New York City "is pressing ahead with a long-anticipated crackdown on Airbnb hosts," reports the New York Post, "with officials on Friday proposing a strict new registration system for hosts that will take effect in January."

There's 30 pages of rules... Under proposed rules that were quietly and unexpectedly made public on Friday — which will, among other things, prohibit hosts from renting out an "entire registered dwelling unit" — Airbnb hosts will be required to submit diagrams of their apartments as well as proof that their listings are permanent residences. Hosts also will be required to list the "full legal name of all permanent occupants of the dwelling" as well as their relationship to the host....

If hosts fail to comply, they can be fined up to $5,000 under the new rules, while Airbnb and other platforms are required to verify the rental on its systems and could be on the hook for a $1,500 fine per violation. Last year, the city council passed the registration law, but little was known about the details and requirements, which will become effective Jan. 9 and enforced by May 9....

Among the requirements, said the source, is one that bars hosts from putting locks on doors that separate the guest from the host, directing that "a registered host shall not allow a rentee to have exclusive access to a separate room within a dwelling" and specifying that, for example, "providing the rentee with a key to lock the door when such rentee is not in the dwelling is prohibited...."

It's the latest salvo in the fraught relationship between New York City and Airbnb, which has long pushed back on the city's efforts to regulate the industry. Meanwhile the city blames Airbnb, in part, for its housing shortage.
Thanks to Slashdot reader quonset for submitting the story!

In 2004 NBC's news show "Dateline" began airing "To Catch a Predator" segments, in which a vigilante group posed online as minors to lure sex predators into in-person meetings — where they were then arrested by police.

The New Yorker looks at its cultural impact: Although there were only twenty episodes of the series, in three years, it's "this touchstone that I grew up with and that millions of people grew up with," Paul Renfro, a professor of history at Florida State University and the author of "Stranger Danger: Family Values, Childhood, and the American Carceral State," said. "It shaped how people think about sexual violence in ways that we haven't fully grappled with." The show focussed on the threat from strangers on the Internet, even though most victims of child sexual abuse are harmed by someone known to them. "On the show, it's not the family, it's not priests or rabbis or other authority figures who pose a threat to children, it's this devious stranger," Renfro said. The show's influence helped spur the passage of the Adam Walsh Act, in 2006, which created publicly searchable databases of people convicted of certain sex crimes. (There's little evidence that sex-offender registries have been effective at reducing sexual offenses.)
But today, "amateur predator hunting has come back into style," the article notes, citing the proliferation of online groups. "Recently, the Washington Post found more than a hundred and sixty, which have been responsible for nearly a thousand stings this year."

And then the New Yorker interviewed a woman named Cam, who with her husband and her brother-in-law decided to form "the Permian Basin Predator Patrol" — broadcasting their sting operations and humiliations of potential perpetrators on YouTube: [S]oon after the channel started drawing attention, they were called to a meeting at the Odessa Police Department. According to Cam, officers made it clear that they disapproved of their activities. "We were told we can't be involved with them, and that we can't send them anything directly," she said. "One, we're endangering ourselves, and, two, we're giving them more work — that's what it seemed like they were saying."

"We are very mindful of not trying to entrap a suspect," Lieutenant Brad Cline, who works in the Odessa Police Department's Crimes Against Persons Unit, said. "Taking a predator into custody can be very dangerous as well."
The article points out that "To Catch a Predator" was cancelled when Texas man Bill Conradt decided not to follow-up on his online messages — but "When a SWAT team burst into his house, trailed by a camera crew, Conradt shot himself."

So what did Cam's group do when the Odessa Police Department declined their help? The Permian Basin Predator Patrol continued to make videos. If she couldn't contribute to an arrest, Cam thought, at least she could get the word out to the public. She became an expert at figuring out the identities of the men she was chatting with, even when they used fake names.... Sometimes she'd find a man's family on Facebook and send his mother screenshots of the obscene messages he'd sent, or call his employer. "I believe three of them have been let go from their jobs," she said.

A sting by the Predator Catchers Indianapolis led to a man's conviction for child solicitation.... Although YouTube's predator hunters tend to portray themselves as the unequivocal good guys (Cam is an exception — most are men), their track record is more mixed.... The Ohio-based group Dads Against Predators has reportedly been banned from local grocery stores for causing disturbances. In 2018, a twenty-year-old in Connecticut hanged himself after a confrontation with a predator-hunter group. One video by the Permian Basin Predator Patrol ends with a man weeping, then running into traffic. (Cam said that she asked police to perform a welfare check on him, but she's not sure if it occurred.)

