At a Senate hearing, grieving parents testified that companion chatbots from major tech companies encouraged their children toward self-harm, suicide, and violence. One mom even claimed that Character.AI tried to "silence" her by forcing her into arbitration. Ars Technica reports: At the Senate Judiciary Committee's Subcommittee on Crime and Counterterrorism hearing, one mom, identified as "Jane Doe," shared her son's story for the first time publicly after suing Character.AI. She explained that she had four kids, including a son with autism who wasn't allowed on social media but found C.AI's app -- which was previously marketed to kids under 12 and let them talk to bots branded as celebrities, like Billie Eilish -- and quickly became unrecognizable. Within months, he "developed abuse-like behaviors and paranoia, daily panic attacks, isolation, self-harm, and homicidal thoughts," his mom testified.

"He stopped eating and bathing," Doe said. "He lost 20 pounds. He withdrew from our family. He would yell and scream and swear at us, which he never did that before, and one day he cut his arm open with a knife in front of his siblings and me." It wasn't until her son attacked her for taking away his phone that Doe found her son's C.AI chat logs, which she said showed he'd been exposed to sexual exploitation (including interactions that "mimicked incest"), emotional abuse, and manipulation. Setting screen time limits didn't stop her son's spiral into violence and self-harm, Doe said. In fact, the chatbot urged her son that killing his parents "would be an understandable response" to them.

"When I discovered the chatbot conversations on his phone, I felt like I had been punched in the throat and the wind had been knocked out of me," Doe said. "The chatbot -- or really in my mind the people programming it -- encouraged my son to mutilate himself, then blamed us, and convinced [him] not to seek help." All her children have been traumatized by the experience, Doe told Senators, and her son was diagnosed as at suicide risk and had to be moved to a residential treatment center, requiring "constant monitoring to keep him alive." Prioritizing her son's health, Doe did not immediately seek to fight C.AI to force changes, but another mom's story -- Megan Garcia, whose son Sewell died by suicide after C.AI bots repeatedly encouraged suicidal ideation -- gave Doe courage to seek accountability.

However, Doe claimed that C.AI tried to "silence" her by forcing her into arbitration. C.AI argued that because her son signed up for the service at the age of 15, it bound her to the platform's terms. That move might have ensured the chatbot maker only faced a maximum liability of $100 for the alleged harms, Doe told senators, but "once they forced arbitration, they refused to participate," Doe said. Doe suspected that C.AI's alleged tactics to frustrate arbitration were designed to keep her son's story out of the public view. And after she refused to give up, she claimed that C.AI "re-traumatized" her son by compelling him to give a deposition "while he is in a mental health institution" and "against the advice of the mental health team." "This company had no concern for his well-being," Doe testified. "They have silenced us the way abusers silence victims." A Character.AI spokesperson told Ars that C.AI sends "our deepest sympathies" to concerned parents and their families but denies pushing for a maximum payout of $100 in Jane Doe's case. C.AI never "made an offer to Jane Doe of $100 or ever asserted that liability in Jane Doe's case is limited to $100," the spokesperson said.

One of Doe's lawyers backed up her clients' testimony, citing C.AI terms that suggested C.AI's liability was limited to either $100 or the amount that Doe's son paid for the service, whichever was greater.

An anonymous reader quotes a report from Polygon: The CEOs of Discord, Steam, Twitch, and Reddit have been called to Congress to testify about the "radicalization of online forum users" on those platforms, the House Oversight and Government Reform Committee announced Wednesday. "Congress has a duty to oversee the online platforms that radicals have used to advance political violence," said chairman of the House Oversight Committee James Comer, a Republican from Kentucky, in a statement. "To prevent future radicalization and violence, the CEOs of Discord, Steam, Twitch, and Reddit must appear before the Oversight Committee and explain what actions they will take to ensure their platforms are not exploited for nefarious purposes."

Letters from the House Oversight Committee have been sent to Humam Sakhnini, CEO of Discord; Gabe Newell, president of Steam maker Valve; Dan Clancy, CEO of Twitch; and Steve Huffman, CEO of Reddit, requesting their testimony on Oct. 8. "The hearing will examine radicalization of online forum users, including incidents of open incitement to commit violent politically motivated acts," Comer said in a letter to each CEO. [...] Discord, Steam, Twitch, and Reddit execs will have the chance to deliver five-minute opening statements prior to answering questions posed by members of the committee during October's testimony.

OpenAI is rolling out stricter safety measures for ChatGPT after lawsuits linked the chatbot to multiple suicides. "ChatGPT will now attempt to guess a user's age, and in some cases might require users to share an ID in order to verify that they are at least 18 years old," reports 404 Media. "We know this is a privacy compromise for adults but believe it is a worthy tradeoff," the company said in its announcement. "I don't expect that everyone will agree with these tradeoffs, but given the conflict it is important to explain our decisionmaking," OpenAI CEO Sam Altman said on X. From the report: OpenAI introduced parental controls to ChatGPT earlier in September, but has now introduced new, more strict and invasive security measures. In addition to attempting to guess or verify a user's age, ChatGPT will now also apply different rules to teens who are using the chatbot. "For example, ChatGPT will be trained not to do the above-mentioned flirtatious talk if asked, or engage in discussions about suicide of self-harm even in a creative writing setting," the announcement said. "And, if an under-18 user is having suicidal ideation, we will attempt to contact the users' parents and if unable, will contact the authorities in case of imminent harm."

OpenAI's post explains that it is struggling to manage an inherent problem with large language models that 404 Media has tracked for several years. ChatGPT used to be a far more restricted chatbot that would refuse to engage users on a wide variety of issues the company deemed dangerous or inappropriate. Competition from other models, especially locally hosted and so-called "uncensored" models, and a political shift to the right which sees many forms of content moderation as censorship, has caused OpenAI to loosen those restrictions.

"We want users to be able to use our tools in the way that they want, within very broad bounds of safety," Open AI said in its announcement. The position it seemed to have landed on given these recent stories about teen suicide, is that it wants to "'Treat our adult users like adults' is how we talk about this internally, extending freedom as far as possible without causing harm or undermining anyone else's freedom."

An anonymous reader quotes a report from Ars Technica: The companies seeking to build larger AI models have been increasingly stymied by a lack of high-quality training data. As tech firms scour the web for more data to feed their models, they could increasingly rely on potentially sensitive user data. A team at Google Research is exploring new techniques to make the resulting large language models (LLMs) less likely to 'memorize' any of that content. LLMs have non-deterministic outputs, meaning you can't exactly predict what they'll say. While the output varies even for identical inputs, models do sometimes regurgitate something from their training data -- if trained with personal data, the output could be a violation of user privacy. In the event copyrighted data makes it into training data (either accidentally or on purpose), its appearance in outputs can cause a different kind of headache for devs. Differential privacy can prevent such memorization by introducing calibrated noise during the training phase.

Adding differential privacy to a model comes with drawbacks in terms of accuracy and compute requirements. No one has bothered to figure out the degree to which that alters the scaling laws of AI models until now. The team worked from the assumption that model performance would be primarily affected by the noise-batch ratio, which compares the volume of randomized noise to the size of the original training data. By running experiments with varying model sizes and noise-batch ratios, the team established a basic understanding of differential privacy scaling laws, which is a balance between the compute budget, privacy budget, and data budget. In short, more noise leads to lower-quality outputs unless offset with a higher compute budget (FLOPs) or data budget (tokens). The paper details the scaling laws for private LLMs, which could help developers find an ideal noise-batch ratio to make a model more private. The work the team has done here has led to a new Google model called VaultGemma, its first open-weight model trained with differential privacy to minimize memorization risks. It's built on the older Gemma 2 foundation and sized at 1 billion parameters, which the company says performs comparably to non-private models of similar size.

It's available now from Hugging Face and Kaggle.

Bruce66423 shares a report from The Guardian: MI5 has conceded it "unlawfully" obtained the communications data of a former BBC journalist, in what was claimed to be an unprecedented admission from the security services. The BBC said it was a "matter of grave concern" that the agency had obtained communications data from the mobile phone of Vincent Kearney, a former BBC Northern Ireland home affairs correspondent. The admission came in a letter to the BBC and to Kearney, in relation to a tribunal examining claims that several reporters in Northern Ireland were subjected to unlawful scrutiny by the police. It related to work carried out by Kearney for a documentary into the independence of the Office of the Police Ombudsman for Northern Ireland (PONI). Kearney is now the northern editor at Irish broadcaster RTE.

In documents submitted to the Investigatory Powers Tribunal (IPT), MI5 conceded it obtained phone data from Kearney on two occasions in 2006 and 2009. Jude Bunting KC, representing Kearney and the BBC, told a hearing on Monday: "The MI5 now confirms publicly that in 2006 and 2009 MI5 obtained communications data in relation to Vincent Kearney." He said the security service accepted it had breached Kearney's rights under article 8 and article 10 of the European convention on human rights. They relate to the right to private correspondence and the right to impart information without interference from public authorities. "This appears to be the first time in any tribunal proceedings in which MI5 publicly accept interference with a journalist's communications data, and also publicly accept that they acted unlawfully in doing so," Bunting said. He claimed the concessions that it accessed the journalist's data represented "serious and sustained illegality on the part of MI5." Bruce66423 comments: "The good news is that it's come out. The bad news is that it has taken 16 years to do so. The interesting question is whether there will be any meaningful consequences for individuals within MI5; there's a nice charge of 'malfeasance in public office' that can be used to get such individuals into a criminal court. Or will the outcome be like that of when the CIA hacked the US Senate's computers, lied about it, and nothing happened?"

