The Supreme Court said Monday it will hear two cases seeking to hold social media companies financially responsible for terrorist attacks. From a report: Relatives of people killed in terrorist attacks in France and Turkey had sued Google, Twitter, and Facebook. They accused the companies of helping terrorists spread their message and radicalize new recruits. The court will hear the cases this term, which began Monday, with a decision expected before the court recesses for the summer, usually in late June. The court did not say when it would hear arguments, but the court has already filled its argument calendar for October and November.

One of the cases the justices will hear involves Nohemi Gonzalez, a 23-year-old U.S. citizen studying in Paris. The Cal State Long Beach student was one of 130 people killed in Islamic State group attacks in November 2015. The attackers struck cafes, outside the French national stadium and inside the Bataclan theater. Gonzalez died in an attack at La Belle Equipe bistro. Gonzalez's relatives sued Google, which owns YouTube, saying the platform had helped the Islamic State group by allowing it to post hundreds of videos that helped incite violence and recruit potential supporters. Gonzalez's relatives said that the company's computer algorithms recommended those videos to viewers most likely to be interested in them.

Meta, the parent company of Facebook and Instagram, was found by a federal jury in Austin, Texas, to have infringed on two patents held by Voxer, a walkie talkie messaging app founded by a former Army Green Beret. The social media giant was ordered to pay nearly $175 million in damages. Military Times reports: Voxer launched the app in 2011, which was named Best Overall App in the First Annual Silicon Valley Business App Awards in 2013. In 2012, Facebook approached Voxer about a potential collaboration that led to Voxer sharing its patents and proprietary information with the company. "When early meetings did not result in an agreement, Facebook identified Voxer as a competitor although Facebook had no live video or voice product at the time," court filings read. "Facebook revoked Voxer's access to key components of the Facebook platform and launched Facebook Live in 2015 followed by Instagram Live in 2016. Both products incorporate Voxer's technologies and infringe its patents."

The Texas jury found that Facebook Live and Instagram Live incorporated two pieces of Voxer's technologies that involve streaming media over networks. Meta countered in court filings that "Facebook has prioritized live video messaging since the launch of Facebook Live and Instagram Live, with one report identifying Facebook Live as Facebook's 'top priority.'" In a statement to TechCrunch, Meta said the social media company will continue to press the issue through the courts. "We believe the evidence at trial demonstrated that Meta did not infringe Voxer's patents," Meta's spokesperson said in the statement. "We intend to seek further relief, including filing an appeal."

Discovering and reporting critical security flaws that could allow foreign spies to steal sensitive US government data or launch cyberattacks via the Department of Defense's IT systems doesn't carry a high reward. The Register reports: The Pentagon, in its most recent week-long Hack US program conducted with HackerOne, paid out $75,000 in bug bounties and another $35,000 in bonuses and awards to ethical hackers who disclosed critical- and high-severity vulnerabilities in Uncle Sam's networks. [...] According to bug bounty platform HackerOne and the DoD, the Hack US initiative received 648 submissions from 267 security researchers who uncovered 349 security holes. Information disclosure flaws were the most commonly reported vulnerabilities, followed by improper access controls and SQL injection.

The Pentagon didn't say how many bug hunters received rewards, or how much they each earned. However, in announcing the contest earlier this year, it pledged to pay $500 or more for high-severity flaws, $1,000 for critical holes, and as much as $5,000 for specific achievements, such as $3,000 for the best finding for *.army.mil. Meanwhile, Microsoft paid $13.7 million in bug rewards spread out over 335 researchers last year, with a $200,000 Hyper-V Bounty payout as its biggest prize. And Google awarded $8.7 million during 2021. [...] It's also worth noting that the DoD's pilot vulnerability disclosure program, which ended in April, didn't pay any monetary rewards. So at least Hack US, with its paid (albeit measly) bug bounties, is a step up from that. "The most successful bug bounty programs strike an even balance between monetary and social benefits," Google's Eduardo Vela, who leads the Product Security Response Team, told The Register.

