CNN remembers how in 2016 Ruja Ignatova "touted her company, OneCoin, as a lucrative rival to Bitcoin in the growing cryptocurrency market." As OneCoin's co-founder, Ignatova told one audience in 2016 that "In two years, nobody will speak about Bitcoin anymore.

"Sixteen months later, Ignatova boarded a plane in Sofia, Bulgaria, and vanished. She hasn't been seen since." Authorities say OneCoin was a pyramid scheme that defrauded people out of more than $4 billion as Ignatova convinced investors in the US and around the globe to throw fistfuls of cash at her company. Federal prosecutors describe OneCoin as one of the largest international fraud schemes ever perpetrated. She is now one of the FBI's 10 most-wanted fugitives, alongside accused gang leaders and murderers, and is the only woman currently on that list....

Ignatova and her partners "conned unsuspecting victims out of billions of dollars, claiming that OneCoin would be the 'Bitcoin killer,'" US Attorney Damian Williams, New York's top prosecutor, said in a statement last month. "In fact, OneCoins were entirely worthless ... (Their) lies were designed with one goal, to get everyday people all over the world to part with their hard-earned money."
One subheading of CNN's story reads "She knew it was a scam from the start, court documents say." While [co-founder] Greenwood and Ignatova were working on the concept for OneCoin, they referred to it in emails as a "trashy coin," federal officials said in court documents. The documents show Greenwood described their investors as "idiots" and "crazy" in an email to Ignatova's brother, Konstantin Ignatov, who also took part in the scam and assumed OneCoin leadership after his sister vanished, according to prosecutors.... She also proposed an exit strategy should the company fail, saying in a 2014 email to Greenwood that they should "take the money and run and blame somebody else for this...."

Ignatova and her partners promised buyers a fivefold or even tenfold return on their investment, according to court documents. A buying frenzy ensued. Between the fourth quarter of 2014 and the fourth quarter of 2016 alone, investors gave OneCoin more than $4 billion, federal prosecutors said, citing records obtained in the course of their investigation. Some $50 million came from investors in the US, according to court documents. "She timed her scheme perfectly, capitalizing on the frenzied speculation of the early days of cryptocurrency," said Williams, the top federal prosecutor in Manhattan.
The FBI is now offering a $100,000 reward for information leading to her arrest, according to the article, which notes this line appearing at the bottom of her FBI wanted poster.

"Ignatova is believed to travel with armed guards and/or associates. Ignatova may have had plastic surgery or otherwise altered her appearance."

The Washington Post's editorial board recently commented on the problem of America's "dead downtowns. Tourists are back, but office workers are still missing in action.... [R]estaurants, coffee hangouts, stores and transit systems cannot sustain themselves without more people in center cities...."

The problem? America "is in the midst of one of the biggest workforce shifts in generations: Many now have experienced what it is like to work from home and have discovered they prefer it."

Their proposed solution? The Post's editorial board is urging cities to adapt to the new reality of workers wanting to work two or three days remotely in part by converting commercial offices to apartments and entertainment venues. The goal is a "24/7" downtown with ample work spaces, apartments, parks and entertainment venues that draw people in during the day and have a core of residents who keep the area vibrant after commuters go home.... Office use isn't going back to pre-pandemic levels. Even Texas cities that did not shut down during the worst of the pandemic are 20 to 30 percent below 2019 office occupancy. New York, Los Angeles and D.C. are still down more than 40 percent. This a classic oversupply problem. Cities have too much office space, especially in the older buildings that companies are fleeing as they seek out new construction with more light and flexible space.

Mayors and city lawmakers have reason to be bold in seizing this opportunity. There's growing interest among developers and investors who want to be a part of the office-to-apartment revolution. They are already eyeing the easiest buildings to convert: The ones with elevators in the middle, windows and light on all sides, and the right length and width. The challenge for city leaders is to generate interest in the buildings that are "maybe" candidates for conversion.
The Post's suggestions include announcing targets for new residents living downtown, and speeding up city approvals like permitting and rezoning. "America's cities are ripe for new skylines and fresh streetscapes. The best leaders will get going soon."