The FTC is investigating whether Ticketmaster is doing enough to prevent bots from illegally reselling tickets on its platform, with a decision on the matter coming within weeks, according to Bloomberg (paywalled). Reuters reports: The 2016 law prohibits the use of bots and other methods to bypass ticket purchase limits set by online sellers. As part of the probe, FTC investigators are assessing whether Ticketmaster has a financial incentive to allow resellers to circumvent its ticket limit rules, according to the report. A settlement is also possible, Bloomberg reported. If the FTC pursues a case and Live Nation loses, the company could face billions of dollars in penalties, as the law permits fines of up to $53,000 per violation.

The Internet Archive has reached a confidential settlement with Universal Music Group and other major labels, "ending a closely watched copyright battle over the nonprofit's effort to digitize and stream historic recordings," reports the San Francisco Chronicle. From the report: The case (PDF), UMG Recordings, Inc. v. Internet Archive, targeted the Archive's Great 78 Project, an initiative to digitize more than 400,000 fragile shellac records from the early 20th century. The collection includes music by artists such as Frank Sinatra, Ella Fitzgerald and Billie Holiday, and has been made available online for free public access. Record labels including Universal, Sony Music Entertainment and Capitol Records had sought $621 million in damages, arguing the Archive's streaming of these recordings constituted copyright infringement.

The Internet Archive, based in San Francisco's Richmond District, describes itself as a digital library dedicated to providing "universal access to all knowledge." Its director of library services, Chris Freeland, acknowledged the settlement in a brief statement. "The parties have reached a confidential resolution of all claims and will have no further public comment on this matter," he wrote.

404 Media: A data broker owned by the country's major airlines, including American Airlines, United and Delta, is selling access to five billion plane ticketing records to the government for warrantless searching and monitoring of peoples' movements, including by the FBI, Secret Service, ICE, and many other agencies, according to a new contract and other records reviewed by 404 Media.

The contract provides new insight into the scale of the sale of passengers' data by the Airlines Reporting Corporation (ARC), the airlines-owned data broker. The contract shows ARC's data includes information related to more than 270 carriers and is sourced through more than 12,800 travel agencies. ARC has previously told the government to not reveal to the public where this passenger data came from, which includes peoples' names, full flight itineraries, and financial details.

"Americans' privacy rights shouldn't depend on whether they bought their tickets directly from the airline or via a travel agency. ARC's sale of data to U.S. government agencies is yet another example of why Congress needs to close the data broker loophole by passing my bipartisan bill, the Fourth Amendment Is Not For Sale Act," Senator Ron Wyden told 404 Media in a statement.

A third of UK employers are using "bossware" technology to track workers' activity with the most common methods including monitoring emails and web browsing. From a report: Private companies are most likely to deploy in-work surveillance and one in seven employers are recording or reviewing screen activity, according to a UK-wide survey that estimates the extent of office snooping.

The findings, shared with the Guardian by the Chartered Management Institute (CMI), are based on responses from hundreds of UK managers and suggest there has been a recent growth in computerised work surveillance. In 2023, less than a fifth of people thought they were being monitored by an employer, the Information Commissioner's Office (ICO) found. The finding that about a third of managers report their organisations are monitoring workers' online activities on employer-owned devices is probably an underestimate, as roughly the same proportion said they don't know what tracking their organisations do.

Many monitoring systems are aimed at preventing insider threats and safeguarding sensitive information as well as detecting productivity dips. But the trend appears to be causing unease. A large minority of managers are opposed to the practice, saying it undermines trust with staff and invades their personal privacy, the CMI found.

"When residents of Equatorial Guinea's Annobón island wrote to the government in Malabo in July last year complaining about the dynamite explosions by a Moroccan construction company, they didn't expect the swift end to their internet access..." reports the Associated Press.

"Residents and activists said the company's dynamite explosions in open quarries and construction activities have been polluting their farmlands and water supply..." Dozens of the signatories and residents were imprisoned for nearly a year, while internet access to the small island has been cut off since then, according to several residents and rights groups. Local residents interviewed by The Associated Press left the island in the past months, citing fear for their lives and the difficulty of life without internet. Banking services have shut down, hospital services for emergencies have been brought to a halt and residents say they rack up phone bills they can't afford because cellphone calls are the only way to communicate...

The company's work on the island continues. Residents hoped to pressure authorities to improve the situation with their complaint in July last year. Instead, [the country's president] then deployed a repressive tactic now common in Africa to cut off access to internet to clamp down on protests and criticisms.

America's Federal Trade Commission is investigating whether Amazon and Google misled advertisers placing ads on their websites, reports Bloomberg, and specifically whether the two companies "properly disclosed the terms and pricing for ads." The FTC is seeking details about Amazon's auctions and whether it disclosed "reserve pricing" for some search ads — price floors that advertisers must meet before they can buy an ad, the people said. Separately, the FTC is examining practices by Google, including its internal pricing process and whether it increased the cost of ads in ways that weren't disclosed to advertisers, the people said...

According to one of the people, the FTC's latest investigation emerged from its earlier antitrust case. In that complaint, the agency alleges that Amazon litters its marketplace with irrelevant results for search queries, making it harder for shoppers to find what they are looking for and more expensive for sellers to use the platform. The practice effectively forces sellers to buy ads to make their product appear in response to consumer searches.

"Facebook users who filed a claim in parent company Meta's $725 million settlement related to the Cambridge Analytica scandal may soon get a payment," reports CNN, since "on August 27, the court ordered that settlement benefits be distributed." It's been over two years since Facebook users were able to file claims in Meta's December 2022 settlement. The class-action lawsuit began after the social media giant said in 2018 that as many as 87 million Facebook users' private information was obtained by data analytics firm Cambridge Analytica...

Meta was accused of allowing Cambridge Analytica and other third parties, including developers, advertisers and data brokers, to access private information about Facebook users. The social media giant was also accused of insufficiently managing third-party access to and use of user data. Meta did not admit wrongdoing as part of the settlement. Following the Cambridge Analytica incident, Facebook restricted third-party access to user data and "developed more robust tools" to inform users about how data is collected and shared, according to court documents...

Any US Facebook user who had an active account between May 24, 2007, and December 22, 2022, was eligible to file a claim, even if they have deleted the account. The deadline to file was August 25, 2023. Almost 29 million claims were filed and about 18 million were validated as of September 2023, according to Meta's response in a 2024 legal document... Payments will either be sent directly to the bank account provided on the claim form, or via PayPal, a virtual prepaid Mastercard, Venmo or Zelle. Unsuccessful or expired payments will receive a "second chance email" to update the payment method.

It was "little more than empty fields" five years ago — but it's now "a vast, heavily guarded complex stretching for 210 hectares (520 acres)," reports the Guardian, "the frontline of a multibillion-dollar criminal fraud industry fuelled by human trafficking and brutal violence." Myanmar, Cambodia and Laos have in recent years become havens for transnational crime syndicates running scam centres such as KK Park, which use enslaved workers to run complex online fraud and scamming schemes that generate huge profits. There have been some attempts to crack down on the centres and rescue the workers, who can be subjected to torture and trapped inside. But drone images and new research shared exclusively with the Guardian reveal that the number of such centres operating along the Thai-Myanmar border has more than doubled since Myanmar's military seized power in 2021, with construction continuing to this day.

Data from the Australian Strategic Policy Institute (Aspi), a defence thinktank in Canberra, shows that the number of Myanmar scam centres on the Thai border has increased from 11 to 27, and they have expanded in size by an average of 5.5 hectares a month. Drone images and photographs of KK Park and other Myanmar scam centres, Tai Chang and Shwe Kokko, taken by the Guardian in August show new features and active building work... Myanmar's military junta has allowed the spread of scam centres inside the country as these criminal enterprises have become an essential part of the country's conflict economy since the coup, helping it rise to the top of the global list of countries harbouring organised crime. According to Aspi's analysis, Myanmar's military, which has lost huge swathes of territory since the coup and is struggling to retain its grip on power, cannot take meaningful measures against the scam compounds without endangering its precarious relations with the crucial armed militias who are profiting from them.
While 7,000 people were freed from the compounds earlier this year, "Thai police estimated earlier this year that as many as 100,000 people were held inside Myanmar scam centres," the article notes.

Elsewhere the Guardian reports that "The centres are run by Chinese criminal gangs," and describes people who unwittingly came to Thailand for customer service jobs, only to be trafficked to Myanmar's guarded "cyberslavery compounds" and "forced to send thousands of messages from fake social-media profiles, posing as a rich American investor to swindle US real estate agents into cryptocurrency scams." Since 2020, south-east Asia's cyber-slavery industry has entrapped hundreds of thousands of people and forced them to perform "pig butchering" — the brutal term for building trust with a fraud target before scamming them. At first, the industry mostly captured Chinese and Taiwanese people, then it moved on to south-east Asians and Indians — and now Africans.