In March the U.S. Senate passed a measure making Daylight Saving Time permanent.

Unfortunately, the U.S. House of Representatives has failed to do the same, reports the Washington Post: Key senators who backed permanent daylight saving time say they're mystified that their effort appears doomed, and frustrated that they will probably have to start over in the next Congress. At least 19 states in recent years have enacted laws or passed resolutions that would allow them to impose year-round daylight saving time — but only if Congress approves legislation to stop the nation's twice-per-year time changes, according to the National Conference of State Legislatures....

"We know that the majority of Americans do not want to keep switching the clocks back and forth," Rep. Jan Schakowsky (D-Ill.) said in a statement to The Post, adding that she had received calls arguing in favor of both sides. Permanent standard time advocates don't want children to wait in dark winter mornings for a school bus; permanent daylight saving time proponents want to help businesses enjoy more sunshine during operating hours, she said. A congressional aide who has been working on the issue put it more bluntly: "We'd be pissing off half the country no matter what," said the aide, who spoke on the condition of anonymity because they were not authorized to publicly discuss internal deliberations....

Rep. Frank Pallone Jr. (D-N.J.) and other lawmakers have said they're waiting on the Transportation Department, which helps govern enforcement of time zones, to review the effects of permanently changing the clocks. While the transportation agency in September agreed to conduct a study, the due date for that analysis — Dec. 31, 2023 — suggests that the issue may not get serious consideration in Congress again until 2024 at the earliest.

"THIS WEBSITE HAS BEEN SEIZED," declares the home page of three different domains, attributing the seizure to the America's Federal Bureau of Investigation "in accordance with a warrant."

Bleeping Computer reports the domains were seized early Friday morning — and that the domains belong to the popular Z-Library online eBook repository. Z-Library is ranked in the top 10k most visited websites on the Internet, offering over 11 million books and 84 million articles for free via its website....

WHOIS information initially showed that the U.S. government seized the domains and switched their DNS servers to NS1.SEIZEDSERVERS.COM and NS2.SEIZEDSERVERS.COM, two DNS servers commonly used by the U.S and law enforcement in domain seizures. However, since then, the DNS servers for these domains have been switched to Njalla, an anonymizing hosting provider. It is unclear how Z-Library could transfer the domains to the new hosting provider....

While the court order for the seizure is unavailable at this time, the site's domains were likely seized because many of the files were uploaded without the license of the original authors. Complaints to copyright protection offices in the past have resulted in legal actions forcing the platform's registrar to seize the Z-Library domains in 2015 and further domain blockages and DMCA notices in the U.S. and France in 2021. The USTR (United States Trade Representative) has recently launched an investigation on the platform... As reported by TorrentFreak last week, TikTok decided to block hashtags related to Z-Library, reportedly responding to copyright holder's complaints.
Thanks to Slashdot reader joshuark for suggesting the story.

America's federal government "is planning a post-midterms push for antitrust legislation that would rein in the power of the world's largest tech companies," reports Bloomberg, "a last-ditch effort to get a stalled pair of bills through Congress before a predicted Republican takeover in January." The lame-duck period after Tuesday's U.S. election may be the last shot to pass the landmark legislation, the American Innovation and Choice Online Act and Open App Markets Act. The bills, which would prevent the tech companies from using their platforms to thwart competitors, would be the most significant expansion of antitrust law in over a century.... Republicans have made it clear that they won't support the bills if they retake control of either chamber of Congress. That has supporters urging the White House to mount a push in the final weeks before a new Congress is seated early next year.

Advocates have criticized the White House for failing to prioritize the legislation, which major tech companies have spent more than $100 million to defeat. Alphabet's Google, Amazon, Apple and Meta all oppose the bill. "There is bipartisan support for antitrust bills, and no reason why Congress can't act before the end of the year," said White House spokesperson Emilie Simons. "We are planning on stepping up engagement during the lame duck on the president's agenda across the board, antitrust included." Versions of both bills have made it through committees but await action by the full House and Senate.

If Congress doesn't act before the end of the year, it will likely be years before U.S. lawmakers pass any legislation to crack down on the power of the tech giants.

