Sweden's data protection watchdog has issued a couple of fines in relation to exports of European users' data via Google Analytics which it found breach the bloc's privacy rulebook owing to risks posed by U.S. government surveillance. It has also warned other companies against use of Google's tool. From a report: The fines -- just over $1.1 million for Swedish telco Tele2 and less than $30,000 for local online retailer CDON -- are notable as they are the first such fines following a raft of strategic privacy complaints targeting Google Analytics (and Facebook Connect) back in August 2020.

The regulator found that so-called supplementary measures applied by Google to European users' data sent to the U.S. for processing were insufficient to raise the level of protection to the required legal standard. Including Google's use of IP address truncation (an anonymization measure) as, in the Tele2 case, it said the company did not clarify whether the truncation was performed before or after the transfer of the data to the U.S. so had failed to demonstrate there is "no potential access to the entire IP address before the last octet is truncated." The watchdog also found breaches of the bloc's General Data Protection Regulation (GDPR) rules on transfers to third countries in the case of two other companies' use of Google Analytics, Coop and Dagens Industries, but did not issue fines in those cases.

Monday U.S. Senator Marco Rubio said government workers with high security clearances had made UFO-related claims, leading to a bill's provision to halt any reverse-engineering of alien crafts. News stories at the time noted "allegations of secret UFO retrieval and reverse-engineering programs" by former intelligence official turned whistleblower, David Grusch, a story which Vanity Fair traced to a "little-known" site called The Debrief.

But that article's authors have some serious journalistic experience. Ralph Blumenthal spent more than 45 years on staff at The New York Times. Leslie Kean is an investigative science journalist known for her writing on UFOs. In 2017 they teamed up with a New York Times Pentagon correspondent for an "explosive 2017 UFO report," writes the Atlantic, "in which the journalists revealed a defunct secret Pentagon program — initially funded at the request of former Senate majority leader Harry Reid — to investigate 'unidentified flying objects.'" I've learned that Kean and Blumenthal did, in fact, bring the story to the Times, but the paper of record turned it down... The pair also pitched their story to Politico and The Washington Post. The Post had been trying to further report the story that the reporters had brought to the paper, but didn't think it was ready for publication; among its reservations, according to a source familiar, was that it was unclear what members of Congress made of Grusch's testimony... Politico — which, a source familiar noted, had the story for mere days, while the Post had the story for weeks — also wasn't able to turn around the story at the speed that Kean and Blumenthal wanted, Blumenthal said...

The writers' apparent time constraints have only raised more questions. "To be clear — the Washington Post did not pass on our story," Kean wrote on Facebook Monday. "Ralph and I took it to the Debrief because we were under growing pressure to publish it very quickly." Blumenthal told me that circumstances — including that Grusch's identity as the whistleblower had leaked out on the internet — pushed them to "publish sooner than we'd hoped." "If there had been no leaks, it might've been different," Blumenthal said. But "people on the internet were spreading stories Dave was getting harassing phone calls and we felt the only way to protect him was to get the story out...."

Now out in the world, the reporting process is raising even more eyebrows. During interviews on NewsNation with both Grusch and Kean, it became clear that neither had seen photos of the alleged craft. NewsNation's Brian Entin asked Kean about the lack of receipts: "He has the credentials, but there's no documents that he's handed over, there's no pictures, and as a journalist, you want to see documents; you want to see pictures." But Kean said the lack of documents or photographs did not raise red flags for her because "all of that information is classified." She believes it, she said, "because of all the sources I have who have told me the same thing... I don't think there's some conspiracy among all these people who don't know each other to make something like this up."

In response to the report, DoD spokesperson Sue Gough told NewsNation in a statement, "To date, AARO (All-domain Anomaly Resolution Office) has not discovered any verifiable information to substantiate claims that any programs regarding the possession or reverse-engineering of any extraterrestrial materials have existed in the past or exist currently.

The New York Times tells the story of Simon Mackenzie, a security officer at a U.K. discount store uploading security camera footage of shoplifters into a facial recognition program called Facewatch. "The next time those people enter any shop within a few miles that uses Facewatch, store staff will receive an alert."

