal limits of mass surveillance lie.
3) For instance it is huge that the Court says that while States have the possibility to order general retention of data in some exceptional cases, this decision “must be subject to effective review by a court or an independent administrative body WHOSE DECISION IS BINDING”…
Additionally, the judgement raises interesting questions over the UK’s chances of gaining a data protection adequacy agreement from the European Commission — as it leaves the EU in 2021 at the end of the brexit transition process this year — something it needs for digital data flows from the EU to continue uninterrupted as now.
The problem is the UK’s Investigatory Powers Act (IPA) gives government agencies broad powers to intercept and retain digital communications — but here the CJEU is making it clear that such bulk powers must be the exception, not the statutory rule.
So, again, a battle over definitions could be looming…
[…]
Another interesting component of today’s CJEU judgement suggests that in EU states with indiscriminate mass surveillance regimes there could be grounds for overturning individual criminal convictions which are based on evidence obtained via such illegal surveillance.
On this, the court writes in a press release: “As EU law currently stands, it is for national law alone to determine the rules relating to the admissibility and assessment, in criminal proceedings against persons suspected of having committed serious criminal offences, of information and evidence obtained by the retention of data in breach of EU law. However, the Court specifies that the directive on privacy and electronic communications, interpreted in the light of the principle of effectiveness, requires national criminal courts to disregard information and evidence obtained by means of the general and indiscriminate retention of traffic and location data in breach of EU law, in the context of such criminal proceedings, where those persons suspected of having committed criminal offences are not in a position to comment effectively on that information and evidence.”
Update: Privacy International has now responded to the CJEU judgements, saying the UK, French and Belgian surveillance regimes must be amended to be brought within EU law.
In a statement, legal director Caroline Wilson Palow said: “Today’s judgment reinforces the rule of law in the EU. In these turbulent times, it serves as a reminder that no government should be above the law. Democratic societies must place limits and controls on the surveillance powers of our police and intelligence agencies.
“While the Police and intelligence agencies play a very important role in keeping us safe, they must do so in line with certain safeguards to prevent abuses of their very considerable power. They should focus on providing us with effective, targeted surveillance systems that protect both our security and our fundamental rights.”
The body tasked with oversight of the IRS announced in a letter that it will investigate the agency’s use of location data harvested from ordinary apps installed on peoples’ phones, according to a copy of the letter obtained by Motherboard.
The move comes after Senators Ron Wyden and Elizabeth Warren demanded a formal investigation into how the IRS used the location data to track Americans without a warrant.
“We are going to conduct a review of this matter, and we are in the process of contacting the CI [Criminal Investigation] division about this review,” the letter, signed by J. Russell George, the Inspector General, and addressed to the Senators, reads. CI has a broad mandate to investigate abusive tax schemes, bankruptcy fraud, identity theft, and many more similar crimes. Wyden’s office provided Motherboard with a copy of the letter on Tuesday.
In June, officials from the IRS Criminal Investigation unit told Wyden’s office that it had purchased location data from a contractor called Venntel, and that the IRS had tried to use it to identify individual criminal suspects. Venntel obtains location data from innocuous looking apps such as games, weather, or e-commerce apps, and then sells access to the data to government clients.
A Wyden aide previously told Motherboard that the IRS wanted to find phones, track where they were at night, use that as a proxy as to where the individual lived, and then use other data sources to try and identify the person. A person who used to work for Venntel previously told Motherboard that Venntel customers can use the tool to see which devices are in a particular house, for instance.
The IRS’ attempts were not successful though, as the people the IRS was looking for weren’t included in the particular Venntel data set, the aide added.
But the IRS still obtained this data without a warrant, and the legal justification for doing so remains unclear. The aide said that the IRS received verbal approval to use the data, but stopped responding to their office’s inquiries.
Facebook Chief Revenue Officer David Fischer said Tuesday that the economic models that rely on personalized advertising are “under assault” as Apple readies a change that would limit the ability of Facebook and other companies to target ads and estimate how well they work.
The change to Apple’s identifier for advertisers, or IDFA, will give iPhone users the option to block tracking when opening an app. It was originally planned for iOS 14, the version of the iPhone operating system that was released last month. But Apple said last month it was delaying the rollout until 2021 “to give developers time to make necessary changes.”
Fischer, speaking at a virtual Advertising Week session Tuesday, spoke about the changes after being asked about Facebook’s vulnerability to the companies that control mobile platforms, such as Apple and Google, which runs Android.
Fischer argued that though there’s “angst and concern” about the risks of technology, personalized and targeted advertising has been essential to help the internet grow.
“The economic model that not just we at Facebook but so many businesses rely on, this model is worth preserving, one that makes content freely available, and the business that makes it run and hum, is via advertising,” he said.
“And right now, frankly, some of that is under assault, that the very tools that entrepreneurs, that businesses are relying on right now are being threatened. To me, the changes that Apple has proposed, pretty sweeping changes, are going to hurt developers and businesses the most.”
Apple frames the change as preserving users’ privacy, rather than as an attack on the advertising industry, and has been promoting its privacy features as a core reason to get an iPhone. It comes as consumers are increasingly wary about their online privacy following scandals with various companies, including Facebook.
For years, you may recall that we would write about the insane nature of forum shopping for patent trolls, in which the trolls would flock to the federal courts in East Texas. Going back nearly 15 years, we wrote about how East Texas courts became grand central for patent troll cases, leading to all sorts of sketchy behavior. There are a bunch of empty office buildings setup in small Texas cities (mainly Marshall and Tyler) just to “pretend” to have offices there. Companies engaged in many patent cases started to try to suck up to residents of those small cities, in case they might be on a jury. TiVo literally bought a “Grand Champion Steer” just weeks before a jury was set to rule on a massive TiVo trolling case. Samsung threw so much money at the local “Stagecoach Days” event that it was renamed “Samsung Stagecoach Days,” and built a Samsung ice rinkright next to the courthouse in Marshall.
For years, people pressured Congress to fix this mess, but instead, the Supreme Court finally stepped in, with the TC Heartland ruling, and said that the proper jurisdiction should be where defendants actually are incorporated. Of course, this seemed to have the reverse effect — as companies no longer want to be in East Texas. Apple shut down its stores there to avoid the jurisdiction.