Why hasn't America restored net neutrality protections? "President Biden's nomination to serve on the Federal Communications Commission has been stalled in the Senate for more than a year," complain the editorial boards of two Silicon Valley newspapers: Confirming Gigi Sohn would end the 2-2 deadlock on the FCC that is keeping Biden from fulfilling his campaign promise to restore net neutrality, ensuring that all internet traffic is treated equally. Polls show that 75% of Americans support net neutrality rules. They know that an open internet is essential for innovation and economic growth, for fostering the next generation of entrepreneurs....

[T]elecommunication giants such as AT&T, Verizon and Comcast don't want that to happen. They favor the status quo that allows the internet companies to pick winners and losers by charging content providers higher rates for speedier access to customers. They seek to expand the cable system model and allow kingmakers to rake in billions at the expense of smaller, new startups that struggle to gain a wider audience on their slow-speed offerings. So Republicans and a handful of Democrats are holding up Sohn's confirmation, claiming that her "radical" views disqualify her....

They also object to Sohn's current service as an Electronic Frontier Foundation board member, saying it proves she wouldn't be an unbiased and impartial FCC Commissioner. The San Francisco-based EFF is a leading nonprofit with a mission of defending digital privacy, free speech and innovation....

Enough is enough. Confirm Sohn and allow the FCC to fulfill its mission of promoting connectivity and ensuring a robust and competitive internet market.

IBM, along with 13 of its current and former executives, has been sued by investors who claim the IT giant used mainframe sales to fraudulently prop up newer, more trendy parts of its business. The Register reports: In effect, IBM deceived the market about its progress in developing Watson, cloud technologies, and other new sources of revenue, by deliberately misclassifying the money it was making from mainframe deals, assigning that money instead to other products, it is alleged. The accusations emerged in a lawsuit [PDF] filed late last week against IBM in New York on behalf of the June E Adams Irrevocable Trust. It alleged Big Blue shifted sales by its "near-monopoly" mainframe business to its newer and less popular cloud, analytics, mobile, social, and security products (CAMSS), which bosses promoted as growth opportunities and designated "Strategic Imperatives."

IBM is said to have created the appearance of demand for these Strategic Imperative products by bundling them into three- to five-year mainframe Enterprise License Agreements (ELA) with large banking, healthcare, and insurance company customers. In other words, it is claimed, mainframe sales agreements had Strategic Imperative products tacked on to help boost the sales performance of those newer offerings and give investors the impression customers were clamoring for those technologies from IBM. "Defendants used steep discounting on the mainframe part of the ELA in return for the customer purchasing catalog software (i.e. Strategic Imperative Revenue), unneeded and unused by the customer," the lawsuit stated.

IBM is also alleged to have shifted revenue from its non-strategic Global Business Services (GBS) segment to Watson, a Strategic Imperative in the CAMSS product set, to convince investors that the company was successfully expanding beyond its legacy business. Last April the plaintiff Trust filed a similar case, which was joined by at least five other law firms representing other IBM shareholders. A month prior, the IBM board had been presented with a demand letter from shareholders to investigate the above allegations. Asked whether any action has been taken as a result of that letter, IBM has yet to respond.

An anonymous reader quotes a report from the Daily Dot: An unsecured server discovered by a security researcher last week contained the identities of hundreds of thousands of individuals from the U.S. government's Terrorist Screening Database and "No Fly List." Located by the Swiss hacker known as maia arson crimew, the server, run by the U.S. national airline CommuteAir, was left exposed on the public internet. It revealed a vast amount of company data, including private information on almost 1,000 CommuteAir employees. Analysis of the server resulted in the discovery of a text file named "NoFly.csv," a reference to the subset of individuals in the Terrorist Screening Database who have been barred from air travel due to having suspected or known ties to terrorist organizations.

