An anonymous reader quotes a report from Ars Technica: Legislation to restore net neutrality rules now has 180 supporters in the U.S. House of Representatives, but that's 38 votes short of the amount needed before the end of the month. The Congressional Review Act (CRA) resolution, already approved by the Senate, would reverse the Federal Communications Commission's repeal of net neutrality rules. But 218 signatures from U.S. representatives (a majority) are needed to force a full vote in the House before Congress adjourns at the end of the year.

Net neutrality advocates previously said they needed 218 signatures by December 10 to force a vote. But an extension of Congress' session provided a little more time. "[Now that the Congressional session has officially been extended, members of Congress could be in town as late as December 21st," net neutrality advocacy group Fight for the Future wrote yesterday. "This means we have until the end of the year to get as many lawmakers as possible signed on to restore net neutrality." A discharge petition that would force a vote on the CRA resolution gained three new supports in the past two weeks, but even if all Democrats were on board it still wouldn't be enough to force a vote. Republicans have a 236-197 House majority, and only one House Republican has signed the petition.

After investigating claims that its employees are taking bribes to sell internal data to merchants to help them increase their sales on the site, Amazon has reportedly fired several employees involved in the scams. The Wall Street Journal reports that Amazon let go of several workers in the U.S. and India who allegedly inappropriately accessed company data that disreputable merchants had misused. The Hill reports: Amazon is focusing its internal bribery investigation on India, a person familiar with the effort told the paper. Some employees in India and China working as customer support have said that their access to an internal database that allows them to find data about specific product performance or trending keywords has been dramatically limited. Amazon has also deleted thousand of suspect reviews, restricted sellers' access to customer data on its platform, and quashed some methods to force the site to bring up certain products higher in search results, the people told the Journal. "We have strict policies and a Code of Business Conduct & Ethics in place for our employees. We implement sophisticated systems to restrict and audit access to information," the company wrote. "We hold our employees to a high ethical standard and anyone in violation of our Code faces discipline, including termination and potential legal and criminal penalties."

"In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them, including terminating their selling accounts, deleting reviews, withholding funds, and taking legal action," Amazon added.

An anonymous reader quotes a report from TechCrunch: Google CEO Sundar Pichai thinks Android users have a good understanding of the volume of data Google collects on them, when they agree to use the Android mobile operating system. The exec, who is testifying today in front of the House Judiciary committee for a hearing entitled "Transparency & Accountability: Examining Google and its Data Collection, Use and Filtering Practices," claimed that users are in control of the information Google has on them. "For Google services, you have a choice of what information is collected, and we make it transparent," Pichai said in response to questioning from Chairman of the House Judiciary Committee Rep. Bob Goodlatte (R-VA).

Google's defense on the data collection front is similar to Facebook's -- that is, Pichai responded that Google provides tools that put users in control. But do they actually use them? "It's really important for us that average users are able to understand it," said Pichai, stating that users do understand the user agreement for Android OS. "We actually ... remind users to do a privacy checkup, and we make it very obvious every month. In fact, in the last 28 days, 160 million users went to their My Account settings, where they can clearly see what information we have -- we actually show it back to them. We give clear toggles, by category, where they can decide whether that information is collected, stored, or -- more importantly -- if they decide to stop using it, we work hard to make it possible for users to take their data with them," he said. When asked if Google could improve its user dashboard and tools to better teach people how to protect their privacy, including turning off data collection and location tracking, Pichai said "there's complexity," but it is "something I do think we can do better." He continued: "We want to simplify it, and make it easier for average users to navigate these settings. It's something we are working on."

A judge in Vancouver, British Columbia, has set a $7.5 million U.S. bail for Huawei CFO Meng Wanzhou, who was arrested last week on suspicion of violating U.S. trade sanctions against Iran. "The United States had asked the Vancouver court to deny bail for Meng, whose father is a billionaire and a founder of Huawei, calling her a flight risk," reports CNBC. From the report: Canada has been expected to extradite Meng to the United States over charges that the company improperly took payments from Iran in violation of sanctions against the country. Meng's next moves will be closely watched, but it is likely with her corporate and family connections that she will be able to make bail. The $10 million CAD ($7.5 million USD) includes $7 million CAD ($5.2 million USD) cash and $3 million CAD ($2.2 million USD) more from five or more guarantors, presented by Meng and her attorney's as sureties that she would remain in the country. As conditions of the bail agreement, Meng must surrender her passports, wear a GPS tracking device and be accompanied by security detail whenever she leaves her residence.