Of course, if you thought that the judges would go quietly, you’d be wrong. It’s always felt like a few judges in East Texas loved the reputation they’d built up as being super friendly to patent trolls. For a while it was Judge T. John Ward. And when he left the bench (to become a patent lawyer, natch), Judge Rodney Gilstrap stepped into the gap he left. He even tried to ignore the Supreme Court’s TC Heartland decision (though the Federal Circuit appeals court was not impressed).
However, as Patent Progress notes, there’s a new judge vying to be at the top of the patent troll’s Christmas list, and he’s in West Texas. Judge Alan Albright, a former patent litigator, was appointed to the bench in 2018 — and he literally went on a tour to convince companies to bring patent cases in his court:
U.S. District Judge Alan Albright and attorneys who predicted last year that Waco’s federal court would become a hotbed of patent and intellectual property litigation missed their prediction just a bit.
With Albright traveling the country drumming up business and patent attorneys spreading the word that Waco’s new federal judge, a longtime patent litigator, will provide the expertise to create an efficient and welcoming environment in Waco, the response in the past year actually exceeded those predictions.
Since Albright took office in September 2018, more than 250 patent cases have been filed in the federal Western District of Texas, which includes Waco. That total eclipses the number for the previous four years combined and has made the Western District among the busiest in the country for patent cases.
The US government’s Department of Justice has won its multi-million-dollar claim to Edward Snowden’s Permanent Record book royalties as well as any future related earnings.
A federal district court in eastern Virginia this week ruled that Uncle Sam was entitled to the proceeds of Snowden’s bestseller, an estimated $5.2m, and “any further monies, royalties, or other financial advantages derived by Snowden from Permanent Record.” It can also grab Snowden’s appearance fees from 56 speeches, thought to exceed $1m.
The court came to this conclusion after deciding Snowden broke his non-disclosure agreements with the NSA and CIA. It noted the super-leaker did not offer up his book for a review by official censors nor did he clear speeches on intelligence matters with the US government as required by his employment contract from the time he worked for Uncle Sam.
“The United States’ lawsuit did not seek to stop or restrict the publication or distribution of Permanent Record,” the Dept of Justice’s spokespeople said on Thursday of the decision.
“Rather, under well-established Supreme Court precedent, Snepp v. United States, the government sought to recover all proceeds earned by Snowden because of his failure to submit his publication for pre-publication review in violation of his alleged contractual and fiduciary obligations.”
That the US government would crack down on Snowden is hardly unexpected. Officials filed suit in September 2019 to claim a cut of Snowden’s public persona on the grounds he broke his agreement with the No Such Agency by going public.
“Edward Snowden violated his legal obligations to the United States, and therefore, his unlawful financial gains must be relinquished to the government,” said Deputy Attorney General Jeffrey Rosen.
“As this case demonstrates, the Department of Justice will not overlook the wrongful actions of those who seek to betray the trust reposed in them and to personally profit from their access to classified national security information.”
Wow, apparently these employment contracts are more like permanent indenture – last I looked, Snowden wasn’t exactly in the employ of the NSA any more… in as much as he was ever as a contractor…
Facebook announced today that Messenger and Instagram are, for all intents and purposes, merging. Chat features from Messenger will become available to Instagram users, and folks on either service will be able to reach out to one another without needing to download a separate app.
“Today, we’re announcing an update to Instagram DMs by introducing a new Messenger experience on the app,” wrote Adam Mosseri and Stan Chudnovsky—the respective heads of Instagram and Messenger—in a blog post earlier today.
“People are communicating in private spaces now more than ever. More than a billion people already use Messenger as a place to share, hang out and express themselves with family and friends,” they added. “That’s why we’re connecting the Messenger and Instagram experience to bring some of the best Messenger features to Instagram—so you have access to the best messaging experience, no matter which app you use.”
Samsung brags to advertisers that “first screen ads”, seen by all users of its Smart TVs when they turn on, are 100 per cent viewable, audience targeted, and seen 400 times per TV per month. Some users are not happy.
“Dear Samsung, why are you showing Ads on my Smart TV without my consent? I didn’t agree to this in the privacy settings but I keep on getting this, why?” said a user on Samsung’s TV forum, adding last week that “there is no mention of advertising on any of their brand new boxes”.
As noted by TV site flatpanelshd, a visit to Samsung’s site pitching to advertisers is eye-opening. It is not just that the ads appear, but also that the company continually profiles its customers, using a technology called Automatic Content Recognition (ACR), which works by detecting what kind of content a viewer is watching.
Samsung’s Tom Focetta, VP Ad Sales and Operations in the US, said in an interview: “Our platform is built on the largest source of TV data from more than 50 million smart TVs. And we have amassed over 60 per cent of the US ACR footprint.” Focetta added that ACR data is “not sold, rented or distributed” but used exclusively by Samsung to target advertising.
The first screen ad unit was introduced five years ago, Focetta explained, and the company has since “added video, different types of target audience engagement, different ways to execute in terms of tactics like audience takeovers, roadblocks”. A “roadblock” is defined as “100 per cent ownership of first screen ad impressions across all Samsung TVs”. According to a Samsung support, quoted by flatpanelshd: “In general, the banner cannot be deactivated in the Smart Hub.”
Advertising does not stop there since Samsung also offers TV Plus, “a free ad-supported TV service”. Viewers are familiar with this deal, though, since ad-supported broadcasting is long established. What perturbs them is that when spending a large sum of money on TV hardware, they were unknowingly agreeing to advertising baked into its operating menu, every time they switch on.
The advent of internet-connected TVs means that viewers now divide their time between traditional TV delivered by cable or over the air, and streaming content, with an increasing share going to streaming. Viewers who have cancelled subscription TV services in favour of streaming are known as cord-cutters.
Even viewers who have chosen to watch only ad-free content do not escape. “30 per cent of streamers spend all of their streaming time in non-ad supported apps. This, however, does not mean ‘The Lost 30’ are unreachable,” said Samsung in a paper.
We’ve already covered what a ridiculous, pathetic grift the Oracle/TikTok deal was. Despite it being premised on a “national security threat” from China, because the app might share some data (all of which is easily buyable from data brokers) with Chinese officials, the final deal cured none of that, left the Chinese firm ByteDance with 80% ownership of TikTok, and gave Trump supporters at Oracle a fat contract — and allowed Trump to pretend he did something.