Criminal syndicates have been shifting towards scamming victims in the US and Europe after Chinese efforts to prevent its citizens being targeted, experts told the Guardian. That has led some trafficking networks to seek recruits with English-language and tech skills — including east Africans, thousands of whom are now estimated to be trapped inside south-east Asian compounds, says Benedikt Hofmann, the UN Office on Drugs and Crime's representative for south-east Asia and the Pacific.

Thanks to long-time Slashdot reader mspohr for sharing the article.

In 2015 Kim Dotcom answered questions from Slashdot's readers.

Now CBS News reports on "the latest chapter in a protracted 13-year battle by the U.S. government" to extradite Finnish-German millionaire Kim Dotcom from New Zealand: A New Zealand court has rejected the latest bid by internet entrepreneur Kim Dotcom to halt his deportation to the U.S. on charges related to his file-sharing website Megaupload. Dotcom had asked the High Court to review the legality of an official's August 2024 decision that he should be surrendered to the U.S. to face trial on charges of copyright infringement, money laundering and racketeering... The Megaupload founder had applied for what in New Zealand is called a judicial review, in which a judge is asked to evaluate whether an official's decision was lawful. A judge on Wednesday dismissed Dotcom's arguments that the decision to deport him was politically motivated and that he would face grossly disproportionate treatment in the U.S...

New Zealand's government hasn't disclosed what will happen next in the extradition process or divulged an expected timeline for Dotcom to be surrendered to the United States
Dotcom "has been free on bail in New Zealand since February 2012," the article points out — and "One of his lawyers, Ron Mansfield, told Radio New Zealand that Dotcom's team had 'much fight left in us as we seek to secure a fair outcome,' but he didn't elaborate..."

The article notes that the latest decision "could be challenged in the Court of Appeal, where a deadline for filing is October 8."

An anonymous reader quotes a report from The Intercept: The company behind the Proton Mail email service, Proton, describes itself as a "neutral and safe haven for your personal data, committed to defending your freedom." But last month, Proton disabled email accounts belonging to journalists reporting on security breaches of various South Korean government computer systems following a complaint by an unspecified cybersecurity agency. After a public outcry, and multiple weeks, the journalists' accounts were eventually reinstated -- but the reporters and editors involved still want answers on how and why Proton decided to shut down the accounts in the first place.

Martin Shelton, deputy director of digital security at the Freedom of the Press Foundation, highlighted that numerous newsrooms use Proton's services as alternatives to something like Gmail "specifically to avoid situations like this," pointing out that "While it's good to see that Proton is reconsidering account suspensions, journalists are among the users who need these and similar tools most." Newsrooms like The Intercept, the Boston Globe, and the Tampa Bay Times all rely on Proton Mail for emailed tip submissions. Shelton noted that perhaps Proton should "prioritize responding to journalists about account suspensions privately, rather than when they go viral." On Reddit, Proton's official account stated that "Proton did not knowingly block journalists' email accounts" and that the "situation has unfortunately been blown out of proportion."

The two journalists whose accounts were disabled were working on an article published in the August issue of the long-running hacker zine Phrack. The story described how a sophisticated hacking operation -- what's known in cybersecurity parlance as an APT, or advanced persistent threat -- had wormed its way into a number of South Korean computer networks, including those of the Ministry of Foreign Affairs and the military Defense Counterintelligence Command, or DCC. The journalists, who published their story under the names Saber and cyb0rg, describe the hack as being consistent with the work of Kimsuky, a notorious North Korean state-backed APT sanctioned by the U.S. Treasury Department in 2023. As they pieced the story together, emails viewed by The Intercept show that the authors followed cybersecurity best practices and conducted what's known as responsible disclosure: notifying affected parties that a vulnerability has been discovered in their systems prior to publicizing the incident. Phrack said the account suspensions created a "real impact to the author. The author was unable to answer media requests about the article." Phrack noted that the co-authors were already working with affected South Korean organizations on responsible disclosure and system fixes. "All this was denied and ruined by Proton," Phrack stated.

Phrack editors said that the incident leaves them "concerned what this means to other whistleblowers or journalists. The community needs assurance that Proton does not disable accounts unless Proton has a court order or the crime (or ToS violation) is apparent."

A former Memphis disc manufacturing employee has been sentenced to nearly five years in prison after stealing pre-release Blu-rays from his employer and leaking them online. While he received 21 months for copyright infringement, a concurrent firearm charge extended his total prison term to 57 months. TorrentFreak reports: In February, the U.S. Department of Justice indicted 37-year-old Steven Hale from Tennessee, a former employee of a disc manufacturing and distribution company in Memphis. While working at the unnamed company between 2021 and 2022, Hale allegedly stole numerous "pre-release" DVD and Blu-ray discs from his employer. These stolen discs contained many high-profile movie titles including "Spider-Man: No Way Home." In addition to the copyright infringement charge, Hale was also indicted for a firearm offense. When raiding his premises, law enforcement found a gun in a car that was registered in his name, which, for a felon, is a separate criminal offense.

Hale was sentenced at a federal court in Memphis yesterday, where Chief Judge Sheryl H. Lipman handed down a 57-month prison term, exactly in line with the U.S. government's recommendation. Two separate sentences will be served concurrently. Hale received 21 months for the theft and distribution of hundreds of pre-release movie discs. A longer sentence of 57 months was handed down for the firearm charge, which ultimately defines the total prison term. Judge Lipman also granted several requests by the defense. The court recommended that Hale be housed in a facility as close to Memphis as possible so he can be near his family. In addition, the defendant will be allowed to remain on bond and self-surrender to prison at a later date.

The 21-month sentence for the copyright infringement charge is substantially lower than the maximum of 60 months. This is in part the result of a guilty plea the defendant signed in May. After accepting responsibility, the prosecution agreed to drop other charges and recommend a sentence at the low end of the guideline range. Hale entered his guilty plea to Count Two of the indictment. The charge relates to his distribution of ten or more copies of copyrighted works, including pre-release movies, for commercial advantage and private financial gain. This includes the pre-release 'Spider-Man: No Way Home' disc, which is likely the source of the public leak.

The Swiss government could soon require service providers with more than 5,000 users to collect government-issued identification, retain subscriber data for six months and, in many cases, disable encryption. From a report: The proposal, which is not subject to parliamentary approval, has alarmed privacy and digital-freedoms advocates worldwide because of how it will destroy anonymity online, including for people located outside of Switzerland. A large number of virtual private network (VPN) companies and other privacy-preserving firms are headquartered in the country because it has historically had liberal digital privacy laws alongside its famously discreet banking ecosystem.

Proton, which offers secure and end-to-end encrypted email along with an ultra-private VPN and cloud storage, announced on July 23 that it is moving most of its physical infrastructure out of Switzerland due to the proposed law. The company is investing more than $117 million in the European Union, the announcement said, and plans to help develop a "sovereign EuroStack for the future of our home continent." Switzerland is not a member of the EU. Proton said the decision was prompted by the Swiss government's attempt to "introduce mass surveillance."

An anonymous reader quotes a report from Wired: The United States has emerged as the largest investor in commercial spyware -- a global industry that has enabled the covert surveillance of journalists, human rights defenders, politicians, diplomats, and others, posing grave threats to human rights and national security. In 2024, 20 new US-based spyware investors were identified, bringing the total number of American backers of this technology to 31. This growth has largely outpaced other major investing countries such as Israel, Italy, and the United Kingdom, according to a new report published today by the Atlantic Council.

The study surveyed 561 entities across 46 countries between 1992 and 2024, identifying 34 new investors. This brings the total to 128, up from 94 in the dataset published last year. The number of identified investors in the EU Single Market, plus Switzerland, stands at 31, with Italy -- a key spyware hub -- accounting for the largest share at 12. Investors based in Israel number 26. US-based investors include major hedge funds D.E. Shaw & Co. and Millennium Management, prominent trading firm Jane Street, and mainstream financial-services company Ameriprise Financial -- all of which, according to the Atlantic Council, have channeled funds to Israeli lawful-interception software provider Cognyte, a company allegedly linked to human rights abuses in Azerbaijan and Indonesia, among others. [...]

Apart from focusing on investment, the Atlantic Council notes that the global spyware market is "growing and evolving," with its dataset expanded to include four new vendors, seven new resellers or brokers, 10 new suppliers, and 55 new individuals linked to the industry. Newly identified vendors include Israel's Bindecy and Italy's SIO. [...] The study reveals the addition of three new countries linked to spyware activity -- Japan, Malaysia, and Panama. Japan in particular is a signatory to international efforts to curb spyware abuse, including the Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware and the Pall Mall Process Code of Practice for States. The Atlantic Council's Jen Roberts, who also worked on the report, urged expanding Executive Order 14105 to also include spyware. He also emphasized preserving Executive Order 14093, noting that U.S. purchasing power is a key lever in shaping and constraining the global spyware market. "US purchasing power is a significant tool in shaping and constraining the global market for spyware," said Roberts.

An anonymous reader quotes a report from Ars Technica: Verizon lost an attempt to overturn a $46.9 million fine for selling customer location data without its users' consent. The US Court of Appeals for the 2nd Circuit rejected Verizon's challenge in a ruling (PDF) issued today. The Federal Communications Commission fined the three major carriers last year for violations revealed in 2018. The companies sued the FCC in three different courts, with varying results.

