Space

Orbital Datacenter Plans Need an Environmental Review, FCC Told (theregister.com) 17

Environmental groups want America's FCC "to slam the brakes on orbital datacenters," writes The Register.

They're arguing for an environmental impact assessment for what could be 1 million satellites: Earthjustice, acting on behalf of DarkSky International, Environment America, and Public Employees for Environmental Responsibility (PEER), filed a petition this week... The filing doesn't target any single company. Instead, it asks the regulator to put the entire emerging orbital datacenter sector on hold while it assesses the cumulative effects of proposals from SpaceX, Starcloud, Blue Origin, Cowboy Space, and any similar applications that follow. According to the petition, those proposals collectively seek "well over a million datacenter satellites" in low Earth orbit.... " increasing the existing volume of satellites in low-earth orbit by multiple orders of magnitude."

The groups argue that the FCC is trying to apply licensing rules written for much smaller satellite constellations to an entirely new class of infrastructure. "If ever a situation warranted a Programmatic Environmental Impact Statement [PEIS], it is this one," the petition says. It argues that a single review would allow the agency to examine "the risks, alternatives, needs, costs, and impacts of this sudden transformation of Earth's exosphere" before deciding whether any of the projects are in the public interest. The petition raises concerns about rocket launch emissions, pollutants released as satellites burn up during atmospheric reentry, depletion of the ozone layer, orbital debris, light pollution, impacts on wildlife, and interference with astronomy.

It also argues that the combined effects of these constellations cannot be understood by evaluating applications one at a time.... "It is difficult to imagine a better example of multiple projects presenting essentially identical impacts and risks that compound synergistically and cumulatively than the present proposals..." The petition argues that the FCC's current approach, which generally treats satellite licenses as categorically excluded from detailed environmental review, is no longer fit for proposals measured not in dozens or thousands of spacecraft but in hundreds of thousands and, potentially, millions.

If the FCC agrees, orbital datacenter operators will have a mountain of paperwork to clear before sending their hardware skyward.

Electronic Frontier Foundation

EFF Celebrates 36th Anniversary, Says 'We Need You in the Fight' 10

"We need you in the fight," says the American legal expert in privacy, surveillance, AI, and Internet freedom of speech who became the EFF's new executive director in March.

As EFF celebrates the anniversary of its founding 1990, "Each headline is different, but they tell one story: Many of the threats that once seemed hypothetical are now reality, and EFF's work to ensure technology supports rights, justice, freedom, and innovation for all people has never been more critical." Governments and large corporations possess surveillance capabilities that were unimaginable just a few years ago. Ever greater concentrations of power are shaping speech, creativity, markets, and democratic institutions. Governments are increasingly seeking to control the internet and people's ability to access information and communicate freely. Our community's work is fundamental to the future of our countries, our livelihoods, and literally our lives...

These are perilous times. It is also a moment of extraordinary possibility. The future of AI has not been written and we can work together to get it right. We can make sure our laws reflect the needs of the modern digital age. We can build the technologies that empower rather than marginalize communities. For me, the work starts with recognizing that digital rights are not a siloed policy issue. We must fight and win on the digital terrain to organize, speak freely, access healthcare, find work, receive an education, and participate fully in democracy. We can and must reject a false choice between innovation and civil liberties, and build power across movements to make sure technology truly works for people...

EFF's founders understood something remarkably prescient: Technology and civil liberties would become inseparable. Now we all live digital lives, and the important digital rights issues that EFF has worked on since 1990 have become kitchen-table issues all around the world. EFF's founders understood that how technology is built, developed, used, and controlled deeply intersects with rights, justice, freedom, and democracy. EFF's unique combination of world-class lawyers, activists, and public interest technologists pursue change simultaneously in the courts, legislatures, companies, and our communities, and pierce through false choices. This integrated, intersectional approach, grounded in deep legal, policy, and technical expertise, is a linchpin in fighting and winning against some of the most powerful forces in the world — both governments and trillion-dollar companies.

We defend people against unlawful government data collection and challenge license plate and face surveillance in our communities. We shape AI law and policy to protect civil liberties and support creativity and innovation. We push companies to strengthen encryption, fight to ensure you have the right to own what you buy, and build public interest technologies like Privacy Badger and Certbot that millions of people rely on every day. This work matters because it all answers the same question: Will technology empower or control us?

