Government

Louisiana Passes Bill Banning Kids From the Internet Without Parental Consent (theverge.com) 108

Louisiana lawmakers have passed a bill that would prohibit minors from creating their own social media accounts without parental consent, potentially impacting popular platforms like Instagram and online games such as Roblox and Fortnite. The Verge reports: The bill, HB61, would ban "interactive computer services" from allowing people under 18 to sign up for their own accounts without parental consent. The bill's definition of online services is extremely broad, seemingly barring minors from creating social media accounts on sites like Instagram, accessing popular online games like Roblox and Fortnite, or even registering for an email address. The bill also goes as far as allowing parents to cancel the terms of service contracts their children entered into when signing up for existing accounts.

As of publication, it's unclear how the state plans to enforce these new rules, but it calls on state entities to review the bill and provide feedback before it would go into effect. The Louisiana State Legislature passed the bill unanimously on Tuesday, sending it to Gov. John Bel Edwards' desk for final approval. The ban would go into effect August 1st of next year if he chooses to sign it.
"We are hopeful that Governor Edwards will veto this bill. It violates First Amendment rights, takes away parental rights for their families and requires massive data collection on all Louisiana citizens," NetChoice vice president and general counsel Carl Szabo said in a statement Thursday.

"It's true that Big Tech's advertising model hurts kids and teens," Fight for the Future said in a call for people to tell their elected officials not to pass online age restrictions. "But age-gating all social media, for anyone under 18? That won't solve the problem, and it's a direct attack on millions of young people's First Amendment rights."

Further reading: Congress Shocked To Discover 10 Year Olds Check the 'I'm Over 18' Box Online [Not The Onion]
Patents

Smart TV Industry Rocked By Alleged Patent Conspiracy From Chipmaker (arstechnica.com) 27

An anonymous reader quotes a report from Ars Technica: During the pandemic, the demand for smart TVs dwindled as the supply chain for critical TV components became unreliable and consumers began tightening up on frivolous spending. Amid this smart TV demand slump, one of the world's top TV chipmakers, Taiwan-based Realtek, was hit with multiple meritless lawsuits by an alleged patent troll, Future Link Systems. These actions, Realtek said, drained its resources, made Realtek appear unreliable as a TV-chip supplier, and created "the harmful illusion of supply chain uncertainties in an already constrained industry." Determined to defend its reputation and maintain its dominant place in the market, Realtek filed a lawsuit (PDF) this week in a US district court in California. In it, the TV chipmaker alleged that Future Link launched "an unprecedented and unseemly conspiracy" with the world's leading TV-chip supplier, Taiwan-based MediaTek, and was allegedly paid a "bounty" to file frivolous patent infringement claims intended to drive Realtek out of the TV-chip market.

The scheme allegedly worked like this: Future Link "intentionally and knowingly" asked a US district court in Texas and the US International Trade Commission "for injunctions prohibiting importation of Realtek TV Chips and devices containing the same into the United States," Realtek alleged. This allowed MediaTek to reap the benefits of diminished competition in that market, Realtek claimed. Today, Reuters reported that MediaTek has officially responded to Realtek's allegations, vowing to defend itself against the lawsuit and claiming that MediaTek will supply evidence to dispute Realtek's claims.

Realtek's lawsuit seeks a jury trial to fight back against MediaTek and Future Link, as well as IPValue Management, which the complaint said owns and operates Future Link. The TV chipmaker alleged that defendants violated unfair competition laws in California, as well as federal laws. Any damages won from the lawsuit will be donated to charity, Realtek said. Realtek's complaint likens MediaTek to "robber barons of the Industrial Age," allegedly seeking to destroy competition and secure a monopoly in the TV-chip market. "With this action, Realtek seeks to stop a modern robber baron and its hired henchmen, protect itself from ongoing injury, and guard against the destruction of competition in the critical semiconductor industry by holding defendants accountable for their conspiracy," the complaint said.