The Intercept reports that protesters in Iran "have often been left wondering how the government was able to track down their locations or gain access to their private communications — tactics that are frighteningly pervasive but whose mechanisms are virtually unknown."

But The Intercept now has evidence of a new possibility: While disconnecting broad swaths of the population from the web remains a favored blunt instrument of Iranian state censorship, the government has far more precise, sophisticated tools available as well. Part of Iran's data clampdown may be explained through the use of a system called "SIAM," a web program for remotely manipulating cellular connections made available to the Iranian Communications Regulatory Authority. The existence of SIAM and details of how the system works, reported here for the first time, are laid out in a series of internal documents from an Iranian cellular carrier that were obtained by The Intercept.

According to these internal documents, SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones. The tools can slow their data connections to a crawl, break the encryption of phone calls, track the movements of individuals or large groups, and produce detailed metadata summaries of who spoke to whom, when, and where. Such a system could help the government invisibly quash the ongoing protests — or those of tomorrow — an expert who reviewed the SIAM documents told The Intercept.

"SIAM can control if, where, when, and how users can communicate," explained Gary Miller, a mobile security researcher and fellow at the University of Toronto's Citizen Lab. "In this respect, this is not a surveillance system but rather a repression and control system to limit the capability of users to dissent or protest."
Thanks to long-time Slashdot reader mspohr for submitting the article.

"Microsoft's GitHub Copilot is being sued in a class action lawsuit that claims the AI product is committing software piracy on an unprecedented scale," reports IT Pro.

Programmer/designer Matthew Butterick filed the case Thursday in San Francisco, saying it was on behalf of millions of GitHub users potentially affected by the $10-a-month Copilot service: The lawsuit seeks to challenge the legality of GitHub Copilot, as well as OpenAI Codex which powers the AI tool, and has been filed against GitHub, its owner Microsoft, and OpenAI.... "By training their AI systems on public GitHub repositories (though based on their public statements, possibly much more), we contend that the defendants have violated the legal rights of a vast number of creators who posted code or other work under certain open-source licences on GitHub," said Butterick.

These licences include a set of 11 popular open source licences that all require attribution of the author's name and copyright. This includes the MIT licence, the GNU General Public Licence, and the Apache licence. The case claimed that Copilot violates and removes these licences offered by thousands, possibly millions, of software developers, and is therefore committing software piracy on an unprecedented scale.

Copilot, which is entirely run on Microsoft Azure, often simply reproduces code that can be traced back to open-source repositories or licensees, according to the lawsuit. The code never contains attributions to the underlying authors, which is in violation of the licences. "It is not fair, permitted, or justified. On the contrary, Copilot's goal is to replace a huge swath of open source by taking it and keeping it inside a GitHub-controlled paywall...." Moreover, the case stated that the defendants have also violated GitHub's own terms of service and privacy policies, the DMCA code 1202 which forbids the removal of copyright-management information, and the California Consumer Privacy Act.
The lawsuit also accuses GitHub of monetizing code from open source programmers, "despite GitHub's pledge never to do so."

And Butterick argued to IT Pro that "AI systems are not exempt from the law... If companies like Microsoft, GitHub, and OpenAI choose to disregard the law, they should not expect that we the public will sit still." Butterick believes AI can only elevate humanity if it's "fair and ethical for everyone. If it's not... it will just become another way for the privileged few to profit from the work of the many."

Reached for comment, GitHub pointed IT Pro to their announcement Monday that next year, suggested code fragments will come with the ability to identify when it matches other publicly-available code — or code that it's similar to.

The article adds that this lawsuit "comes at a time when Microsoft is looking at developing Copilot technology for use in similar programmes for other job categories, like office work, cyber security, or video game design, according to a Bloomberg report."

An anonymous reader quotes a report from BleepingComputer: The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The goal is to assess UK's vulnerability to cyber-attacks and to help the owners of Internet-connected systems understand their security posture. "These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact," the agency said. "The NCSC uses the data we have collected to create an overview of the UK's exposure to vulnerabilities following their disclosure, and track their remediation over time."

