OkCupid and parent company Match Group settled an FTC case dating back to 2014 over allegations that the dating app shared users' photos and other personal data with a third party without proper disclosure or opt-out rights. Engadget reports: According to the FTC, OkCupid's privacy policy at the time noted that the company wouldn't share a user's personal information with others, except for some cases including "service providers, business partners, other entities within its family of businesses." However, the lawsuit accused OkCupid of sharing three million photos of its users to Clarifai, which the FTC claims is a "unrelated third party" that didn't fall under the allowed entities. On top of that, the lawsuit alleged that OkCupid didn't inform its users of this data sharing, nor give them a chance to opt out.

Moving forward, the settlement would "permanently prohibit" Match Group, which owns OkCupid, and Humor Rainbow, which operates OkCupid, from misrepresenting what kind of personal information it collects, the purpose for collecting the data and any consumer choices to prevent data collection. Even after the 2014 incident, OkCupid was found with security flaws that could've exposed user account info but, which were quickly patched in 2020.

An anonymous reader quotes a report from TorrentFreak: In an effort to gather material for its LLM training, Meta used BitTorrent to download pirated books from Anna's Archive and other shadow libraries. According to several authors, Meta facilitated the infringement of others by "seeding" these torrents. This week, the court granted the authors permission to add these claims to their complaint, despite openly scolding their counsel for "lame excuses" and "Meta bashing." [...] The judge acknowledged that the contributory infringement claim could and should have been added back in November 2024, when the authors amended their complaint to include the distribution claim. After all, both claims arise from the same factual allegations about Meta's torrenting activity.

"The lawyers for the named plaintiffs have no excuse for neglecting to add a contributory infringement claim based on these allegations back in November 2024," Judge Chhabria wrote. The lawyers of the book authors claimed that the delay was the result of newly produced evidence that had "crystallized" their understanding of Meta's uploading activity. However, that did not impress the judge. He called it a "lame excuse" and "a bunch of doubletalk," noting that if the missing discovery truly prevented the contributory claim from being added in November 2024, the same logic would have prevented the distribution claim from being added at that time as well. "Rather than blaming Meta for producing discovery late, the plaintiffs' lawyers should have been candid with the Court, explaining that they missed an issue in a case of first impression..," the order reads.

Judge Chhabria went further, noting that the authors' law firm, Boies Schiller, showed "an ongoing pattern" of distracting from its own mistakes by attacking Meta. He pointed specifically to the dispute over when Meta disclosed its fair use defense to the distribution claim, which we covered here recently, characterizing it as a false distraction. "The lawyers for the plaintiffs seem so intent on bashing Meta that they are unable to exercise proper judgment about how to represent the interests of their clients and the proposed class members," the order reads. Despite the criticism, Chhabria granted the motion. [...] For now, the case moves forward with a fourth amended complaint, three new loan-out companies added as named plaintiffs, and a growing list of BitTorrent-related claims for Judge Chhabria to resolve.

Their goal is to use biometric data and blockchain to build age-verification measures directly into disposable vape cartridges.

Wired reports on a partnership between vape/cartridge manufacturer Ispire Technology and regulatory consulting company Chemular (which specializes in the nicotine market) — which they've named "Ike Tech": [Using blockchain-based security, the e-cig cartridge] would use a camera to scan some form of ID and then also take a video of the user's face. Once it verifies your identity and determines you're old enough to vape, it translates that information into anonymized tokens. That info goes to an identity service like ID.me or Clear. If approved, it bounces back to the app, which then uses a Bluetooth signal to give the vape the OK to turn on.

"Everything is tokenized," [says Ispire CEO Michael Wang]. "As a result of this process, we don't communicate consumer personal private information." He says the process takes about a minute and a half... After that onetime check, the Bluetooth connection on the phone will recognize when the vape cartridge is nearby and keep it unlocked. Move the vape too far away from the phone, and it shuts off again. Based on testing, the companies behind Ike Tech claim this process has a 100 percent success rate in age verification, more or less calling the tech infallible. "The FDA told us it's the holy grail technology they were looking for," Wang says. "That's word-for-word what they said when we met with them...."

Wang says the goal is to implement additional features in the verification process, like geo-fencing, which would force the vape to shut off while near a school or on an airplane. In the future, the plan is to license this biometric verification tech to other e-cig companies. The tech may also grow to include fingerprint readers and expand to other product categories; Wang suggests guns, which have a long history of age-verification features not quite working.

The Wall Street Journal reports that Rivian "just won a yearslong battle with car dealers in Washington state that threatens the model of how cars are sold." After fighting to sell its vehicles directly to buyers, Rivian threatened to take its case to voters with a ballot measure to permit direct sales. The dealers blinked. The state's dealer lobby not only dropped its opposition to a sales loophole for Rivian and rival EV-maker Lucid, but also encouraged lawmakers to approve one. The measure became law this month...

New auto entrants like Rivian, and Tesla before it, have spent years contending with long-established U.S. state laws that require new cars to be sold through independent franchised dealers. The auto startups — typically makers of EVs — argue that they can offer a better experience by selling directly to consumers, much as Apple sells iPhones through its own stores and online. Rivian CEO RJ Scaringe has said the company is committed to direct-only sales because it's more profitable and gives the company control over how its vehicles are sold, marketed and maintained. The Washington compromise riled traditional automakers, including General Motors, Ford and Toyota, which lobbied against it, arguing it unfairly advantages startups. A trade group representing the automakers called it discriminatory and argued the exception could one day open the door to Chinese EV makers...

