Hackers claim to have compromised Gravy Analytics, the parent company of Venntel which has sold masses of smartphone location data to the U.S. government. 404 Media: The hackers said they have stolen a massive amount of data, including customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples' precise movements, and they are threatening to publish the data publicly.

The news is a crystalizing moment for the location data industry. For years, companies have harvested location information from smartphones, either through ordinary apps or the advertising ecosystem, and then built products based on that data or sold it to others. In many cases, those customers include the U.S. government, with arms of the military, DHS, the IRS, and FBI using it for various purposes. But collecting that data presents an attractive target to hackers.

TPM is a dedicated chip or firmware enabling hardware-level security, housing encryption keys, certificates, passwords, and sensitive data, "and shielding them from unauthorized access," Microsoft senior product manager Steven Hosking wrote last month, declaring TPM 2.0 to be "a non-negotiable standard for the future of Windows."

Or, as BleepingComputer put it, Microsoft "made it abundantly clear... that Windows 10 users won't be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support." (This despite the fact that Statcounter Global data "shows that more than 61% of all Windows systems worldwide still run Windows 10.") They add that Microsoft "announced on October 31 that Windows 10 home users will be able to delay the switch to Windows 11 for one more year if they're willing to pay $30 for Extended Security Updates."

But last week the Free Software Foundation's campaigns manager delivered a message on the FSF's official blog: "Keep putting pressure on Microsoft." Grassroots organization against a corporation as large as Microsoft is never easy. They have the advertising budget to claim that they "love Linux" (sic), not to mention the money and political willpower to corral free software developers from around the world on their nonfree platform Microsoft GitHub. This year's International Day Against DRM took aim at one specific injustice: their requiring a hardware TPM module for users being forced to "upgrade" to Windows 11. As Windows 10 will soon stop receiving security updates, this is a (Microsoft-manufactured) problem for users still on this operating system. Normally, offloading cryptography to a different hardware module could be seen as a good thing — but with nonfree software, it can only spell trouble for the user...

What's crucial now is to keep putting pressure on Microsoft, whether that's through switching to GNU/Linux, avoiding new releases of their software, or actions as simple as moving your projects off of Microsoft GitHub. If you're concerned about e-waste or have friends who work to combat climate change, getting them together to tell them about free software is the perfect way to help our movement grow, and free a few more users from Microsoft's digital restrictions. If you're concerned about e-waste or have friends who work to combat climate change, getting them together to tell them about free software is the perfect way to help our movement grow, and free a few more users from Microsoft's digital restrictions.

"The Washington Post's crossword puzzle was recently deemed too offensive for advertisers," reports the Wall Street Journal. "So was an article about thunderstorms. And a ranking of boxed brownie mixes.

"Marketers have long been wary about running ads in the news media, concerned that their brands will land next to pieces about terrorism or plane crashes or polarizing political stories." But "That advertising no-go zone seems to keep widening." It is a headache that news publishers can hardly afford. Many are also grappling with subscriber declines and losses in traffic from Google and other tech platforms, and are now making an aggressive push to change advertisers' perceptions... News organizations recently began publicizing studies that show it really isn't dangerous for a brand to appear near a sensitive story. At the same time, they say blunt campaign-planning tools wind up fencing off even harmless content — and those stories' potentially large audiences — from advertisements. Forty percent of the Washington Post's material is deemed "unsafe" at any given time, said Johanna Mayer-Jones, the paper's chief advertising officer, referencing a study the company did about a year ago. "The revenue implications of that are significant."

The Washington Post's crossword page was blocked by advertisers' technology seven times during a weekslong period in October because it was labeled as politics, news and natural disaster-related material. (A tech company recently said it would ensure the puzzle stops getting blocked, according to the Post.) The thunderstorm story was cut off from ad revenue when a sentence about "flashing and pealing volleys from the artillery of the atmosphere" triggered a warning that it was too much like an "arms and ammunition" story. As for the brownies, a reference to research from "grocery, drug, mass-market" and other retailers was automatically flagged by advertisers for containing the word "drug."