Of course, what he really did was hand China a huge gift. In response to the deal, state media in China is now highlighting how the Chinese government can use this deal as a model for the Chinese to force the restructuring of US tech companies, and force the data to be controlled by local companies in China. This is from the editor-in-chief of The Global Times, a Chinese, state-sponsored newspaper:
That says:
The US restructuring of TikTok’s stake and actual control should be used as a model and promoted globally. Overseas operation of companies such as Google, Facebook shall all undergo such restructure and be under actual control of local companies for security concerns.
So, beyond doing absolutely nothing to solve the “problem” that politicians in the US laid out, the deal works in reverse. It’s given justification for China to mess with American companies in the same way, and push to expose more data to the Chinese government.
Great work, Trump. Hell of a deal.
Meanwhile, the same Twitter feed says that it’s expected that officials in Beijing are going to reject the deal from their end, and seek to negotiate one even more favorable to China’s “national security interests and dignity.”
So, beyond everything else, Trump’s “deal” has probably done more to help China, and harm data privacy and protection, while also handing China a justification playbook to do so: “See, we’re just following your lead!”
The September 20 deadline for a purported TikTok sale has already passed, but the parties involved have yet to settle terms on the deal. ByteDance and TikTok’s bidders Oracle and Walmart presented conflicting messages on the future ownership of the app, confusing investors and users. Meanwhile, Beijing’s discontent with the TikTok sale is increasingly obvious.
China has no reason to approve the “dirty” and “unfair” deal that allows Oracle and Walmart to effectively take over TikTok based on “bullying and extortion,” slammed an editorial published Wednesday in China Daily, an official English-language newspaper of the Chinese Communist Party.
The editorial argued that TikTok’s success — a projected revenue of about a billion dollars by the end of 2020 — “has apparently made Washington feel uneasy” and prompted the U.S. to use “national security as the pretext to ban the short video sharing app.”
The official message might stir mixed feelings within ByteDance, which has along the way tried to prove its disassociation from the Chinese authority, a precondition for the companies’ products to operate freely in Western countries.
Beijing has already modified a set of export rules to complicate the potential TikTok deal, restricting the sale of certain AI-technologies to foreign companies. Both ByteDance and China’s state media have said the agreement won’t involve technological transfers.
The Trump administration said it would ban downloads of TikTok, which boasts 100 million users in the country, if an acceptable deal was not reached. It also planned to shut down Tencent’s WeChat, a decision that just got blocked by a district court in San Francisco.
TikTok has collected nearly 198 million App Store and Google Play installs in the U.S., while WeChat has been installed by nearly 22 million users in the U.S. since 2014, according to market research firm Sensor Tower. Unlike TikTok, which has a far-reaching user base in the U.S., WeChat is mainly used by Chinese-speaking communities or those with connections in China, where the messenger is the dominant chat app and most Western alternatives are blocked.
Four of the seven former eBay employees charged with cyberstalking a couple critical of the web auction house are scheduled to plead guilty next month.
In June, the US Justice Department charged six former staffers – director of safety and security James Baugh, 45, of San Jose, California; director of global resiliency David Harville, 48, of New York City; manager of global intelligence Stephanie Stockwell, 26, of Redwood City, California; and eBay Global Intelligence Center staffers Stephanie Popp, 32, Veronica Zea, 26, and Brian Gilbert, 51, all of San Jose – with conspiring to commit cyberstalking and tamper with witnesses.
The US Attorney’s Office of Massachusetts on Wednesday said four former eBay employees charged in that case plan to admit guilt at a video conference hearing scheduled for October 8, 2020.
A spokesperson for the USAO of Massachusetts confirmed to The Register the four individuals are Brian Gilbert, Stephanie Popp, Stephanie Stockwell, and Veronica Zea. The cases against the two most senior executives in the group, Harville and Baugh, remain ongoing; both deny the accusations.
In July, a seventh former eBay employee, former Santa Clara police captain Philip Cooke, 55, who oversaw security operations at eBay’s offices in Europe and Asia, was charged separately for alleged involvement in the harassment campaign.
The defendants are said [PDF] to have participated in a concerted effort to intimidate and silence a husband and wife team who run an ecommerce-focused newsletter and blog in a campaign last year.
[…]
it describes a harassment effort that consisted, among other things, of sending the newsletter publishers live cockroaches, the head of a fetal pig, a funeral wreath, a mask of a bloody pig’s head, and a book on surviving the loss of a spouse.
Unasked
Bloomberg suggests the recipient of that text message, “Executive 1,” is former CEO David Wenig, based on the similarity between a newsletter article quoted in the complaint, “eBay RICO Lawsuit Meant to Curb Seller Exodus to Amazon?” and an article with the same headline on the EcommerceBytes Blog that refers to Wenig.
The affidavit outlining the case cites text identical to the online article except that it replaces “eBay CEO” with “[Executive 1]”. Wenig has not been charged with any wrongdoing.
Spain’s highways agency is using bulk mobile phone data for monitoring speeding hotspots, according to local reports.
Equipped with data on customers handed over by local mobile phone operators, Spain’s Directorate-General for Traffic (DGT) may be gathering data on “which roads and at what specific kilometer points the speed limits are usually exceeded,” according to Granadan newspaper Ideal (en español).
“In fact, Traffic has data on this since the end of last year when the National Statistics Institution (INE) reached an agreement with mobile operators to obtain information about the movements of citizens,” reported the paper.
The data-harvesting agreement was first signed late last year to coincide with a national census (as El Reg reported at the time) and is now being used to monitor drivers’ speeds.
National newspaper El Paisreported in October 2019 that the trial would involve dividing Spain “into 3,500 cells with a minimum of 5,000 people in each of them” with the locations of phones being sampled continuously between 9am and 6pm, with further location snapshots being taken at 12am and 6am.
The newspaper explained: “With this information it will be possible to know how many citizens move from a dormitory municipality to a city; how many people work in the same neighbourhood where you live or in a different one; where do the people who work in an area come from, or how the population fluctuates in a box throughout the day.”
The INE insisted that data collected back then had been anonymised and was “aimed at getting a better idea of where Spaniards go during the day and night”, as the BBC summarised the scheme. Mobile networks Vodafone, Movistar, and Orange were all said to be handing over user data to the INE, with the bulk information fetching €500,000 – a sum split between all three firms.