Facewatch — now in nearly 400 stores across Britain — licenses facial recognition software made by Real Networks and Amazon. Though it only sends alert about repeat offenders, "Once added, a person remains there for a year before being deleted." For as little as 250 pounds a month, or roughly $320, Facewatch offers access to a customized watchlist that stores near one another share. When Facewatch spots a flagged face, an alert is sent to a smartphone at the shop, where employees decide whether to keep a close eye on the person or ask the person to leave. Mr. Mackenzie adds one or two new faces every week, he said, mainly people who steal diapers, groceries, pet supplies and other low-cost goods. He said their economic hardship made him sympathetic, but that the number of thefts had gotten so out of hand that facial recognition was needed. Usually at least once a day, Facewatch alerts him that somebody on the watchlist has entered the store...

Among democratic nations, Britain is at the forefront of using live facial recognition, with courts and regulators signing off on its use. The police in London and Cardiff are experimenting with the technology to identify wanted criminals as they walk down the street. In May, it was used to scan the crowds at the coronation of King Charles III. But the use by retailers has drawn criticism as a disproportionate solution for minor crimes. Individuals have little way of knowing they are on the watchlist or how to appeal. In a legal complaint last year, Big Brother Watch, a civil society group, called it "Orwellian in the extreme...." Madeleine Stone, the legal and policy officer for Big Brother Watch, said Facewatch was "normalizing airport-style security checks for everyday activities like buying a pint of milk."
There is a human in the loop, the article points out. "Every time Facewatch's system identifies a shoplifter, a notification goes to a person who passed a test to be a 'super recognizer' — someone with a special talent for remembering faces. Within seconds, the super recognizer must confirm the match against the Facewatch database before an alert is sent."

The company's founder tells the Times that in general, "mistakes are rare but do happen... If this occurs, we acknowledge our mistake, apologize, delete any relevant data to prevent reoccurrence and offer proportionate compensation."

And the article adds this official response from the U.K. government: Fraser Sampson, Britain's biometrics and surveillance camera commissioner, who advises the government on policy, said there was "a nervousness and a hesitancy" around facial recognition technology because of privacy concerns and poorly performing algorithms in the past. "But I think in terms of speed, scale, accuracy and cost, facial recognition technology can in some areas, you know, literally be a game changer," he said. "That means its arrival and deployment is probably inevitable. It's just a case of when."

VentureBeat is enjoying "secrets that spilled out" in the Microsoft/Activision Blizzard antitrust hearings. "Whether the Federal Trade Commission wins its antitrust case or not, its attempt to stop Microsoft's $68.7 billion acquisition of Activision Blizzard has revealed a trove of new data for everyone." The FTC has argued in a federal court that the merger would harm competition in the game industry and be bad for consumers, as Microsoft could pull Activision Blizzard's games like Call of Duty away from the Sony PlayStation, despite Microsoft's stated intention of not doing so for at least 10 years. In this case, the FTC might not have had an obvious winning hand, as the industry has an odd situation. Microsoft has the highest value ($104 billion in cash alone, versus $13.4 billion for Sony) at $2.49 trillion as a company compared to $115 billion for Sony, and yet it is in third place behind Sony and Nintendo.

Hence, there's some significance to Microsoft's Xbox first-party head, Matt Booty, sending an ill-advised email in 2019 saying Microsoft "has the ability to spend Sony out of business." That was long before the deal was announced 17 months ago, but it could be used as a sign of intent. Microsoft said it never pursued this strategy. While competing fiercely is fine, using monopoly power to drive a rival out of business so you can raise prices later is a no-no...

Did the FTC prove its case? I can't say just yet. Microsoft makes a decent point in saying all the regulators of the world except the U.S. and the United Kingdom have approved the deal. But I hope to have more reasons to binge on popcorn.
In January Ars Technica noted Microsoft's contract set July 18th as the deadline for closing the deal — or else paying a $3 billion "breakup fee". The Verge spotted that some of Sony's documents were poorly redacted. While looking at the lines that were crossed out with black pens, they could see that The Last of Us Part 2 cost the company $220 million to make, with 200 people working on it, while Horizon Forbidden West cost $212 million to make, with 300 working on it for over five years. Both games made considerably more money... In the unSharpied documents, Sony also revealed that a million Call of Duty players spent 100% of their time playing Call of Duty in 2021. It also said that Call of Duty generated $800 million for PlayStation in 2021 alone in the U.S. and perhaps $1.5 billion globally. It also looks like Sony's exclusive marketing deal with Activision for Call of Duty will expire in late 2023. Sony went on to say half of PS5 owners also have a Nintendo Switch.