The list, according to crimew, appeared to have more than 1.5 million entries in total. The data included names as well as birth dates. It also included multiple aliases, placing the number of unique individuals at far less than 1.5 million. [...] In a statement to the Daily Dot, CommuteAir said that the exposed infrastructure, which it described as a development server, was used for testing purposes. CommuteAir added that the server, which was taken offline prior to publication after being flagged by the Daily Dot, did not expose any customer information based on an initial investigation. CommuteAir also confirmed the legitimacy of the data, stating that it was a version of the "federal no-fly list" from roughly four years prior. [...] The server also held the passport numbers, addresses, and phone numbers of roughly 900 company employees. User credentials to more than 40 Amazon S3 buckets and servers run by CommuteAir were also exposed.

HPE and Oracle have settled their long-running legal case over alleged copyright infringement regarding Solaris software updates for HPE customers, but it looks like the nature of the settlement is going to remain under wraps. The Register reports: The pair this week informed [PDF] the judge overseeing the case that they'd reached a mutual settlement and asked for the case to be dismissed "with prejudice" -- ie, permanently. The settlement agreement is confidential, and its terms won't be made public. The case goes back to at least 2016, when Oracle filed a lawsuit against HPE over the rights to support the Solaris operating system. HPE and a third company, software support outfit Terix, were accused of offering Solaris support for customers while the latter was not an authorized Oracle partner.

Big Red's complaint claimed HPE had falsely represented to customers that it and Terix could lawfully provide Solaris Updates and other support services at a lower cost than Oracle, and that the two had worked together to provide customers with access to such updates. The suit against HPE was thrown out of court in 2019, but revived in 2021 when a judge denied HPE's motion for a summary judgement in the case. Terix settled its case in 2015 for roughly $58 million. Last year, the case went to court and in June a jury found HPE guilty of providing customers with Solaris software updates without Oracle's permission, awarding the latter $30 million for copyright infringement.

But that wasn't the end of the matter, because HPE was back a couple of months later to appeal the verdict, claiming the complaint by Oracle that it had directly infringed copyrights with regard to Solaris were not backed by sufficient evidence. This hinged on HPE claiming that Oracle had failed to prove that any of the patches and updates in question were actually protected by copyright, but also that Oracle could not prove HPE had any control over Terix in its purported infringement activities. Oracle for its part filed a motion asking the court for a permanent injunction against HPE to prevent it copying or distributing the Solaris software, firmware or support materials, except as allowed by Oracle. Now it appears that the two companies have come to some mutually acceptable out-of-court arrangement, as often happens in acrimonious and long-running legal disputes.

An anonymous reader quotes a report from Ars Technica: Over the past few days, dozens of tech companies have filed briefs in support of Google in a Supreme Court case that tests online platforms' liability for recommending content. Obvious stakeholders like Meta and Twitter, alongside popular platforms like Craigslist, Etsy, Wikipedia, Roblox, and Tripadvisor, urged the court to uphold Section 230 immunity in the case or risk muddying the paths users rely on to connect with each other and discover information online. Out of all these briefs, however, Reddit's was perhaps the most persuasive (PDF). The platform argued on behalf of everyday Internet users, whom it claims could be buried in "frivolous" lawsuits for frequenting Reddit, if Section 230 is weakened by the court. Unlike other companies that hire content moderators, the content that Reddit displays is "primarily driven by humans -- not by centralized algorithms." Because of this, Reddit's brief paints a picture of trolls suing not major social media companies, but individuals who get no compensation for their work recommending content in communities. That legal threat extends to both volunteer content moderators, Reddit argued, as well as more casual users who collect Reddit "karma" by upvoting and downvoting posts to help surface the most engaging content in their communities.