In April the initiative was reactivated for the so-called DataCovid plan, where the same type of bulk location data was used to identify areas where Spaniards were ignoring COVID-19 lockdown laws.
“The goal is to analyse the effect which the (confinement) measures have had on people’s movements, and see if people’s movements across the land are increasing or decreasing,” Spain’s government said at the time, as reported by expat news service The Local’s Iberian offshoot.
The DGT then apparently hit on the idea of using speed data derived from cell tower pings (in the same way that Google Maps, Waze, and other online services derive average road speed and congestion information) to identify locations where drivers may have been breaking the speed limit.
The Ideal news website seemed to put the obvious fears to bed in its report of the traffic police initiative when it posed the obvious, rhetorical, question: whether drivers can be fined based on mobile data.
“The answer is clear and direct: it is not possible,” it concluded. “The DGT can only fine us through the fixed and mobile radars that it has installed throughout the country.”
While the direction of travel here seems obvious to anyone with any experience of living in a western country that implements this type of dragnet mass surveillance, so far there is little evidence of an explicit link between mobile phone data-slurping and speed cameras or fines.
Back in 2016, TfL ran a “trial” tracking people’s movements by analysing where their MAC addresses popped up within the Tube network, also hoping to use this data to get higher prices for advertising spots at busy areas inside Tube stations. Dedicated public Wi-Fi spots on train platforms is now a permanent fixture in all but a few of the London Underground stations. The service is operated by Virgin Media, which is “free” to use by customers of the four mobile network operators, but collects your mobile number at the point of signing up.
And here you can see the ease with which mission creep comes out and people start using your data for all kinds of non-related things once they have it. This is why we shouldn’t allow governments or anyone else to get their grubby little hands on it and why we should be glad that at least at EU level, data privacy is taken seriously with GDPR and other laws.
Alexander James Ashburner Nix (45), from Holland Park, West London, has signed a disqualification undertaking, accepted by the Secretary of State on 14 September 2020.
Within the undertaking, Alexander Nix did not dispute that he caused or permitted SCL Elections Ltd or associated companies to market themselves as offering potentially unethical services to prospective clients; demonstrating a lack of commercial probity.
Effective from 5 October 2020, Alexander Nix is disqualified for seven years from acting as a director or directly or indirectly becoming involved, without the permission of the court, in the promotion, formation or management of a company.
Alexander Nix was a director of SCL Elections Ltd, a company that provided data analytics, marketing and communication services to political and commercial customers. He was also a director of five other connected UK companies: SCL Group Ltd, SCL Social Ltd, SCL Analytics Ltd, SCL Commercial Ltd, and Cambridge Analytica (UK) Ltd.
From 2016, SCL Elections Ltd was included in a rebranding of associated companies which then operated under the trading names Cambridge Analytica, CA Political (Global) and CA Commercial.
SCL Elections and the five connected companies, however, ceased trading following allegations in the UK and United States media which created substantial adverse publicity.
Some of the accusations against the companies related to allegedly offering potential clients unethical services.
All six companies entered into administration in May 2018 before entering into compulsory liquidation in April 2019. The companies’ insolvencies brought them to the attention of the Insolvency Service, who conducted investigations into the conduct of the directors.
Investigators’ enquiries confirmed that Alexander Nix had caused or permitted SCL Elections or associated companies to act with a lack of commercial probity.
The unethical services offered by the companies included bribery or honey trap stings, voter disengagement campaigns, obtaining information to discredit political opponents and spreading information anonymously in political campaigns.
Mozilla recently announced that they would be dismissing 250 people. That’s a quarter of their workforce so there are some deep cuts to their work too. The victims include: the MDN docs (those are the web standards docs everyone likes better than w3schools), the Rust compiler and even some cuts to Firefox development. Like most people I want to see Mozilla do well but those three projects comprise pretty much what I think of as the whole point of Mozilla, so this news is a a big let down.
The stated reason for the cuts is falling income. Mozilla largely relies on “royalties” for funding. In return for payment, Mozilla allows big technology companies to choose the default search engine in Firefox – the technology companies are ultimately paying to increase the number of searches Firefox users make with them. Mozilla haven’t been particularly transparent about why these royalties are being reduced, except to blame the coronavirus.
I’m sure the coronavirus is not a great help but I suspect the bigger problem is that Firefox’s market share is now a tiny fraction of its previous size and so the royalties will be smaller too – fewer users, so fewer searches and therefore less money for Mozilla.
The real problem is not the royalty cuts, though. Mozilla has already received more than enough money to set themselves up for financial independence. Mozilla received up to half a billion dollars a year (each year!) for many years. The real problem is that Mozilla didn’t use that money to achieve financial independence and instead just spent it each year, doing the organisational equivalent of living hand-to-mouth.
Despite their slightly contrived legal structure as a non-profit that owns a for-profit, Mozilla are an NGO just like any other. In this article I want to apply the traditional measures that are applied to other NGOs to Mozilla in order to show what’s wrong.
These three measures are: overheads, ethics and results.
Overheads
One of the most popular and most intuitive ways to evaluate an NGO is to judge how much of their spending is on their programme of works (or “mission”) and how much is on other things, like administration and fundraising. If you give money to a charity for feeding people in the third world you hope that most of the money you give them goes on food – and not, for example, on company cars for head office staff.
Mozilla looks bad when considered in this light. Fully 30% of all expenditure goes on administration. Charity Navigator, an organisation that measures NGO effectiveness, would give them zero out of ten on the relevant metric. For context, to achieve 5/10 on that measure Mozilla admin would need to be under 25% of spending and, for 10/10, under 15%.
Senior executives have also done very well for themselves. Mitchell Baker, Mozilla’s top executive, was paid $2.4m in 2018, a sum I personally think of as instant inter-generational wealth. Payments to Baker have more than doubled in the last five years.
As far as I can find, there is no UK-based NGO whose top executive makes more than £1m ($1.3m) a year. The UK certainly has its fair share of big international NGOs – many much bigger and more significant than Mozilla.
I’m aware that some people dislike overheads as a measure and argue that it’s possible for administration spending to increase effectiveness. I think it’s hard to argue that Mozilla’s overheads are correlated with any improvement in effectiveness.