"For bug hunters, there must be a monetary incentive to get them to participate -- but, there's also value in creating a space where folks can get together, connect with one another, and hack as a team. Bringing together the top bug hunters requires both -- one without the other is not enough."

For the first time, the United States is designating a special diplomat to advocate for global biodiversity amid what policymakers here and overseas increasingly recognize as an extinction crisis. The Washington Post reports: Monica Medina is taking on a new role as special envoy for biodiversity and water resources, the State Department announced Wednesday. She currently serves as the department's assistant secretary for oceans and international environmental and scientific affairs. The appointment underscores the Biden administration's desire to protect land and waters not just at home but to also conserve habitats abroad.

"There's a direct connection between biodiversity loss and instability in a lot of parts of the world," Medina said in a recent phone interview. "It's not just about nature for nature's sake. I think it is about people." Before the Biden administration, Medina was an adjunct professor at Georgetown's Walsh School of Foreign Service and worked as general counsel of the National Oceanic and Atmospheric Administration, among other government roles. She is the wife of White House Chief of Staff Ron Klain. Her appointment comes weeks ahead of a major biodiversity conference in mid-December in Montreal.

The aim of the U.N. Convention on Biological Diversity -- also known as COP-15 -- is for nations to reverse the loss of species by adopting an international framework for conserving biodiversity. The effort is akin to the climate talks in 2015 that yielded the Paris agreement. What the United States wants out of the conference: For nations to commit to conserving 30 percent of their land and water area. "We are looking for ways to reach that goal, because that's what scientists tell us we need in order to have a healthy planet," Medina said. One big hurdle: Defining what, exactly, counts as land and water conserved? "That is part of the discussion, is what counts," she said. Is the United States doing its part? President Biden set a goal of conserving nearly a third of the nation's land and waters by 2030. Protecting ecosystems such as forests and peatlands will help keep climate-warming carbon out of the atmosphere in the first place, noted Medina.

"It's a crisis that we face that's interwoven with the climate crisis, but also independent and important on its own," she said. "If we can solve the biodiversity crisis, we're a long way along the way to solving the climate crisis."

An anonymous reader quotes a report from Consumer Reports: A Consumer Reports investigation finds that TikTok, one of the country's most popular apps, is partnering with a growing number of other companies to hoover up data about people as they travel across the internet. That includes people who don't have TikTok accounts. These companies embed tiny TikTok trackers called "pixels" in their websites. Then TikTok uses the information gathered by all those pixels to help the companies target ads at potential customers, and to measure how well their ads work. To look into TikTok's use of online tracking, CR asked the security firm Disconnect to scan about 20,000 websites for the company's pixels. In our list, we included the 1,000 most popular websites overall, as well as some of the biggest sites with domains ending in ".org," ".edu," and ".gov." We wanted to look at those sites because they often deal with sensitive subjects. We found hundreds of organizations sharing data with TikTok.

If you go to the United Methodist Church's main website, TikTok hears about it. Interested in joining Weight Watchers? TikTok finds that out, too. The Arizona Department of Economic Security tells TikTok when you view pages concerned with domestic violence or food assistance. Even Planned Parenthood uses the trackers, automatically notifying TikTok about every person who goes to its website, though it doesn't share information from the pages where you can book an appointment. (None of those groups responded to requests for comment.) The number of TikTok trackers we saw was just a fraction of those we observed from Google and Meta. However, TikTok's advertising business is exploding, and experts say the data collection will probably grow along with it.

After Disconnect researchers conducted a broad search for TikTok trackers, we asked them to take a close look at what kind of information was being shared by 15 specific websites. We focused on sites where we thought people would have a particular expectation of privacy, such as advocacy organizations and hospitals, along with retailers and other kinds of companies. Disconnect found that data being transmitted to TikTok can include your IP address, a unique ID number, what page you're on, and what you're clicking, typing, or searching for, depending on how the website has been set up. What does TikTok do with all that information? "Like other platforms, the data we receive from advertisers is used to improve the effectiveness of our advertising services," says Melanie Bosselait, a TikTok spokesperson. The data "is not used to group individuals into particular interest categories for other advertisers to target." If TikTok receives data about someone who doesn't have a TikTok account, the company only uses that data for aggregated reports that they send to advertisers about their websites, she says. There's no independent way for consumers or privacy researchers to verify such statements. But TikTok's terms of service say its advertising customers aren't allowed to send the company certain kinds of sensitive information, such as data about children, health conditions, or finances. "We continuously work with our partners to avoid inadvertent transmission of such data," TikTok's Bosselait says. What can you do to protect your personal information? Consumer Reports recommends using privacy-protecting browser extensions like Disconnect, changing your browser's privacy settings to block trackers, and trying a more private browser like Firefox and Brave.