The Courts

Apple, Epic Ask US Appeals Court To Reconsider Its Antitrust Ruling (reuters.com) 17

Apple and "Fortnite" maker Epic Games have both asked a U.S. appeals court to reconsider its April ruling in an antitrust case that could force Apple to change payment practices in its App Store. From a report: Apple and Epic, in separate court filings, mounted challenges to a ruling by a three-judge panel of the San Francisco-based 9th U.S. Circuit Court of Appeals. Lawyers for the two companies said the panel should rehear the case or the court should convene "en banc," as an 11-judge panel, to reconsider the dispute. The April three-judge ruling upheld a 2021 order in California federal court in Epic's lawsuit which accused Apple of unlawfully requiring software developers to pay up to 30% in commissions on consumers' in-app purchases.

The trial judge found that Apple violated a California state unfair competition law, but not U.S. antitrust provisions. Apple's new filingchallenged a nationwide injunction over conduct Apple said was "procompetitive and does not violate the antitrust laws." Epic's 9th Circuit filing argued that its claims against Apple directly implicate the "core purpose" of U.S. antitrust law to foster competition. Epic also argued that the appeals court did not conduct a "rigorous" balancing between asserted asserted consumer benefits and anticompetitive effects of Apple's practices.

Privacy

iOS 17 Automatically Removes Tracking Parameters From Links You Click On (9to5mac.com) 54

iOS 17 and macOS Sonoma include even more privacy-preserving features while browsing the web. From a report: Link Tracking Protection is a new feature automatically activated in Mail, Messages, and Safari in Private Browsing mode. It detects user-identifiable tracking parameters in link URLs, and automatically removes them.

Adding tracking parameters to links is one way advertisers and analytics firms try to track user activity across websites. Rather than storing third-party cookies, a tracking identifier is simply added to the end of the page URL. This would circumvent Safari's standard intelligent tracking prevention features that block cross-site cookies and other methods of session storage. Navigating to that URL allows an analytics or advertising service at the destination to read the URL, extract those same unique parameters, and associate it with their backend user profile to serve personalized ads.

The Courts

Malwarebytes Faces Lawsuit For Classifying Rival's Anti-Spyware Program As a Threat (techspot.com) 38

Enigma software group has won a crucial case in the U.S. Court of Appeals for the Ninth Circuit, allowing it to proceed with its lawsuit against Malwarebytes for flagging its anti-spyware software as a 'potentially unwanted program.' The lawsuit alleges that Malwarebytes has engaged in anti-competitive conduct under the Lanham Act and tortious interference with Enigma's business. TechSpot reports: The ruling has been lambasted by some legal experts, who believe it could hamper cybersecurity service providers from doing their job effectively. Talking to The Register, Eric Goldman, professor at Santa Clara University School of Law, claimed that the Ninth Circuit's decision was erroneous, as it failed to differentiate between facts and opinions properly. According to him, in deciding in favor of Enigma, the Ninth Circuit failed to comprehend how the cybersecurity industry operates, and how security companies use the terms 'malicious' and 'threat.' He also felt that thanks to the judgment, there will now be more disputes over such classifications in the future, making the job of cybersecurity companies tougher than ever before.

Goldman further argued that the Ninth Circuit's decision would mean anti-malware software vendors will now simply minimize their financial and legal risks by leaving out supposed anti-threat programs from their list of suspect apps even if they display dangerous behavior, which could pose a major threat to consumers. Some smaller players could also exit the industry altogether, which would further hurt consumers by reducing competition. Goldman was also critical of the Supreme Court for denying Malwarebytes' appeal, and called out Justice Clarence Thomas in particular for writing what he called a "gratuitous error-riddled statement about Section 230 that spurred many regulators to pursue their censorship agendas."
Enigma said in a statement: "Malwarebytes (has) disparaged Enigma's products for commercial advantage by making misleading statements of fact. ... Trying to wrap them in a First Amendment flag does not make them any less offensive or any less actionable."

Eric Goldman, professor at Santa Clara University School of Law, told The Register in an email, "This case is like a wrecking ball for internet law." He added: "The Ninth Circuit already damaged Section 230 by creating an exception to its coverage (for 'anticompetitive animus') that no one understands and has not benefited anyone. Then, when the Supreme Court denied the appeal, Justice Thomas wrote a gratuitous error-riddled statement about Section 230 that spurred many regulators to pursue their censorship agendas. Now, the Ninth Circuit has redefined the standards for what constitutes a statement of 'fact' as opposed to an opinion in a way that hurts businesses in the anti-threat software space and well beyond."