Ethics
Mozilla now thinks of itself less as a custodian of the old Netscape suite and more as a ‘privacy NGO’. One slogan inside Mozilla is: “Beyond the Browser”.
Regardless of how they view themselves, most of their income comes from helping to direct traffic to Google by making that search engine the default in Firefox. Google make money off that traffic via a big targeted advertising system that tracks people across the web and largely without their consent. Indeed, one of the reasons this income is falling is because as Firefox’s usage falls less traffic is being directed Google’s way and so Google will pay less.
There is, as yet, no outbreak of agreement among the moral philosophers as to a universal code of ethics. However I think most people would recognise hypocrisy in Mozilla’s relationship with Google. Beyond the ethical problems, the relationship certainly seems to create conflicts of interest. Anyone would think that a privacy NGO would build anti-tracking countermeasures into their browser right from the start. In fact, this was only added relatively recently (in 2019), after both Apple (in 2017) and Brave (since release) paved the way. It certainly seems like Mozilla’s status as a Google vassal has played a role in the absence of anti-tracking features in Firefox for so long.
Another ethical issue is Mozilla’s big new initiative to move into VPNs. This doesn’t make a lot of sense from a privacy point of view. Broadly speaking: VPNs are not a useful privacy tool for people browsing the web. A VPN lets you access the internet through a proxy – so your requests superficially appear to come from somewhere other than they really do. This does nothing to address the main privacy problem for web users: that they are being passively tracked and de-anonymised on a massive scale by the baddies at Google and elsewhere. This tracking happens regardless of IP address.
When I tested Firefox through Mozilla VPN (a rebrand of Mullvad VPN) I found that I could be de-anonymised by browser fingerprinting – already a fairly widespread technique by which various elements of your browser are examined to create a “fingerprint” which can then be used to re-identify you later. Firefox, unlike some other browsers, does not include any countermeasures against this.
Even when using Mozilla’s “secure and private” VPN, Firefox is trackable by browser fingerprinting, as demonstrated by the EFF’s Panopticlick tool. Other browsers use randomised fingerprints as a countermeasure against this tracking.
Another worry is that many of these privacy focused VPN services have a nasty habit of turning out to keep copious logs on user behaviour. A few months ago several “no log” VPN services inadvertently released terabytes of private user data that they had promised not to collect in a massive breach. VPN services are in a great position to eavesdrop – and even if they promise not to, your only option is to take them at their word.
Results
I’ve discussed the Mozilla chair’s impressive pay: $2.4m/year. Surely such impressive pay is justified by the equally impressive results Mozilla has achieved? Sadly on almost every measure of results both quantitative and qualitative, Mozilla is a dog.
Firefox is now so niche it is in danger of garnering a cult following: it has just 4% market share, down from 30% a decade ago. Mobile browsing numbers are bleak: Firefox barely exists on phones, with a market share of less than half a percent. This is baffling given that mobile Firefox has a rare feature for a mobile browser: it’s able to install extensions and so can block ads.
Yet despite the problems within their core business, Mozilla, instead of retrenching, has diversified rapidly. In recent years Mozilla has created:
a mobile app for making websites
a federated identity system
a large file transfer service
a password manager
an internet-of-things framework/standard
an email relay service
a completely new phone operating system
an AI division (but of course)
and spent $25 million buying the reading list management startup, Pocket
Many of the above are now abandoned.
Sadly Mozilla’s annual report doesn’t break down expenses on a per-project basis so it’s impossible to know how much of the spending that is on Mozilla’s programme is being spent on Firefox and how much is being spent on all these other side-projects.
What you can at least infer is that the side-projects are expensive. Software development always is. Each of the projects named above (and all the other ones that were never announced or that I don’t know about) will have required business analysts, designers, user researchers, developers, testers and all the other people you need in order to create a consumer web project.
The biggest cost of course is the opportunity cost of just spending that money on other stuff – or nothing: it could have been invested to build an endowment. Now Mozilla is in the situation where apparently there isn’t enough money left to fully fund Firefox development.
What now?
Mozilla can’t just continue as before. At the very least they need to reduce their expenses to go along with their now reduced income. That income is probably still pretty enormous though: likely hundreds of millions a year.
I’m a Firefox user (and one of the few on mobile, apparently) and I want to see Mozilla succeed. As such, I would hope that Mozilla would cut their cost of administration. I’d also hope that they’d increase spending on Firefox to make it faster and implement those privacy features that other browsers have. Most importantly: I’d like them to start building proper financial independence.
I doubt those things will happen. Instead they will likely keep the expensive management. They have already cut spending on Firefox. Their great hope is to continue trying new things, like using their brand to sell VPN services that, as I’ve discussed, do not solve the problem that their users have.
Instead of diversifying into yet more products and services Mozilla should probably just ask their users for money. For many years the Guardian newspaper (a similarly sized organisation to Mozilla in terms of staff) was a financial basket case. The Guardian started asking their readers for money a few years ago and seems to be on firmer financial footing since.
Getting money directly has also helped align the incentives of their organisation with those of their readers. Perhaps that would work for Mozilla. But then, things are different at the Guardian. Their chief exec makes a mere £360,000 a year.
MS Edge and Google Chrome are winning the renewed browser wars and this kind of financial playing isn’t helping Firefox, who I really want to win on ethical considerations. It’s just not helping.
Facebook has warned that it may pull out of Europe if the Irish data protection commissioner enforces a ban on sharing data with the US, after a landmark ruling by the European court of justice found in July that there were insufficient safeguards against snooping by US intelligence agencies.
In a court filing in Dublin, Facebook’s associate general counsel wrote that enforcing the ban would leave the company unable to operate.
“In the event that [Facebook] were subject to a complete suspension of the transfer of users’ data to the US,” Yvonne Cunnane argued, “it is not clear … how, in those circumstances, it could continue to provide the Facebook and Instagram services in the EU.”
Facebook denied the filing was a threat, arguing in a statement that it was a simple reflection of reality. “Facebook is not threatening to withdraw from Europe,” a spokesperson said.