Major battles the executive director sees on the horizon"
  • "Challenge increasingly sophisticated government and corporate surveillance systems that endanger our rights, democracy, safety and security."
  • "Preserve strong encryption and online anonymity."
  • "Ensure AI is developed and used in ways that respect fundamental rights and works for those who build it, use it, and are affected by it."
  • "Confront the concentrations of power that limit access to new creativity and defend the rights of developers to build and innovate."

"To meet these challenges, we must not only utilize the powerful levers of successful litigation, smart policy interventions, and effective public interest technology tools. We must also build a broader movement that recognizes that fights on the digital terrain are integral to all our fights for rights and justice... Together, our EFF community can help broaden the public conversation about technology's role in society and continue building the collective power necessary to shape the future rather than react to it....

"I'm looking forward to meeting more of you at my first EFFecting Change livestream on August 12 with Cory Doctorow, and hope this conversation is just the beginning of finding new ways to work together..."

The blog post ends by noting that "We need you and others in the fight. Please renew your membership, become a recurring monthly supporter, and introduce someone new to EFF by snagging them a gift membership.

"Everything we accomplish — every lawsuit, every policy victory, every public interest technology tool, every campaign — is possible because people like you are committed to ensuring technology strengthens freedom, privacy, creativity, and opportunity for everyone.

"The future we want and need will be built by people and movements working together to ensure technology empowers rather than oppresses.

"Let's build that future together."

Facebook

Meta Says US States Seek $1.4 Trillion In Penalties In August's Youth Safety Trial (yahoo.com) 29

Meta "said in a court filing on Monday that four states were seeking $1.4 trillion in penalties," reports Reuters, "over accusations the company designed its Facebook and Instagram platforms to addict young users and misled the public about their safety." Meta put forward the figure in its response to the attorneys general's filings on how penalties should be calculated if the states prevailed at trial. The number, which has not previously been disclosed and is close to Meta's market capitalization of around $1.5 trillion, comes ahead of an August trial in Oakland, California, over the claims brought by California, Colorado, Kentucky and New Jersey against the company. Meta said the amount was unsupported by the evidence. "A sanction of that size has no analog in the history of consumer protection enforcement," the company said in the filing. "The plaintiffs' outlandish calculations have no basis in fact or law," the company said in a statement, adding that it would continue to defend itself against the states' demands.

A spokesperson for California Attorney General Rob Bonta said in a statement the lawsuit "alleges Meta has prioritized profits over the safety of kids and fueled the mental health crisis we see impacting a generation of American children. The California Department of Justice looks forward to holding Meta fully accountable at trial in August...."

Meta has denied the allegations, saying the attorneys general have no evidence it misled consumers about its platforms' alleged addictiveness because "social media addiction" is not an established psychiatric condition, and therefore statements that its platforms were not addictive could not be false... Last month, [U.S. District Judge] Rogers rejected Meta's bid to cancel the trial, saying there remained factual disputes over whether its social media platforms were addictive, whether Meta falsely denied it designed them that way, and whether it "partially" directed the platforms at children.

"A further 14 states have brought claims under their own laws, which will be heard at a separate trial in February..."

Thanks to Slashdot reader Sparkatron for sharing the article.
Privacy

How Flock Cameras Wrongly Tracked a Journalist for Days, Then Sent Police to Arrest Him (thedrive.com) 86

"Are you armed?!" the police officer screamed. "Get out of the car!"

A writer for the car-news site The Drive describes how "a technological chain linking surveillance cameras, AI, and law enforcement... led to me and my wife being surrounded by police, hands on their guns, in a Kohl's parking lot in suburban Minnesota." After dropping off our Amazon returns, we'd just gotten back in the Range Rover and reversed maybe two feet out of the spot when four cop cars came flying out of nowhere and boxed us in... The Plymouth Police Department had been tracking me for days using Flock license plate cameras, waiting for the right moment to strike, because they thought I'd stolen the Range Rover. And the reason I was ID'd as a dangerous car thief was a simple data error made 2,000 miles away in California, creating an edge case within an edge case that Flock's AI camera network was unable to handle... "The plates on this car are stolen," Officer Ganshyn said...