German automaker Volkswagen is currently facing several lawsuits from dealers over its plan to sell new Scout vehicles directly to consumers. Dealers say independent franchises are vital to the car-buying process, creating competition between dealerships that keeps prices affordable for consumers, while providing valuable services such as repairs, warranty work and financing... Yet for Washington's dealers, the prospect of putting franchise laws up for a popular vote laid bare a tough reality: given the choice, many car buyers want the freedom to avoid dealerships. Rivian's polling, which the company shared with lawmakers, showed nearly 70% of respondents favored allowing direct sales when asked whether they would support manufacturers selling cars directly to consumers...

The fight comes at a critical time for Rivian, which is launching a new, more affordable SUV in a bid to make consistent profits amid a downturn in U.S. EV sales... Rivian is able to directly sell cars in roughly half of U.S. states, but a number of them limit how many locations the company can operate. They can't disclose the price, though. For that, customers must go online.
The article notes that "Following the win, Rivian executives are eyeing other states that, like Washington, ban direct sales but also allow ballot initiatives: Arkansas, Ohio, Oklahoma, Montana, Nebraska and South Dakota..." It adds that lawmakers (from both parties) in the state of Washington had said "they have long felt pulled between giving consumers more car-buying freedom and protecting dealers, essentially small-business owners who are vital to local economies — and politically powerful."

But an executive at the Washington State Auto Dealers Association said dealers supported this new law partly because it protects them by barring future automakers from selling directly in the state, and by requiring Rivian and Lucid to adhere to the same regulations that govern how dealers operate.

Apple unveiled new device-level age restrictions in the UK on Wednesday. "After downloading a new update, users will now have to confirm that they are 18 or older to access unrestricted features," reports Gizmodo.

"Users will be able to confirm their age with a credit card or by scanning an ID." For those underage or who have not confirmed their age, Apple will turn on Web Content Filter and Communication Safety, which will not only restrict access to certain apps or websites, but will also monitor messages, shared photo albums, AirDrop, and FaceTime calls for nudity. Apple didn't specify exactly which services and features are banned for under-18 users, but it will likely be in compliance with UK legislation...

The British government does not require Apple and other OS providers to institute device-level age checks, but it does restrict minor access to online pornography under the Online Safety Act, which passed in 2023. So far, that restriction has only been implemented at the website level, but UK officials have been worried about easy loopholes to evade the age restrictions, like VPNs.

The broader tech industry has been campaigning for some time to use device-level age checks instead in response to the rising tide of under-16 social media and internet bans around the world. Last month, in a landmark social media trial in California, Meta CEO Mark Zuckerberg also supported this idea, saying that conducting age verification "at the level of the phone is just a lot clearer than having every single app out there have to do this separately." Pornhub-operator Aylo had advocated for device-level restrictions in the UK as well, and even sent out letters to Apple, Google, and Microsoft in November asking for OS-level age verification...

The most obvious question: Could this be brought stateside?

An anonymous reader quotes a report from Ars Technica: AOMedia Video 1 (AV1) was invented by a group of technology companies to be an open, royalty-free alternative to other video codecs, like HEVC/H.265. But a lawsuit that Dolby Laboratories Inc. filed this week against Snap Inc. calls all that into question with claims of patent infringement. Numerous lawsuits are currently open in the US regarding the use of HEVC. Relevant patent holders, such as Nokia and InterDigital, have sued numerous hardware vendors and streaming service providers in pursuit of licensing fees for the use of patented technologies deemed essential to HEVC.

It's a touch rarer to see a lawsuit filed over the implementation of AV1. The Alliance for Open Media (AOMedia), whose members include Amazon, Apple, Google, Microsoft, Mozilla, and Netflix, says it developed AV1 "under a royalty-free patent policy (Alliance for Open Media Patent License 1.0)" and that the standard is "supported by high-quality reference implementations under a simple, permissive license (BSD 3-Clause Clear License)."

Yet, Dolby's lawsuit filed in the US District Court for the District of Delaware [PDF] alleges that AV1 leverages technologies that Dolby has patented and has not agreed to license for free and without receiving royalties. The filing reads: "[AOMedia] does not own all patents practiced by implementations of the AV1 codec. Rather, the AV1 specification was developed after many foundational video coding patents had already been filed, and AV1 incorporates technologies that are also present in HEVC. Those technologies are subject to existing third-party patent rights and associated licensing obligations." Dolby is seeking a jury trial, a declaration that Dolby isn't obligated to license the patents in questions under FRAND (fair, reasonable, and non-discriminatory) licensing obligations, and for the court to enjoin Snap from further "infringement."

The European Commission is investigating a breach after a threat actor allegedly accessed at least one of its AWS cloud accounts and claimed to have stolen more than 350 GB of data, including databases and employee-related information. AWS says its own services were not breached. BleepingComputer reports: Sources familiar with the incident have told BleepingComputer that the attack was quickly detected and that the Commission's cybersecurity incident response team is now investigating. While the Commission has yet to share any details about this breach, the threat actor who claimed responsibility for the attack reached out to BleepingComputer earlier this week, stating that they had stolen over 350 GB of data (including multiple databases).

They didn't disclose how they breached the affected accounts, but they provided BleepingComputer with several screenshots as proof that they had access to information belonging to European Commission employees and to an email server used by Commission employees. The threat actor also told BleepingComputer that they will not attempt to extort the Commission using the allegedly stolen data as leverage, but intend to leak the data online at a later date.