While some brands avoid news entirely, many take what they consider to be a more surgical approach. They create lengthy blacklists of words or websites that the company considers off-limits and employ ad technology to avoid such terms. Over time, blacklists have become extremely detailed, serving as a de facto news-blocking tool, publishers said... The lists are used in automated ad buying. Brands aim their ads not at specific websites, but at online audiences with certain characteristics — people with particular shopping or web-browsing histories, for example. Their ads are matched in real-time to available inventory for thousands of websites... These days, less than 5% of client ad spending for GroupM, one of the largest ad-buying firms in the world, goes to news, according to Christian Juhl, GroupM's former chief executive who revealed spending figures during a congressional hearing over the summer.
A recent blacklist from Microsoft included about 2,000 words including "collapse," according to the article. ("Microsoft declined to comment.")

Xiaomi has further restricted bootloader unlocking to just one device per user per year, significantly hindering custom ROM development and reinforcing user dependence on its proprietary HyperOS ecosystem. Android Police reports: Roughly a year ago, Xiaomi introduced a policy limiting users to three unlocked devices per account, providing only a limited time window for unlocking, and demanding waiting periods before doing so. It's now gone even further, limiting users to unlocking the bootloader of just a single device throughout the year. Unlocking the bootloader changes the way a phone works by preventing automated software updates, among other things, and isn't a good idea for most users. Power users love it for complete customization of their devices, and unlocked bootloaders are critical to the creation and installation of privately developed operating systems, or custom ROMs.

Custom ROMs usually (but not always) derive from pre-existing OSs like Android or Xiaomi's HyperOS. To write operating software that works on a certain device, you need to develop it on that specific device. Consequently, individuals and teams throughout the enthusiast phone sphere constantly add to their collections of bootloader-unlocked phones. The new unlocking restrictions could place undue hardship on resource-limited development teams, reducing the number of custom ROMs produced moving forward. Xiaomi first tightened restrictions roughly a year ago, following the enforcement of a Chinese law requiring certain pre-installed software behaviors. But Xiaomi's business plan and sales models indicate a couple of other motivations for insisting users stick with its first-party HyperOS. Some of the motives include preventing scalping, avoiding accidental bricking, and preserving advertising-driven revenue. However, these measures come at the cost of user freedom and may stifle innovation within the enthusiast developer community.

The U.S. Justice Department has filed a complaint and announced a civil enforcement action against financial technology company Dave and its CEO Jason Wilk for alleged violations of federal law. From a report: The Justice Department and the Federal Trade Commission alleged the company lured users to its personal finance app by advertising cash advances of up to $500 that many never receive.

The complaint, filed by the Justice Department, seeks unspecified amounts of consumer redress and monetary civil penalties from the defendants and a permanent injunction to prohibit them from engaging in future violations, the Justice Department said. The government alleges that Dave misled consumers by deceptively advertising its cash advances, charging hidden fees, misrepresenting how Dave uses customers' tips and charging recurring monthly fees without providing a simple mechanism to cancel them.

An anonymous reader quotes a report from Ars Technica: Apparently Hertz's purging of electric vehicles from its fleet isn't going fast enough for the car rental giant. A Reddit user posted an offer they received from Hertz to buy the 2023 Tesla Model 3 they had been renting for $17,913. Hertz originally went strong into EVs, announcing a plan to buy 100,000 Model 3s for its fleet by the end of 2021, but 16 months later had acquired only half that amount. The company found that repair costs -- especially for Teslas, which averaged 20 percent more than other EVs -- were cutting into its profit margins. Customer demand was also not what Hertz had hoped for; last January, it announced plans to sell off 20,000 EVs.

Asking its customers if they want to purchase their rentals isn't a new strategy for Hertz. "By connecting our rental customers who opt into our emails to our sales channels, we're not only building awareness of the fact that we sell arsenal but also offering a unique opportunity to someone who may be in the market for the same car they have on rent," Hertz communications director Jamie Line told The Verge. Hertz is advertising a limited 12-month, 12,000-mile powertrain warranty for each EV, and customers will have seven days to return the car in case of profound buyer's regret.

Apple has no plans to develop its own search engine despite potential restrictions on its lucrative revenue-sharing deal with Google, citing billions in required investment and rapidly evolving AI technology as key deterrents, according to a court filing [PDF].

In a declaration filed with the U.S. District Court in Washington, Apple Senior Vice President Eddy Cue said creating a search engine would require diverting significant capital and employees, while recent AI developments make such an investment "economically risky."

Apple received approximately $20 billion from Google in 2022 under a deal that makes Google the default search engine on Safari browsers. This arrangement is now under scrutiny in the U.S. government's antitrust case against Google.