This made absolutely no sense. Car companies keep meticulous track of the fleets they loan out to the media. The vehicles all have special manufacturer or dealer plates that are logged every time one enters or exits... The New Jersey plates that were allegedly stolen from the LA dealer were 34 03 DTM, not 34 10 DTM. But when the police report was created and the plate was entered into Flock's system, it was just recorded as 34 DTM. Just the five large characters, no little number in the middle...

Flock's AI tech wasn't registering that non-standard little number when it began picking up the Range Rover around town... I connected the final dot. A lot of vehicles in [Range Rover manufacturer] JLR's media fleet have a New Jersey manufacturer plate with the same alphanumeric structure — 34 ## DTM — and Officer Ganshyn observed that meant it was now a nationwide issue. Anywhere a police department has a partnership with Flock, any other JLR-owned car with the same plate structure is going to get flagged as stolen. In fact, four other 34 ## DTM cars were being tracked around Minnesota that week, according to Officer Ganshyn. I was just the first one to get nabbed.

The only way to stop it would be for the LAPD to correct their initial report and update Flock's system, which Jaguar Land Rover was now racing to make happen following the phone call. Still, he warned me to drive straight home, park the Range Rover, and leave it there. If I were to cross into the neighboring town, I'd probably get flagged again and go through this entire ordeal again with a different set of officers. His parting words were ominous: "You're lucky we're in Plymouth. If you were in Minneapolis, they definitely would've come at you with guns drawn."

Ironically, even the original license plate wasn't stolen either, the article points out. It was reported misplaced during a Los Angeles photo shoot, and "The corporation had to report the plate as lost to law enforcement," according to the police report — and even then, the plate "was reported as NJ 34DTM instead of NJ 3403DTM."

The author's conclusion? "Once these systems have you in their crosshairs, there's pretty much only one way it can go... A simple data-entry error, magnified and broadcast nationwide by a growing surveillance network operated through an opaque partnership between a private company and public agencies, led police to identify me as a car thief and set up a sting to take me down. I mean, they even had a drone flying overhead during the 'bust'...

"Thank God our kids weren't with us."

Thanks to long-time Slashdot reader sinij for sharing the article.
The Courts

Apple Sues OpenAI, Accusing It of Stealing Company Secrets (nytimes.com) 42

An anonymous reader quotes a report from The New York Times: Apple on Friday accused OpenAI of stealing secrets about products still in development, setting up a legal face-off between two of the world's biggest tech companies. In a lawsuit filed in U.S. District Court for the Northern District of California, the consumer tech giant said that OpenAI, a leader in artificial intelligence that has a new hardware business, had asked job candidates from Apple to share details about secret projects and to bring device components and prototypes to their interviews. Apple also accused an OpenAI employee of downloading internal documents from a laptop owned by the iPhone maker. OpenAI used the confidential information to approach Apple's manufacturing partners, including asking one partner to demonstrate Apple's technique for finishing metal on its devices, the lawsuit says. Apple sent a letter to OpenAI in February to raise concerns that confidential information could be "making its way to OpenAI's business improperly," according to the suit. OpenAI did not respond, Apple said. "OpenAI's nascent hardware business now rests on the shakiest of foundations, rotten to its core by its illegal reliance on misappropriated trade secrets," Apple wrote in its lawsuit.

[...] In its lawsuit Friday, Apple accused Tang Tan, OpenAI's chief hardware officer and a former Apple executive, of coaching his hires from Apple on how to evade Apple's security processes for departing employees. Apple accused another former employee, Chang Liu, of using a former colleague's Apple-owned laptop to access and download technical documents while working at OpenAI. Mr. Liu told that Apple employee what information about unannounced products she should study before job interviews, Apple said. Mr. Liu also planned to access internal documents through an Apple-owned laptop that he didn't return when he left the company, according to the lawsuit. OpenAI had misled the manufacturing company it approached to learn about the metal finishing technique to believe it had Apple's permission to view it, according to the lawsuit. Apple is seeking an injunction that would prevent OpenAI from possessing, using or sharing Apple's trade secrets, as well as an order requiring OpenAI to return Apple's intellectual property.