Austria plans to restrict under-14s from using social media platforms over concerns about addictive algorithms and harmful content. The government says draft legislation should be ready by the end of June, though details around enforcement and age verification have yet to be finalized. The BBC reports: Announcing the plans, Vice-Chancellor Andreas Babler of the Social Democrats said the government could not stand by and watch as social media made children "addicted and also often ill." He said it was the responsibility of politicians to protect children and argued that the issue should be treated no different to alcohol or tobacco: "There must be clear rules in the digital world too." In future, said Babler, children under 14 would be protected from algorithms that were addictive. "Other information providers have clear rules to protect young people from harmful content." These, he said, should now be implemented in the digital space. Yesterday, juries in two separate cases found social media giants liable for harming young people's mental health. The verdicts are being hailed as social media's Big Tobacco moment.

Further reading: California Bill Would Require Parent Bloggers To Delete Content of Minors On Social Media

An anonymous reader quotes a report from Reuters: Iran-linked hackers have broken into FBI Director Kash Patel's personal email inbox, publishing photographs of the director and other documents to the internet, the hackers and the bureau said on Friday. On their website, the hacker group Handala Hack Team said Patel "will now find his name among the list of successfully hacked victims." The hackers published a series of personal photographs of Patel sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum.

The FBI confirmed that Patel's emails had been targeted. In a statement, bureau spokesman Ben Williamson said, "we have taken all necessary steps to mitigate potential risks associated with this activity" and that the data involved was "historical in nature and involves no government information." Handala, which presents itself as a group of pro-Palestinian vigilante hackers, is considered by Western researchers to be one of several personas used by Iranian government cyberintelligence units. [...] Alongside the photographs of Patel, the hackers published a sample of more than 300 emails, which appear to show a mix of personal and work correspondence dating between 2010 and 2019.

joshuark shares a report from BleepingComputer: The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. LiteLLM is an open-source Python library that serves as a gateway to multiple large language model (LLM) providers via a single API. The package is very popular, with over 3.4 million downloads a day and over 95 million in the past month. According to research by Endor Labs, threat actors compromised the project and published malicious versions of LiteLLM 1.82.7 and 1.82.8 to PyPI today that deploy an infostealer that harvests a wide range of sensitive data.

[...] Both malicious LiteLLM versions have been removed from PyPI, with version 1.82.6 now the latest clean release. [...] If compromise is suspected, all credentials on affected systems should be treated as exposed and rotated immediately. [...] Organizations that use LiteLLM are strongly advised to immediately:

- Check for installations of versions 1.82.7 or 1.82.8
- Immediately rotate all secrets, tokens, and credentials used on or found within code on impacted devices.
- Search for persistence artifacts such as '~/.config/sysmon/sysmon.py' and related systemd services
- Inspect systems for suspicious files like '/tmp/pglog' and '/tmp/.pg_state'
- Review Kubernetes clusters for unauthorized pods in the 'kube-system' namespace
- Monitor outbound traffic to known attacker domains

A California bill would let adults demand the removal of social media posts about them that were created by paid family content creators when they were minors. Supporters say Senate Bill 1247 addresses privacy, dignity, and safety harms caused when parents monetize their children's lives online. The Los Angeles Times reports: The legislation would require the parent or other relative to delete or edit the content within 10 business days of receiving the notification. Petitioners could take civil action against those who fail to comply and statutory damages would be set at $3,000 for each day the content remained online. Sen. Steve Padilla (D-San Diego), who introduced the bill last month, said it would help protect the dignity and mental health of those who had their childhood shared on social media. The measure was referred to the Senate Privacy, Digital Technologies and Consumer Protection Committee and is slated for a hearing on April 6.

"The evolution of these applications and technology is incredible," Padilla said. "But it's changing our social dynamic and it's creating situations that, while very productive for some folks, also need some guardrails." The bill would build upon previous legislation from Padilla that was signed into law two years ago and requires content creators that feature minors in at least 30% of their material to place some of their earnings into a trust the children can access when they turn 18.

An anonymous reader quotes a report from CNN: A federal judge in California has indefinitely blocked the Pentagon's effort to "punish" Anthropic by labeling it a supply chain risk and attempting to sever government ties with the AI company, ruling that those measures ran roughshod over its constitutional rights. "Nothing in the governing statute supports the Orwellian notion that an American company may be branded a potential adversary and saboteur of the U.S. for expressing disagreement with the government," US District Judge Rita Lin wrote in a stinging 43-page ruling.

Lin, an appointee of former President Joe Biden, said she would delay implementation of her ruling for one week to allow the government to appeal. But in her ruling, she made it clear she disapproved of the government's actions, which she said violated the company's First Amendment and due process rights. [...] "These broad measures do not appear to be directed at the government's stated national security interests," she wrote. "The Department of War's records show that it designated Anthropic as a supply chain risk because of its 'hostile manner through the press.'" "Punishing Anthropic for bringing public scrutiny to the government's contracting position is classic illegal First Amendment retaliation," she added. "We're grateful to the court for moving swiftly, and pleased they agree Anthropic is likely to succeed on the merits," an Anthropic spokesperson said after the ruling. "While this case was necessary to protect Anthropic, our customers, and our partners, our focus remains on working productively with the government to ensure all Americans benefit from safe, reliable AI."

An anonymous reader quotes a report from 404 Media: Apple provided the FBI with the real iCloud email address hidden behind Apple's 'Hide My Email' feature, which lets paying iCloud+ users generate anonymous email addresses, according to a recently filed court record. The move isn't surprising but still provides uncommon insight into what data is available to authorities regarding the Apple feature. The data was turned over during an investigation into a man who allegedly sent a threatening email to Alexis Wilkins, the girlfriend of FBI director Kash Patel.