"If each classification could similarly support weaponization in court by businesses unhappy with the classifications, then anti-threat software vendors will avoid the financial and legal risks by lowering their cybersecurity standards or exiting the industry," said Goldman. "That puts all of us at greater risk."
Government

10 Years After Snowden's First Leak, What Have We Learned? (theregister.com) 139

An anonymous reader quotes a report from The Register: The world got a first glimpse into the US government's far-reaching surveillance of American citizens' communications -- namely, their Verizon telephone calls -- 10 years ago this week when Edward Snowden's initial leaks hit the press. [...] In the decade since then, "reformers have made real progress advancing the bipartisan notion that Americans' liberty and security are not mutually exclusive," [US Senator Ron Wyden (D-OR)] said. "That has delivered tangible results: in 2015 Congress ended bulk collection of Americans' phone records by passing the USA Freedom Act." This bill sought to end the daily snooping into American's phone calls by forcing telcos to collect the records and make the Feds apply for the information.

That same month, a federal appeals court unanimously ruled that the NSA's phone-records surveillance program was unlawful. The American Civil Liberties Union (ACLU) and the New York Civil Liberties Union sued to end the secret phone spying program, which had been approved by the Foreign Intelligence Surveillance Court, just days after Snowden disclosed its existence. "Once it was pushed out into open court, and the court was able to hear from two sides and not just one, the court held that the program was illegal," Ben Wizner, director of the ACLU Speech, Privacy and Technology project, told The Register. The Freedom Act also required the federal government to declassify and release "significant" opinions of the Foreign Intelligence Surveillance Court (FISC), and authorized the appointment of independent amici -- friends of the court intended to provide an outside perspective. The FISC was established in 1978 under the FISA -- the legislative instrument that allows warrantless snooping. And prior to the Freedom Act, this top-secret court only heard the government's perspective on things, like why the FBI and NSA should be allowed to scoop up private communications.

"To its credit, the government has engaged in reforms, and there's more transparency now that, on the one hand, has helped build back some trust that was lost, but also has made it easier to shine a light on surveillance misconduct that has happened since then," Jake Laperruque, deputy director of the Center for Democracy and Technology's Security and Surveillance Project, told The Register. Wyden also pointed to the sunsetting of the "deeply flawed surveillance law," Section 215 of the Patriot Act, as another win for privacy and civil liberties. That law expired in March 2020 after Congress did not reauthorize it. "For years, the government relied on Section 215 of the USA Patriot Act to conduct a dragnet surveillance program that collected billions of phone records (Call Detail Records or CDR) documenting who a person called and for how long they called them -- more than enough information for analysts to infer very personal details about a person, including who they have relationships with, and the private nature of those relationships," Electronic Frontier Foundation's Matthew Guariglia, Cindy Cohn and Andrew Crocker said.
James Clapper, the former US Director of National Intelligence, "stated publicly that the Snowden disclosures accelerated by seven years the adoption of commercial encryption," Wizner said. "At the individual level, and at the corporate level, we are more secure."

"And at the corporate level, what the Snowden revelations taught big tech was that even as the government was knocking on the front door, with legal orders to turn over customer data, it was breaking in the backdoor," Wizner added. "Government was hacking those companies, finding the few points in their global networks where data passed unencrypted, and siphoning it off." "If you ask the government -- if you caught them in a room, and they were talking off the record -- they would say the biggest impact for us from the Snowden disclosures is that it made big tech companies less cooperative," he continued. "I regard that as a feature, not a bug."