Transportation

Feds Demand Autonomous Vehicle Companies Stop Interfering With First Responders 82

NHTSA is ordering autonomous vehicle developers to explain by the end of the month how they will stop driverless cars from interfering with police, firefighters, and paramedics. TechCrunch reports: [NHTSA Administrator Jonathan Morrison] noted in the letter (PDF) that the agency has "identified a clear pattern of driverless AVs interfering with law enforcement and other first responders," citing instances in which these vehicles drove into active emergency scenes, blocked the paths of ambulances and firefighters, or failed to recognize and respond to basic safety conditions like flashing lights, flares, smoke, fire, and traffic cones. The agency has demanded that AV developers present their "solutions" to this problem by the end of the month.

"Let me be clear: the inability to detect and appropriately respond to such situations represents a functional insufficiency," Morrison's letter reads. "Emergency scenes are not rare or extreme 'edge cases.' As such, NHTSA is today issuing a call to action for AV developers and operators to immediately focus their resources on fixing this issue." The agency doesn't explicitly call out any particular company in the letter; however, the details suggest it is directed at robotaxi operators like Waymo.

[...] The agency's letter to AV developers doesn't say what the consequences would be if the request is ignored. Nor does it outline what the acceptable solutions would be. But the agency does imply it would hold companies accountable, just as it does human drivers who impede law enforcement. "Every second matters when law enforcement officers, firefighters, or paramedics are answering a call because lives are on the line," the letter states. "That is why human drivers who impede these operations are subject to fines and even jail time."

The agency also noted in a press release accompanying the letter that it's making progress on updating Federal Motor Vehicle Safety Standards (FMVSS) requirements, which govern vehicle design and equipment requirements. These proposed changes could help autonomous vehicle companies like Tesla and Zoox, which are developing vehicles without steering wheels, pedals, or other features required on human-driven cars. The agency has already proposed rules that would eliminate the need for windshield wipers, sun visors, defogging systems, and tire placards. The agency released a new 2026 Regulatory Plan and Unified Agenda last week, outlining its proposals.
United States

NYC To Become First In US To Ban Deceptive Subscription Practices (theguardian.com) 36

On October 1st, New York City will become the first U.S. city to ban deceptive subscription practices, requiring companies to offer simple cancellation options or face fines of $525 per user subscription, back fees, and additional penalties. The Mamdani administration is also proposing a junk-fee rule requiring sellers, landlords, hotels, and other businesses to "advertise the total price for any good or service, including all mandatory additional charges and fees, up front." The Guardian reports: "People shouldn't have to wait on hold for half an hour or send a certified letter or show up to a store in person in order to cancel" a subscription, said Samuel AA Levine, the city's commissioner of consumer and worker protection, in an interview. The new measures are expected to be announced in a press conference on Friday morning.

The proposed fee rule could have an especially wide impact, sending ripples through New York's expensive housing market, where about 70% of residents rent. Apartment renters in the US face a rising tide of add-on fees such as "boiler management" and "lifestyle" charges from management companies, which make true rental costs hundreds of dollars higher than the price stated on real-estate company websites.

If the proposed renters rule passes after public comment and hearing, any mandatory fees, including annual ones, would need to be included in the stated monthly rental price, Levine said. The current situation creates "a scenario where rather than competing on price, companies are competing on their ability to hide the true price. That's the worst kind of incentive" -- and one that deeply distorts the market, Levine said.

Patents

Meta Patents AI Device That Tracks Your Emotions, Watches You Take Your Meds (404media.co) 51

An anonymous reader quotes a report from 404 Media: Meta has filed a patent for a system that records your voice and surroundings all day, then uses an AI to analyse your mood. The patent's stated, theoretical goal is for Meta, a company that makes billions of dollars targeting ads at its users based on their data, is to sell users a wearable that tailors workouts for them based on whether they're happy or sad. Patentlyze first noticed the patent which was published on July 2 after Meta filed it back in December of 2025. The filing described an "apparatus" that surveilled a user and their surroundings constantly to craft a better workout. "The audible communications may be associated with contextual factors such as time of day, location, user activity, or digital interaction," the patent said. "The audible communications may be transcribed, and an emotional-state machine learning model may interpret verbal and nonverbal cues to determine emotional indicators."