"On or about February 28, 2026, Person 1 received an email from the email address peaty_terms_1o@icloud.com," the affidavit reads. Earlier on, the document explicitly says that Person 1 is Alexis Wilkins. [...] The affidavit says Apple then provided records that indicated the peaty_terms_1o@icloud.com email address was associated with an Apple account in the name of Alden Ruml. The records showed that account generated 134 anonymized email addresses, according to the affidavit.

Law enforcement agents later interviewed Ruml and he confirmed he had sent the email, the affidavit says. Ruml said he sent the email after reading a February 28 article about how the FBI was using its own resources to provide security to Wilkins. The specific article is not named or linked in the affidavit, but a New York Times article published that same day described how Patel ordered a team to ferry his girlfriend on errands and to events.

Elizabeth Warren and Josh Hawley are pressing the Energy Information Administration (EIA) to provide better information on how much electricity data centers actually use. In a joint letter sent to the EIA on Thursday, the two senators press the agency to publicly collect "comprehensive, annual energy-use disclosures" on data centers, saying it's "essential for accurate grid planning and will support policymaking to prevent large companies from increasing electricity costs for American families." Wired reports: In December, EIA administrator Tristan Abbey said at a roundtable that he expects the EIA "is going to be an essential player in providing objective data and analysis to policymakers" with respect to data centers. The agency announced on Wednesday that it would be conducting a voluntary pilot program to collect energy consumption information from nearly 200 companies operating data centers in Texas, Washington, and Virginia, which will cover "energy sources, electricity consumption, site characteristics, server metrics, and cooling systems."

While the senators praise the EIA pilot program, their letter includes several questions about how the agency plans to move forward with more data collection, such as whether or not the energy surveys will be mandatory and whether or not the EIA will collect information on behind-the-meter power. This information will be especially crucial, the senators say, to make sure that big tech companies that signed the agreement at the White House earlier this month pledging that consumers won't bear the costs of data center electricity use will stick to their promises. "Without this data, policymakers, utility companies, and local communities are operating in the dark," the senators write.

The EIA mandates that other industries, including oil and gas and manufacturing, provide regular data to the agency; Hawley and Warren assert that the EIA should be able to collect similar information from data centers under the same provision. The provision is broad enough, Peskoe says, that it could absolutely be interpreted to encompass data centers. Yesterday, Senator Bernie Sanders and Rep. Alexandria Ocasio-Cortez announced a bill that would "enact a reasonable pause to the development of AI to ensure the safety of humanity." It calls for a federal moratorium on AI data centers until stronger national safeguards are in place around safety, jobs, privacy, energy costs, and environmental impact.

Reddit is rolling out human-verification checks for accounts that show signs of bot-like behavior, while also labeling approved automated accounts that provide useful services. The social media company stressed that these checks will only happen if something appears "fishy," and that it is "not conducting sitewide human verification." TechCrunch reports: To identify potential bots, Reddit is using specialized tooling that looks at account-level signals and other factors -- like how quickly the account is attempting to write or post content. Using AI to write posts or comments, however, is not against its policies (though community moderators may set their own rules).

To verify an account is human, Reddit will leverage third-party tools like passkeys from Apple, Google, YubiKey, and other third-party biometric services, like Face ID or even Sam Altman's World ID -- or, in some countries, the use of government IDs. Reddit notes this last category may be required in some countries like the U.K. and Australia and some U.S. states, because of local regulations on age verification, but it's not the company's preferred method. "If we need to verify an account is human, we'll do it in a privacy-first way," Reddit co-founder and CEO Steve Huffman wrote in the announcement Wednesday. "Our aim is to confirm there is a person behind the account, not who that person is. The goal is to increase transparency of what is what on Reddit while preserving the anonymity that makes Reddit unique. You shouldn't have to sacrifice one for the other."

Longtime Slashdot reader JackSpratts writes: The Supreme Court unanimously said on Wednesday that a major internet provider could not be held liable for the piracy of thousands of songs online in a closely watched copyright clash. Music labels and publishers sued Cox Communications in 2018, saying the company had failed to cut off the internet connections of subscribers who had been repeatedly flagged for illegally downloading and distributing copyrighted music. At issue for the justices was whether providers like Cox could be held legally responsible and required to pay steep damages -- a billion dollars or more in Cox's case -- if they knew that customers were pirating music but did not take sufficient steps to terminate their internet access.

In its opinion released (PDF) on Wednesday, the court said a company was not liable for "merely providing a service to the general public with knowledge that it will be used by some to infringe copyrights." Writing for the court, Justice Clarence Thomas said a provider like Cox was liable "only if it intended that the provided service be used for infringement" and if it, for instance, "actively encourages infringement." Justice Sonia Sotomayor, joined by Justice Ketanji Brown Jackson, wrote separately to say that she agreed with the outcome but for different reasons. [...] Cox called the court's unanimous decision a "decisive victory" for the industry and for Americans who "depend on reliable internet service."

"This opinion affirms that internet service providers are not copyright police and should not be held liable for the actions of their customers," the company said.

A jury found Meta and YouTube negligent in a landmark social media addiction case, ruling that addictive design features such as infinite scroll and algorithmic recommendations harmed a young user and contributed to her mental health distress. The verdict awards $3 million in compensatory damages so far and could pave the way for more lawsuits seeking financial penalties and product changes across the social media industry. "Meta is responsible for 70 percent of that cost and YouTube for the remainder," notes The New York Times. "TikTok and Snap both settled with the plaintiff for undisclosed terms before the trial started." From the report: The bellwether case, which was brought by a now 20-year-old woman identified as K.G.M., had accused social media companies of creating products as addictive as cigarettes or digital casinos. K.G.M. sued Meta, which owns Instagram and Facebook, and Google's YouTube over features like infinite scroll and algorithmic recommendations that she claimed led to anxiety and depression.