Cue said Apple lacks the specialized professionals and infrastructure needed for search advertising, which would be essential for a viable search engine. While Apple operates niche advertising like the App Store, search advertising is "outside of Apple's core expertise," he said. Building a search advertising business would also need to be balanced against Apple's privacy commitments, according to his declaration.

An anonymous reader shares a report: In recent months, Telegram, the lightly moderated social media app, has held discussions with investors who lent it more than $2 billion. The goal: to reassure them that the company remains a viable bet after its founder, Pavel Durov, was arrested in France in August on charges related to illicit activities on the platform.

In the conversations, Telegram told investors that it was tackling its legal troubles head-on by policing more user-generated content. The company also said it had paid down a "meaningful amount" of its debt, according to an investor in the talks who was not authorized to discuss confidential information. Telegram has been under increasing scrutiny around the world this year for hosting illicit content from child predators, drug traffickers and other criminals. The company also faces pressure another way: to prove it can make money.

For years, skeptics have questioned if a platform known for hosting toxic material could turn a profit. Unlike social media companies such as Meta, Telegram took an unusual business path: It did not raise money from venture capitalists, sell advertising based on user data or hire aggressively to accelerate growth. Instead, it relied on Mr. Durov's fame and fortune to sustain its business, took on debt and barreled into the cryptocurrency market. [...] The result: Telegram is set to be profitable this year for the first time, according to a person with knowledge of the finances who declined to be identified discussing internal figures. Revenue is on track to surpass $1 billion, up from nearly $350 million last year, the person said.

The Federal Trade Commission unveiled a sweeping rule on Tuesday to crack down on hidden fees in ticket sales and hotel bookings, marking a major push by the agency to combat what it calls "junk fees" that cost consumers billions of dollars annually.

The bipartisan measure requires businesses to display the total price, including all mandatory fees, upfront when advertising tickets for live events or short-term lodging. The rule aims to end the practice of surprising customers with additional charges like "resort," "convenience," or "service" fees late in the booking process.

"People deserve to know up-front what they're being asked to pay," said FTC Chair Lina Khan, who estimates the rule could save consumers up to 53 million hours per year in comparison shopping time, equivalent to $11 billion over a decade.

The rule, approved by a 4-1 commission vote, does not ban any specific fees but requires clear disclosure before consumers enter payment information. It will take effect 120 days after publication in the Federal Register. The measure follows a lengthy public comment period that drew over 72,000 responses and represents one of the FTC's most significant consumer protection actions in recent years.

An anonymous reader shares a report: BeReal, the in the moment social media platform, is far from its 2022 heyday, but that hasn't stopped one organization from going after it. Austrian advocacy group Noyb has filed a complaint surrounding the platform's data consent banner practices. The organization claims that the banner disappears if users accept that their personal data can inform advertising practices, but if they click reject then the banner appears daily.

Noyb filed its complaint with the French data protection authority (CNIL) as Voodoo, a French company, bought BeReal in June -- the practice in question started in July. "BeReal's daily attempt to pressure its users into accepting the tracking for personalised advertising has a significant impact on user behaviour. Consent given under these circumstances is not freely given, which means it doesn't meet the requirements established in Article 4(11) GDPR," Noyb argued in its complaint. It asked the CNIL to fine BeReal and force it to be compliant.

Walmart said Tuesday it had completed its $2.3 billion all-cash acquisition of TV maker Vizio, a move by the retailing giant to expand its advertising business. From a report: The closing of the deal follows the expiration of the waiting period under federal regulations. Walmart announced the deal to buy Vizio in February 2024. Walmart said the acquisition of Vizio will let it "bring to market new and differentiated ways for advertisers to meaningfully connect with customers at scale and boost product discovery" through Walmart Connect, the company's U.S. retail media business.

Walmart and Vizio will continue to operate separately "for the foreseeable future," according to the announcement. William Wang will continue to lead Vizio as CEO, reporting to Seth Dallaire, executive VP and chief growth officer of Walmart U.S. Vizio, founded in 2002, is a leading vendor of value-priced HDTVs. Its device ecosystem and its smart TV operating system, SmartCast, provide free, ad-supported access to streaming content.

The Federal Trade Commission on Tuesday announced sweeping action against some of the most important companies in the location data industry, including those that power surveillance tools used by a wide spread of U.S. law enforcement agencies and demanding they delete data related to certain sensitive areas like health clinics and places of worship. From a report: Venntel, through its parent company Gravy Analytics, takes location data from smartphones, either through ordinary apps installed on them or through the advertising ecosystem, and then provides that data feed to other companies who sell location tracking technology to the government or sells the data directly itself.