An anonymous reader quotes a report from the Guardian: The CIA used hundreds of websites for covert communications that were severely flawed and could have been identified by even an "amateur sleuth," according to security researchers. The flaws reportedly led to the death of more than two dozen US sources in China in 2011 and 2012 and also reportedly led Iran to execute or imprison other CIA assets. The new research was conducted by security experts at the Citizen Lab at the University of Toronto, which started investigating the matter after it received a tip from reporter Joel Schectmann at Reuters.

The group said it was not publishing a full detailed technical report of its findings to avoid putting CIA assets or employees at risk. But its limited findings raise serious doubts about the intelligence agency's handling of safety measures. Using just a single website and publicly available material, Citizen Lab said it identified a network of 885 websites that it attributed "with high confidence" as having been used by the CIA. It found that the websites purported to be concerned with news, weather, healthcare and other legitimate websites. "Knowing only one website, it is likely that while the websites were online, a motivated amateur sleuth could have mapped out the CIA network and attributed it to the US government," Citizen Lab said in a statement.

The websites were active between 2004 and 2013 and were probably not used by the CIA recently, but Citizen Lab said a subset of the websites were sill linked to active intelligence employees or assets, including a foreign contractor and a current state department employee. Citizen Lab added: "The reckless construction of this infrastructure by the CIA reportedly led directly to the identification and execution of assets, and undoubtedly risked the lives of countless other individuals. Our hope is that this research and our limited disclosure process will lead to accountability for this reckless behavior." CIA spokesperson Tammy Kupperman Thorp said: "CIA takes its obligations to protect the people who work with us extremely seriously and we know that many of them do so bravely, at great personal risk. The notion that CIA would not work as hard as possible to safeguard them is false."

Rights Alliance and ISPs have agreed to update their code of conduct to block pirate sites more quickly in Denmark. When one ISP receives an instruction to block a domain, a new process will see other ISPs follow in less than seven days. Meanwhile, Denmark's Telecommunications Industry Association is publishing files that reveal precisely which domains are being blocked. TorrentFreak reports: Both Rights Alliance and Teleindustrien (Telecommunications Industry Association in Denmark) have published copies of the new Code of Conduct but neither explain how the new system will work. Indeed, the CoC contains a paragraph that explains that a section detailing the individual steps, procedures and criteria, has been withheld "in order to achieve the purpose of the agreement." Given that Denmark's blocking program is DNS-based, it's trivial for ISPs to modify local DNS entries to redirect pirate site visitors to Share With Care (SWC), a portal designed to encourage pirates back on to the legal path of authorized content services. Somewhat intrigued by the apparent need for secrecy, we took a closer look at Teleindustrien and to our surprise, found the complete opposite.

It appears that when ISPs are ordered to block domains for any reason, Teleindustrien goes public with three things: the laws under which the blocking was ordered, who ordered the blocking, and which domains were blocked in response. For example, the telecoms industry group details recent blocks associated with the Ukraine conflict (including RT.com and sputniknews.com) and publishes the domains to an easily downloadable .csv file -- perfect for ISPs looking to implement DNS blocking. Another .csv file is published for gambling site domains deemed illegal in Denmark, 183 according to the latest batch.