NCSC's scans are performed using tools hosted in a dedicated cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk and two IP addresses (18.171.7.246 and 35.177.10.231). The agency says that all vulnerability probes are tested within its own environment to detect any issues before scanning the UK Internet. "We're not trying to find vulnerabilities in the UK for some other, nefarious purpose," NCSC technical director Ian Levy explained. "We're beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we're doing (and why we're doing it)." The NCSC says it will "take steps to remove [any sensitive or personal data] and prevent it from being captured again in the future."

British organizations can opt out of having their servers scanned by emailing a list of IP addresses they want to be excluded at scanning@ncsc.gov.uk.

Mitch Lowe and Ted Farnsworth already settled with the FTC over fraudulent activity affecting MoviePass customers, but now the former heads of MoviePass and its parent company, Helios and Matheson Analytics (HMNY), are facing criminal allegations of securities fraud and wire fraud. The Verge reports: The Department of Justice announced the charges today, saying false statements made by both men defrauded investors in HMNY when the execs pretended like the company's money-losing $9.95 "unlimited" moviegoing plan had any hope of profitability. HMNY's own auditor cast doubt on the company's viability in a report in 2018, but at the time, Farnsworth downplayed the advisory, telling Insider that "pretty much most" companies running at a loss would have a similar warning.

But the big problem is his claims that HMNY's analytics prowess could somehow monetize data generated from MoviePass simply didn't hold up: prosecutors now allege "Farnsworth and Lowe knew HMNY did not possess these technologies or capabilities to monetize MoviePass's subscriber data or incorporate these technologies into the MoviePass application." [...] The DOJ says each man is facing one count of securities fraud and three counts of wire fraud over the lies they allegedly told in "press releases, SEC filings, interviews on podcasts and on television, and in print and online media."

An anonymous reader quotes a report from TechCrunch: Pharmaceutical giant AstraZeneca has blamed "user error" for leaving a list of credentials online for more than a year that exposed access to sensitive patient data. Mossab Hussein, chief security officer at cybersecurity startup SpiderSilk, told TechCrunch that a developer left the credentials for an AstraZeneca internal server on code sharing site GitHub in 2021. The credentials allowed access to a test Salesforce cloud environment, often used by businesses to manage their customers, but the test environment contained some patient data, Hussein said. Some of the data related to AZ&ME applications, which offers discounts to patients who need medications. TechCrunch provided details of the exposed credentials to AstraZeneca, and the GitHub repository containing the credentials was inaccessible hours later. In a statement, AstraZeneca spokesperson Patrick Barth told TechCrunch: "The protection of personal data is extremely important to us and we strive for the highest standards and compliance with all applicable rules and laws. Due to an [sic] user error, some data records were temporarily available on a developer platform. We stopped access to this data immediately after we have been [sic] informed. We are investigating the root cause as well as assessing our regulatory obligations."

It's unclear if anyone was able to access the data, or if any data was exfiltrated.

According to a new report, almost half of Android-based mobile phones used by U.S. state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities that can be leveraged for attacks. From a report: These statistics come from a report by cybersecurity firm Lookout, based on an analysis of 200 million devices and 175 million applications from 2021 to H2 2022. The report additionally warns of a rise in all threat metrics, including attempted phishing attacks against government employees, reliance on unmanaged mobile devices, and liability points in mission-critical networks. Outdated versions of mobile operating systems allow attackers to exploit vulnerabilities that can be used to breach targets, run code on the device, plant spyware, steal credentials, and more. For example, last week, Apple released iOS 16.1, fixing an actively exploited zero-day memory corruption flaw used by hackers against iPhone users to achieve arbitrary code execution with kernel privileges.

Lookout reports that ten months after iOS 15 had been made available to users, 5% of federal government employees and 30% of state and local government devices were running older versions of the operating system. The situation is much worse for Android, as ten months after the release of version 12, approximately 30% of federal devices and almost 50% of state and local government devices still needed to upgrade to the latest versions, thus remaining vulnerable to bugs that can be exploited in attacks. It should be noted that Android 13 is the latest version of the operating system, but it was released after the first half of 2022, from which this data was collected.

Stadiums around the world, including at the 2022 World Cup in Qatar, are subjecting spectators to invasive biometric surveillance tech. From a report: This fall, more than 15,000 cameras will monitor soccer fans across eight stadiums and on the streets of Doha during the 2022 World Cup, an event expected to attract more than 1 million football fans from around the globe. "What you see here is the future of stadium operations," the organizers' chief technology officer, Niyas Abdulrahiman, proudly told AFP in August. "A new standard, a new trend in venue operations, this is our contribution from Qatar to the world of sport." Qatar's World Cup organizers are not alone in deploying biometric technology to monitor soccer fan activity. In recent years, soccer clubs and stadiums across Europe have been introducing these security and surveillance technologies.