Microsoft also failed to redact some of its acquisition targets. Those were later marked up, but not before Axios noted that the list included Thunderful, Supergiant Games, Niantic, Playrix, Zynga, Bungie, Square Enix, Warner Bros., Sega, IO Interactive and Scopely... Among the secrets revealed among the companies Microsoft acquired: Microsoft bought Ninja Theory, maker of Hellblade: Senua's Sacrifice, for $117 million.
Thanks to Slashdot reader ole_timer for sharing the news.

After a three-year pause, U.S. student loan repayments are set to resume on October 1st — just three months from today. But CNN reports that yesterday America's Supreme Court "struck down President Joe Biden's student loan forgiveness program, blocking millions of borrowers from receiving up to $20,000 in federal student debt relief."

"The court's 6 to 3 conservative majority held that the secretary of education did not have that authority under existing law," writes the Washington Post. The Guardian quotes President Biden's response: "I think the court misinterpreted the constitution."

CNN reports: No debt had been canceled, even though the Biden administration had received about 26 million applications for relief last year and approved 16 million of them. The forgiveness program, estimated to cost $400 billion, would have fulfilled a campaign promise of Biden's to cancel some student loan debt. But a group of Republican-led states and other conservative groups took the administration to court over the program, claiming that the executive branch does not have the power to so broadly cancel student debt in the proposed manner.

Critics also point out that the one-time student loan forgiveness program does nothing to address the cost of college for future students and could even lead to an increase in tuition. Some Democrats joined Republicans in voting for a bill to block the program. Both the Senate and the House passed the measure, but Biden vetoed the bill in early June...

The administration estimated that roughly 20 million borrowers would have seen their entire federal student loan balance wiped away.
UPDATE: CNBC reports the administration hasn't given up: President Joe Biden suggested on Friday that he was looking for another avenue to deliver student debt relief after the Supreme Court rejected his forgiveness plan.

"Today's decision has closed one path," Biden said during a briefing Friday. "Now we're going to pursue another."
A statement from the White House also points to other relief policies for students, noting for example that now "no one with an undergraduate loan has to pay more than 5 percent of their discretionary income." CNN reports: New rules set to take effect in July could broaden eligibility for the Public Service Loan Forgiveness program, which is aimed at helping government and nonprofit workers. And a new income-driven repayment plan proposal is meant to lower eligible borrowers' monthly payments and reduce the amount they pay back over time. The administration said this plan was finalized Friday and borrowers will be able to take advantage of it this summer, before loan payments are due. The Department of Education has also made it easier for borrowers who were misled by their for-profit college to apply for student loan forgiveness under a program known as borrower defense to repayment, as well as for those who are permanently disabled. Altogether, the Biden administration has approved more than $66 billion in targeted loan relief to nearly 2.2 million borrowers....

[T]he Biden administration said Friday that it will provide a 12-month on-ramp period for borrowers reentering payment... Borrowers will not be reported to credit bureaus, be considered in default or referred to collection agencies for late, missed or partial payments during the on-ramp period, according to a fact sheet from the White House.

According to NBC News, the FBI created a national online database in May to facilitate information sharing between hundreds of police departments and law enforcement agencies across the country pertaining to swatting incidents. From the report: No central agency has tracked swatting incidents or suspects in the U.S., so official statistics are not available. By 2019, there were an estimated 1,000 swatting incidents domestically each year, according to a report from the Anti-Defamation League, and each incident is estimated to cost at least $10,000 to affected communities, even before expenditures on follow-up work like investigations, property repairs and counseling. Swatting is increasingly enabled by technology that can be used to mask a caller's real voice, their phone number or IP address (also called "spoofing") or to make their false report sound more credible.

[Chief Scott Schubert with the bureau's Criminal Justice Information Services headquarters in Clarksburg, West Virginia] told NBC News that the FBI's new centralized database should help the agency "get that common picture of what's going on across our nation so we can learn from that." [...] While the earliest recorded case of swatting occurred in 2002, to this day, there is no specific law criminalizing swatting in the U.S., says John Jay's Shapiro. "Without a statute in place, there's no designated resources or training for investigating swatting incidents," she said. "And the 911 dispatchers do not have the resources and training they need to differentiate between actual emergencies and false reports."