“Legal documents filed with the Irish high court set out the simple reality that Facebook, and many other businesses, organisations and services, rely on data transfers between the EU and the US in order to operate their services. A lack of safe, secure and legal international data transfers would damage the economy and hamper the growth of data-driven businesses in the EU, just as we seek a recovery from Covid-19.”
The filing is the latest volley in a legal battle that has lasted almost a decade. In 2011, Max Schrems, an Austrian lawyer, began filing privacy complaints with the Irish data protection commissioner, which regulates Facebook in the EU, about the social network’s practices.
Those complaints gathered momentum two years later, when the Guardian revealed the NSA’s Prism program, a vast surveillance operation involving direct access to the systems of Google, Facebook, Apple and other US internet companies. Schrems filed a further privacy complaint, which was eventually referred to the European court of justice.
That court found in 2015 that, because of the existence of Prism, the “Safe Harbour” agreement, which allowed US companies to transfer the data of EU citizens back home, was invalid.
The EU then attempted a second legal agreement for the data transfers, a so-called privacy shield; that too was invalidated in July this year, with the court again ruling that the US does not limit surveillance of EU citizens.
In September, the Irish data protection commissioner began the process of enforcing that ruling. The commissioner issued a preliminary order compelling the social network to suspend data transfers overseas.
In response, Nick Clegg, the company’s head of global affairs and communications, published a blogpost that argued that “international data transfers underpin the global economy and support many of the services that are fundamental to our daily lives”.
“In the worst-case scenario, this could mean that a small tech start-up in Germany would no longer be able to use a US-based cloud provider,” he wrote. “A Spanish product development company could no longer be able to run an operation across multiple time zones. A French retailer may find they can no longer maintain a call centre in Morocco.”
Clegg added: “We support global rules that can ensure consistent treatment of data around the world.”
Yep, mr Clegg. But the law is the law. And it’s a good law. Having EU Citizens’ private data in the hands of the megalomanic 4th Reich US government is not a good idea – in the EU people like the idea of having rights and privacy.
Six million would-be U.S. immigrants face expanded collection of their biometric data, including iris scans, palm-, and voice-prints, facial recognition images, and DNA, under a proposed federal rule. The Department of Homeland Security also for the first time would gather that data from American citizens sponsoring or benefiting from a visa application.
Years in the making, the biometrics immigration rule has garnered more than 160 comments since its Sept. 11 publication. The 30-day comment period closes on Oct 13. A final version could be in place by Inauguration Day.
Immigration and privacy advocates have voiced concerns over who will have to comply with the new requirements, why President Donald Trump is making this push so late in his term, and what it means for a federal agency already claiming a lack of resources.
“The only words to describe this proposed rule is breathtaking,” said Doug Rand, who worked on technology and immigration policy in the Obama White House and then joined the Federation of American Scientists. “It’s clearly designed to drastically expand surveillance of immigrants, U.S. citizens, employers.”
The 300-plus-page plan updates current biometrics requirements so that “any applicant, petitioner, sponsor, beneficiary, or individual filing or associated with an immigration benefit or request, including U.S. citizens, must appear for biometrics collection without regard to age unless the agency waives or exempts the requirement.”
The DHS estimates an additional 2.17 million new biometrics submissions will be collected annually, an increase from the current 3.9 million, under the rule.
[…]
The DHS already collects fingerprints from some visa applicants. The new rule would expand that biometrics-gathering to iris images, palm- and voice- prints. The agency wants authority to require or request DNA testing to prove familial relationships where kinship is in question. The DNA data could be stored indefinitely, under the proposed rule.
[…]
While the current proposal doesn’t expressly reference employers, that doesn’t mean it couldn’t be applied to employer-backed visa holders down the road, said Michael Nowlan, co-leader of Clark Hill’s Immigration Business unit. “It’s just amazing to me how broad this is.”
One potential scenario for employers petitioning for visa-holding workers or sponsoring foreign workers for green cards is that legal counsel or even a human resources officer may be required to submit biometrics on the company’s behalf.
[…]
Should Trump win re-election, his administration can use this period of uncertainty to accelerate this regulation and carry it out in the new year. If Trump loses, and his team makes it final it before Democrat Joe Biden takes office, it’s a “huge headache” for the next administration, Rand said.
“It’s basically like burning down the house on your way out,” Rand said.
This kind of data is dangerous in and of itself. Keeping it in a centralised database is a horrible idea – history has shown us again and again that these are abused and unsafe. And this is data about people that the people themselves, as well as their families, descendants, can’t change. Ever.
Drawing on two decades of his own research and business experience, Aral goes under the hood of the biggest, most powerful social networks to tackle the critical question of just how much social media actually shapes our choices, for better or worse. Aral shows how the tech behind social media offers the same set of behavior-influencing levers to both Russian hackers and brand marketers—to everyone who hopes to change the way we think and act—which is why its consequences affect everything from elections to business, dating to health. Along the way, he covers a wide array of topics, including how network effects fuel Twitter’s and Facebook’s massive growth to the neuroscience of how social media affects our brains, the real consequences of fake news, the power of social ratings, and the impact of social media on our kids.
In mapping out strategies for being more thoughtful consumers of social media, The Hype Machine offers the definitive guide to understanding and harnessing for good the technology that has redefined our world overnight.
There’s a new development in the high-profile game of chicken between Apple and Epic. The Fortnite developer’s latest legal filing claims that Apple “cherry-picked” Google data in its own legal filing earlier this week to support its narrative that Fortnite’s declining popularity is the impetus behind all this drama.
Apple has repeatedly argued that Epic started the legal battle over Fortnite in its App Store as a publicity stunt because the game’s hypehas started to flatline. In a filing Tuesday, it said that interest in Fortnite had fallen “by nearly 70%” between October 2019 and July 2020 according to Google Trends and that Epic’s lawsuit “appears to be part of a marketing campaign designed to reinvigorate interest in Fortnite.”
But Epic’s calling bullshit on those claims, citing its own user engagement data as proof that the Fortnite hype train is still chugging along just fine, thank you.
“Over the period of time that Apple cherry-picked for its Google search volume comparison… the number of daily active users on Fortnite actually increased by more than 39%,” the company wrote in reply papers filed late Friday evening.
Not to mention that Apple’s decision to cite Google Trends, of all things, is already suspect to begin with. It measures the volume of searches for any given term, but even if people aren’t searching for Fortnite on Google as much as they used to be, that doesn’t prove a correlation between how many people are still playing or downloading the game. I’d put money on this being an Occam’s broom scenario: Apple just went with that statistic because it was the only one they found that proved their point.