AT&T beat the FCC in the reliably conservative US Court of Appeals for the 5th Circuit, while T-Mobile lost in the District of Columbia Circuit. Although FCC Chairman Brendan Carr voted against (PDF) the fine last year, when the commission had a Democratic majority, his FCC urged the courts to uphold the Biden-era decisions. A ruling against the FCC could gut the agency's ability to issue financial penalties. The different rulings from different circuits raise the odds of the cases being taken up by the Supreme Court.

Today's 2nd Circuit ruling against Verizon was issued unanimously by a panel of three judges, and it comes to the same legal conclusions as the DC Circuit did in the T-Mobile case. The court did not accept the carrier's argument that the fine violated its Seventh Amendment right to a jury trial and that the location data wasn't protected under the law used by the FCC to issue the penalties. "We disagree [with Verizon]," the 2nd Circuit ruling said. "The customer data at issue plainly qualifies as customer proprietary network information, triggering the Communication Act's privacy protections. And the forfeiture order both soundly imposed liability and remained within the strictures of the penalty cap. Nothing about the Commission's proceedings, moreover, transgressed the Seventh Amendment's jury trial guarantee. Indeed, Verizon had, and chose to forgo, the opportunity for a jury trial in federal court. Thus, we DENY Verizon's petition." Until 2019, the ruling said Verizon operated a location-based services program that sold customer location data through intermediaries like LocationSmart and Zumigo, who then resold it to dozens of third-party entities. Instead of directly managing consent and notifications, Verizon "largely delegated those functions via contract" to its partners, a system that came under scrutiny after a 2018 New York Times report exposed security breaches.

One major misuse involved Securus Technologies, which "was misusing the program to enable law enforcement officers to access location data without customers' knowledge or consent, so long as the officers uploaded a warrant or some other legal authorization," the ruling said. Verizon argued that Section 222 of the Communications Act only covered call-location data, but the court ruled that device-location data also qualifies as protected customer information.

Perplexity AI is the latest AI startup to be hit with a lawsuit by copyright holders, accused by Encyclopedia Britannica and Merriam-Webster of misusing their content in its "answer engine" for internet searches. From a report: The reference companies alleged in New York federal court on Wednesday that Perplexity unlawfully copied their material and diminished their revenue by redirecting their web traffic to its AI-generated summaries.

Snapchat has been accused by a Danish research organisation of leaving an "overwhelming number" of drug dealers to openly operate on Snapchat, making it easy for children to buy substances including cocaine, opioids and MDMA. The Guardian: The social media platform has said it proactively uses technology to filter out profiles selling drugs. However, research by Digitalt Ansvar (Digital Accountability), a Danish research organisation that promotes responsible digital development, has found evidence of a failure to moderate drug-related language in usernames. It also accused Snapchat of failing to respond adequately to reports of profiles openly selling drugs.

Researchers used profiles of 13-year-olds and found a multitude of people selling drugs on Snapchat under usernames featuring keywords such as "coke," "weed" and "molly." When researchers reported 40 of these profiles to Snapchat, the company removed only 10 of them. The other 30 reports were rejected, they said.

President Trump on Tuesday issued a memorandum directing the FDA and HHS to crack down on misleading direct-to-consumer prescription drug ads, requiring clearer disclosure of risks and ensuring that promotions don't overstate benefits or push costly drugs over generics. Longtime Slashdot reader sinij shares an excerpt from the memorandum: The Secretary of Health and Human Services shall therefore take appropriate action to ensure transparency and accuracy in direct-to-consumer prescription drug advertising, including by increasing the amount of information regarding any risks associated with the use of any such prescription drug required to be provided in prescription drug advertisements, to the extent permitted by applicable law. The Commissioner of Food and Drugs shall take appropriate action to enforce the Federal Food, Drug, and Cosmetic Act's prescription drug advertising provisions, and otherwise ensure truthful and non-misleading information in direct-to-consumer prescription drug advertisements. "Advertising dollars is a major avenue for pharmaceutical companies to influence news and attempt to shape public opinion," comments sinij. "Advertising was a major contributor to painkiller addiction, where networks were hesitant to cover early reports of addictiveness. It is likely directly contributing today to lack of critical coverage of Ozempic. It is just too big of a conflict of interest to allow to stand."

Cindy Cohn, who has led the Electronic Frontier Foundation as Executive Director for the past decade and has been with the organization for over 25 years, will step down by mid-2026. The digital rights group is launching a search for her successor. From a press release: "It's been the honor of my life to help EFF grow and become the strong, effective organization it is today, but it's time to make space for new leadership. I also want to get back into the fight for civil liberties more directly than I can as the executive director of a thriving 125-person organization," Cohn said. "I'm incredibly proud of all that we've built and accomplished. One of our former interns once called EFF the joyful warriors for internet freedom and I have always loved that characterization." "I know EFF's lawyers, activists and technologists will continue standing up for freedom, justice and innovation whether we're fighting trolls, bullies, corporate oligarchs, clueless legislators or outright dictators," she added. [...]

Cohn said she made the decision to step down more than a year ago, and later informed EFF's Board of Directors and executive staff. The Board of Directors has assembled a search committee, which in turn has engaged leadership advisory firm Russell Reynolds Associates to conduct a search for EFF's new executive director. Inquiries about the search can be directed to EFF@russellreynolds.com. The search committee hopes to hire someone next spring, with Cohn planning to remain at EFF for a transition period through early summer.

An anonymous reader quotes a report from 404 Media: Employees at Robert F Kennedy Jr.'s Department of Health and Human Services received an email Tuesday morning with the subject line "AI Deployment," which told them that ChatGPT would be rolled out for all employees at the agency. The deployment is being overseen by Clark Minor, a former Palantir employee who's now Chief Information Officer at HHS. "Artificial intelligence is beginning to improve health care, business, and government," the email, sent by deputy secretary Jim O'Neill and seen by 404 Media, begins. "Our department is committed to supporting and encouraging this transformation. In many offices around the world, the growing administrative burden of extensive emails and meetings can distract even highly motivated people from getting things done. We should all be vigilant against barriers that could slow our progress toward making America healthy again."

"I'm excited to move us forward by making ChatGPT available to everyone in the Department effective immediately," it adds. "Some operating divisions, such as FDA and ACF [Administration for Children and Families], have already benefitted from specific deployments of large language models to enhance their work, and now the rest of us can join them. This tool can help us promote rigorous science, radical transparency, and robust good health. As Secretary Kennedy said, 'The AI revolution has arrived.'" [...] The email says that the rollout was being led by Minor, who worked at the surveillance company Palantir from 2013 through 2024. It states Minor has "taken precautions to ensure that your work with AI is carried out in a high-security environment," and that "you can input most internal data, including procurement sensitive data and routine non-sensitive personally identifiable information, with confidence."

It then goes on to say that "ChatGPT is currently not approved for disclosure of sensitive personally identifiable information (such as SSNs and bank account numbers), classified information, export-controlled data, or confidential commercial information subject to the Trade Secrets Act." The email does not distinguish what "non-sensitive personally identifiable information" is. HHS did not immediately respond to a request for comment from 404 Media. [...] The agency has also said it plans to roll out AI through HHS's Centers for Medicare and Medicaid Services that will determine whether patients are eligible to receive certain treatments. These types of systems have been shown to be biased when they've been tried, and result in fewer patients getting the care they need.

Pakistan has built surveillance systems that it is actively using to spy on millions of its citizens and to block millions of internet sessions, according to Amnesty International. The Asian nation's Lawful Intercept Management System enables intelligence agencies to tap calls and texts across all four major mobile operators.

A Chinese-built firewall, WMS 2.0, currently blocks approximately 650,000 web links and restricts platforms including YouTube, Facebook, and X. The surveillance infrastructure combines technology from Chinese company Geedge Networks, U.S.-based Niagara Networks, France's Thales DIS, Germany's Utimaco, and UAE-based Datafusion. Balochistan province has experienced years-long internet blackouts under the system.

BrianFagioli shares a report from NERDS.xyz: Plex has alerted its customers about a security incident that may have affected user accounts. In an email sent to subscribers, the popular media server company confirmed that an unauthorized third party gained access to one of its databases. The breach exposed emails, usernames, and hashed passwords. Plex emphasized that passwords were encrypted following best practices, so attackers cannot simply read them. The company also reassured users that no credit card data was compromised, since Plex does not store that information on its servers. Still, out of caution, it is requiring all account holders to reset their credentials.

Users are being directed to reset their passwords at plex.tv/reset. During the process, Plex recommends enabling the option to sign out all connected devices. This measure logs out every device associated with the account, including Plex Media Servers, forcing a fresh login with the updated password. The company says it has already fixed the method used by the intruder to gain entry and is conducting additional security reviews. Plex is also urging subscribers to enable two-factor authentication if they have not already done so.

Signal has begun rolling out end-to-end encrypted cloud backups in its latest Android beta release. The opt-in feature allows users to restore message history if their phone is lost or damaged. Free backups include all text messages and 45 days of media attachments. A $1.99 monthly subscription extends media storage to 100GB.