According to the filing, Meta needs to know when a user laughs or sighs, where they are physically, and what objects they're surrounded by. It would even like to know when you've taken your meds. "The AI assistant may listen to a user(s) at predefined times to hear various types of communication, such as sighs, laughter, and/or the tone(s) of a voice(s)," the patent said. "The AI assistant may use these inputs to quantify the user's emotional state or generate other insights about the user [...] in another example, the AI assistant may take multiple inputs in in addition to audio inputs (e.g., of a user's voice) to provide a summary of emotional trends based on various inputs (e.g., a happier emotional state associated with a particular time of day or at a time when medication is taken, etc.)." The more data it has, the patent explains, the better it could understand a user's moods. "The system increases the precision and reliability of emotional inference by aligning multimodal sensor inputs on synchronized timelines, which creates a novel data structure that supports richer emotional analysis," it said. "These combined features deliver a technical improvement in automated audio interpretation, enabling continuous emotional monitoring on everyday devices."

The emotional-analyzing AI would need far more than just a user's words to determine moods over time. A longer description of the hypothetical training data for the AI included "attributes of thousands of objects" such as a user's books, personal messages, and newspapers. "In some examples, audible communications may include speech (e.g., voice data), sighs, laughter, or other nonverbal sounds associated with an expression(s), an emotion(s), or ideas. In some examples, the audible communications may include the tone(s) of a voice of a user while making the communication(s)," it said. All this data, Meta says, would be in service of tailoring better workouts. Humans, the patent explained, are simply not as good as a machine for this. "Personal trainers cannot provide the level of precision in guidance, such as correcting a pose and/or body movement," it said. "These challenges create a need for a practical approach that uses a single device to observe movement, recommend routines, and provide corrective guidance."
"Like other companies, patents at Meta are often filed to disclose concepts that may or may not be implemented, and a granted patent does not guarantee that Meta has pursued or will pursue the technology described," the company said in a statement.
Government

US Food and Drug Administration Rejects Petition To Set PFAS Limits In Food (theguardian.com) 120

An anonymous reader quotes a report from The Guardian: The US Food and Drug Administration has rejected a legal petition demanding it set limits on toxic Pfas "forever chemicals" in food, marking another setback for public health advocates' push to limit exposures to the dangerous compounds. The agency is refusing to set limits despite a growing body of science and the Environmental Protection Agency (EPA) finding food is the biggest source of Pfas exposure. Testing has found the levels of Pfas in single servings of some contaminated foods to be equivalent to drinking many glasses of contaminated water.

While regulators have focused on reining in Pfas in water, the chemicals are widely used throughout the food system, and there was hope that the agency under Robert F Kennedy Jr would take the threat more seriously. Kennedy leads the "make America healthy again" (Maha) movement, of which eliminating toxic chemicals from food is a cornerstone. [...] The November 2023 petition called on the FDA to check for up to 30 Pfas compounds in a range of produce, fish, eggs, milk and bread. The agency did not respond within the six-month timeframe required by law, but TEJTF scaled back its petition in 2025 to ask the agency to set advisory thresholds for PFOA and Pfos, two of the most common and dangerous Pfas compounds, in seafood and milk.

Recent FDA testing found 70% of seafood samples contain the chemicals, while independent milk testing found it in 12% of 50 samples, including extremely high levels in Whole Foods and Kirkland Signature brands. The FDA rejected the revised petition, stating it plans to take action on setting standards for Pfas, and there is "insufficient evidence to support [TEJTF's] request." The agency said it plans to set less non-binding "action levels" that do not require contaminated food to be removed from shelves. "Tolerance levels," or limits, make it illegal to sell food contaminated beyond a set threshold.

The Courts

John Deere Agrees To 10-Year Right-To-Repair Deal In FTC Antitrust Lawsuit (wired.com) 82

John Deere has agreed to a 10-year FTC-supervised right-to-repair settlement requiring it to provide farmers and independent repair shops with the same repair resources available to authorized dealers. The deal resolves antitrust claims from the FTC and five states alleging Deere monopolized equipment repair services, contributing to higher costs and delays for farmers. Wired reports: The full statement (PDF) lays out obligations for John Deere's repair services, requiring the company to give farmers and third-party repair shops access to the same equipment and repair resources it provides to official John Deere dealers. This includes software capabilities, such as reading and resetting codes and pairing with other software, which customers have long had limited access to, creating delays when diagnosing equipment problems. Delayed fixes can mean delayed harvests, which many farmers saw as a fundamental threat to their livelihoods.