The data relating to Denmark's pirate site blocking program reveals how quickly it has expanded over the years. In 2017, Danish ISPs were blocking around 100 pirate sites, a figure that jumped to 478 in 2020. The latest .csv file containing the list of blocked piracy domains is dated September 27, 2022. It contains 892 URLs -- some of them domains in their own right and others representing sub-domains on various sites dedicated to unblocking. It's unclear how the new streamlining provisions in the revised Code of Conduct can beat pulling a plain text file from a website but Teleindustrian also provides the data in PDF format (PDF) for the Adobe fans out there.

An anonymous reader quotes a report from TechCrunch: Dubbed the Facial Recognition Act, the bill would compel law enforcement to obtain a judge-authorized warrant before using facial recognition. By adding the warrant requirement, law enforcement would first have to show a court it has probable cause that a person has committed a serious crime, rather than allowing largely unrestricted use of facial recognition under the existing legal regime. The bill also puts other limits on what law enforcement can use facial recognition for, such as immigration enforcement or peaceful protests, or using a facial recognition match as the sole basis for establishing probable cause for someone's arrest.

If passed, the bill would also require law enforcement to annually test and audit their facial recognition systems, and provide detailed reports of how facial recognition systems are used in prosecutions. It would also require police departments and agencies to purge databases of photos of children who were subsequently released without charge, whose charges were dismissed or were acquitted. [...] The bill has so far received glowing support from privacy advocates, rights groups and law enforcement-adjacent groups and organizations alike. Woodrow Hartzog, a law professor at Boston University, praised the bill for strengthening baseline rules and protections across the U.S. "without preempting more stringent limitations elsewhere."

An anonymous reader quotes a report from the Associated Press: A New York City man is suing an Atlantic City casino, its parent company and its online betting partner, alleging he was repeatedly disconnected while gambling online, and was given payments to prevent him from reporting the malfunctions to New Jersey gambling regulators during a nine-month span in which he wagered over $29 million. Sam Antar says he is a compulsive gambler -- a fact he says was well-known to defendants in the case including the Borgata casino, MGM Resorts International, and its online partner Entain. In a lawsuit filed Wednesday in state Superior Court in Middlesex County, Antar accuses the defendants of fraud, racketeering and other transgressions. His lawsuit asserts that he experienced thousands of disconnections from the online platforms, often when he had a winning hand that was then wiped out.

His lawyer, Christopher Gramiccioni, said Antar experienced a disconnection rate approaching 50% during the nine months covered by the lawsuit. He added Antar, 46, had lost "easily hundreds of thousands of dollars" during that time. "It's one thing if you have technical issues intermittently," said Gramiccioni, a former Monmouth County prosecutor. "It is quite another when you have them 50% of the time. The casino did not take corrective action as required. They kept doubling down and giving him $30,000 a month, feeding him extra money to try to avoid scrutiny by the regulatory agencies."

In his lawsuit, Antar claims he alerted numerous employees and officials with the gambling companies to the fact that there was a serious, recurring problem with disconnections, but that they knowingly kept malfunctioning games available to the public because they were too profitable to take down. He says his complaints were made to local supervisors and VIP hosts, an online complaint portal, and even to the president of the casino and the CEO of its parent company. He also claims the companies paid him near-daily bonuses totaling $30,000 a month to keep him playing and to entice him not to report problems with the games to the New Jersey Division of Gaming Enforcement. [...] Antar said employees acknowledged problems with the system were affecting other customers as well. In a July 17, 2019 text and email conversation, Antar quotes one as telling him "other players are not getting anywhere near what you are getting" in terms of compensation for being kicked offline while gambling. "In 2013, Sam Antar was sentenced to 21 months in federal prison for taking $225,000 in a fraudulent investment scheme" to feed his compulsive gambling habit, notes the report.

A former National Security Agency employee was arrested on Wednesday for spying on the U.S. government on behalf of a foreign government. Nextgov reports: Jareh Sebastian Dalke, 30, was arrested in Denver, Colorado after allegedly committing three separate violations of the Espionage Act. Law enforcement allege that the violations were committed between August and September of 2022, after he worked as a information systems security designer at the agency earlier that summer. Dalke allegedly used an encrypted email account to leak sensitive and classified documents he obtained while working at the NSA to an individual who claimed to have worked for a foreign government.