Legally, the False Information and Hoaxes statute, also known as section 1038, is most frequently used to prosecute swatting. Other statutes can sometimes apply -- one pertaining to interstate threats involving explosives and another pertaining to interstate communications, which refers to extortion or threats to injure or kidnap somebody. "Too often, perpetrators are getting a slap on the wrist compared to the consequences suffered by their victims," Shapiro said.

Two U.S. authors have filed a proposed class action lawsuit against OpenAI, claiming that the company infringed their copyrights by using their works without permission to train its generative AI system, ChatGPT. The plaintiffs, Massachusetts-based writers Paul Tremblay and Mona Awad, claim the data used to train ChatGPT included thousands of books, including those from illegal "shadow libraries." Reuters reports: The complaint estimated that OpenAI's training data incorporated over 300,000 books, including from illegal "shadow libraries" that offer copyrighted books without permission. Awad is known for novels including "13 Ways of Looking at a Fat Girl" and "Bunny." Tremblay's novels include "The Cabin at the End of the World," which was adapted in the M. Night Shyamalan film "Knock at the Cabin" released in February.

Tremblay and Awad said ChatGPT could generate "very accurate" summaries of their books, indicating that they appeared in its database. The lawsuit seeks an unspecified amount of money damages on behalf of a nationwide class of copyright owners whose works OpenAI allegedly misused.

Data privacy laws in Colorado and Connecticut will go into effect Saturday. From a report: If companies haven't finished their compliance work to abide by the rules, they could face civil penalties of up to $20,000 per violation in some states. Colorado and Connecticut add to an increasingly complex patchwork of state data privacy laws. California paved the way in 2018 after passing the country's first state-level privacy bill, while Virginia followed this year.

The Colorado and Connecticut laws apply to entities that do business in those states, as well as businesses that process a certain amount of data about in-state customers. Under the new laws, residents of each state will have the right to request businesses delete their personal information, ask for a copy of the information businesses have collected about them, opt out of the sale of their personal data, and more. Both laws also require businesses to request opt-in permission from consumers before letting businesses process their sensitive information -- differing from the opt-out mechanism consumers have in California

Online piracy, now being linked with malware, identity theft, and banking fraud, has prompted a coordinated concerning campaign for tougher legislation beyond copyright laws. The French government, news website TorrentFreak reports, is considering an ambitious approach: integrating state-operated domain blacklists into web browsers. This step is well-intentioned, indicating an evolving strategy in battling piracy.

An anonymous reader quotes a report from The Guardian: Social media firms will be ordered to protect children from encountering dangerous stunts and challenges on their platforms under changes to the online safety bill. The legislation will explicitly refer to content that "encourages, promotes or provides instructions for a challenge or stunt highly likely to result in serious injury" as the type of material that under-18s should be protected from. The bill will also require social media companies to proactively prevent children from seeing the highest risk forms of content, such as material encouraging suicide and self-harm. Tech firms could be required to use age-checking measures to prevent under-18s from seeing such material.

In another change to the legislation, which is expected to become law this year, social media platforms will have to introduce tougher age-checking measures to prevent children from accessing pornography -- bringing them in line with the bill's measures for mainstream sites such as Pornhub. Services that publish or allow pornography on their sites will be required to introduce "highly effective" age-checking measures such as age estimation tools that estimate someone's age from a selfie. Other amendments include requiring the communications watchdog Ofcom to produce guidance for tech firms on protecting women and girls online. Ofcom, which will oversee implementation of the act once it comes into force, will be required to consult with the domestic abuse commissioner and victims commissioner when producing the guidance, in order to ensure it reflects the voices of victims.

The updated bill will also criminalize the sharing of deepfake intimate images in England and Wales. In a further change it will require platforms to ask adult users if they wish to avoid content that promotes self-harm or eating disorders or racist content. Once the law comes into force breaches will carry a punishment of a fine of £18m or up to 10% of global turnover. In the most extreme cases, Ofcom will be able to block platforms.