"Section 230 of the Communications Decency Act famously protects Internet platforms from liability, yet what's missing from the discussion is that it crucially protects Internet users -- everyday people -- when they participate in moderation like removing unwanted content from their communities, or users upvoting and downvoting posts," a Reddit spokesperson told Ars. Reddit argues in the brief that such frivolous lawsuits have been lobbed against Reddit users and the company in the past, and Section 230 protections historically have consistently allowed Reddit users to "quickly and inexpensively" avoid litigation. [...]

The Supreme Court will have to weigh whether Reddit's arguments are valid. To help make its case defending Section 230 immunity protections for recommending content, Reddit received special permission from the Supreme Court to include anonymous comments from Reddit mods in its brief. This, Reddit's spokesperson notes, is "a significant departure from normal Supreme Court procedure." The Electronic Frontier Foundation, a nonprofit defending online privacy, championed the court's decision to allow moderators to contribute comments anonymously. "We're happy the Supreme Court recognized the First Amendment rights of Reddit moderators to speak to the court about their concerns," EFF's senior staff attorney, Sophia Cope, told Ars. "It is quite understandable why those individuals may be hesitant to identify themselves should they be subject to liability in the future for moderating others' speech on Reddit."

"Reddit users that interact with third-party content -- including 'hosting' content on a sub-Reddit that they manage, or moderating that content -- could definitely be open to legal exposure if the Court carves out "recommending' from Section 230's protections, or otherwise narrows Section 230's reach," Cope told Ars.

The nation's second-largest wireless carrier on Thursday disclosed that a "bad actor" took advantage of one of its application programming interfaces to gain data on "approximately 37 million current postpaid and prepaid customer accounts." CNET reports: In an 8K filing with the US Securities and Exchange Commission, the carrier says that it was able to trace and stop the "malicious activity" within a day of learning about it. T-Mobile also says that the API that was used does not allow for access to "any customer payment card information, Social Security numbers/tax IDs, driver's license or other government ID numbers, passwords/PINs or other financial account information." According to the filing, the carrier believes that the breach first occurred "on or around" Nov. 25, 2022. The carrier didn't learn that a "bad actor" was getting data from its systems until Jan. 5.

The company's API, however, did reveal other user information, including names, billing addresses, email addresses, phone numbers and birth dates of its customers, their T-Mobile account numbers, and information on which plan features they have with the carrier and the number of lines on their accounts. The company said in the SEC filing that it has "begun notifying customers whose information may have been obtained by the bad actor in accordance with applicable state and federal requirements." In 2021, T-Mobile suffered a data breach that exposed data of roughly 76.6 million people. "T-Mobile agreed to a $500 million settlement in the case in July, with $350 million going to settle customer claims from a class action lawsuit and $150 million going to upgrade its data protection system," adds CNET.

Hundreds of federal, state and local U.S. law-enforcement agencies have access without court oversight to a database of more than 150 million money transfers between people in the U.S. and in more than 20 countries, according to internal program documents and an investigation by Sen. Ron Wyden. WSJ: The database, housed at a little-known nonprofit called the Transaction Record Analysis Center, or TRAC, was set up by the Arizona state attorney general's office in 2014 as part of a settlement reached with Western Union to combat cross-border trafficking of drugs and people from Mexico. It has since expanded to allow officials of more than 600 law-enforcement entities -- from federal agencies such as the Federal Bureau of Investigation, the Drug Enforcement Administration, and Immigration and Customs Enforcement to small-town police departments in nearly every state -- to monitor the flow of funds through money services between the U.S. and countries around the world.

TRAC's data includes the full names of the sender and recipient as well as the transaction amount. Rich Lebel, TRAC's director, said the program has directly resulted in hundreds of leads and busts involving drug cartels and other criminals seeking to launder money, and has revealed patterns of money flow that help law-enforcement agencies get a broader grasp on smuggling networks. "It's a law-enforcement investigative tool," Mr. Lebel said. "We don't broadcast it to the world, but we don't run from or hide from it either." Mr. Wyden, an Oregon Democrat, said TRAC allows the government to "serve itself an all-you-can-eat buffet of Americans' personal financial data while bypassing the normal protections for Americans' privacy."