In Denmark, Brondby Stadium has been using facial recognition for ticketing verification since 2019. In the Netherlands, NEC Nijmegen has used biometric technology to grant access to Goffert Stadium. France's FC Metz briefly experimented with a facial recognition device to identify fans banned from Saint-Symphorien Stadium. And the UK's Manchester City reportedly hired Texas-based firm Blink Identity in 2019 to deploy facial recognition systems at Etihad Stadium. In Spain, Atletico Osasuna uses facial recognition to monitor and control access to El Sadar Stadium, while Valencia CF signed a deal in June 2021 with biometrics company FacePhi to design and deploy facial-recognition technology at Mestalla Stadium in the upcoming season. The sport club then became a global ambassador for the company's technology. FacePhi's biometric onboarding technology was already used for a pilot project to enroll Valencia CF fans in an automated access control system that allowed them to get into the stadium using a QR code via the football club's mobile app. (A FacePhi spokesperson declined to provide details about the project but said "that we are not yet in the implementation phase with Valencia CF.")

TorrentFreak reports: Several domains related to popular ebook repository Z-Library became inaccessible a few hours ago. DNS records and other information suggest that the shadow library was targeted by the Postal Inspection Service, in collaboration with the U.S. Department of Justice. Confusingly, Z-Library says that the downtime is linked to a hosting issue.

The New York Police Department has joined Ring Neighbors, the neighborhood surveillance network built around Amazon's Ring security cameras. The Verge reports: The partnership, announced yesterday, means the NYPD will view people's posts on Neighbors and be able to post directly to it, including requests for public help on "active police matters." Neighbors is a Nextdoor-like extension of Ring's security camera business, allowing residents of a neighborhood to discuss crime and safety as well as post footage from their cameras. While many law enforcement departments have joined Neighbors in recent years, this marks its adoption by America's largest police force. (Police could separately request Ring footage for criminal investigations without the app.) It's part of an increasingly tight integration between Amazon and police -- one that's raised both concerns about privacy and questions about its crime-solving value.

An anonymous reader quotes a report from Reason Magazine: The Babylon Bee this week joined The Onion in urging the Supreme Court to defend the First Amendment against an Ohio law that makes parody a felony. The case, which the Institute for Justice is asking the Court to take up, involves Parma resident Anthony Novak, who in 2016 was prosecuted for violating a state law against using a computer to "disrupt, interrupt, or impair the functions of any police, fire, educational, commercial, or governmental operations." Novak supposedly did that by creating a parody of the Parma Police Department's Facebook page. [...]

For obvious reasons, the right-leaning Bee, like the left-leaning Onion, is alarmed by the implication that people have no recourse against cops who arrest them for making fun of government agencies. "The Bee is serving a brutal life sentence in Twitter jail as we speak," says its amicus brief (PDF) in Novak v. City of Parma. "Its writers would very much like to avoid a consecutive sentence in a government-run facility." The premise of Novak's prosecution was that he had disrupted police operations by prompting calls about his parody to the department's nonemergency line. "Left in the hands of the Sixth Circuit and the Parma PD (and other like-minded law enforcement), the speech-stifling Ohio statute used to go after Mr. Novak empowers state officials to search, arrest, jail, and prosecute parodists without fear of ever being held accountable," the Bee says. "The upshot for The Bee is that, in Ohio at least, its writers could be jailed for many, if not most, of the articles The Bee publishes, provided that someone contacted law enforcement -- or another entity 'protected' by [Ohio's law] -- to tell them that the articles exist."