The real issue that the Snowden leaks revealed is that America's "ordinary system of checks and balances doesn't work very well for secret national security programs," Wizner said. "Ten years have gone by," since the first Snowden disclosures, "and we don't know what other kinds of rights-violating activities have been taking place in secret, and I don't trust our traditional oversight systems, courts and the Congress, to ferret those out," Wizner said. "When you're dealing with secret programs in a democracy, it almost always requires insiders who are willing to risk their livelihoods and their freedom to bring the information to the public."
Security

Microsoft Says Clop Ransomware Gang Is Behind MOVEit Mass-Hacks (techcrunch.com) 12

An anonymous reader quotes a report from TechCrunch: Security researchers have linked to the notorious Clop ransomware gang a new wave of mass-hacks targeting a popular file transfer tool, as the first victims of the attacks begin to come forward. It was revealed last week that hackers are exploiting a newly discovered vulnerability in MOVEit Transfer, a file-transfer tool widely used by enterprises to share large files over the internet. The vulnerability allows hackers to gain unauthorized access to an affected MOVEit server's database. Progress Software, which develops the MOVEit software, has already released some patches. Over the weekend, the first victims of the attacks began to come forward.

Zellis, a U.K.-based human resources software maker and payroll provider, confirmed in a statement that its MOVEit system was compromised, with the incident affecting a "small number" of its corporate customers. One of those customers is U.K. airline giant British Airways, which told TechCrunch that the breach included the payroll data of all of its U.K.-based employees. [...] The U.K.'s BBC also confirmed it was affected by the incident affecting Zellis. [...] The government of Nova Scotia, which uses MOVEit to share files across departments, said in a statement that some citizens' personal information may have been compromised. The Nova Scotia government said it took its affected system offline, and is working to determine "exactly what information was stolen, and how many people have been impacted."

It was initially unclear who was behind this new wave of hacks, but Microsoft security researchers are attributing the cyberattacks to a group it tracks as "Lace Tempest." This gang is a known affiliate of the Russia-linked Clop ransomware group, which was previously linked to mass-attacks exploiting flaws in Fortra's GoAnywhere file transfer tool and Accellion's file transfer application. Microsoft researchers said that the exploitation of the MOVEit vulnerability is often followed by data exfiltration. Mandiant isn't yet making the same attribution as Microsoft, but noted in a blog post over the weekend that there are "notable" similarities between a newly created threat cluster it's calling UNC4857 that has as-of-yet "unknown motivations," and FIN11, a well-established ransomware group known to operate Clop ransomware. "Ongoing analysis of emerging activity may provide additional insights," Mandiant said.
"It's likely many more victims of the MOVEit breach will come to light over the next few days," adds TechCrunch.

"Shodan, a search engine for publicly exposed devices and databases, showed that more than 2,500 MOVEit Transfer servers were discoverable on the internet."
Privacy

TSA Expands Controversial Facial Recognition Program (cbsnews.com) 70

SonicSpike shares a report from CBS News: As possible record-setting crowds fill airports nationwide, passengers may encounter new technology at the security line. At 25 airports in the U.S. and Puerto Rico, the TSA is expanding a controversial digital identification program that uses facial recognition. This comes as the TSA and other divisions of Homeland Security are under pressure from lawmakers to update technology and cybersecurity. "We view this as better for security, much more efficient, because the image capture is fast and you'll save several seconds, if not a minute," said TSA Administrator David Pekoske.

At the world's busiest airport in Atlanta, the TSA checkpoint uses a facial recognition camera system to compare a flyer's face to the picture on their ID in seconds. If there's not a match, the TSA officer is alerted for further review. "Facial recognition, first and foremost, is much, much more accurate," Pekoske said. "And we've tested this extensively. So we know that it brings the accuracy level close to 100% from mid-80% with just a human looking at a facial match." The program has been rolled out to more than two dozen airports nationwide since 2020 and the TSA plans to add the technology, which is currently voluntary for flyers, to at least three more airports by the end of the year. There are skeptics. Five U.S. senators sent a letter demanding that TSA halt the program.

The Courts

SEC Asks For Emergency Order To Freeze Binance US Assets Anywhere In the World (cnbc.com) 9

The U.S. Securities and Exchange Commission (SEC) has filed an emergency motion seeking to freeze the assets of Binance's U.S. platform and repatriate the funds held by its customers, including both fiat currency and cryptocurrencies. CNBC reports: The freezing order only applies Binance's two U.S. holding companies, not to the non-U.S. regulated international exchange. The order would apply to dozens of accounts held at Axos Bank, the defunct Silvergate Bank, Prime Trust, and other institutions. Two foreign entities also controlled by Zhao, Sigma Chain and Merit Peak, served as conduits for billions of dollars of customer money that was improperly commingled with Binance's funds, the SEC has alleged.