Internal records, including TRAC meeting minutes and copies of 140 subpoenas from the Arizona attorney general, were obtained by the American Civil Liberties Union and reviewed by The Wall Street Journal. They show that any authorized law-enforcement agency can query the data without a warrant to examine the transactions of people inside the U.S. for evidence of money laundering and other crimes. One slideshow prepared by a TRAC investigator showed how the program's data could be used to scan for categories such as "Middle Eastern/Arabic names" in bulk transaction records.

Department of Justice: A complaint was unsealed this morning in federal court in Brooklyn charging Anatoly Legkodymov, a Russian national and senior executive of Bitzlato Ltd. (Bitzlato), a Hong Kong-registered cryptocurrency exchange, with conducting a money transmitting business that transported and transmitted illicit funds and that failed to meet U.S. regulatory safeguards, including anti-money laundering requirements. Legkodymov was arrested last night in Miami and is scheduled to be arraigned this afternoon in the U.S. District Court for the Southern District of Florida. French authorities and the U.S. Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) are taking concurrent enforcement actions.

According to court documents, Legkodymov is a senior executive and the majority shareholder of Bitzlato Ltd. (Bitzlato), a Hong Kong-registered cryptocurrency exchange that operates globally. Bitzlato has marketed itself as requiring minimal identification from its users, specifying that "neither selfies nor passports [are] required." On occasions when Bitzlato did direct users to submit identifying information, it repeatedly allowed them to provide information belonging to "straw man" registrants. As a result of these deficient know-your-customer (KYC) procedures, Bitzlato allegedly became a haven for criminal proceeds and funds intended for use in criminal activity. Bitzlato's largest counterparty in cryptocurrency transactions was Hydra Market, an anonymous, illicit online marketplace for narcotics, stolen financial information, fraudulent identification documents, and money laundering services that was the largest and longest running darknet market in the world. Hydra Market users exchanged more than $700 million in cryptocurrency with Bitzlato, either directly or through intermediaries, until Hydra Market was shuttered by U.S. and German law enforcement in April 2022. Bitzlato also received more than $15 million in ransomware proceeds.

An anonymous reader quotes a report from TorrentFreak: GitHub has taken down a popular Pirate Bay proxy information portal from Github.io. The developer platform took action in response to a takedown request sent by City of London Police's Intellectual Property Crime Unit (PIPCU). The takedown notice concludes that the site, which did not link to any infringing content directly, is illegal. [...] "This site is in breach of UK law, namely Copyright, Design & Patents Act 1988, Offences under the Fraud Act 2006 and Conspiracy to Defraud," PIPCU writes. "Suspension of the domain(s) is intended to prevent further crime. Where possible we request that domain suspension(s) are made within 48 hours of receipt of this Alert," the notice adds. This takedown request was honored by GitHub, meaning that people who try to access the domain now get a 404 error instead.

While GitHub's swift response is understandable, it's worth pointing out how these blocking efforts are evolving and expanding, far beyond blocking the original Pirate Bay site. The Proxy Bay doesn't link to infringing content directly. The site links to other proxy sites which serve up the Pirate Bay homepage. From there, users may search for or browse torrent links that, once loaded, can download infringing content. Does this mean that simply linking to The Pirate Bay can be considered a crime in itself? If that's the case, other sites such as Wikipedia and Bing are in trouble too.

A more reasonable middle ground would be to consider the intent of a site. The Proxy Bay was launched to facilitate access to The Pirate Bay, which makes court orders less effective. In 2015 UK ISPs began blocking proxy and proxy indexing sites, so that explains why thepirateproxybay.com and others are regularly blocked. Whether this constitutes criminal activity is ultimately for the court to decide, not the police. In this regard, it's worth noting that City of London Police previously arrested the alleged operator of a range of torrent site proxies. The then 20-year-old defendant, who also developed censorship circumvention tool Immunicity, was threatened with a hefty prison sentence but the court disagreed and dismissed the case.