The individual who received the documents was later revealed to be an undercover FBI agent. Dalke was arrested in September upon arriving at the location where he and the undercover agent agreed to exchange documentation for $85,000 in compensation. "Dalke told that individual that he had taken highly sensitive information relating to foreign targeting of U.S. systems, and information on U.S. cyber operations, among other topics," the press release from the Department of Justice reads. "To prove he had access to sensitive information, Dalke transmitted excerpts of three classified documents to the undercover FBI agent. Each excerpt contained classification markings." "Should Dalke be found guilty, his sentence could include the dealth penalty or any term of years up to life imprisonment," notes the report.

An anonymous reader quotes a report from the BBC: Doreen Bogdan-Martin has become the first woman to be elected as secretary-general of the International Telecommunication Union (ITU). The ITU is the main technology agency within the UN. Originally founded in 1865 to manage the first international telegraph networks, the ITU now has an important role in facilitating the use of radio, satellite and the internet. Ms Bogdan-Martin beat her Russian rival Rashid Ismailov by 139 votes to 25. The American will succeed Houlin Zhao, who has been in the role since 2014, when her term begins on January 1, 2023. She will be taking the reins of the oldest UN agency, which is responsible for many facets of international communications. These include assigning satellite orbits globally, co-ordinating technical standards, and improving infrastructure in the developing world. There had been concerns ahead of the election because Ms Bogdan-Martin's opponent had previously called for international regulation of the internet.

In her previous role as director of the ITU's Telecommunication Development bureau, Ms Bogdan-Martin's remit included job creation, digital skills development, diversity, and gender equality. Her candidacy for the top job was endorsed by US President Joe Biden, who said she had the "integrity, experience, and vision necessary to transform the digital landscape." "She understands the importance of connecting every school to the internet and making sure every student can access virtual learning, providing women and girls the digital tools they need to succeed, and extending the benefits of online health and educational resources," he said in a statement. "Whether it's today's children or our children's children, we need to provide them with a strong and stable foundation for growth," Ms Bogdan-Martin said following her win. "The world is facing significant challenges -- escalating conflicts, a climate crisis, food security, gender inequalities, and 2.7 billion people with no access to the internet."

The European Commission on Wednesday proposed rules making it easier for individuals and companies to sue makers of drones, robots and other products equipped with artificial intelligence software for compensation for harm caused by them. Reuters reports: The AI Liability Directive aims to address the increasing use of AI-enabled products and services and the patchwork of national rules across the 27-country European Union. Under the draft rules, victims can seek compensation for harm to their life, property, health and privacy due to the fault or omission of a provider, developer or user of AI technology, or for discrimination in a recruitment process using AI.

The rules lighten the burden of proof on victims with a "presumption of causality", which means victims only need to show that a manufacturer or user's failure to comply with certain requirements caused the harm and then link this to the AI technology in their lawsuit. Under a "right of access to evidence," victims can ask a court to order companies and suppliers to provide information about high-risk AI systems so that they can identify the liable person and the fault that caused the damage.

The Commission also announced an update to the Product Liability Directive that means manufacturers will be liable for all unsafe products, tangible and intangible, including software and digital services, and also after the products are sold. Users can sue for compensation when software updates render their smart-home products unsafe or when manufacturers fail to fix cybersecurity gaps. Those with unsafe non-EU products will be able to sue the manufacturer's EU representative for compensation. The AI Liability Directive will need to be agreed with EU countries and EU lawmakers before it can become law.

The head of WhatsApp has warned UK ministers that moves to undermine encryption in a relaunched online safety bill would threaten the security of the government's own communications and embolden authoritarian regimes. From a report: In an interview with the Financial Times, Will Cathcart, who runs the Meta-owned messaging app, insisted that alternative techniques were available to protect children using WhatsApp, without having to abandon the underlying security technology that safeguards its more than 2bn users. The UK's bill, which the government argues will make the internet safer, has become a focus of global debate over whether companies such as Google, Meta and Twitter should be forced to proactively scan and remove harmful content on their networks.