Under the agreement, John Deere will be required to provide this level of access, equipment, and services for the next 10 years, monitored by the FTC. [...] John Deere has maintained that it already has robust repair resources for its customers, including service manuals and diagnostic equipment. In John Deere's press release, the company says the settlement is in line with what it has been doing all along, saying that "the agreement reinforces Deere's continued innovation toward more flexible repair options, emphasizing increased access and transparency for customers. It formalizes Deere's ongoing commitment to expanding access to diagnostic and repair tools."

Privacy

Meta's Glasses Will Turn Off the Camera If You Tamper With the Privacy Light (theverge.com) 71

Meta is rolling out an update that will disable the camera on its smart glasses if the device detects that someone has tampered with or destroyed the privacy LED. "The update is meant to address modders who have taken actions such as physically drilling into the LED light," reports The Verge.

"Meta has previously tried to discourage tampering with the LED light. For example, starting with its second generation glasses, blocking the light with tape or other objects will trigger a prompt asking users to uncover the recording light. However, many modders have found various workarounds for that particular measure."
EU

Apple Loses EU Fight Over App Store Gatekeeper Label (macrumors.com) 64

Europe's General Court dismissed Apple's challenge to the EU's designation of its App Stores and iOS as "gatekeepers" under the Digital Markets Act. The ruling means Apple remains subject to DMA obligations requiring it to allow alternative app stores, support interoperability with rival services, and avoid favoring its own services over competitors. MacRumors reports: Apple took its case to Luxembourg's General Court in 2024 after the European Commission designated its five App Stores -- on the iPhone, iPad, Mac, Apple TV, and Apple Watch -- as a single core platform service under the Digital Markets Act (DMA), a label that brings with it a set of strict obligations. Designated "gatekeepers" are prohibited from favoring their own services over those of rivals, and are prevented from combining personal data across different services. They also have to give users the option to use alternative app stores.

Apple also challenged the EU's designation of iOS as a gateway platform, a status that requires the operating system allows rival services to interoperate with it. The company also disputed the classification of iMessage as a number-independent interpersonal communications service, or NIICS, which would subject the app to EU telecoms rules. But the General Court said Apple's actions regarding the iMessage service are inadmissible.

Government

FCC To End Biden-Era Rule That Forces ISPs To List All Their Fees (arstechnica.com) 123

The FCC plans to roll back broadband label rules that require ISPs to itemize all passthrough fees. Under the proposal, providers could instead list a single "up to" amount for location-based charges. It would also allow ISPs to link to pricing labels rather than display them prominently, while eliminating machine-readable pricing files. Ars Technica reports: ISPs routinely advertise prices much lower than those actually charged to consumers on their monthly bills. One method of raising monthly bill prices above advertised rates is to tack on fees that, ISPs claim, are used to offset charges imposed by local governments. ISPs would be well within their rights to advertise accurate monthly prices and charge those exact prices on monthly bills. But because ISPs rarely do that, the FCC has required them to make specific price disclosures to consumers for the past decade. The Biden-era FCC updated the broadband-label rules to require that ISPs "itemize on the label (PDF) all discretionary monthly fees that the provider passes through to the consumer." The change drew protest from Comcast and other ISPs that complained bitterly about the complexity of listing all the hidden fees they had chosen to charge.

Under Chairman Brendan Carr, the Trump FCC has steadily whittled away at requirements imposed under Democrats. An order (PDF) released in draft form last week would eliminate the requirement to itemize passthrough fees and let ISPs list them in a single "up to" amount. The "up to" amount can include both government fees and fees charged by non-government entities such as owners of utility poles. "Rather than continuing to require providers to itemize 'passthrough fees' that can vary by location, we allow providers to display such fees in the aggregate, either as a maximum or 'up to' amount for the total fees applicable in any location where the service plan is offered, or as the exact total of such fees assessed in a particular location," the FCC draft order said.

The order to be voted on later this month includes a few other changes that will please ISPs and their lobby groups. ISPs will be allowed to provide links to price labels instead of displaying the full labels prominently on ordering pages and account portals, and will be allowed to stop making the price-label information available in machine-readable spreadsheets. The FCC is also relaxing the requirement that price information be available over the phone. The FCC said the change will "allow phone sales representatives to present label information conversationally, as a summary of key label fields, rather than require verbatim recitation."