Bloomberg reports: After five people were killed in a 2020 arson in Colorado, law enforcement officials failed to turn up any leads through their initial investigative techniques. So they served a warrant to Google for anyone who had searched for the address of the fire, according to a court motion.

Google eventually complied with the data request, helping law enforcement find suspects. Three teenagers who had searched the address were charged with murder. But the technique also drew a challenge from defense lawyers, who are calling reverse keyword search warrants "a digital dragnet of immense proportions." It's the first case to challenge the constitutionality of the method, the attorneys say.

Defense lawyers filed a motion Wednesday to challenge the judge's decision to use evidence from the warrant to charge their client, Gavin Seymour. They're asking the Colorado Supreme Court to review the matter, after the judge earlier denied their motion to suppress the evidence. The keyword search warrant "is profoundly different from traditional search warrants seeking data belonging to a suspect," the defense argued in the court filing. "Instead, the process operates in reverse — search everyone first, and identify suspects later."
One defendant's lawyer points out Google must review the activities of billions of innocent searchers to respond to keyword search warrants, arguing this has "tremendous implications...for everyone in the country who uses Google to run searches."

Though the state of Wyoming is home to one of America's largest wind farms, "Wyoming's legislature is considering a resolution that calls for a phaseout of new electric vehicle sales by 2035," reports Engadget: In the proposed resolution, a group of lawmakers led by Senator Jim Anderson says Wyoming's "proud and valued" oil and gas industry has created "countless" jobs and contributed revenue to the state's coffers. They add that a lack of charging infrastructure within Wyoming would make the widespread use of EVs "impracticable" and that the state would need to build "massive amounts of new power generation" to "sustain the misadventure of electric vehicles." SJ4 calls for residents and businesses to limit the sale and purchase of EVs voluntarily, with the goal of phasing them out entirely by 2035.

If passed, the resolution would be entirely symbolic. In fact, it's more about sending a message to EV advocates than banning the vehicles altogether. To that point, the final section of SJ4 calls for Wyoming's Secretary of State to send President Biden and California Governor Gavin Newsom copies of the resolution. "One might even say tongue-in-cheek, but obviously it's a very serious issue that deserves some public discussion," Senator Boner, one of the bill's co-sponsors, told the Cowboy State Daily. "I'm interested in making sure that the solutions that some folks want to the so-called climate crisis are actually practical in real life. I just don't appreciate when other states try to force technology that isn't ready."

An anonymous reader quotes a report from BleepingComputer: Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account compromise on other platforms. "Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account," NortonLifeLock said. "This username and password combination may potentially also be known to others."

More specifically, the notice explains that around December 1, 2022, an attacker used username and password pairs they bought from the dark web to attempt to log in to Norton customer accounts. The firm detected "an unusually large volume" of failed login attempts on December 12, 2022, indicating credential stuffing attacks where threat actors try out credentials in bulk. By December 22, 2022, the company had completed its internal investigation, which revealed that the credential stuffing attacks had successfully compromised an undisclosed number of customer accounts: "In accessing your account with your username and password, the unauthorized third party may have viewed your first name, last name, phone number, and mailing address." For customers utilizing the Norton Password Manager feature, the notice warns that the attackers might have obtained details stored in the private vaults. Depending on what users store in their accounts, this could lead to the compromise of other online accounts, loss of digital assets, exposure of secrets, and more. Norton has reset passwords on impacted accounts and implemented additional measures to counter the malicious attempts. They're recommending customers enable two-factor authentication and take up the offer for a credit monitoring service.

Meta has filed a legal complaint against a company for allegedly creating tens of thousands of fake Facebook accounts to scrape user data and provide surveillance services for clients. From a report: The firm, Voyager Labs, bills itself as "a world leader in advanced AI-based investigation solutions." What this means in practice is analyzing social media posts en masse in order to make claims about individuals. In 2021, for example, The Guardian reported how Voyager Labs sold its services to the Los Angeles Police Department, with the company claiming to predict which individuals were likely to commit crimes in the future.