Consider the March 3 Bee story headlined "Donut Sales Surge as Police Departments Re-Funded." If someone "had called the Parma Police Department to let them know that The Bee had published the article," the brief suggests, the publication "could have been charged with a felony, its offices searched, and its writers arrested and jailed for days, all without consequence for the parties doing the charging, arresting, jailing, and searching." Likewise if an officer's "passive-aggressive brother-in-law had forwarded the article" to the cop's official email address, thereby "interrupt[ing]" his work. Given the broad wording of Ohio's law, which refers to "governmental operations" generally, Bee articles about federal agencies, such as its August 12 report on the FBI's search of Mar-a-Lago, also could be treated as grounds for arrest. "Had a caller contacted the FBI field office in Cleveland or Cincinnati" to "express outrage over the suspicious timing of the FBI's raid on Melania Trump's Mar-a-Lago closet and Attorney General Garland's acquisition of a haute couture wardrobe," the Bee notes, that could be the basis for a felony charge in Ohio. On the First Amendment issues raised by this case, both The Onion and The Babylon Bee see eye to eye.

"The Onion may be staffed by socialist wackos, but in their brief defending parody to this Court, they hit it out of the park," the Bee says. "Parody has a unique capacity to speak truth to power and to cut its subjects down to size. Its continued protection under the First Amendment is crucial to preserving the right of citizens to effectively criticize the government."

An anonymous reader quotes a report from Motherboard: Two of the largest meat companies in the U.S. have invested in a smartwatch app that allows managers to track and monitor worker's movements. According to a report by Investigate Midwest, a non-profit newsroom covering the agri-business industry, JBS and Tyson Foods have backed Mentore, a start-up that claims it uses surveillance data and AI to improve worker productivity and reduce workplace injuries. Once paired with a compatible smartwatch, Mentore's application uses sensors to collect data on the force, rotation, speed, and directional movement of a worker's arm as they repeatedly complete the same task. The company's algorithm then analyzes that data to determine if those movements are safe and alerts the individual if they are found to be using too much speed or force. According to the report and Mentore's co-founder, Apoorva Kiran, the watch can also detect dehydration.

This raw watch data is then converted to real-time metrics that are made visible to supervisors on a dashboard. At the moment, it seems that Mentore plans to combat uncertainty and issues about transparency about the app by allowing workers to access their current and historical "injury risk" scores, but it's unclear whether they can do anything to challenge the real-time metrics on the watch itself. The app can also differentiate between "intense active motion" and "mild active motion." According to Mentore's site, this kind of data can "improve productivity, turnover, and safety at scale in real-time." [...] According to Investigate Midwest, the system has already been installed on about 10,000 devices across five industries in four different countries, including the U.S, Canada, Chile, and Japan. The move mirrors similar controversial tracking practices that many other companies, including Amazon, have tried to implement over the years in a bid to increase worker productivity. "Besides the tracking and the invasion of somebody's privacy, there is this real safety and health issue," Mark Lauritsen, an international vice president of the United Food and Commercial Workers Union (UFCW) and head of the union's meatpacking division, told Motherboard. He says that requiring workers to wear a watch or any other jewelry would be in violation of health and safety policies, opening them up to workplace injury and potentially leading to contamination of the product.

"We're not going to allow their need to have more money and more productivity endanger people's lives and limbs just so they can make an extra dollar," Lauritsen said. "It's just not gonna happen."

TikTok is spelling out to its European users of the platform that their data can be accessed by employees outside the continent, including in China, amid political and regulatory concerns about Chinese access to user information on the site. From a report: The Chinese-owned social video app is updating its privacy policy to confirm that staff in countries, including China, are allowed to access user data to ensure their experience of the platform is "consistent, enjoyable and safe." The other countries where European user data could be accessed by TikTok staff include Brazil, Canada and Israel as well as the US and Singapore, where European user data is stored currently. [...] Data could be used to conduct checks on aspects of the platform, including the performance of its algorithms, which recommend content to users, and detect vexatious automated accounts. TikTok has previously acknowledged that some user data is accessed by employees of the company's parent, ByteDance, in China.

New EU rules came into force today that could compel Apple to let users access third-party app stores and permit app sideloading on iPhones and iPads, among other sweeping changes designed to make the digital sector fairer and more competitive. MacRumors reports: Under the Digital Markets Act (DMA), the rules will apply to tech giants that meet its "gatekeeper" criteria and force them to open up their various services and platforms to other companies and developers. Apple is almost certain to be classified as a "gatekeeper" due to the size of its annual turnover in the EU, its ownership and operation of platforms with a large number of active users, and its "entrenched and durable position" due to how long it has met these criteria, and will therefore be subject to the rules set out in the DMA.