Users generate a 64-character recovery key on their device that Signal's servers never access. Backups refresh daily, excluding view-once messages and those set to disappear within 24 hours. The nonprofit cited storage costs as the reason for its first paid tier. iOS and Desktop support will follow the Android rollout. Signal said it stores backup archives without linking them to specific user accounts or payment information.

The former head of security for WhatsApp filed a lawsuit on Monday accusing Meta of ignoring major security and privacy flaws that put billions of the messaging app's users at risk, the latest in a string of whistle-blower allegations against the social media giant. The New York Times: In the lawsuit filed in the U.S. District Court of the District of Northern California, Attaullah Baig claimed that thousands of WhatsApp and Meta employees could gain access to sensitive user data including profile pictures, location, group memberships and contact lists. Meta, which owns WhatsApp, also failed to adequately address the hacking of more than 100,000 accounts each day and rejected his proposals for security fixes, according to the lawsuit.

Mr. Baig tried to warn Meta's top leaders, including its chief executive, Mark Zuckerberg, that users were being harmed by the security weaknesses, according to the lawsuit. In response, his managers retaliated and fired him in February, he claims. Mr. Baig, who is represented by the whistle-blower organization Psst.org and the law firm Schonbrun, Seplow, Harris, Hoffman & Zeldes, argued in the suit that the actions violated a privacy settlement Meta reached with the Federal Trade Commission in 2019, as well as securities laws that require companies to disclose risks to shareholders.

As America's trade talks with China were set to begin last July, a "puzzling" email reached several U.S. government agencies, law firms, and trade groups, reports the Wall Street Journal. It appeared to be from the chair of a U.S. Congressional committee, Representative John Moolenaar, asking recipients to review an alleged draft of upcoming legislation — sent as an attachment. "But why had the chairman sent the message from a nongovernment address...?"

"The cybersecurity firm Mandiant determined the spyware would allow the hackers to burrow deep into the targeted organizations if any of the recipients had opened the purported draft legislation, according to documents reviewed by The Wall Street Journal." It turned out to be the latest in a series of alleged cyber espionage campaigns linked to Beijing, people familiar with the matter said, timed to potentially deploy spyware against organizations giving input on President Trump's trade negotiations. The FBI and the Capitol Police are investigating the Moolenaar emails, and cyber analysts traced the embedded malware to a hacker group known as APT41 — believed to be a contractor for Beijing's Ministry of State Security... The hacking campaign appeared to be aimed at giving Chinese officials an inside look at the recommendations Trump was receiving from outside groups. It couldn't be determined whether the attackers had successfully breached any of the targets.

A Federal Bureau of Investigation spokeswoman declined to provide details but said the bureau was aware of the incident and was "working with our partners to identify and pursue those responsible...." The alleged campaign comes as U.S. law-enforcement officials have been surprised by the prolific and creative nature of China's spying efforts. The FBI revealed last month that a Beijing-linked espionage campaign that hit U.S. telecom companies and swept up Trump's phone calls actually targeted more than 80 countries and reached across the globe...

The Moolenaar impersonation comes as several administration officials have recently faced impostors of their own. The State Department warned diplomats around the world in July that an impostor was using AI to imitate Secretary of State Marco Rubio's voice in messages sent to foreign officials. Federal authorities are also investigating an effort to impersonate White House chief of staff Susie Wiles, the Journal reported in May... The FBI issued a warning that month that "malicious actors have impersonated senior U.S. officials" targeting contacts with AI-generated voice messages and texts.
And in January, the article points out, all the staffers on Moolenaar's committee "received emails falsely claiming to be from the CEO of Chinese crane manufacturer ZPMC, according to people familiar with the episode."

Thanks to long-time Slashdot reader schwit1 for sharing the news.

"A federal jury has ordered Google to pay $425.7 million for improperly snooping on people's smartphones during a nearly decade-long period of intrusions," reports the Associated Press: The lawyers who filed the case had argued Google had used the data they collected off smartphones without users' permission to help sell ads tailored to users' individual interests — a strategy that resulted in the company reaping billions in additional revenue. The lawyers framed those ad sales as illegal profiteering that merited damages of more than $30 billion. Even though the jury came up with a far lower calculation for the damages, one of the lawyers who brought the case against Google hailed the outcome as a victory for privacy protection. "We hope this result sends a message to the tech industry that Americans will not sit idly by as their information is collected and monetized against their will," said attorney John Yanchunis of law firm Morgan & Morgan.
David Boies, the man who led the U.S. government's 2001 antitrust prosecution of Microsoft, was the plaintiffs' attorney. More details from Bloomberg Law: The lawsuit alleged that since 2016 Google told its users that when they turned off a privacy setting known as Web & App Activity, the company would cease collecting their data from third-party apps that use Google's back end data analytics services. Google continued that collection despite its promise to users that they had control, the plaintiffs alleged. Judge Richard Seeborg certified a class of 98 million Google users who has switched the Web & App Activity setting off...

Boies told the jury during closing statements that the case was about Google breaking its promise to users that they had control over their data. He pointed to Congressional testimony from Google CEO Sundar Pichai in 2018 who said users could clearly see what information the company had, all while internal communications and surveys said users were being misled about their privacy... During closing statements, Google attorney Benedict Hur of Cooley LLP said that as soon as a user click the tracking switch off, they were presented with an "Are You Sure?" screen that stated that users can "learn about the data Google continues to collect and why" by clicking an additional link.
A spokesperson for Google said they would appeal the verdict.

An anonymous reader quotes a report from Reuters: President Donald Trump said on Thursday his administration would impose tariffs on semiconductor imports from companies not shifting production to the U.S., speaking ahead of a dinner with major technology company CEOs. "Yeah, I have discussed it with the people here. Chips and semiconductors -- we will be putting tariffs on companies that aren't coming in. We will be putting a tariff very shortly," Trump said without giving an exact time or rate.

"We will be putting a very substantial tariff, not that high, but fairly substantial tariff with the understanding that if they come into the country, if they are coming in, building, planning to come in, there will not be a tariff," Trump told reporters. "If they are not coming in, there is a tariff," Trump said in his comments on semiconductors. "Like, I would say (Apple CEO) Tim Cook would be in pretty good shape," he added, as Cook sat across the table. Further reading: Trump Basks in Tech Leaders' Spending Vows at White House Dinner

An anonymous reader quotes a report from Deadline: Anthropic has agreed to pay at least $1.5 billion into a class action fund as part of a settlement of litigation brought by a group of book authors. The sum, disclosed in a court filing on Friday, "will be the largest publicly reported copyright recovery in history, larger than any other copyright class action settlement or any individual copyright case litigated to final judgment," the attorneys for the authors wrote.

The settlement also includes a provision that releases Anthropic only for its conduct up the August 25, meaning that new claims could be filed over future conduct, according to the filing. Anthropic also has agreed to destroy the datasets used in its models. The settlement figure amounts to about $3,000 per class work, according to the filing. You can read the terms of Anthropic's copyright settlement here (PDF). A hearing in the case is scheduled for Sept. 8.

Uber's Indian arm has started using its app to offer rideshare and delivery drivers the chance to make money by classifying data used by AI systems. From a report: Megha Yethadka, global head of Uber AI Solutions, revealed the new gigs in a Thursday LinkedIn post in which she said drivers sometimes have downtime during the day or might want to make some extra cash after hours. Yethadka said the work can involve reviewing photos, counting objects, classifying text, recording audio, or digitizing receipts.

She said the gigs are "Powering our enterprise customers worldwide for their gen AI models or consumer applications." "Until now, these tasks were completed by independent contractors outside the app," Yethadka wrote. "The early results are very promising, and we're eager to scale this further." In an accompanying video, she mentioned "worldwide" expansion for the offering. Prabhjeet Singh, Uber's president for India and South Asia, said the gigs are available in 12 cities and that "tens of thousands of drivers" are already performing what Uber calls "digital tasks."

A UK government trial of Microsoft's M365 Copilot found no clear productivity gains despite user satisfaction with tasks like summarizing meetings and writing emails. While the tool sped up some routine work, it actually slowed down more complex tasks like Excel analysis and PowerPoint creation, often producing lower-quality results. The Register reports: The Department for Business and Trade received 1,000 licenses for use between October and December 2024, with the majority of these allocated to volunteers and 30 percent to randomly selected participants. Some 300 of these people consented to their data being analyzed. An evaluation of time savings, quality assurance, and productivity was then calculated in the assessment (PDF). Overall, 72 percent of users were satisfied or very satisfied with their digital assistant and voiced disappointment when the test ended. However, the reality of productivity gains was more nuanced than Microsoft's marketing materials might suggest. Around two-thirds of the employees in the trial used M365 at least once a week, and 30 percent used it at least once a day -- which doesn't sound like great value for money. [...]

According to the M365 Copilot monitoring dashboard made available in the trial, an average of 72 M365 Copilot actions were taken per user. "Based on there being 63 working days during the pilot, this is an average of 1.14 M365 Copilot actions taken per user per day," the study says. Word, Teams, and Outlook were the most used, and Loop and OneNote usage rates were described as "very low," less than 1 percent and 3 percent per day, respectively. "PowerPoint and Excel were slightly more popular; both experienced peak activity of 7 percent of license holders using M365 Copilot in a single day within those applications," the study states. The three most popular tasks involved transcribing or summarizing a meeting, writing an email, and summarizing written comms. These also had the highest satisfaction levels, we're told.