The jury of seven women and five men will deliberate further to decide what further punitive damages the companies should pay for malice or fraud. The verdict in K.G.M.'s case -- one of thousands of lawsuits filed by teenagers, school districts and state attorneys general against Meta, YouTube, TikTok and Snap, which owns Snapchat -- was a major win for the plaintiffs. The finding validates a novel legal theory that social media sites or apps can cause personal injury. It is likely to factor into similar cases expected to go to trial this year, which could expose the internet giants to further financial damages and force changes to their products. The verdict also comes on the heels of a New Mexico jury ruling that found Meta liable for violating state law by failing to protect users of its apps from child predators.

Meta lost a child safety trial in New Mexico after a court found that its platforms failed to adequately protect children from exploitation and misled parents about app safety. According to Ars Technica, the jury on Tuesday "deliberated for only one day before agreeing that Meta should pay $375 million in civil damages..." While the jury declined to impose the maximum penalty New Mexico sought, which could have cost the company $2.2 billion, Meta may still face additional financial penalties and could be forced to make changes to its apps. From the report: The trial followed a 2023 lawsuit filed by New Mexico Attorney General Raul Torrez after The Guardian published a two-year investigation exposing child sex trafficking markets on Facebook and Instagram. Torrez's office then conducted an undercover investigation codenamed "Operation MetaPhile," in which officers posed as children on Facebook, Instagram, and WhatsApp. The jury heard that these fake profiles were "simply inundated with images and targeted solicitations" from child abusers, Torrez told CNBC in 2024. Ultimately, three men were arrested amid the sting for attempting to use Meta's social networks to prey on children. At trial, Mark Zuckerberg and Instagram chief Adam Mosseri testified that "harms to children, such as sexual exploitation and detriments to mental health, were inevitable on the company's platforms due to their vast user bases," The Guardian reported. Internal messages and documents, as well as testimony from child safety experts within and outside the company, showed that Meta repeatedly ignored warnings and failed to fix platforms to protect kids, New Mexico's AG successfully argued.

Perhaps most troubling to the jury, law enforcement and the National Center for Missing and Exploited Children also testified that Meta's reporting of crimes to children on its apps -- including child sexual abuse materials (CSAM) -- was "deficient," The Guardian reported. Rather than make it easy to trace harms on its platforms, the jury learned from frustrated cops that Meta "generated high volumes of 'junk' reports by overly relying on AI to moderate its platforms." This made its reporting "useless" and "meant crimes could not be investigated," The Guardian reported.

Celebrating the win as a "historic victory," Torrez told CNBC that families had previously paid the price for "Meta's choice to put profits over kids' safety." "Meta executives knew their products harmed children, disregarded warnings from their own employees, and lied to the public about what they knew," Torrez said. "Today the jury joined families, educators, and child safety experts in saying enough is enough." Meta said the company plans to appeal the verdict. "We respectfully disagree with the verdict and will appeal," Meta's spokesperson said. "We work hard to keep people safe on our platforms and are clear about the challenges of identifying and removing bad actors or harmful content. We will continue to defend ourselves vigorously, and we remain confident in our record of protecting teens online."

An anonymous reader quotes a report from the BBC: Hong Kong police can now demand phone or computer passwords from those who are suspected of breaching the wide-ranging National Security Law (NSL). Those who refuse could face up to a year in jail and a fine of up to $12,700, and individuals who provide "false or misleading information" could face up to three years in jail. It comes as part of new amendments to a bylaw under the NSL that the government gazetted on Monday.

The NSL was introduced in Hong Kong in 2020, in wake of massive pro-democracy protests the year before. Authorities say the laws, which target acts like terrorism and secession, are necessary for stability -- but critics say they are tools to quash dissent. The new amendments also give customs officials the power to seize items that they deem to "have seditious intention."

Monday's amendments ensure that "activities endangering national security can be effectively prevented, suppressed and punished, and at the same time the lawful rights and interests of individuals and organizations are adequately protected," Hong Kong authorities said on Monday. Changes to the bylaw was announced by the city's leader, John Lee, bypassing the city's legislative council. The NSL also allows for some trials to be heard behind closed doors.

An anonymous reader quotes a report from Ars Technica: An appeals court invalidated the Biden-era Federal Trade Commission's attempt to punish Intuit for allegedly deceptive ads that pitched TurboTax as free. Under then-Chair Lina Khan, the FTC determined in 2024 that the TurboTax maker violated US law with deceptive advertising and ordered it to stop telling consumers, without more obvious disclaimers, that TurboTax or other products are free. The FTC's chief administrative law judge had previously found that Intuit's ads violated prohibitions on deceptive advertising because the firm "advertised to consumers that they could file their taxes online for free using TurboTax, when in truth, for approximately two-thirds of taxpayers, the advertised claim was false."

Intuit appealed in the conservative-leaning US Court of Appeals for the 5th Circuit and got a resounding victory on Friday in a 3-0 ruling issued (PDF) by a panel of judges. "Following the Supreme Court's decision in SEC v. Jarkesy, we hold that adjudication of a deceptive advertising claim before an administrative law judge violated the constitutional separation of powers," the 5th Circuit panel said. The Supreme Court's June 2024 ruling (PDF) in Securities and Exchange Commission v. Jarkesy held that the SEC system for issuing fines violated the right to a jury trial. The 5th Circuit panel said the Jarkesy decision confirms that the FTC must pursue deceptive advertising claims in courts rather than its own administrative process. [...]