The emergency restraining order was necessary, the regulator argued, to "prevent the dissipation of available assets for any judgment, given the Defendants' years of violative conduct, disregard of the laws of the United States." The order also compels Binance's founder, Changpeng Zhao, to "show cause why a preliminary injunction" against Zhao and his two holding companies "should not be entered." The restraining order would also prevent all three entities from destroying evidence.
On Monday, the SEC filed a lawsuit against Binance and the company's founder, Changpeng Zhao, accusing the exchange of mishandling customer funds as well as lying to regulators and investors about its operations.
Microsoft

Microsoft To Pay $20 Million Settlement For Illegally Collecting Children's Personal Data (techcrunch.com) 15

Microsoft has agreed to pay $20 million to settle charges by the Federal Trade Commission (FTC) that it illegally collected personal information from children without parental consent and retained it for extended periods. TechCrunch reports: The federal consumer watchdog said Microsoft violated the Children's Online Privacy Protection Act (COPPA), the federal law that governs the online privacy protections for children under the age of 13, which requires companies notify parents about the data they collect, obtain parental consent and delete the data when it's no longer necessary. The FTC said children signing up to Microsoft's Xbox gaming service were asked to provide their personal information -- including their name, email address, phone number and date of birth -- which until 2019 included a pre-filled check box allowing Microsoft to share user information with advertisers. The FTC said Microsoft collected this data before asking for the parent to complete the account setup, but held onto children's data even if the parent abandoned the sign-up process.

"Only after gathering that raft of personal data from children did Microsoft get parents involved in the process," said FTC's Lesley Fair in a corresponding blog post. As a result, the FTC will require Microsoft to notify parents and obtain consent for accounts created before May 2021. Microsoft will also have to establish new systems to delete children's personal information if it hasn't obtained parental consent, and to ensure the data is deleted when it's no longer needed.

Government

White House Quiet on National Cyber Director Choice, Senator Says (axios.com) 9

The White House has not shared much of anything with lawmakers about who the administration thinks should be the next national cyber director, a top cyber-minded senator told Axios. From the report: It's been nearly four months since Chris Inglis stepped down as the first national cyber director inside the White House, and lawmakers and policy experts have been putting pressure on President Joe Biden in recent weeks to name a replacement.

Last month, Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wis.) sent a letter to Biden questioning the delay in picking a nominee and encouraging the president to nominate current acting director Kemba Walden to the post. Yet in the three weeks since the lawmakers sent their letter, they haven't heard anything from the White House, King told Axios in a recent interview. What they're saying: "I'm really puzzled; I just don't know what's going on," King told Axios. "This is an important job, and it's an important moment and they have a highly qualified, able acting director." Congress created the Office of the National Cyber Director (ONCD) as the Biden administration was taking office in early 2021.

The Courts

SEC Sues Coinbase Over Exchange and Staking Programs (cnbc.com) 31

The Securities and Exchange Commission sued crypto exchange Coinbase in New York federal court on Tuesday morning, alleging that the company was acting as an unregistered broker and exchange and demanding that the company be "permanently restrained and enjoined" from continuing to do so. From a report: Coinbase's flagship prime brokerage, exchange and staking programs violate securities laws, the regulator alleged in its complaint. The company "has for years defied the regulatory structures and evaded the disclosure requirements" of U.S. securities law. The SEC has alleged that at least 13 crypto assets available to Coinbase customers were considered "crypto asset securities" by the regulator. Those assets include Solana's SOL token, Cardano's token and Protocol Labs' Filecoin token. "We allege that Coinbase, despite being subject to the securities laws, commingled and unlawfully offered exchange, broker-dealer, and clearinghouse functions," said SEC chair Gary Gensler said in a statement.
Facebook

More Than 2,000 Families Suing Social Media Companies Over Kids' Mental Health (cbsnews.com) 92

schwit1 shares a report from CBS News: When whistleblower Frances Haugen pulled back the curtain on Facebook in the fall of 2021, thousands of pages of internal documents showed troubling signs that the social media giant knew its platforms could be negatively impacting youth, and were doing little to effectively change it. With around 21 million American adolescents on social media, parents took note. Now, families are suing social media. Since we first reported this story last December, the number of families pursuing lawsuits has grown to over 2,000. More than 350 lawsuits are expected to move forward this year against TikTok, Snapchat, YouTube, Roblox and Meta -- the parent company to Instagram and Facebook.