Venntel is the company that provides the underlying data for a variety of other government contractors and surveillance tools, including Locate X. 404 Media and a group of other journalists recently revealed Locate X could be used to pinpoint phones that visited abortion clinics. The FTC says in a proposed order that Gravy and Venntel will be banned from selling, disclosing, or using sensitive location data, except in "limited circumstances" involving national security or law enforcement.

A new lawsuit filed by a current Apple employee accuses the company of spying on its workers via their personal iCloud accounts and non-work devices. From a report: The suit, filed Sunday evening in California state court, alleges Apple employees are required to give up the right to personal privacy, and that the company says it can "engage in physical, video and electronic surveillance of them" even when they are at home and after they stop working for Apple.

Those requirements are part of a long list of Apple employment policies that the suit contends violate California law. The plaintiff in the case, Amar Bhakta, has worked in advertising technology for Apple since 2020. According to the suit, Apple used its privacy policies to harm his employment prospects. For instance, it forbade Bhakta from participating in public speaking about digital advertising and forced him to remove information from his LinkedIn page about his job at Apple.

Canada's Competition Bureau is suing Alphabet's Google over alleged anti-competitive conduct in online advertising, the antitrust watchdog said on Thursday. From a report: The Competition Bureau, in a statement, said it had filed an application with the Competition Tribunal seeking an order that, among other things, requires Google to sell two of its ad tech tools. It is also seeking a penalty from Google to promote compliance with Canada's competition laws, the statement said.

Google said the complaint "ignores the intense competition where ad buyers and sellers have plenty of choice and we look forward to making our case in court." [...] "Our advertising technology tools help websites and apps fund their content, and enable businesses of all sizes to effectively reach new customers," Dan Taylor, VP of Global Ads, Google said in a statement.

Lawyers for the United States on Monday said that Google had created a monopoly with its services to place ads online, closing out an antitrust trial over the company's dominance in advertising technology that could add to the Silicon Valley giant's mounting woes. From a report: The legal case concerns a system of software that is used by advertisers to place ads on websites around the internet. Aaron Teitelbaum, a lawyer for the Justice Department, told Judge Leonie M. Brinkema of the U.S. District Court for the Eastern District of Virginia that the company had linked its products together in a way that made it hard for publishers and advertisers to use alternatives.

"Google is once, twice, three times a monopolist," he said. "These are the markets that make the free and open internet possible." Google's lead lawyer, Karen Dunn, countered that the government had failed to offer the evidence to prove its case and was on shaky legal ground. "Google's conduct is a story of innovation in response to competition," she said. The arguments conclude U.S. et al. v. Google, an antitrust suit that the Justice Department and eight states filed against Google last year. (More states have joined the suit since then.) The agency and states accused the internet giant of abusing control of its ad technology and violating antitrust law, in part through the acquisition of the advertising software company Doubleclick in 2008. Next, Judge Brinkema will decide the merits of the case in the coming months.

Longtime Slashdot reader theodp writes: Past corporate-sponsored Hour of Code tutorials for the nation's schoolchildren have blurred the lines between coding lessons and product infomercials. So too is the case again with this year's newly-announced Hour of Code 2024 flagship tutorials, which include Microsoft Minecraft, Amazon Music, and Transformers One movie-themed intros to coding. The press release announcing the tutorials from tech-backed nonprofit Code.org, which organizes the Hour of Code and counts Microsoft and Amazon as $30+ million donors, boasts of its "decade of partnership with [Microsoft] Minecraft this year, reaching more than 300 million sessions of Minecraft Hour of Code since 2015!"

Interestingly, The Transformers (Paramount Pictures, which released Transformers One in the U.S., is a $25,000+ Code.org donor) is cited as one of the OG's of children's Saturday morning cartoon advertising (aka 30-minute commercials) that prompted the Children's Television Act (CTA) of 1990, an act of Congress that ordered the FCC to put in place regulations to protect children from advertising. Throughout the 1980s, Action for Children's Television (ACT) criticized children's television programs that "blur(red) the distinction between program content and commercial speech."