The 5th Circuit ruling acknowledged that most people can't use TurboTax for free. "TurboTax 'Free Edition' has been part of the TurboTax range for more than a decade, available to taxpayers for what Intuit refers to as 'simple tax returns,'" the ruling said. "Most American taxpayers do not have 'simple tax returns.' The TurboTax website is designed so that any individual taxpayer can begin preparing a tax return in TurboTax Free Edition, but those who enter disqualifying information are prompted before filing to upgrade to a paid product." Although the court noted that Intuit stopped the specific ads challenged by the FTC, the ruling said the cease-and-desist order issued by the agency could have far-reaching effects on Intuit marketing. "The cease-and-desist order is remarkably broad: it prohibits Intuit for the next twenty years from advertising 'any goods or services' as free unless specific, extensive, and arguably unworkable requirements are satisfied. The order is not confined to tax-preparation solutions and extends to all products sold by Intuit," the ruling said.

The 5th Circuit said the FTC's deceptive advertising claims are "traditional actions at law and equity and thus involve private rights that demand adjudication in an Article III court." The court rejected the FTC's argument that the claims involve public rights that may be adjudicated by administrative agencies. "In sum, there is overwhelming evidence that Section 5 of the FTC Act did not create a new duty for merchants to refrain from deceptive advertising," the 5th Circuit said. "That duty long predated the FTC Act and could be enforced by private parties in actions at common law or equity for fraud, deceit, or unfair competition."

An anonymous reader quotes a report from NPR: The Trump administration will pay $1 billion to a French company to walk away from two U.S. offshore wind leases as the administration ramps up its campaign against offshore wind and other renewable energy. TotalEnergies has agreed to what's essentially a refund of its leases for projects off the coasts of North Carolina and New York, and will invest the money in fossil fuel projects instead, the Department of Interior announced Monday.

The Trump administration has tried to halt offshore wind construction, but federal judges overturned those orders. Environmental groups denounced the TotalEnergies deal as an alternate way to block wind projects. President Donald Trump has gone all in on fossil fuels, which he says is the way to lower costs for families, increase reliability and help the U.S. maintain global leadership in artificial intelligence.

TotalEnergies pledged to not develop any new offshore wind projects in the United States. TotalEnergies CEO Patrick Pouyanne said in a statement that the company renounced offshore wind development in the United States in exchange for the reimbursement of the lease fees, "considering that the development of offshore wind projects is not in the country's interest." Pouyanne said the refunded lease fees will finance the construction of a liquefied natural gas plant in Texas and the development of its oil and gas activities, calling it a "more efficient use of capital" in the U.S. After it makes those investments, TotalEnergies will be reimbursed, up to the amount paid in lease purchases for offshore wind, according to the DOI.

An anonymous reader quotes a report from TechCrunch: Senators Adam Schiff (D-CA) and John Curtis (R-UT) introduced (PDF) a bill on Monday that could prevent prediction market platforms Kalshi and Polymarket from allowing users to wager money on sports events or play casino-style games. This bipartisan bill would not apply to FanDuel and DraftKings, which are subject to state-by-state gambling laws, rather than federal ones. "Sports prediction contracts are sports bets -- just with a different name. And yet, these contracts are currently offered in all fifty states in clear violation of state and federal law," Schiff said in a statement.

Prediction markets like Kalshi and Polymarket are regulated under the Commodity Futures Trading Commission (CFTC), which is why Schiff and Curtis are able to address them under federal jurisdiction, rather than leaving them to state-regulated sportsbooks. But these senators argue that there isn't much of a difference in practice between betting on sports via federally or state-regulated apps. Kalshi's Super Bowl trading volume, for instance, reached over $1 billion this year -- a 2700% increase year-over-year. "Too many young people in Utah are getting exposed to addictive sports betting and casino-style gaming contracts that belong under state control, not under federal regulators," Curtis said in a statement. The report notes that Kalshi is temporarily banned in Nevada and is facing criminal charges in Arizona. "Kalshi may brand itself as a 'prediction market,' but what it's actually doing is running an illegal gambling operation and taking bets on Arizona elections, both of which violate Arizona law," Arizona Attorney General Kris Mayes said in a statement last week.

A new bill proposed in California "goes after big tech companies" writes Semafor. Supported by Y Combinator, Cory Doctorow , and the nonprofit advocacy group Fight for the Future, it's called the "BASED" act — an acronym which stands for "Blocking Anticompetitive Self-preferencing by Entrenched Dominant platforms."

As announced by San Francisco state representative Scott Wiener, the bill "will restore competition to the digital marketplace by prohibiting any digital platform with a market capitalization greater than $1 trillion and serving 100 million or more monthly users in the U.S., from favoring their own products and services on the platforms they operate."

More from Scott Wiener;s announcement: For years, giant digital platforms like Apple, Amazon, Google, and Meta have used their immense power to promote their own products and services while stifling competitors — a practice also known as self-preferencing. The result has been higher prices, diminished service, and fewer options for consumers, and less innovation across the technology ecosystem.

Self-preferencing also locks startups and mid-sized companies out of the online marketplace unless they play by rules set by their competitors. As a new generation of AI-powered startups seeks to enter the marketplace, their success — and public access to the innovations they produce — depends on their ability to compete on an even playing field.

"Anticompetitive behavior is everywhere on the internet," said Senator Wiener, "from rigged search results, to manipulative nudges boosting the 'house' product, to anti-discount policies that raise prices, to the dreaded green bubble that 'breaks' the group chat. When the world's largest digital platforms rig the game to favor their own products and services, we all lose. By prohibiting these anticompetitive practices, the BASED Act will protect competition online, empower consumers and startups, and promote innovations to improve all our lives."
The announcement includes a quote from Teri Olle, VP of the nonprofit Economic Security California Action, saying the act would "safeguard merit-based market competition. This legislation stands for a simple principle: owning the stadium doesn't mean that you get to rig the game." Some conduct prohibited by the proposed bill includes

• Manipulating the order of search results to favor a provider's products or services, irrespective of a merit-based process,

• Using non-public data generated by third-party sellers — including sales volumes, pricing, and customer behavior — to develop competing products that are subsequently boosted above the third-party sellers' product...