Participants were asked to record the time taken for each task with M365 Copilot compared to colleagues not involved in the trial. The assessment report adds: "Observed task sessions showed that M365 Copilot users produced summaries of reports and wrote emails faster and to a higher quality and accuracy than non-users. Time savings observed for writing emails were extremely small. "However, M365 Copilot users completed Excel data analysis more slowly and to a worse quality and accuracy than non-users, conflicting time savings reported in the diary study for data analysis. PowerPoint slides [were] over 7 minutes faster on average, but to a worse quality and accuracy than non-users." This means corrective action was required.

A cross-section of participants was asked questions in an interview -- qualitative findings -- and they claimed routine admin tasks could be carried out with greater efficiency with M365 Copilot, letting them "redirect time towards tasks seen as more strategic or of higher value, while others reported using these time savings to attend training sessions or take a lunchtime walk." Nevertheless, M365 Copilot did not necessarily make them more productive, the assessment found. This is something Microsoft has worked on with customers to quantify the benefits and justify the greater expense of a license for M365 Copilot.

An Indiana bankruptcy lawyer named Mark Zuckerberg is suing Meta after his Facebook page was repeatedly shut down for "impersonating" CEO Mark Zuckerberg, despite being his real legal name. TechCrunch reports: Mark Zuckerberg the lawyer uses a commercial Facebook page to advertise his legal practice and communicate with potential clients. But his page has been disabled five times in the last eight years, since Meta's moderation systems flag his account as falsely impersonating Mark Zuckerberg, the founder of the platform. Mark Zuckerberg is not impersonating Mark Zuckerberg, because he, too, is Mark Zuckerberg. In his legal complaint, Mark Zuckerberg points out that he has been practicing law since Mark Zuckerberg was just three years old.

"It's not funny," Mark Zuckerberg, the lawyer, said to Indianapolis' 13WTHR. "Not when they take my money. This really pissed me off." Mark Zuckerberg has spent over $11,000 to advertise his page on Mark Zuckerberg's Meta platforms, but when Mark Zuckerberg's account is disabled for allegedly impersonating Mark Zuckerberg, Mark Zuckerberg still has to pay for these advertisements. Zuckerberg created a website, iammarkzuckerberg.com, chronicling how his life has been shaped by being named Mark Zuckerberg.

The lawsuit can be found here.

Warner Bros. Discovery has filed a major copyright lawsuit against Midjourney, accusing the AI image generator of exploiting its movies and TV shows to train models and generate near-identical reproductions of iconic characters like Batman, Bugs Bunny, and Rick and Morty. From The Hollywood Reporter: The company "brazenly dispenses Warner Bros. Discovery's intellectual property" by letting subscribers produce images and videos of iconic copyrighted characters, alleges the complaint, filed on Thursday in California federal court. "The heart of what we do is develop stories and characters to entertain our audiences, bringing to life the vision and passion of our creative partners," said a Warner Bros. Discovery spokesperson in a statement. "Midjourney is blatantly and purposefully infringing copyrighted works, and we filed this suit to protect our content, our partners, and our investments."

For years, AI companies have been training their technology on data scraped across the internet without compensating creators. It's led to lawsuits from authors, record labels, news organizations, artists and studios, which contend that some AI tools erode demand for their content. Warner Bros. Discovery joins Disney and Universal, which earlier this year teamed up to sue Midjourney. By their thinking, the AI company is a free-rider plagiarizing their movies and TV shows. In the lawsuit, Warner Bros. Discovery points to Midjourney generating images of iconic copyrighted characters. At the forefront are heroes who're at the center of DC Studios' movies and TV shows, like Superman, Wonder Woman and The Joker; others are Looney Tunes, Tom and Jerry and Scooby-Doo characters who've become ubiquitous household names; more are Cartoon Network characters, including those from Rick and Morty, who've emerged as something of cultural touchstones in recent years. [...]

The lawsuit argues Midjourney's ability to return copyrighted characters is a "clear draw for subscribers," diverting consumers away from purchasing Warner Bros. Discovery-approved posters, wall art and prints, among other products that must now compete against the service. [...] Warner Bros. Discovery seeks Midjourney's profits attributable to the alleged infringement or, alternatively, $150,000 per infringed work, which could leave the AI company on the hook for massive damages. The thrust of the studios' lawsuits will likely be decided by one question: Are AI companies covered by fair use, the legal doctrine in intellectual property law that allows creators to build upon copyrighted works without a license? The lawsuit can be found here.

An anonymous reader quotes a report from The Guardian: Managers and supervisors brace yourselves: calling the boss a dickhead is not necessarily a sackable offense, a tribunal has ruled. The ruling came in the case of an office manager who was sacked on the spot when -- during a row -- she called her manager and another director dickheads. Kerrie Herbert has been awarded almost 30,000 pounds in compensation and legal costs after an employment tribunal found she had been unfairly dismissed.

The employment judge Sonia Boyes ruled that the scaffolding and brickwork company she worked for had not "acted reasonably in all the circumstances in treating [her] conduct as a sufficient reason to dismiss her." "She made a one-off comment to her line manager about him and a director of the business," Boyes said. "The comment was made during a heated meeting. "Whilst her comment was not acceptable, there is no suggestion that she had made such comments previously. Further ... this one-off comment did not amount to gross misconduct or misconduct so serious to justify summary dismissal." [...]

Boyes found that Herbert was summarily fired because of her use of the word "dickheads" and ruled that the company had failed to follow proper disciplinary procedures. She concluded that calling her bosses dickheads was not sufficient to fire Herbert and ordered the firm to pay 15,042.81 pounds in compensation. In her latest judgment she also ruled it had to pay 14,087 pounds towards her legal fees. "If it was anyone else in this position they would have walked years ago due to the goings-on in the office, but it is only because of you two dickheads that I stayed," said Herbert.

Swannell retorted: "Don't call me a fucking dickhead or my wife. That's it, you're sacked. Pack your kit and fuck off."

Tesco is suing Broadcom and reseller Computacenter for at least $134 million, claiming that VMware's perpetual license support agreements were breached after Broadcom's acquisition. The supermarket giant warned it "may not be able to put food on the shelves if the situation goes pear-shaped," writes The Register's Simon Sharwood. From the report: Court documents seen by The Register assert that in January 2021 Tesco acquired perpetual licenses for VMware's vSphere Foundation and Cloud Foundation products, plus subscriptions to Virtzilla's Tanzu products, and agreed a contract for support services and software upgrades that run until 2026. Tesco claims VMware also agreed to give it an option to extend support services for an additional four years. All of this happened before Broadcom acquired VMware and stopped selling support services for software sold under perpetual licenses. Broadcom does sell support to those who sign for its new software subscriptions.

The supermarket giant says Broadcom's subscriptions mean it must pay "excessive and inflated prices for virtualization software for which Tesco has already paid," and "is unable any longer to purchase stand-alone Virtualization Support Services for its Perpetually Licensed Software without also having to purchase duplicative subscription-based licenses for those same Software products which it already owns." The complaint also alleges that Tesco's contracts with VMware include eligibility for software upgrades, but that Broadcom won't let the retailer update its perpetual licenses to cover the new Cloud Foundation 9.

The filing names Computacenter as a co-defendant as it was the reseller that Tesco relied on for software licenses, and the retailer feels it's breached contracts to supply software at a fixed price. Tesco's filing also mentions Broadcom's patch publication policy, which means users who don't acquire subscriptions can't receive all security updates and don't receive other fixes. The retailer thinks its contracts mean it is entitled to those updates. The filing suggests that lack of support is not just a legal matter, but may have wider implications because VMware software, and support for it "are essential for the operations and resilience of Tesco's business and its ability to supply groceries to consumers across the UK and Republic of Ireland."

"VMware Virtualization Software underpins the servers and data systems that enable Tesco's stores and operations to function, hosting approximately 40,000 server workloads and connecting to, by way of illustration, tills in Tesco stores," the filing states. Tesco's filing warns that Broadcom, VMware, and Computacenter are each liable for at least $134 million damages, plus interest, and that the longer the dispute persists the higher damages will climb.

Streameast -- the world's largest illegal sports streaming platform -- has been shut down after a year long investigation, according to a leading United States-based anti-piracy organisation. From a report: The network of 80 unauthorised domains generated 1.6billion combined visits over the past year, providing free access to global sports fixtures, including Europe's top football leagues and competitions, such as the Premier League and Champions League, as well as the NFL, NBA and MLB.

The Athletic has been informed by the Alliance for Creativity and Entertainment (ACE) -- a coalition of 50 media and entertainment organisations including Amazon, Apple TV+, Netflix and Paramount -- that an operation alongside Egyptian law enforcement officials took place on Sunday August 24 to disrupt Streameast's dominant position in the illegal streaming market.

Traffic to the site reached 136million average monthly visits, with domains primarily originating from the U.S., Canada, the United Kingdom, the Philippines and Germany.

Critics are denouncing Tuesday's antitrust remedies ruling against Google, calling them inadequate to restore search market competition. DuckDuckGo said the court's decision allows Google to continue using its monopoly to hold back competitors in AI search.