In a landmark ruling (PDF) on Thursday, the New Jersey Supreme Court sided with Facebook in a major court decision that requires prosecutors to get a wiretap order if they want to eavesdrop on social media accounts without adequate evidence of a crime. New Jersey Monitor reports: In a reversal of lower court decisions, the high court ruled against authorities who argued a warrant is sufficient to obtain nearly real-time release of such communications. That argument is unsupported by federal or state statute, the court said, adding that allowing such releases would effectively neuter New Jersey's wiretap law.

In separate cases focused on two men under investigation for drug offenses, authorities obtained a communications data warrant to force Facebook to disclose social media postings -- within 15 minutes of their creation -- made by the pair over a 30-day span. The state contended such releases, which Facebook said were as close to real-time as technology allows, could be made without meeting the higher bar for a wiretap order because by the time Facebook provided them, they would already have been transmitted and electronically stored.

But Thursday's decision says allowing such releases would make the state's wiretap statute obsolete because "law enforcement today would never need to apply for a wiretap order to obtain future electronic communications from Facebook users' accounts on an ongoing basis." Authorities must show probable cause to obtain a warrant. To obtain a wiretap order, they must also demonstrate that other investigatory methods would fail -- because they are too dangerous, for example -- according to criminal defense lawyer Brian Neary. Neary argued on behalf of the New Jersey State Bar Association, which joined the case as a friend of the court. "It's great to see the New Jersey Supreme Court make clear that whenever the government seeks ongoing access to our private conversations, it must meet the heightened protections required under state law and the federal and state constitutions," said Jennifer Granick, surveillance and cybersecurity counsel with the American Civil Liberties Union.

An anonymous reader quotes a report from Ars Technica: The Federal Trade Commission is preparing to file a major antitrust lawsuit accusing Amazon of "leverag[ing] its power to reward online merchants that use its logistics services and punish those who don't," Bloomberg reported today. Bloomberg described the forthcoming lawsuit as "the big one," following several earlier lawsuits filed by the FTC under Chair Lina Khan. "In the coming weeks, the agency plans to file a far-reaching antitrust suit focused on Amazon's core online marketplace, according to documents reviewed by Bloomberg and three people familiar with the case," the report said. Khan may try to force Amazon to "restructure" its business. "Based on her public comments, Khan is unlikely to accept compromises from Amazon and could seek to restructure the company -- a dramatic outcome that Amazon would surely appeal," Bloomberg wrote. [...]

Third-party sellers can rely on Amazon for warehousing, shipping, and other services through the Fulfillment by Amazon (FBA) system, but it takes a big cut out of their revenue. A recent Marketplace Pulse study based on profit and loss statements from a sample of sellers found that "Amazon is pocketing more than 50 percent of sellers' revenue -- up from 40 percent five years ago," because "Amazon has increased fulfillment fees and made spending on advertising unavoidable." "According to P&Ls provided by a sample of sellers, a typical Amazon seller pays a 15 percent transaction fee (Amazon calls it a referral fee), 20-35 percent in Fulfillment by Amazon fees (including storage and other fees), and up to 15 percent for advertising and promotions on Amazon. The total fees vary depending on the category, product price, size, weight, and the seller's business model," Marketplace Pulse wrote in February.

According to Bloomberg's article, the "FTC has amassed evidence that the company disadvantages sellers that don't use these services, and the agency is investigating an algorithm that selects merchants for the web store's coveted 'Buy Box,' where consumers can add products to their cart with one click." "The expected allegations are similar to a 2020 report from a US House subcommittee -- which counted Khan as a staff member -- and overlap with a European antitrust case that charged Amazon with rewarding sellers that use its fulfillment services and using merchants' sales data to boost its own retail business," Bloomberg wrote. Amazon agreed to a settlement with the EU in December 2022. The FTC's current investigation began two years before Khan became chair. "Amazon received the initial investigation notice in June 2019, according to documents viewed by Bloomberg. The first request for records followed two months later," the Bloomberg article said. Upon taking charge in 2021, Khan "personally helped draft some lines of questioning for investigators" and took other actions to beef up the probe into Amazon.