As a recap, Apple booted Fortnite off its App Store in August after Epic’s theatrical attempt to circumvent its so-called “Apple Tax,” which requires that developers fork over 30% of revenue from in-app purchases for the privilege of having their app on iOS. The two have been playing a melodramatic game of tit-for-tat ever since. Epic immediately sued, of course, then Apple terminated its App Store developer account for iOS. After that, Epic vowed not to push the Aug. 27 Fortnite update to iOS or macOS in retaliation, and Apple launched a countersuit for compensatory and punitive damages, calling Epic’s actions a deliberate attempt to undermine its iOS ecosystem.
The drama is still playing out in court, with a full court hearing scheduled for Sept. 28. In the case’s first hearing in August, a judge ruled that Apple could kick Fortnite off its App Store but not Epic’s Unreal Engine. Epic has also asked the court to restore both Fortnite and its developer accountin the App Store.
It’s likely these two will continue to take jabs at one another throughout this legal drama, so you might as well settle in and grab some popcorn as these incendiary press releases keep flying.
Facebook is again being sued for allegedly spying on Instagram users, this time through the unauthorized use of their mobile phone cameras. Bloomberg reports: The lawsuit springs from media reports in July that the photo-sharing app appeared to be accessing iPhone cameras even when they weren’t actively being used. Facebook denied the reports and blamed a bug, which it said it was correcting, for triggering what it described as false notifications that Instagram was accessing iPhone cameras.
In the complaint filed Thursday in federal court in San Francisco, New Jersey Instagram user Brittany Conditi contends the app’s use of the camera is intentional and done for the purpose of collecting “lucrative and valuable data on its users that it would not otherwise have access to.” By “obtaining extremely private and intimate personal data on their users, including in the privacy of their own homes,” Instagram and Facebook are able to collect “valuable insights and market research,” according to the complaint.
In an update to its Android Developer Program Policy, Google on Wednesday said stalkerware apps in its app store can no longer be used to stalk non-consenting adults.
Stalkerware, which the web giant defines as “code that transmits personal information off the device without adequate notice or consent and doesn’t display a persistent notification that this is happening,” may still be used for keeping track of one’s kids.
But starting October 1, 2020, the ad biz says it’s no longer acceptable for Android apps in the Google Play Store to track another person, such as a spouse, without permission, unless there’s a persistent visible notification that data is being transmitted.
The ban follows a similar prohibition in August on Google-served ads for “spyware and technology used for intimate partner surveillance,” which reportedly hasn’t worked very well.
In recent years, computer security experts have argued that the privacy and security risks in intimate relationships remain haven’t been adequately anticipated or addressed.
But rules against invasive behavior aren’t necessarily effective. Via Twitter, Michael Veale, a lecturer at University College London, observed that a 2018 research paper “found that ‘abusers frequently exploit dual-use applications—tools whose main purpose is legitimate but that can be easily repurposed to function as spyware,’ so banning explicit stalkerware of questionable efficacy.”
Google will continue to allow non-stalkerware apps (i.e. policy compliant apps) to monitor and track people, provided the programs are not marketed as surveillance apps, they disclose any such functions, and they present the requisite persistent notification and icon.
Monitoring apps of the permissible sort continue to be subject to removal for violating applicable laws in the locations where they’re published, and may not link to resources (e.g. servers, SDKs) that provide policy violating functions or non-compliant APKs hosted outside the Google Play Store.
Google’s developer policy update also includes a ban on misrepresentation, both for apps and developer accounts. Apps or accounts that impersonate a person or organization, or attempt to conceal the app’s purpose or ownership, or engage in coordinated misleading activity, are no longer allowed.
To answer the question: The tech giants will do almost anything to get your location information because it allows them to know and control you better.
IBM and the Los Angeles city attorney’s office have settled a privacy lawsuit brought after The Weather Channel app was found to be selling user location data without proper disclosure. The lawsuit was filed last year, at which point the app had 45 million active users.
IBM has changed the way that users are informed, and also agreed to donate $1M worth of technology to assist LA County with its coronavirus contact tracing efforts …
The operator of The Weather Channel mobile app has agreed to change how it informs users about its location-tracking practices and sale of personal data as part of a settlement with the Los Angeles city attorney’s office, officials said Wednesday.
City Attorney Mike Feuer alleged in a 2019 lawsuit that app users were misled when they agreed to share their location information in exchange for personalized forecasts and alerts. Instead, the lawsuit claimed users were unaware they had surrendered personal privacy when the company sold their data to third parties.
Feuer announced the settlement Wednesday with the app’s operator, TWC Product and Technology LLC, and owner IBM Corp. The app’s disclosure screens were initially revised after the lawsuit was filed and future changes that will be monitored by the city attorney’s office are planned.
The passage of the EU Copyright Directive last year represented one of the most disgraceful examples of successful lobbying and lying by the publishing, music, and film industries. In order to convince MEPs to vote for the highly controversial legislation, copyright companies and their political allies insisted repeatedly that the upload filters needed to implement Article 17 (originally Article 13) were optional, and that user rights would of course be respected online. But as Techdirt and many others warned at the time, this was untrue, as even the law’s supporters admitted once it had been passed. Now that the EU member states are starting to implement the Directive, it is clear that there is no alternative to upload filters, and that freedom of speech will therefore be massively harmed by the new law. France has even gone so far as ignore the requirement for the few user protections that the Copyright Directive graciously provides.
The EU Copyright Directive represents an almost total victory for copyright maximalists, and a huge defeat for ordinary users of the Internet in the EU. But if there is one thing that we can be sure of, it’s that the copyright industries are never satisfied. Despite the massive gains already enshrined in the Directive, a group of industry organizations from the world of publishing, music, cinema and broadcasting have written to the EU Commissioner responsible for the Internal Market, Thierry Breton, expressing their “serious concerns regarding the European Commission’s consultation on its proposed guidance on the application of Article 17 of the Directive on Copyright in the Digital Single Market (“the Directive”).” The industry groups are worried that implementation of the EU Copyright Directive will provide them with too little protection (pdf):
We are very concerned that, in its Consultation Paper, the Commission is going against its original objective of providing a high level of protection for rightsholders and creators and to create a level playing field in the online Digital Single Market. It interprets essential aspects of Article 17 of the Directive in a manner that is incompatible with the wording and the objective of the Article, thus jeopardising the balance of interests achieved by the EU legislature in Article 17.