The Open Markets Institute called it "pure judicial cowardice" that leaves Google's power "almost fully intact." Senator Amy Klobuchar said the limited remedies demonstrate why Congress needs to pass legislation stopping dominant platforms from preferencing their own products. The News/Media Alliance criticized Judge Amit Mehta for failing to address Google forcing publishers to provide content for AI offerings to remain in search results.

An anonymous reader quotes a report from Reuters: Amazon.com must face a class action on behalf of hundreds of millions of U.S. consumers over claims that the online retail giant overcharged for products sold by third-party sellers, a federal judge in Seattle has ruled. U.S. District Judge John Chun in an order (PDF) unsealed on Friday certified a nationwide class involving 288 million customers and billions of transactions, marking one of the largest-ever in the United States.

The class includes buyers in the United States who purchased five or more new goods from third-party sellers on Amazon since May 26, 2017. The consumers' 2021 lawsuit said Amazon violated antitrust law by restricting third-party sellers from offering their products for lower prices elsewhere on rival platforms while they are also for sale on Amazon. Amazon's policies have allowed the company to impose inflated fees on sellers, causing shoppers to pay higher prices for purchases, the lawsuit said. Amazon has denied any wrongdoing. It has already appealed Chun's class certification order, which was first issued under seal on Aug. 6.

Amazon argued that the class was too large to be manageable and that the plaintiffs failed to show its alleged conduct had a widespread effect. Amazon also said that since 2019 it has not used a pricing program that the plaintiffs challenged. Chun found there was no evidence at this stage that the size of the class was overbroad. Other federal courts had certified class actions with millions or hundreds of millions of class members, the judge said.

A federal judge spared Google from the harshest penalties in its antitrust case. The search giant can keep Chrome and avoid breaking up Android, but it has been barred from exclusive contracts and ordered to limit data sharing with rivals. CNBC reports: U.S. District Judge Amit Mehta ruled against the most severe consequences that were proposed by the U.S. Department of Justice, including selling off its Chrome browser, which provides data that helps its advertising business deliver targeted ads. "Google will not be required to divest Chrome; nor will the court include a contingent divestiture of the Android operating system in the final judgment," the decision stated. "Plaintiffs overreached in seeking forced divesture of these key assets, which Google did not use to effect any illegal restraints."

The company can make payments to preload products, but it cannot have exclusive contracts, the decision stated. The DOJ asked Google to stop the practice of "compelled syndication," which refers to the practice of making certain deals with companies to ensure its search engine remains the default choice in browsers and smartphones. [...] The judge ordered the parties to meet by September 10th for the final judgement.

"Google will not be barred from making payments or offering other consideration to distribution partners for preloading or placement of Google Search, Chrome, or its GenAI products. Cutting off payments from Google almost certainly will impose substantial -- in some cases, crippling -- downstream harms to distribution partners, related markets, and consumers, which counsels against a broad payment ban." [...] Google said it will appeal the ruling, which would delay any potential penalties. Mehta ruled Tuesday that Google will have to make available certain search index data and user interaction data though "not ads data." The court narrowed the datasets Google will be required to share and said they must occur on "ordinary commercial terms that are consistent with Google's current syndication services."

"Typically when something is available to "buy," ownership of that good or access to that service is offered in exchange for money," writes Ars Technica.

"That's not really the case, though, when it comes to digital content." Often, streaming services like Amazon Prime Video offer customers the options to "rent" digital content for a few days or to "buy" it. Some might think that picking "buy" means that they can view the content indefinitely. But these purchases are really just long-term licenses to watch the content for as long as the streaming service has the right to distribute it — which could be for years, months, or days after the transaction. A lawsuit recently filed against Prime Video challenges this practice and accuses the streaming service of misleading customers by labeling long-term rentals as purchases. The conclusion of the case could have implications for how streaming services frame digital content...

[The plaintiff's] complaint stands a better chance due to a California law that took effect in January banning the selling of a "digital good to a purchaser with the terms 'buy,' 'purchase,' or any other term which a reasonable person would understand to confer an unrestricted ownership interest in the digital good, or alongside an option for a time-limited rental." There are some instances where the law allows digital content providers to use words like "buy." One example is if, at the time of transaction, the seller receives acknowledgement from the customer that the customer is receiving a license to access the digital content; that they received a complete list of the license's conditions; and that they know that access to the digital content may be "unilaterally revoked...."

The case is likely to hinge on whether or not fine print and lengthy terms of use are appropriate and sufficient communication. [The plaintiff]'s complaint acknowledges that Prime Video shows relevant fine print below its "buy" buttons but says that the notice is "far below the 'buy movie' button, buried at the very bottom" of the page and is not visible until "the very last stage of the transaction," after a user has already clicked "buy."
Amazon is sure to argue that "If plaintiff didn't want to read her contract, including the small print, that's on her," says consumer attorney Danny Karon. But he tells Ars Technica "I like plaintiff's chances. A normal consumer, after whom the California statute at issue is fashioned, would consider 'buy' or 'purchase' to involve a permanent transaction, not a mere rental... If the facts are as plaintiff alleges, Amazon's behavior would likely constitute a breach of contract or statutory fraud."

"Nearly 400 students, many of them entrepreneurs, have so far made the journey to Forest City to study everything from coding to unconventional theories on statehood," reports Bloomberg.

"They're building crypto projects, fine-tuning their physiques and testing whether a shared ideology — rather than just shared territory — can bind a community." They have descended on Forest City to attend Network School, the brainchild of former Coinbase Inc. executive and "The Network State" author Balaji Srinivasan. In this troubled megaproject once envisaged to house some 50 times its current population, they're conducting a real-life experiment of sorts with Srinivasan's vision of "startup societies" defined less by historical territory than shared beliefs in technology, cryptocurrency and light regulation... Mornings are spent in product sprints and coding sessions; afternoons in seminars exploring topics from the Meiji Restoration to Singapore's statecraft and the mechanics of decentralized governance. Guest lectures double as both technological deep dives and ideological sermons, according to half a dozen students interviewed by Bloomberg. The campus also mirrors Silicon Valley's infatuation with longevity and health, right down to a commercial-grade gym and specially designed workout routines. Students follow a protein-heavy diet...

After co-founding DNA testing startup Counsyl in 2008 and serving as its chief technology officer, Srinivasan spent five years at venture capital firm Andreessen Horowitz, first as general partner and then as board partner. He joined Coinbase as CTO in 2018 when the crypto exchange bought a portfolio company he oversaw and left after a little over a year, according to his LinkedIn profile. In a 2013 speech at Y Combinator's Startup School, Srinivasan brought his ideas about what he saw as a fundamental conflict between some modern nation-states and innovation to a wider audience. In the address, he advocated for Silicon Valley's "ultimate exit" from the U.S., which he argued was obsolete and hostile to innovators. In essence: If the society you live in is broken, why not just "opt out" and create a new one?

"The Network State: How To Start a New Country," published in 2022, expanded on Srinivasan's "exit" concept to outline how online, ideologically aligned communities can use crypto and digital tools to form new, decentralized states. A network state can be geographically dispersed and bound together by the internet and blockchains, he says, and the aim is to gain diplomatic recognition... On the Moment of Zen podcast in September 2023, he outlined how the "Gray Tribe" — entrepreneurs, innovators and thinkers — can retake control of San Francisco from the Blues using a variety of tactics, like allying with local police. The effort would involve gaining control of territory, according to Srinivasan, who didn't advocate for violence. "Elections are just the cherry on the cake," he said. "Elections are just a reflection of your total control of the streets."
The cost of attending Network School "starts at $1,500 per month, including lodging and food, for those who opt for a shared room."

Futurism reports: Earlier this week, buried in the middle of a lengthy blog post addressing ChatGPT's propensity for severe mental health harms, OpenAI admitted that it's scanning users' conversations and reporting to police any interactions that a human reviewer deems sufficiently threatening.

"When we detect users who are planning to harm others, we route their conversations to specialized pipelines where they are reviewed by a small team trained on our usage policies and who are authorized to take action, including banning accounts," it wrote. "If human reviewers determine that a case involves an imminent threat of serious physical harm to others, we may refer it to law enforcement."

The announcement raised immediate questions. Don't human moderators judging tone, for instance, undercut the entire premise of an AI system that its creators say can solve broad, complex problems? How is OpenAI even figuring out users' precise locations in order to provide them to emergency responders? How is it protecting against abuse by so-called swatters, who could pretend to be someone else and then make violent threats to ChatGPT in order to get their targets raided by the cops...? The admission also seems to contradict remarks by OpenAI CEO Sam Altman, who recently called for privacy akin to a "therapist or a lawyer or a doctor" for users talking to ChatGPT.
"Others argued that the AI industry is hastily pushing poorly-understood products to market, using real people as guinea pigs, and adopting increasingly haphazard solutions to real-world problems as they arise..."

Thanks to long-time Slashdot reader schwit1 for sharing the news.

The Washington Post covers "a string of false reports of active shooters at a dozen U.S. universities this month as students returned to campus." The FBI is investigating the incidents, according to a spokesperson who declined to specify the nature of the probe. While universities have proved a popular swatting target, the agency "is seeing an increase in swatting events across the country," the FBI spokesperson said... Local officials are frustrated by the anonymous calls tying up first responders, straining public safety budgets and needlessly traumatizing college students who grew up in an era in which gun violence has in some way shaped their school experience...