And the announcement also notes that "under the terms of the bill, providers could not prevent consumers from obtaining a portable copy of their own data or restrict voluntary data sharing (by consumers) with third parties."

Read on for reactions from DuckDuckGo, Proton, Yelp, Y Combinator, and Cory Doctorow.

"Imagine a newspaper publisher announcing it will no longer allow libraries to keep copies of its paper," writes EFF senior policy analyst Joe Mullin.

"That's effectively what's begun happening online in the last few months." The Internet Archive — the world's largest digital library — has preserved newspapers since it went online in the mid-1990s... But in recent months The New York Times began blocking the Archive from crawling its website, using technical measures that go beyond the web's traditional robots.txt rules. That risks cutting off a record that historians and journalists have relied on for decades. Other newspapers, including The Guardian, seem to be following suit...

The Times says the move is driven by concerns about AI companies scraping news content. Publishers seek control over how their work is used, and several — including the Times — are now suing AI companies over whether training models on copyrighted material violates the law. There's a strong case that such training is fair use. Whatever the outcome of those lawsuits, blocking nonprofit archivists is the wrong response.

Organizations like the Internet Archive are not building commercial AI systems. They are preserving a record of our history. Turning off that preservation in an effort to control AI access could essentially torch decades of historical documentation over a fight that libraries like the Archive didn't start, and didn't ask for. If publishers shut the Archive out, they aren't just limiting bots. They're erasing the historical record...

Even if courts place limits on AI training, the law protecting search and web archiving is already well established... There are real disputes over AI training that must be resolved in courts. But sacrificing the public record to fight those battles would be a profound, and possibly irreversible, mistake.

13 million people live in Moscow, reports CNN.

But since early March the city "has experienced internet and mobile service outages on a level previously unseen." (Though Wi-Fi access to the internet is still available...) Russian social media "is flooded with jokes and memes about sending letters by carrier pigeons or using smartphones as ping-pong paddles..." [Moscow residents] complain they cannot navigate around the center or use their favorite mobile apps. The interruptions appear to have had a knock-on effect of making it more difficult to make voice calls or send an SMS. Some are panic-buying walkie-talkies, paper maps, and even pagers.

The latest shutdown builds on similar efforts around the country. For months, mobile internet service interruptions have hit Russia's regions, particularly in provinces bordering Ukraine, which has staged incursions and launched strikes inside Russian territory to counter Russia's full-scale invasion. Some regions have reported not having any mobile internet since summer. But the most recent outages have hit the country's main centers of wealth and power: Moscow and Russia's second city, St. Petersburg.

Public officials claim the blackout of mobile internet service in the capital and other regions is part of a security effort to counter "increasingly sophisticated methods" of Ukrainian attack... Speculation centers on whether the authorities are testing their ability to clamp down on public protest in the case there's an effort to reintroduce unpopular mobilization measures to find fresh manpower for the war in Ukraine; whether mobile internet outages may precede a more sweeping digital blackout; or if the new restrictions reflect an atmosphere of heightened fear and paranoia inside the Kremlin as it watches US-led regime- change efforts unfold against Russian allies such as Venezuela and Iran... On Wednesday, Russian mobile providers sent notifications that there would be "temporary restrictions" on mobile internet in parts of Moscow for security reasons, Russian state news agency RIA-Novosti reported. The measures will last "for as long as additional measures are needed to ensure the safety of our citizens," Kremlin spokesman Dmitry Peskov said on March 11...

As well as banning many social media platforms, Russia blocks calling features on messenger apps such as WhatsApp and Telegram. Roskomnadzor, the country's communications regulator, has introduced a "white list" of approved apps... Russia has also tested what it calls the "sovereign internet," a network that is effectively firewalled from the rest of the world. The disruptions are fueling broader concerns about tightening state control. In parallel with the internet shutdown, the Kremlin has also been pushing to impose a state-controlled messaging app called Max as the country's main portal for state services, payments and everyday communication. There has been speculation the Kremlin may be planning to ban Telegram, Russia's most widely used messaging app, entirely. Roskomnadzor said that it was restricting Telegram for allegedly failing to comply with Russian laws.

"Russia has opened a criminal case against me for 'aiding terrorism,'" Telegram's Russian-born founder Pavel Durov said on X last month. "Each day, the authorities fabricate new pretexts to restrict Russians' access to Telegram as they seek to suppress the right to privacy and free speech...."
The article includes this quote from Mikhail Klimarev, head of the Internet Protection Society and an expert on Russian internet freedom. "In any situation when they (the authorities) perceive some kind of danger for themselves and accept the belief that the internet is dangerous for them, even if it may not be true, they will shut it down," he said. "Just like in Iran."

A free built-in VPN is coming to Firefox on Tuesday, Mozilla announced this week: Free VPNs can sometimes mean sketchy arrangements that end up compromising your privacy, but ours is built from our data principles and commitment to be the world's most trusted browser. It routes your browser traffic through a proxy to hide your IP address and location while you browse, giving you stronger privacy and protection online with no extra downloads. Users will have 50 gigabytes of data monthly in the U.S., France, Germany and U.K. to start. Available in Firefox 149 starting March 24.