In an Annex to the letter, the copyright industries raise four “concerns” with the proposed guidance on the implementation of Article 17. The former MEP Julia Reda, who valiantly led the resistance against the worst aspects of the Copyright Directive during its passage through the EU’s legislative system, has answered in detail all of the points in a thread on Twitter. It’s extremely clearly explained, and I urge you to read it to appreciate the full horror of what the copyright companies are claiming and demanding. But there is one “concern” of the copyright maximalists that is so outrageous that it deserves to be singled out here. Reda writes:
#Article17 clearly says that legal content must not be blocked. #Uploadfilters can’t guarantee that, so rightholders claim that this is fulfilled as long as users have the right to complain about wrongful blocking *after* it has already happened.
This completely goes against what users fought for in the negotiations and what #Article17 says, that it “shall in no way affect legitimate uses”. Of course, if all legal parodies, quotes etc. get automatically blocked by #uploadfilters, legitimate uses are affected pretty badly.
The copyright companies and their political friends tricked the European Parliament into voting through Article 17 by claiming repeatedly that it did not require upload filters, which were rightly regarded as unacceptable. Now, the companies are happy to admit that the law’s requirement to assess whether uploads are infringing before they are posted — which can only be done using algorithms to filter out infringing material — is “practically unworkable”. Instead, they want blocking to be the default when there is any doubt, forcing users to go through a process of complaining afterwards if they wish their uploads to appear. Since most people will not know how to do this, or won’t have the time or energy to do so, this will inevitably lead to vast amounts of legal material being blocked by filters.
As Reda rightly summarizes:
The entertainment industry is joining forces to push for the worst possible implementation of #Article17, which would not only require out-of-control #uploadfilters without any safeguards, but also violate fundamental rights AND the very text of Article 17 itself.
The EU Copyright Directive’s Article 17 already promises to be disastrous for user creativity and freedom of speech in the EU; unfortunately, the proposed EU guidance has some additional aspects that are problematic for end users (pdf), as a group of civil society organizations point out in their own letter to the EU Commissioner. What the industry’s demands show once again is that no matter how strong copyright is made, no matter how wide its reach, and no matter how disproportionate the enforcement powers are, publishing, music, film and broadcasting companies always want more. Their motto is clearly: “too much is never enough”.
In a statement, the streaming service argued Apple One will “deprive consumers by favoring its own services” and urged regulators to take action against what it perceives to be “anti-competitive behavior”.
Announced yesterday at Cupertino’s Time Flies launch event, Apple One bundles the firm’s various subscription services into a single monthly payment. The product is organised into several tiers, with the base Individual subscription retailing at £14.95 ($14.95), and including Apple Music, TV+, Arcade, and 50GB of iCloud storage. For £5 or $5 more, you can share that subscription with up to five people.
There’s also a Premier package, which costs £29.95 ($29.95) per month. In addition to the aforementioned services, this bundles Apple’s new Fitness+ product as well as News+.
In comparison, combining Netflix’s standard plan, which supports HD streaming, as well as Spotify Premium, costs roughly £20. Adding Google Play Pass and 100GB of Google One storage brings that total to £27.
This is not the first time Spotify has called upon the anvil of regulation against Apple. In June, the European Commission commenced investigations against the Apple, following complaints from Spotify about Apple’s in-app payment policies, which it alleged are designed to give an unfair advantage to its own products, like Apple Music.
The previous year, Spotify began a PR blitz called “Time to Play Fair“, again centred on the App Store payment rules and Apple’s 30 per cent cut, which it claims are driving up costs for its customers.
Monster Beverage tried to stop Ubisoft from trademarking the name “Gods & Monsters” earlier this year to prevent confusion between its brand of highly caffeinated sodas and the upcoming action adventure game. It turns out this is the sort of thing Monster does a lot.
Monster routinely challenges “monster”-related trademarks, including, tactical gear, ice cream, and dog treats.
The news about Gods & Monsters, which Ubisoft announced earlier this month had been renamed Immortals: Fenyx Rising, was first reported by TechRaptor based on publicly available filings with the U.S. Patent and Trademark Office. In a 186-page filing dated April 3, Monster argued in part that the Gods & Monsters name would conflict with its own because of the drink company’s involvement in sponsoring esports teams, tournaments, as well as actual video games. Surely you’ve heard of Monster Energy Supercross: The Official Videogame?
“[Monster] has built up, at great expense and effort, valuable goodwill in its MONSTER Marks and has developed strong common law rights in its MONSTER Marks,” the company wrote. Ubisoft responded a month later with a much briefer eight-page filing denying Monster’s claims.
One of Monster Energy’s claims against Ubisoft’s Gods & Monsters trademark.
Screenshot: Kotaku
The publisher has also claimed that the name change from Gods & Monsters to the inscrutable Immortals: Fenyx Rising was entirely its own idea. “The change of name was entirely because of the vision of the game,” game director Julien Galloudec told VGC in an interview last week. He went on:
The game changed a lot, to the point where we felt we needed a new name to be better aligned with that updated vision, so that’s where we decided to change to Immortals Fenyx Rising, a name that combines the notion of the timeless aspect of the Greek mythology with the immortals. And also I like the new era, Fenyx, and adjoining that epic adventure.
Ubisoft did not respond to a request for comment.
A quick search on the Trademark Office website reveals 25 current pending notices of opposition to other companies using the name “Monster.” The cases range from disputes with other food and beverage companies to seemingly completely unrelated businesses like toy manufacturers.
For example, Monster took issue with Nikko Toys’ line of remote control Mega Monster trucks because it, too, has at one time or another plastered its logo on the sides of toy cars. The company even went after someone trying to sell dog treats called “Monster Bully Sticks,” to which the maker of those dog treats basically responded that it is unlikely anyone would confuse a giant beef tendon for dogs to chew on with a can of Monster Energy.
The brand’s tagline is “Unleash the Beast.” A more appropriate one might be, “Unleash the lawyers.”