The recent string of swattings began Thursday with a false report to the University of Tennessee at Chattanooga, quickly followed by one about Villanova University later that day. Hoaxes at 10 more schools followed... Villanova also received a second threat. As the calls about shootings came in, officials on many of the campuses pushed out emergency notifications directing students and employees to shelter in place, while police investigated what turned out to be false reports. (Iowa State was able to verify the lack of a threat before a campuswide alert was sent, its police chief said. [They had a live video feed from the location the caller claimed to be from.]) In at least three cases, 911 calls reporting a shooting purported to come from campus libraries, where the sound of gunshots could be heard over the phone, officials told The Washington Post...

Although false bomb reports, shooter threats and swatting incidents are not new, bad actors used to be more easily traceable through landline phones. But the era of internet-based services, virtual private networks, and anonymous text and chat tools has made unmasking hoax callers far more challenging... In 2023, a Post investigation found that more than 500 schools across the United States were subject to a coordinated swatting effort that may have had origins abroad...

[In Chattanooga, Tennessee last week] a dispatcher heard gunfire during a call reporting an on-campus shooting. "We grabbed everybody that wasn't already out on the street and got to that location," said University of Tennessee at Chattanooga Police spokesman Brett Fuchs. About 150 officers from several agencies responded. There was no shooter.
The New York Times reports that an online group called "Purgatory" is "suspected of being connected to several of the episodes, including reports of shootings, according to cybersecurity experts, law enforcement agencies and the group members' own posts in a social media chat." (Though the Times, couldn't verify the group's claims.) Federal authorities previously connected the same network to a series of bomb scares and bogus shooting reports in early 2024, for which three men pleaded guilty this year... Bragging about its recent activities, Purgatory said that it could arrange more swatting episodes for a fee.
USA Today tries to quantify the reach of swatting: Estimated swatting incidents jumped from 400 in 2011 to more than 1,000 in 2019, according to the Anti-Defamation League, which cited a former FBI agent whose expertise is in swatting. From January 2023 to June 2024 alone, more than 800 instances of swatting were recorded at U.S. elementary, middle and high schools, according to the K-12 School Shootings Database, created by a University of Central Florida doctoral student in response to the Parkland High School shooting in 2018.tise is in swatting... David Riedman, a data scientist and creator of the K-12 School Shooting Database, estimates that in 2023, it cost $82,300,000 for police to respond to false threats.
Thanks to long-time Slashdot reader schwit1 for sharing the news.

Intel amended its deal with the U.S. Department of Commerce "to remove earlier project milestones," reports Reuters, "and received about $5.7 billion in cash sooner than planned."

"The move will give Intel more flexibility over the funds." The amended agreement, which revises a November 2024 funding deal, retains some guardrails that prevent the chipmaker from using the funds for dividends and buybacks, doing certain control-changing deals and from expanding in certain countries.
The move makes the Wall Street Journal wonder what, beyond equity, the U.S. now gets in return, calling government's position "a stake without a strategy." The U.S. has historically shied away from putting money into private business. It can't really outguess the market on where the most promising returns lie. Yet there are exceptions. Sometimes a company or industry risks failing without public support, and that failure would hurt the whole country, not just its shareholders and employees. Intel meets both conditions. It isn't failing, but it is losing money, its core business is in decline, and it lacks the capital and customers needed to make the most advanced semiconductors. If Intel were to fail, it would take a sizable chunk of the semiconductor industrial base with it. At a time of existential competition with China, that is a national emergency...

[U.S. Commerce Secretary Howard Lutnick] said as a shareholder, the U.S. would help Intel "to create the most advanced chips in the world." And yet the deal doesn't provide Intel with new resources to accomplish that. Rather, to get the remaining $9 billion, Intel had to give the U.S. equity. This is more like a tax than an investment: Shareholders gave up a 10th of their ownership in return for money the company was supposed to get anyway... Some of the administration's forays into private business do reflect strategic thinking, such as the Pentagon's 15% stake in MP Materials in exchange for investment and contracts that help make the company a viable alternative to China as a supplier of rare-earth magnets for products such as automobiles, wind turbines, jet fighters and missile systems. But more often, companies recoil from government ownership...

Though the U.S. stake dilutes Intel's existing shareholders, its stock has held up. There could be several reasons. It eliminates uncertainty over whether the remaining $9 billion in federal funds will be forthcoming... [B]ecause Washington has a vested interest in Intel's share price, investors believe it may prod companies such as Nvidia and Apple to buy more of its chips.
But that only goes so far, the article seems to conclude, offering this quote from an analyst Bernstein investment research. "If Intel can prove they can make these leading-edge products in high volume that meets specifications at a good cost structure, they'll have customers lined up around the block. If they can't prove they can do it, what customer will put meaningful volume to them regardless of what pressure the U.S. government brings to bear?"

CBS News also notes the U.S. government stake "is being criticized by conservatives and some economic policy experts alike, who worry such extensive government intervention undermines free enterprise."

Thanks to Slashdot reader joshuark for sharing the news.

Remember those Harvard dropouts who built smart glasses for covert facial recognition — and then raised $1 million to develop AI-powered glasses to continuously listen to conversations and display its insights?

"People Are REALLY Mad," writes Futurism, noting that some social media users "have responded with horror and outrage." One of its selling points is that the specs don't come with a visual indicator that lights up to let people know when they're being recorded, which is a feature that Meta's smart glasses do currently have. "People don't want this," wrote Whitney Merill, a privacy lawyer. "Wanting this is not normal. It's weird...."

[S]ome mocked the deleterious effects this could have on our already smartphone-addicted, brainrotted cerebrums. "I look forward to professional conversations with people who just read robot fever dream hallucinations at me in response to my technical and policy questions," one user mused.
The co-founder of the company told TechCrunch their glasses would be the "first real step towards vibe thinking."

But there's already millions of other smart glasses out in the world, and they're now drawing a backlash, reports the Washington Post, citing the millions of people viewing "a stream of other critical videos" about Meta's smart glasses.

The article argues that Generation Z, "who grew up in an internet era defined by poor personal privacy, are at the forefront of a new backlash against smart glasses' intrusion into everyday life..." Opal Nelson, a 22-year-old in New York, said the more she learns about smart glasses, the angrier she becomes. Meta Ray-Bans have a light that turns on when the gadget is recording video, but she said it doesn't seem to protect people from being recorded without consent... "And now there's more and more tutorials showing people how to cover up the [warning light] and still allow you to record," Nelson said. In one such tutorial with more than 900,000 views, a man claims to explain how to cover the warning light on Meta Ray-Bans without triggering the sensor that prevents the device from secretly recording.
One 26-year-old attracted 10 million views to their video on TikTok about the spread of Meta's photography-capable smart glasses. "People specifically in my generation are pretty concerned about the future of technology," the told the Post, "and what that means for all of us and our privacy."

The article cites figures from a devices analyst at IDC who estimates U.S. sales for Meta Ray-Bans will hit 4 million units by the end of 2025, compared to 1.2 million in 2024.

An anonymous reader quotes a report from TechCrunch: WhatsApp said on Friday that it fixed a security bug in its iOS and Mac apps that was being used to stealthily hack into the Apple devices of "specific targeted users." The Meta-owned messaging app giant said in its security advisory that it fixed the vulnerability, known officially as CVE-2025-55177, which was used alongside a separate flaw found in iOS and Macs, which Apple fixed last week and tracks as CVE-2025-43300.

Apple said at the time that the flaw was used in an "extremely sophisticated attack against specific targeted individuals." Now we know that dozens of WhatsApp users were targeted with this pair of flaws. Donncha O Cearbhaill, who heads Amnesty International's Security Lab, described the attack in a post on X as an "advanced spyware campaign" that targeted users over the past 90 days, or since the end of May. O Cearbhaill described the pair of bugs as a "zero-click" attack, meaning it does not require any interaction from the victim, such as clicking a link, to compromise their device.

The two bugs chained together allow an attacker to deliver a malicious exploit through WhatsApp that's capable of stealing data from the user's Apple device. Per O Cearbhaill, who posted a copy of the threat notification that WhatsApp sent to affected users, the attack was able to "compromise your device and the data it contains, including messages." It's not immediately clear who, or which spyware vendor, is behind the attacks. When reached by TechCrunch, Meta spokesperson Margarita Franklin confirmed the company detected and patched the flaw "a few weeks ago" and that the company sent "less than 200" notifications to affected WhatsApp users. The spokesperson did not say, when asked, if WhatsApp has evidence to attribute the hacks to a specific attacker or surveillance vendor.

U.S. Commerce Secretary Howard Lutnick announced that the Department of Commerce will begin publishing GDP statistics on the blockchain, touting it as part of President Trump's push to make America a "crypto government." CoinTelegraph reports: Lutnick made the announcement during a White House cabinet meeting on Tuesday, describing the effort as a move to expand blockchain-based data distribution across government agencies. Speaking to US President Donald Trump and other government officials, he said: "The Department of Commerce is going to start issuing its statistics on the blockchain, because you are the crypto president, and we are going to put our GDP on the blockchain so people can use it for data and distribution." Lutnick said the initiative will begin with GDP figures and could expand across federal departments after the Commerce Department finishes "ironing out all of the details" for the implementation.