Meta announced the legal action in a blog post on January 12th, claiming that Voyager Labs violated its terms of service. According to a legal filing issued on November 11th, Meta alleges that Voyager Labs created over 38,000 fake Facebook user accounts and used its surveillance software to gather data from Facebook and Instagram without authorization. Voyager Labs also collected data from sites including Twitter, YouTube, and Telegram.

All.health, a medical care startup that rose from the ashes of once-hot wearable company Jawbone, is being sued in San Francisco by one of its investors for alleged fraud, misrepresentation and breach of contract. From a report: All.health's co-founders, the former Jawbone Chief Executive Officer Hosain Rahman and Michael Luna, are also named in the complaint. While All.health, Rahman and Luna deny the claims, the dispute is an illustration of the rancor that can envelop fledgling tech companies at a suddenly volatile time for startup funding. Jawbone was a Silicon Valley darling -- most famous for its wireless earpieces -- until the startup dramatically folded in 2017 and sold off its assets. As Jawbone was disintegrating, Rahman salvaged the company's medical device business. The resulting startup, now called All.health, developed wearable monitoring hardware and technology for people with chronic illnesses like diabetes.

In a complaint filed this summer, Polymath Holdings, a Dubai-based investment company and All.health backer, claimed that the startup overpromised, took millions of dollars and under-delivered on a commitment to manufacture thousands of health-monitoring devices. The suit, which was recently largely unredacted by a San Francisco court, alleges that the startup was a "classic 'fake-it-until-you-make it' tale of fraud."

Downing Street has said it is considering a Tory-backed amendment to the online safety bill that would allow for the imposing of jail sentences on social media bosses who are found not to have protected children's safety. The Guardian reports: No 10 said on Thursday it was open to the proposal, which is backed by at least 36 Conservative MPs including the former home secretary Priti Patel and the former work and pensions secretary Iain Duncan Smith. The amendment would give Ofcom, the communications watchdog, the power to prosecute executives at social media companies that are found to have breached the law. If ministers include it in the bill, it will mark the third time the prime minister, Rishi Sunak, has bowed to the demands of his backbenchers, after U-turns on planning and onshore windfarms.

The bill is aimed at cracking down on a range of online content that ministers believe is causing serious harm to users and was informed in part by the testimony of Frances Haugen, a former Facebook employee who accused the company of repeatedly putting profits ahead of user safety. The bill will force companies to remove any content promoting self-harm, depicting sexual violence or facilitating suicide. It will also require companies to impose and enforce strict age limits and to publish assessments of the risks their platforms pose to young people. As it is currently written, the bill gives Ofcom the power to levy fines on companies of up to 10% of their global turnover for breaches in the law. Ofcom will be able to prosecute executives only if they fail to cooperate with an investigation. This has upset many Conservative MPs, however, who believe the regulator should be given tougher powers.

The amendment, which has been signed by 37 MPs overall, would allow Ofcom to prosecute individual executives if they were proved to have connived with or consented to breaking the elements of the bill designed to protect children's safety. Judges would be allowed to impose prison sentences of up to two years. [...] Other changes to the bill, which has its report and third reading stage in the House of Commons next week, include altering earlier plans to tackle content seen by adults that is harmful but falls below the threshold of criminality, such as cyberbullying and sexist and racist material. Tech companies will be required to state clearly in their terms and conditions how they will moderate such content. Users will also be given the option of asking to have such content screened out when they are on social media platforms. A Downing Street spokesperson said on Thursday: "Our aim is to hold to account social media platforms for harmful content, while also ensuring the UK remains a great place to invest and grow a tech business. We are confident we can achieve both of these things. We will carefully consider all the proposed amendments to the online safety bill and set out the position when report stage continues."