Kathleen Spence: They're holding our children hostage and they're seeking and preying on them. Sharyn Alfonsi: Preying on them? Kathleen Spence: Yes. The Spence family is suing social media giant Meta. Kathleen and Jeff Spence say Instagram led their daughter Alexis into depression and to an eating disorder at the age of 12. [...] Attorney Matt Bergman represents the Spence family. He started the Social Media Victims Law Center after reading the Facebook papers and is now working with more than 1,800 families who are pursuing lawsuits against social media companies like Meta. Matt Bergman: Time and time again, when they have an opportunity to choose between safety of our kids and profits, they always choose profits.

This summer, Bergman and his team plan on starting the discovery process for the federal case against Meta and other social media companies, a multi-million dollar suit that he says is more about changing policy than financial compensation. This summer, Bergman and his team plan on starting the discovery process for the federal case against Meta and other social media companies, a multi-million dollar suit that he says is more about changing policy than financial compensation. Matt Bergman: They have intentionally designed a product that is addictive. They understand that if children stay online, they make more money. It doesn't matter how harmful the material is.

The Courts

SEC Accuses Binance of Mishandling Funds and Lying To Regulators (nytimes.com) 21

The Securities and Exchange Commission has accused Binance, the world's largest cryptocurrency exchange, of mishandling customer funds as well as lying to regulators and investors about its operations in a sweeping case filed in federal court on Monday. From a report: The Wall Street regulator said Binance had been mixing "billions of dollars" in customer funds and secretly sending them to a separate company controlled by Binance's founder, Changpeng Zhao. The charges included misleading investors about the adequacy of its systems to detect and control manipulative trading. Regulators also said Binance did not take sufficient steps to restrict U.S. investors from accessing Binance's unregulated exchange.

"We allege that Zhao and the Binance entities not only knew the rules of the road, but they also consciously chose to evade them and put their customers and investors at risk," said Gurbir S. Grewal, director of the S.E.C.'s enforcement division. The nation's top securities regulator filed 13 charges against Binance and Mr. Zhao, better known in the crypto world as "C.Z." The S.E.C. is taking action a little over a month after the Commodities Futures Trading Commission filed its own civil enforcement action against Binance and Mr. Zhao.

Government

Judge Clears Massachusetts to Finally Enforce Its Right-to-Repair Law (boston.com) 67

An anonymous reader shared this report from Boston.com. On Thursday, Massachusetts Attorney general Andrea Campbell "began enforcing the state's new right-to-repair law following years of bitter debate and a wildly expensive ballot initiative that was approved by voters in 2020." In a nutshell, the law requires automakers selling cars in the state to provide customers and independent repair businesses with access to a type of information called "telematics." The term refers to information that is first detected by a car and then transmitted wirelessly elsewhere. This information can be used to easily ascertain problems with a vehicle...

Now, new car dealers must tell buyers what kind of data is being collected by a car's telematics system and provide them with a way to access that data. It must also be accessible to independent auto repair shops. If this does not happen, car owners and repairs shops can sue carmakers either triple damages or $10,000, whichever is greater. Manufacturers must equip vehicles starting with model year 2022 with a standardized platform for telematics data that owners can access through a mobile application. Owners can then make this information available to independent repair shops and dealers...

The lawsuit has yet to be resolved, and last week carmakers asked US District Judge Douglas Woodlock to issue a temporary restraining order that would prevent Campbell from enforcing the law. In a hearing Woodlock took issue with the law, calling its goal "likely unattainable" and that its enforcement could harm carmakers, according to the Globe. But ultimately Woodlock said that he would not block enforcement.