Tech companies claim it is not technically possible for encrypted messaging apps to scan for material such as child pornography without undermining the security of the entire network, which prevents anyone -- including platform operators -- from reading users' messages. Cathcart said the UK's ultimate position on the issue would have a global impact. "If the UK decides that it is OK for a government to get rid of encryption, there are governments all around the world that will do exactly the same thing, where liberal democracy is not as strong, where there are different concerns that really implicate deep-seated human rights," he said, citing Hong Kong as a potential example.

The U.S. Transportation Department on Tuesday said it approved electric vehicle charging station plans for all 50 states, Washington, D.C., and Puerto Rico covering roughly 75,000 miles of highways. CNBC reports: Earlier this year, the Biden administration allocated $5 billion to states to fund EV chargers over five years along interstate highways as part of the bipartisan infrastructure package. Under the plan, entitled the National Electric Vehicle Infrastructure Formula Program, states provided their EV infrastructure deployment proposals to the Joint Office of Energy and Transportation. States are now approved to construct a network of EV charging stations along designated alternative fuel corridors on the national highway system and have access to more than $1.5 billion to help build the chargers.

It's unclear how many charging stations the funds will support, and states have not yet shared specific charger locations. Transportation Department officials have said that states should install stations every 50 miles and ensure each station is located within one mile of an interstate highway. "We have approved plans for all 50 States, Puerto Rico and the District of Columbia to help ensure that Americans in every part of the country -- from the largest cities to the most rural communities -- can be positioned to unlock the savings and benefits of electric vehicles," Transportation Secretary Pete Buttigieg said in a statement.

Oracle has paid $23 million to the US Securities and Exchange Commission to settle corruption charges that subsidiaries in Turkey, United Arab Emirates and India used "slush funds" to bribe foreign officials to win business. The Register reports: The SEC said on Tuesday that Big Red violated provisions of the Foreign Corrupt Practices Act (FCPA) during a three-year period between 2016 and 2019. The cash that was apparently surreptitiously set aside was also spent on paying for foreign officials to attend technology conferences, which breaks Oracle's own internal policies and procedures. And the SEC said that in some instances, it found Oracle staff at the Turkish subsidiary had spent the funds on taking officials' families with them on International conferences or side trips to California.

"The creation of off-books slush funds inherently gives rise to the risk those funds will be used improperly, which is exactly what happened here at Oracle's Turkey, UAE, and India subsidiaries," said Charles Cain, FCPA unit chief at the SEC. "This matter highlights the critical need for effective internal accounting controls throughout the entirety of a company's operations," he added. Oracle, without admitting or denying the findings of the SEC's investigation, has agreed to "cease and desist from committing violations" of the anti-bribery, books and records, and internal accounting controls of the FCPA, said the Commission.

An anonymous reader quotes a report from Bloomberg: Senior House Democrats are poised to introduce long-promised legislation to restrict stock ownership and trading by members of Congress, senior government officials and Supreme Court justices. The bill would apply to the spouses and dependent children of those officials, according to an outline sent to lawmaker offices last week by House Administration Chair Zoe Lofgren. The restrictions also cover "commodities, futures, cryptocurrency, and other similar investments," according to the outline. The legislation would require public officials to either divest current holdings or put them in a blind trust. Investments in mutual funds or other widely held investment funds and government bonds would be allowed.

The bill may be released as soon as Monday, according to a person familiar with the matter. It hasn't been scheduled for a vote, though House Majority Leader Steny Hoyer has said it's possible it could come to the floor this week in the middle of an already jam-packed schedule before lawmakers go on break ahead of the November midterm election. While conservative Republicans and progressive Democrats alike have been clamoring for restrictions on stock trades by members of Congress to avoid conflicts of interest, legislation has been hung up by questions about how broad to make the ban and whether to include family members. A group of senators is working on their own version of the legislation and there's little chance of Congress taking any final action before the midterms. [...]