The Trade Desk, one of the largest publicly traded advertising technology companies in the world, is building a connected television operating system. Axios reports: Existing OS providers, like Roku, Amazon's Fire TV and Google's Android TV, have a conflict of interest because they own content, [CEO and founder Jeff Green] said. Green believes that conflict of interest has muddled the advertising ecosystem for everyone. "We're looking at a concentration around a handful of players that lack objectivity," Green said. "We think we're in a unique position to make the ecosystem better." [...]

Ventura, a nod to the company's headquarters in Ventura, California, will be rolled out to the market in the second half of 2025, Green said. The company has been working to build the system quietly for three years. While some OS developers, such as Google, Amazon and Roku, have also developed their own hardware devices to service their operating systems, Green said The Trade Desk has "no intention of getting into the hardware business." Rather, it will partner with other hardware companies, such as smart TV manufacturers, as well as various television distributors, such as airlines, hotel chains, and gaming companies, to bring its OS to their devices.

Green believes hardware companies will be excited about the opportunity to partner because, in a competitive streaming environment, more hardware companies will need to build advertising businesses to scale. [...] Because The Trade Desk's goal is ultimately to improve a murky marketplace, Green said he isn't looking to make money from the OS directly. Ventura will be successful if it drives more pricing transparency and stronger measurement for the CTV advertising ecosystem writ large, he said. "Ultimately, the measure of success will be, do we have an ad auction that is so transparent that we can predict outcomes?" The Trade Desk will benefit financially from a more transparent ecosystem because it lacks a conflict of interest, Green said.

India's competition watchdog has ordered WhatsApp to stop sharing user data with other Meta units for advertising purposes for five years and also levied a fine of $25.4 million for antitrust violations related to WhatsApp's controversial 2021 privacy policy. From a report: The Competition Commission of India, which began the investigation in 2021, found that WhatsApp's "take-it-or-leave-it" privacy update constituted an abuse of Meta's dominant position by forcing users to accept expanded data collection without an opt-out option.

WhatsApp's 2021 privacy policy update required users to share their data with Meta companies in order to continue using the messaging service, removing a previous opt-out option that had existed since 2016. The mandatory data-sharing requirement expanded the scope of data collection and processing by Meta's group companies.

The European Union has fined Meta $840 million for unfairly tying its Facebook Marketplace classified ads service to its social network, marking the company's first EU antitrust penalty.

The European Commission ruled Meta must stop bundling Marketplace with Facebook's social platform and cease imposing unfair conditions on competing classified ads services. Regulators found Meta exploited Facebook's massive user base to disadvantage rivals and used competitors' advertising data to enhance Marketplace.

EU antitrust chief Margrethe Vestager said Meta "tied its online classified ads service Facebook Marketplace to its personal social network Facebook and imposed unfair trading conditions on other online classified ads service providers."

A new study reveals that late work is judged more negatively than on-time submissions, even if delays are minimal or pre-communicated. "The findings suggest that, while you might be tempted to take the maximum allotted time to put the finishing touches to a report, submission or piece of work, the extra effort might not be appreciated by colleagues if it comes at the expense of punctual delivery," reports The Guardian. From the report: The study surveyed thousands of people in the US and UK, including managers, executives, human resources personnel and others whose jobs included an element of evaluating others. Participants were asked to rate pieces of work, such as advertising flyers, art, business proposals, product pitches, photography and news articles. But first, they were told it was either submitted early, on deadline or late. "Late" work was consistently rated as worse in quality than when people were told the same work was completed early or on time. The difference was equivalent to including an objective shortcoming such as not meeting a word count.

A missed deadline led evaluators to believe an employee had less integrity, and they reported they would be less willing to work with or assign tasks to that person in the future. "Everyone saw the exact same art contest entry, school submission or business proposal, but they couldn't help but use their knowledge of when it came in to guide their evaluation of how good it was," said Maglio, who co-authored the study with David Fang of Stanford University.

Those who eagerly submit work early should be advised that this does not appear to earn a boost in opinion, according to the report in the journal Organizational Behavior and Human Decision Processes. It also didn't matter how late the work was submitted, with one day or one week delays viewed just as negatively -- and that remained the case if the employee gave their manager advance warning. The latest study suggests that it is this inability to plan realistically that is frowned on, with factors beyond an employee's control, such as jury duty, not viewed as negatively. "If the reason why you missed the deadline was beyond your control, you as the employee should let your manager know," said Maglio. "That seems to be one of the few instances in which people cut you a break."