The changes have been in the works since October 2025, when the FCC issued a Notice of Proposed Rulemaking to let the public submit comments on the proposals. The outcome of that process is the draft order, which will be voted on at the FCC's July 22 meeting and take effect 30 days after it is published in the Federal Register. There are many types of passthrough fees that ISPs will be able to stop listing individually and roll into the "up to" amount. The FCC defined the fees as follows, saying they include just about anything that isn't a tax [...]. Another planned change will eliminate a requirement that providers archive all labels for at least two years after a service plan is no longer available. The Utility Reform Network, an advocacy group, told the FCC that the archived labels provide crucial data about how prices and services change over time, and that machine-readable labels are important for affordability research and information accessibility.

Privacy

Microsoft Can Track Users Via a Windows Device ID (pcmag.com) 55

A criminal complaint against alleged Scattered Spider member Peter Stokes revealed that Microsoft can associate Windows activity with a persistent "Global Device ID," which investigators used to link his PC to online activity connected to a hack. While unique device IDs are common, the case has raised privacy concerns because the identifier can apparently persist across updates, has no simple opt-out, and may allow Microsoft to connect a Windows installation to activity on third-party services. PCMag reports: Last week, the U.S. announced it had extradited 19-year-old Peter Stokes from Europe for allegedly being a member of the notorious hacking group Scattered Spider. But the case stands out because Microsoft played a key role in linking Stokes to the suspected hacking crimes, according to an unsealed criminal complaint. Stokes allegedly hacked an unnamed luxury jewelry retailer in May 2025 while using a VPN. The 39-page criminal complaint shows the FBI used Microsoft records to discover that his IP address was associated with a Microsoft device identifier known as Global Device ID (GDID).

"According to a Microsoft representative, a Global Device Identifier in the Windows ecosystem is a persistent, device-level identifier designed to uniquely identify an installation of a Windows operating system on a device, either a physical device (e.g., a mobile phone or laptop) or virtual machine, across certain Microsoft services and scenarios," the complaint explains. The global device ID isn't exactly surprising, given that it's standard practice to assign a unique ID to each account or device so a tech provider can recognize and distinguish between them. But the complaint reveals Microsoft can associate the GDID with third-party services and the timing as well, giving Redmond a way to theoretically track a user's online activity. In other words, Redmond might be able to track the online activity of your Windows PC without third-party browser cookies.

Stokes was discovered exploiting a web development tool called ngrok to bypass the jewelry retailer's network defenses. The complaint says Microsoft had records showing that on May 12, 2025, at 19:21 UTC, the GDID associated with Stokes' computer "accessed, among other ngrok pages, 'https://dashboard[.]ngrok.com/signup,' the ngrok page to set up an ngrok account." The document adds that Microsoft records also showed the GDID accessing "multiple sites" from servers at Tzulo, a web hosting provider, to help pull off the hack. Hence, the fact that federal investigators used the Microsoft identifier to nab a suspected hacker is raising concerns that it could be abused for other surveillance purposes. "Microsoft Windows is surveillance software," cybersecurity expert Matthew Hickey alleged in a tweet.

Government

US Cyber Agency Is Using Anthropic's Mythos To Audit Government Code (yahoo.com) 20

CISA is reportedly using Anthropic's Mythos model to scan government code repositories for security vulnerabilities, with sources saying the audits have already found numerous bugs. Reuters reports: The scanning is being done by CISA's Attack Surface Evaluation team, according to one of the sources. The team is a group within CISA that conducts digital security assessments and hacking exercises across government. Two of the sources said the audits had already uncovered a large number of vulnerabilities but did not elaborate. Reuters could not establish exactly how much government code the team had gone through or the nature or severity of the bugs it discovered.

[...] The National Security Agency, the U.S. government's powerful eavesdropping agency, has been using Mythos as far back as April despite the blacklist, Axios has reported. Late last month, the New York Times said that NSA analysts had been testing Mythos in classified settings and coming away impressed with its capabilities. But when Anthropic rolled out a public version of Mythos called Fable, which included what it described as cybersecurity safeguards, the White House suddenly demanded that it ban foreigners from running it. This triggered a global shutdown of the model that was lifted only last week.

Slashdot Top Deals