The federal government agency responsible for granting patents and trademarks has confirmed it inadvertently exposed about 61,000 filers' private addresses in a years-long data spill. From a report:The U.S. Patent and Trademark Office (USPTO) said in a notice sent to affected trademark applicants that their private domicile address -- often their home address -- inadvertently appeared in public records between February 2020 and March 2023. U.S. law requires applicants to include their private address when submitting a trademark application in efforts to crack down on fraudulent trademark filings.

USPTO said the issue was discovered in one of its APIs, which allows apps used by both agency staff and filers to access a system for checking the status of pending and registered trademarks. (An API allows two things on the internet, such as an app and a server, to communicate with each other.) USPTO said that the address data also appeared in bulk datasets that the agency publishes online to aid academic and economic research.

An anonymous reader quotes a report from The Hill: Asked June 26 about allegations of secret UFO retrieval and reverse-engineering programs, Senate Intelligence Committee Vice Chairman Marco Rubio (R-Fla.) made several stunning statements. In an exclusive interview, Rubio told NewsNation Washington correspondent Joe Khalil that multiple individuals with "very high clearances and high positions within our government" "have come forward to share" "first-hand" UFO-related claims "beyond the realm of what [the Senate Intelligence Committee] has ever dealt with."

Rubio's comments provide context for a bipartisan provision adopted unanimously by the Senate Intelligence Committee, which would immediately halt funding for any secret government or contractor efforts to retrieve and reverse-engineer craft of "non-earth" or "exotic" origin. This extraordinary language added to the Senate version of the Intelligence authorization bill mirrors and adds significant credibility to a whistleblower's recent, stunning allegations that a clandestine, decades-long effort to recover, analyze and exploit objects of "non-human" origin has been operating illegally without congressional oversight.

Additionally, the bill instructs individuals with knowledge of such activities to disclose all relevant information and grants legal immunity if the information is reported appropriately within a defined timeframe. Moreover, nearly 20 pages of the legislation appear to directly address recent events by enhancing a raft of legal protections for whistleblowers while also permitting such individuals to contact Congress directly. Researcher and congressional expert Douglas Johnson first reported on and analyzed the remarkable bill language, which, if it passes the House, could become law this calendar year.

An anonymous reader quotes a report from TechCrunch: A hacker has stolen the messages, call logs and locations intercepted by a widely used phone monitoring app called LetMeSpy, according to the company that makes the spyware. The phone monitoring app, which is used to spy on thousands of people using Android phones around the world, said in a notice on its login page that on June 21, "a security incident occurred involving obtaining unauthorized access to the data of website users." "As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts," the notice read.

LetMeSpy is a type of phone monitoring app that is marketed for parental control or employee monitoring. The app is also specifically designed to stay hidden on a phone's home screen, making it difficult to detect and remove. Also known as stalkerware or spouseware, these kinds of phone monitoring apps are often planted by someone -- such as spouses or domestic partners -- with physical access to a person's phone, without their consent or knowledge. Once planted, LetMeSpy silently uploads the phone's text messages, call logs, and precise location data to its servers, allowing the person who planted the app to track the person in real-time.

Polish security research blog Niebezpiecznik first reported the breach. When Niebezpiecznik contacted the spyware maker for comment, the hacker reportedly responded instead, claiming to have seized wide access to the spyware maker's domain. It's not clear who is behind the LetMeSpy hack or their motives. The hacker intimated that they deleted LetMeSpy's databases stored on the server. A copy of the hacked database also appeared online later the same day. TechCrunch reviewed the leaked data, which included years of victims' call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy. (LetMeSpy claims to delete data after two months of account inactivity.)

The Supreme Court ruled Tuesday that in order to find someone guilty of making a "true threat" courts must first determine that the person recklessly disregarded the fact that their words might be perceived as threats. From a report: Experts fear the decision will create new hurdles for victims of cyberstalking by requiring them to first prove that their stalkers understand the consequences of their actions. "The Supreme Court has just decreed that stalking is free speech protected by the First Amendment if the stalker genuinely believes his actions are non-threatening," tweeted Mary Anne Franks, a professor at George Washington Law School and president of the nonprofit Cyber Civil Rights Initiative. "That is, the more deluded the stalker, the more protected the stalking."