An anonymous reader quotes a report from 9to5Mac: Apple has suffered a setback in its long-running Apple Watch patent infringement battle with medical technology company Masimo. A court has ruled that Apple has indeed infringed one of Masimo's patents in the Apple Watch Series 6 and up. Masimi is seeking a US import on all current Apple Watches. If granted, this would effectively end Apple Watch sales in the US, as the company would not be allowed to bring in the devices from China.

The battle between the two companies has a long history. Back in 2013, Apple reportedly contacted Masimo to discuss a potential collaboration between the two companies. Instead, claims Masimo, Apple used the meetings to identify staff it wanted to poach. Masimo later called the meetings a "targeted effort to obtain information and expertise." Apple did indeed hire a number of Masimo staff, including the company's chief medical officer, ahead of the launch of the Apple Watch. Masimo CEO Joe Kiano later expressed concern that Apple may have been trying to steal the company's blood oxygen sensor technology. The company describes itself as "the inventors of modern pulse oximeters," and its tech is used in many hospitals.

In 2020, the company sued Apple for stealing trade secrets and infringing 10 Masimo patents. The lawsuit asked for an injunction on the sale of the Apple Watch. Apple has consistently denied the claims, and recently hit back with a counterclaim of its own, alleging that Masimo's own W1 Advanced Health Tracking Watch infringes multiple Apple patents. Reuters reports that a US court has ruled against Apple on one of the patent claims.

The U.S. Securities and Exchange Commission (SEC) alleged crypto exchange Gemini and crypto lender Genesis Global Capital sold unregistered securities in a lawsuit filed late Thursday. CoinDesk reports: The investment regulator took aim at Gemini Earn, the troubled yield-bearing product that hundreds of thousands of U.S. investors entrusted with their crypto. Gemini generated yield on billions of dollars in crypto by loaning deposits to Genesis, which loaned them out again. But Genesis' November closing of lending withdrawals left some 340,000 Gemini Earn customers and about $900 million in crypto in limbo, the SEC said. The regulator accused the popular program of being an unregistered security. "Defendants offered and sold the Gemini Earn Agreements through the Gemini Earn Program without registering" with securities regulators, the complaint said. "As a result, investors lacked material information about the Gemini Earn program that would have been relevant to their investment decisions."

JPMorgan Chase is suing the 30-year-old founder of Frank, a buzzy fintech startup it acquired for $175 million, for allegedly lying about its scale and success by creating an enormous list of fake users to entice the financial giant to buy it. Forbes: Frank, founded by former CEO Charlie Javice in 2016, offers software aimed at improving the student loan application process for young Americans seeking financial aid. Her lofty goals to build the startup into "an Amazon for higher education" won support from billionaire Marc Rowan, Frank's lead investor according to Crunchbase, and prominent venture backers including Aleph, Chegg, Reach Capital, Gingerbread Capital and SWAT Equity Partners. The lawsuit, which was filed late last year in U.S. District Court in Delaware, claims that Javice pitched JP Morgan in 2021 on the "lie" that more than 4 million users had signed up to use Frank's tools to apply for federal aid.

When JP Morgan asked for proof during due diligence, Javice allegedly created an enormous roster of "fake customers -- a list of names, addresses, dates of birth, and other personal information for 4.265 million 'students' who did not actually exist." In reality, according to the suit, Frank had fewer than 300,000 customer accounts at that time. [...] Frank's chief growth officer Olivier Amar is also named in the JP Morgan complaint. It alleges that Javice and Amar first asked a top engineer at Frank to create the fake customer list; when he refused, Javice approached "a data science professor at a New York City area college" to help. Using data from some individuals who'd already started using Frank, he created 4.265 million fake customer accounts -- for which Javice paid him $18,000 -- and had it validated by a third-party vendor at her direction, JP Morgan alleges. Amar, meanwhile, spent $105,000 buying a separate data set of 4.5 million students from the firm ASL Marketing, per the complaint.