Another potential point of contention is applying the requirements to the Supreme Court. The Congressional Research Service in an April report said that Congress imposing a code of conduct on the judiciary would "raise an array of legal questions," including whether it would violate the constitutional separation of powers. Justices and lower court judges already file annual financial disclosures and are barred from participating in cases where there's a direct conflict of interest. Despite that, the CRS report says that the Supreme Court has never directly addressed "whether Congress may subject Supreme Court Justices to financial reporting requirements or limitations upon the receipt of gifts." "The current law doesn't prohibit lawmakers from owning or trading individual securities, but it bans members of Congress from using nonpublic information available to them for personal benefit," notes the report. "It requires any transaction be disclosed within 45 days."

Further reading: TikTokers Are Trading Stocks By Copying What Members of Congress Do

Civil rights lawyers and Democratic senators are pushing for legislation that would limit U.S. law enforcement agencies' ability to buy cellphone tracking tools to follow people's whereabouts, including back years in time, and sometimes without a search warrant. From a report: Concerns about police use of the tool known as "Fog Reveal" raised in an investigation by The Associated Press published earlier this month also surfaced in a Federal Trade Commission hearing three weeks ago. Police agencies have been using the platform to search hundreds of billions of records gathered from 250 million mobile devices, and hoover up people's geolocation data to assemble so-called "patterns of life," according to thousands of pages of records about the company.

Sold by Virginia-based Fog Data Science LLC, Fog Reveal has been used since at least 2018 in criminal investigations ranging from the murder of a nurse in Arkansas to tracing the movements of a potential participant in the Jan. 6 insurrection at the Capitol. The tool is rarely, if ever, mentioned in court records, something that defense attorneys say makes it harder for them to properly defend their clients in cases in which the technology was used. Panelists and members of the public who took part in the FTC hearing also raised concerns about how data generated by popular apps is used for surveillance purposes, or "in some cases, being used to infer identity and cause direct harm to people in the real world, in the physical world and being repurposed for, as was mentioned earlier, law enforcement and national security purposes," said Stacey Gray, a senior director for U.S. programs for the Future of Privacy Forum.

The Securities and Exchange Commission is suing former MoviePass CEO Mitch Lowe and Ted Farnsworth, the former CEO of MoviePass' parent company, Helios and Matheson Analytics (HMNY), alleging they mislead investors that the company could make a profit at its $10-a-month plan. From a report: A complaint filed late Monday, reviewed by Insider, said the duo made "false or misleading statements" in financial filings and in the press. "Faced with debilitating negative cash flows -- rather than tell the public the truth -- Farnsworth and Lowe devised fraudulent tactics to prevent MoviePass's heavy users from using the service, and falsely and misleadingly informed the public that usage had declined naturally or due to measures the company had employed to combat subscribers' purported violations of MoviePass's terms and conditions of service," the complaint said. The lawsuit also named former MoviePass Vice President Khalid Itum as a defendant. The complaint accused Itum of submitting false invoices and receiving more than $310,000 from both MoviePass and HMNY.

U.S. lawmakers and TikTok are hammering out a plan, under which the short-form video app would make changes to its data security and governance without requiring its parent firm, China's ByteDance to sell it, the New York Times reported on Monday. Reuters reports: TikTok and the Biden administration have drafted a preliminary agreement to resolve national security concerns but are still deciding on a potential agreement, the Times reported, citing people familiar with the matter. A TikTok spokesperson declined to comment on the report but said the app was confident about being able to "fully satisfy all reasonable U.S. national security concerns." TikTok's parent company ByteDance was ordered to divest the company more than two years ago over fears that U.S. user data could be passed on to China's communist government.

Beijing's long-distance bus drivers have been told to wear electronic wristbands that use emotion-sensing technology to monitor their state of mind. From a report: The move was initiated by the state-run Beijing Public Transport Holding Group, which says it is aimed at protecting public safety. But legal experts have raised privacy concerns and say the wristbands could cause bus drivers undue distress and potentially lead to discrimination. Some 1,800 wristbands were distributed to bus drivers on cross-province and highway routes on Wednesday, the official Beijing Daily reported. It is unclear how many drivers will be required to wear the devices. The report said they would be used to monitor the drivers' vital signs and emotional state in real time to improve safety.