The case, Counterman v. Colorado, concerns a man named Billy Raymond Counterman, who was convicted under a Colorado anti-stalking law, after he sent a barrage of threatening Facebook messages to a woman he'd never met. The Colorado law didn't require the court to consider Counterman's mental state when he sent the messages. It only had to consider his behavior and how it was objectively received, that is, whether he repeatedly contacted, followed, or surveilled his target in a way that would cause a "reasonable person" distress. Counterman was found guilty under that statute, but he appealed his conviction, arguing that his statements were protected by the First Amendment and did not constitute "true threats," a category of speech that falls outside the bounds of the First Amendment, because it wasn't his intention to threaten his target. In its decision, the Supreme Court overwhelmingly sided with Counterman.

Apple has criticised powers in the UK's Online Safety Bill that could be used to force encrypted messaging tools like iMessage, WhatsApp and Signal to scan messages for child abuse material. From a report: Its intervention comes as 80 organisations and tech experts have written to Technology Minister Chloe Smith urging a rethink on the powers. Apple told the BBC the bill should be amended to protect encryption. End-to-end encryption (E2EE) stops anyone but the sender and recipient reading the message. Police, the government and some high-profile child protection charities maintain the tech -- used in apps such as WhatsApp and Apple's iMessage -- prevents law enforcement and the firms themselves from identifying the sharing of child sexual abuse material.

But in a statement Apple said: "End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats. "It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk. "Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all."

Investigations triggered by the cracking of encrypted phones three years ago have so far led to more than 6,500 arrests worldwide and the seizure of hundreds of tons of drugs, French, Dutch and European Union prosecutors said Tuesday. From a report: The announcement underscored the staggering scale of criminality -- mainly drugs and arms smuggling and money laundering -- that was uncovered as a result of police and prosecutors effectively listening in to criminals using encrypted EncroChat phones. "It helped to prevent violent attacks, attempted murders, corruption and large-scale drug transports, as well as obtain large-scale information on organised crime," European Union police and judicial cooperation agencies Europol and Eurojust said in a statement.

The French and Dutch investigation gained access to more than 115 million encrypted communications between some 60,000 criminals via servers in the northern French town of Roubaix, prosecutors said at a news conference in the nearby city of Lille. As a result, 6,558 suspects have been arrested worldwide, including 197 "high-value targets." Seized drugs included 30.5 million pills, 103.5 metric tons (114 tons) of cocaine, 163.4 metric tons (180 tons) of cannabis and 3.3 metric tons (3.6 tons) of heroin. The investigations also led to nearly 740 million euros ($809 million) in cash being recovered and assets or bank accounts worth another 154 million euros ($168 million) frozen.

"Smartwatches are being sent to random military members loaded with malware, much like malware distribution via USB drives in the past," writes longtime Slashdot reader frdmfghtr. "Recipients are advised not to turn them on and report the incident to their local security office." Defense News reports: The Department of the Army Criminal Investigation Division, or CID, in an announcement last week warned the watches may contain malware, potentially granting whoever sent the peripherals "access to saved data to include banking information, contacts, and account information such as usernames and passwords."

A more innocuous tactic may also be to blame: so-called brushing, used in e-commerce to boost a seller's ratings through fake orders and reviews. The CID, an independent federal law enforcement agency consisting of thousands of personnel, did not say exactly how many smartwatches were so far distributed.

Pirate ebook repository Z-Library has released a dedicated desktop application that should make it easier to access the site going forward. The service is at the center of a criminal crackdown and has lost hundreds of domain names, which in part triggered the development of this new software. TorrentFreak reports: Over the past few months, Z-Library users accessed the site through a dedicated URL, which redirected them to a 'personal' domain that provided access to the library. This worked well but the entire operation could easily be wiped out by yet another round of domain seizures. The new desktop launcher, which is available on the Windows, Mac, and Linux platforms, will automatically redirect users to the right place, without being tied to a single domain name. The new desktop launcher, which is available on the Windows, Mac, and Linux platforms, will automatically redirect users to the right place, without being tied to a single domain name.

In addition to simplifying access, the new Z-Library launcher software is able to connect over the Tor network. This can help to evade blocking efforts while adding an extra privacy layer. The software may trigger a warning noting that it's from an unverified developer. According to Z-Library, this is a standard notice but, aside from the copyright infringement angle, people should always treat third-party applications with caution.