"The people have voted on this and that's the result," he said. "I am loath to impose my own views on the initiative."

The Almighty Buck

US Financial Watchdog: Money Stored in Venmo/PayPal/CashApp Isn't Federally Insured (apnews.com) 62

The Associated Press reports: Customers of Venmo, PayPal and CashApp should not store their money with those apps for the long term because the funds might not be safe during a crisis, the [U.S.] Consumer Financial Protection Bureau warned Thursday...

The Federal Deposit Insurance Corporation insures bank accounts up to $250,000. But money stored in Venmo or CashApp or Apple Cash is not being held in a traditional bank account. So, if there is an event similar to a bank run with those payment apps, those funds may not be protected. Some of the funds may be eligible for pass-through insurance coverage if customers do certain activities with the apps, the CFPB said, but generally by default the apps are not covered by deposit insurance.

For example, if a customer opened a PayPal Savings account, it would have deposit insurance through PayPal's partner bank, Synchrony Bank. But the general PayPal account is not covered by insurance. For Apple Cash, which can be insured through Green Dot Bank, it requires a user to verify their identity to get deposit insurance. "We find that stored funds can be at risk of loss in the event of financial distress or failure of the entity operating the nonbank payment platform, and often are not placed in an account at a bank or credit union and lack individual deposit insurance coverage," the CFPB said in its report.

"Consumers may not fully appreciate when, or under what conditions, they would be protected by deposit insurance," the agency added in its report.

Government

Arizona Limits Construction Around Phoenix as Its Water Supply Dwindles (nytimes.com) 153

Longtime Slashdot reader MightyMartian shares a report from the New York Times: Arizona has determined that there is not enough groundwater for all of the housing construction that has already been approved in the Phoenix area, and will stop developers from building some new subdivisions (Source paywalled, alternative source), a sign of looming trouble in the West and other places where overuse, drought and climate change are straining water supplies. The decision by state officials very likely means the beginning of the end to the explosive development that has made the Phoenix area the fastest growing metropolitan region in the country. The state said it would not revoke building permits that have already been issued and is instead counting on new water conservation measures and alternative sources to produce the water necessary for housing developments that have already been approved.

Maricopa County, which includes Phoenix and its suburbs, gets more than half its water supply from groundwater. Most of the rest comes from rivers and aqueducts as well as recycled wastewater. In practical terms, groundwater is a finite resource; it can take thousands of years or longer to be replenished. The announcement of a groundwater shortage means Arizona would no longer give developers in some areas of Maricopa County new permits to construct homes that rely on wells for water.

Phoenix and nearby large cities, which must obtain separate permission from state officials for their development plans every 10 to 15 years, would also be denied approval for any homes that rely on groundwater beyond what the state has already authorized. The decision means cities and developers must look for alternative sources of water to support future development -- for example, by trying to buy access to river water from farmers or Native American tribes, many of whom are facing their own shortages. That rush to buy water is likely to rattle the real estate market in Arizona, making homes more expensive and threatening the relatively low housing costs that had made the region a magnet for people from across the country.

Piracy

Music Pirates Are Not Terrorists, Record Labels Argue In Court (torrentfreak.com) 46

An anonymous reader quotes a report from TorrentFreak: A Virginia jury held Cox liable for pirating subscribers because it failed to terminate accounts after repeated accusations, ordering the company to pay $1 billion in damages to the labels. This landmark ruling is currently under appeal. As part of the appeal, Cox informed the court of a supplemental authority that could support its position. The case in question is Twitter vs. Taamneh, in which the U.S. Supreme Court recently held that the social media platform isn't liable for ISIS terrorists, who used Twitter to recruit and raise funds. The Supreme Court rejected (PDF) the claim that Twitter aided-and-abetted terrorist activity, because it didn't "consciously and culpably" participate in the illegal activity. According to Cox, the same logic applies in its case, where the ISP was held liable for the piracy activities of subscribers.