The Department of Homeland Security's internal watchdog, known as the Office of the Inspector General (OIG) found that the majority of U.S. Customs and Border Protection (CBP) agents fail to delete the personal data they collect from travelers' devices. Last year alone, border agents searched through the electronic devices of more than 29,000 travelers coming into the country. "CBP officers sometimes upload personal data from those devices to Homeland Security servers by first transferring that data onto USB drives -- drives that are supposed to be deleted after every use," Gizmodo reports. From the report: Customs officials can conduct two kinds of electronic device searches at the border for anyone entering the country. The first is called a "basic" or "manual" search and involves the officer visually going through your phone, your computer or your tablet without transferring any data. The second is called an "advanced search" and allows the officer to transfer data from your device to DHS servers for inspection by running that data through its own software. Both searches are legal and don't require a warrant or even probable cause -- at least they don't according to DHS. It's that second kind of search, the "advanced" kind, where CBP has really been messing up and regularly leaving the personal data of travelers on USB drives.

According to the new report [PDF]: "[The Office of the Inspector General] physically inspected thumb drives at five ports of entry. At three of the five ports, we found thumb drives that contained information copied from past advanced searches, meaning the information had not been deleted after the searches were completed. Based on our physical inspection, as well as the lack of a written policy, it appears [Office of Field Operations] has not universally implemented the requirement to delete copied information, increasing the risk of unauthorized disclosure of travelers' data should thumb drives be lost or stolen." The report also found that Customs officers "regularly failed to disconnect devices from the internet, potentially tainting any findings stored locally on the device." It also found that the officers had "inadequate supervision" to make sure they were following the rules. There's also a number of concerning redactions. For example, everything from what happens during an advanced search after someone crosses the border to the reason officials are allowed to conduct an advanced search at all has been redacted.

ESET researchers have discovered a new Android Trojan using a novel Accessibility-abusing technique that targets the official PayPal app, and is capable of bypassing PayPal's two-factor authentication. A report elaborates: At the time of writing, the malware is masquerading as a battery optimization tool, and is distributed via third-party app stores. After being launched, the malicious app terminates without offering any functionality and hides its icon. This video, courtesy of ESET, demonstrates the process in practice.

An anonymous reader quotes a report from the BBC: A panel of censors set up to vet mobile video games in China has signaled it will be hard to please. State media reports that of the first 20 titles it assessed, nine were refused permission to go on sale. The Xinhua news agency added that developers of the other 11 had been told they had to make adjustments to remove "controversial content." The authorities have voiced concerns about the violent nature of some titles as well as worries about the activity being addictive.

It was announced in August that a new body -- the State Administration of Press and Publications -- had taken over responsibility for approving games and that it would limit the number of online titles available. And although it has not been specified, some experts are assuming that the new panel will operate under its auspices. Xinhua said it is comprised of gaming experts, government-employed researchers, and representatives from the media and video games industry. But it provided no other information about who they were or the titles they had already examined. UPDATE: The list of games being examined by the ethics panel has been revealed by users on NGA, a Chinese gaming forum. A number of games, such as League of Legends, Overwatch, Diablo, and World of Warcraft, will need "corrective action," while others will be "banned/withdrawn" entirely. Some of the most popular prohibited titles include Fortnite and PlayerUnknown's Battlegrounds (PUBG).

Facebook has filed several patent applications with the U.S. Patent and Trademark Office for technology that uses your location data to predict where you're going and when you're going to be offline. BuzzFeed News reports: A May 30, 2017, Facebook application titled "Offline Trajectories" describes a method to predict where you'll go next based on your location data. The technology described in the patent would calculate a "transition probability based at least in part on previously logged location data associated with a plurality of users who were at the current location." In other words, the technology could also use the data of other people you know, as well as that of strangers, to make predictions. If the company could predict when you are about to be in an offline area, Facebook content "may be prefetched so that the user may have access to content during the period where there is a lack of connectivity."

Another Facebook patent application titled "Location Prediction Using Wireless Signals on Online Social Networks" describes how tracking the strength of Wi-Fi, Bluetooth, cellular, and near-field communication (NFC) signals could be used to estimate your current location, in order to anticipate where you will go next. This "background signal" information is used as an alternative to GPS because, as the patent describes, it may provide "the advantage of more accurately or precisely determining a geographic location of a user." The technology could learn the category of your current location (e.g., bar or gym), the time of your visit to the location, the hours that entity is open, and the popular hours of the entity.

Yet another Facebook patent application, "Predicting Locations and Movements of Users Based on Historical Locations for Users of an Online System," further details how location data from multiple people would be used to glean location and movement trends and to model location chains. According to the patent application, these could be used for a "variety of applications," including "advertising to users based on locations and for providing insights into the movements of users." The technology could even differentiate movement trends among people who live in a city and who are just visiting a city. A Facebook spokesperson said in a statement: "We often seek patents for technology we never implement, and patent applications -- such as this one -- should not be taken as an indication of future plans."