The DMA could force Apple to make major changes to the way the App Store, Messages, FaceTime, and Siri work in Europe. For example, it could be forced to allow users to install third-party app stores and sideload apps, give developers the ability to closely interoperate with Apple's own services and promote their offers outside the App Store and use third-party payment systems, and access data gathered by Apple. One of the more recent additions to the DMA is the requirement to make messaging, voice-calling, and video-calling services interoperable. The interoperability rules theoretically mean that Meta apps like WhatsApp or Messenger could request to interoperate with Apple's iMessage framework, and Apple would be forced to comply within the EU.

The DMA was proposed by the European Commission in December 2020 and agreed by the European Parliament and the Council in record-time, in March 2022. It now moves into a six-month implementation phase and will start to apply on May 2, 2023. After that, within two months and at the latest by July 3, 2023, potential gatekeepers will have to inform the Commission of their core platform services if they meet the thresholds established by the DMA. Once the Commission has received the complete information, it will have 45 working days to make an assessment as to whether the company in question meets the thresholds and to designate them as gatekeepers. Following their designation, gatekeepers will have six months to comply with the requirements in the DMA, at the latest by March 6, 2024.

An anonymous reader quotes a report from The Intercept: The Department of Homeland Security is quietly broadening its efforts to curb speech it considers dangerous, an investigation by The Intercept has found. Years of internal DHS memos, emails, and documents -- obtained via leaks and an ongoing lawsuit, as well as public documents -- illustrate an expansive effort by the agency to influence tech platforms. The work, much of which remains unknown to the American public, came into clearer view earlier this year when DHS announced a new "Disinformation Governance Board": a panel designed to police misinformation (false information spread unintentionally), disinformation (false information spread intentionally), and malinformation (factual information shared, typically out of context, with harmful intent) that allegedly threatens U.S. interests. While the board was widely ridiculed, immediately scaled back, and then shut down within a few months, other initiatives are underway as DHS pivots to monitoring social media now that its original mandate -- the war on terror -- has been wound down.

Behind closed doors, and through pressure on private platforms, the U.S. government has used its power to try to shape online discourse. According to meeting minutes and other records appended to a lawsuit filed by Missouri Attorney General Eric Schmitt, a Republican who is also running for Senate, discussions have ranged from the scale and scope of government intervention in online discourse to the mechanics of streamlining takedown requests for false or intentionally misleading information. [...] There is also a formalized process for government officials to directly flag content on Facebook or Instagram and request that it be throttled or suppressed through a special Facebook portal that requires a government or law enforcement email to use. At the time of writing, the "content request system" at facebook.com/xtakedowns/login is still live. These are the key takeaways from the report: - Though DHS shuttered its controversial Disinformation Governance Board, a strategic document reveals the underlying work is ongoing.
- DHS plans to target inaccurate information on 'the origins of the COVID-19 pandemic and the efficacy of COVID-19 vaccines, racial justice, U.S. withdrawal from Afghanistan, and the nature of U.S. support to Ukraine."
- Facebook created a special portal for DHS and government partners to report disinformation directly.
- The work is primarily done by CISA, a DHS sub-agency tasked with protecting critical national infrastructure.
- DHS, the FBI, and several media entities are having biweekly meetings as recently as August.
- DHS considered countering disinformation relating to content that undermines trust in financial systems and courts.
- The FBI agent who primed social media platforms to take down the Hunter Biden laptop story continued to have a role in DHS policy discussions.

An anonymous reader quotes a report from the Associated Press: The White House is bringing together three dozen nations, the European Union and a slew of private-sector companies for a two-day summit starting Monday that looks at how best to combat ransomware attacks. The second International Counter Ransomware Summit will focus on priorities such as ensuring systems are more resilient to better withstand attacks and disrupt bad actors planning such assaults. A senior Biden administration official cited recent attacks such as one that targeted the Los Angeles school district last month to underscore the urgency of the issue and the summit. The official previewed the event on the condition of anonymity.

Among the administration officials planning to participate in the event are FBI Director Christopher Wray, national security adviser Jake Sullivan, Deputy Treasury Secretary Wally Adeyemo and Deputy Secretary of State Wendy Sherman. President Joe Biden is not expected to attend. Participating countries are Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Croatia, the Czech Republic, the Dominican Republic, Estonia, the European Commission, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Poland, the Republic of Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, Ukraine, the United Arab Emirates, the United Kingdom and the United States.