"These same aiding-and-abetting principles animate copyright law's contributory liability doctrine, and they likewise foreclose liability here," an attorney for Cox informed the court. Cox argues that the Supreme Court ruling confirms that aiding-and-abetting liability only applies when parties knowingly took part in the activity. That runs contrary to the finding in its own dispute with the record labels, where "culpable expression and conduct" or "intent" were not required. "Though Twitter arises in a different context, its reasoning applies with full force and supports reversal of the contributory infringement verdict," Cox added. The two cases are indeed quite different, but ultimately they are about imposing liability on third-party services.

According to Cox, the Twitter terrorist ruling clearly shows that it isn't liable for pirating subscribers, but the music companies see things differently. Earlier this week, the music labels responded in court (PDF), countering Cox's arguments. They argue that the Twitter ruling doesn't apply to their piracy dispute with Cox, as the cases are grounded in different laws. While the music industry certainly isn't happy with pirates, the Cox case is a copyright matter while the Twitter lawsuit fell under the Justice Against Sponsors of Terrorism Act. And for now, pirates are not categorized as terrorists. After establishing the difference between pirates and terrorists, the music companies point out that Twitter wasn't directly connected to the misconduct. The platform's role was more passive and its connection to ISIS was more distant than Cox's connection to its subscribers. Cox took a more active role and materially contributed to the pirating activities, which stands no comparison to the Twitter case, plaintiffs argue.

The Courts

US Judge Orders Lawyers To Sign AI Pledge, Warning Chatbots 'Make Stuff Up' (reuters.com) 24

An anonymous reader quotes a report from Reuters: A federal judge in Texas is now requiring lawyers in cases before him to certify that they did not use artificial intelligence to draft their filings without a human checking their accuracy. U.S. District Judge Brantley Starr of the Northern District of Texas issued the requirement on Tuesday, in what appears to be a first for the federal courts. In an interview Wednesday, Starr said that he created the requirement to warn lawyers that AI tools can create fake cases and that he may sanction them if they rely on AI-generated information without verifying it themselves. "We're at least putting lawyers on notice, who might not otherwise be on notice, that they can't just trust those databases. They've got to actually verify it themselves through a traditional database," Starr said.

In the notice about the requirement on his Dallas court's website, Starr said generative AI tools like ChatGPT are "incredibly powerful" and can be used in the law in other ways, but they should not be used for legal briefing. "These platforms in their current states are prone to hallucinations and bias. On hallucinations, they make stuff up -- even quotes and citations," the statement said. The judge also said that while attorneys swear an oath to uphold the law and represent their clients, the AI platforms do not. "Unbound by any sense of duty, honor, or justice, such programs act according to computer code rather than conviction, based on programming rather than principle," the notice said.

Starr said on Wednesday that he began drafting the mandate while attending a panel on artificial intelligence at a conference hosted by the 5th Circuit U.S. Court of Appeals, where the panelists demonstrated how the platforms made up bogus cases. The judge said he considered banning the use of AI in his courtroom altogether, but he decided not to do so after conversations with Eugene Volokh, a law professor at the UCLA School of Law, and others. Volokh said Wednesday that lawyers who use other databases for legal research might assume they can also rely on AI platforms. "This is a way of reminding lawyers they can't assume that," Volokh said.
Starr issued the requirement days after another judge threatened to sanction a lawyer for using ChatGPT to help write court filings that cited six nonexistent cases.
Microsoft

Microsoft Stashes Nearly Half a Billion in Case LinkedIn Data Drama Hits (theregister.com) 13

Microsoft has warned investors about a "non-public" draft decision by Irish regulators against LinkedIn for allegedly dodgy ad data practices, explaining it had set aside some cash to pay off any potential fine. From a report: How much? Oh, a mere $425 million. The software giant said the funds were connected to a 2018 investigation by the Irish Data Protection Commission (IDPC) looking into whether LinkedIn's targeted advertising practices violated the the European Union's General Data Protection Regulation (GDPR). At the time of the complaint, the 2016 law had been recently implemented and the watchdog was just settling into its role as EU overlord of judging data practices of the tech giants. Microsoft denies it broke any GDPR rules and said it "intends to defend itself vigorously in this matter."

Slashdot Top Deals