We also recently shared that Firefox is the first browser to ship Sanitizer API, a new web security standard that blocks attacks before they reach you [for untrusted HTML XSS vulnerabilities].
"The roadmap for Firefox this year is the most exciting one we've developed in quite a while," says Firefox head Ajit Varma. "We're improving the fundamentals like speed and performance. We're also launching innovative new open standards in Gecko to ensure the future of the web is open, diverse, and not controlled by a single engine.

"At the same time we're prioritizing features that give users real power, choice and strong privacy protections, built in a way that only Firefox can. And as always, we'll keep listening, inviting users to help shape what comes next and giving them more reasons to love Firefox."

Two new features coming next week:

• Split View puts two webpages side by side in one window, making it easy to compare, copy and multitask without bouncing between tabs. Rolling out in Firefox 149 on March 24.

• Tab Notes let you add notes to any tab, another tool to help with multitasking and picking up where you left off. Available in Firefox Labs 149 starting March 24.

And Firefox also released a video this week introducing their new mascot Kit.

schwit1 shares a report from the BBC: A French officer has reportedly revealed the location of an aircraft carrier deployed towards the Middle East after publicly registering a run on sports app Strava. French news outlet Le Monde first reported the officer, referred to as Arthur, logged a 35-minute run on the app while exercising on the deck of aircraft carrier Charles de Gaulle on 13 March. He used a smartwatch to record his run and upload the activity to the app, the paper said, creating a map that showed his location. [...] The location of the vessel was said by Le Monde to have been northwest of Cyprus, around 100km (62 miles) from the Turkish coast, with satellite images capturing the carrier and its escort. A representative from the French Armed Forces said the officer's behavior "does not comply with current guidelines," which "sailors are regularly made aware of."

An anonymous reader quotes a report from CNBC: The Trump administration on Friday issued (PDF) a legislative framework for a single national policy on artificial intelligence, aiming to create uniform safety and security guardrails around the nascent technology while preempting states from enacting their own AI rules. The six-pronged outline broadly proposes a slew of regulations on AI products and infrastructure, ranging from implementing new child-safety rules to standardizing the permitting and energy use of AI data centers. It also calls on Congress to address thorny issues surrounding intellectual-property rights and craft rules "preventing AI systems from being used to silence or censor lawful political expression or dissent."

The administration said in an official release that it wants to work with Congress "in the coming months" to convert its framework into a bill that President Donald Trump can sign. The White House wants to codify the framework into law "this year" and believes it can generate bipartisan support, Michael Kratsios, director of the White House Office of Science and Technology Policy, said in an interview with Fox News on Thursday evening. That won't be easy in a deeply divided Congress where Republicans hold thin and often fractious majorities, and where Trump has already urged GOP lawmakers to prioritize his controversial voter-ID bill above all else ahead of the November midterms. BCLP has an interactive map that tracks the proposed, failed and enacted AI regulatory bills from each state.

As energy prices soar from the Iran conflict, the International Energy Agency is urging governments to cut energy use by taking up measures like remote work and reduced speed limits. The group warns the energy security crisis could persist for months, even if supply routes stabilize. "I believe the world has not yet well understood the depth of the energy security challenge we are facing," said IEA's executive director, Fatih Birol. "It is much bigger than what we had in the 1970s... It is also bigger than the natural gas price shock we experienced after the Russia's invasion of Ukraine." The BBC reports: Thirty-two countries are members of the IEA, including the US, the UK, Australia, Canada, Japan and 24 other European nations. Its role is to act as a global watchdog, providing analysis and recommendations on global energy problems, such as energy security and the transition to clean energy. The IEA's other suggestions for governments, businesses and individuals include:

- Promoting use of public transport
- Giving private cars access to city centres on alternate days
- Encouraging car sharing and efficient driving habits
- Avoiding air travel where possible, especially business flights
- Switching to electric cooking

It also said there should be a focused effort to preserve liquid petroleum gas for cooking and other essential uses, by switching bio-fuel converted vehicles onto gas and introducing other measures to reduce its use. Birol said these proposals were in addition to action taken by IEA member countries earlier this month, when they agreed to release 400 million barrels of oil, 20% of its emergency reserves. Several countries in Asia have implemented emergency four-day workweeks and work-from-home mandates as they have been hit particularly hard from the conflict. Fortune notes: "Asia is particularly dependent on oil exports from the Middle East; Japan and South Korea respectively source 90% and 70% of their oil from the region."

Longtime Slashdot reader AmiMoJo shares a report from CNN: The co-founder of Super Micro Computer and two others were charged with diverting $2.5 billion worth of servers with Nvidia's artificial intelligence chips to China, in violation of U.S. laws barring exports to that country without a license. Yih-Shyan Liaw, known as Wally; Ruei-Tsang Chang, known as Steven; and Ting-Wei Sun, known as Willy, were charged with conspiring to violate export control laws, smuggling goods from the U.S. and conspiring to defraud the U.S.

Liaw, who co-founded Super Micro Computer and served on its board of directors, was arrested Thursday in California and released on bail. Sun, a contractor, is held awaiting a detention hearing. Chang, who worked in the Taiwan office of Super Micro, remains at large. [...] According to the indictment, the men used a pass-through company based in Southeast Asia to place orders to obscure that the servers would end up in China. The men worked with executives at the pass-through company to provide false documents to the server manufacturer to further the deception, the indictment said. They used a shipping and logistic company to repackage the servers into unmarked boxes to conceal their contents before they were shipped to China.

To deceive the manufacturer's auditors, who checked the pass-through company for compliance with export laws, the men allegedly used "dummy" nonworking copies of the servers when the actual servers were on their way to China. Two of the defendants allegedly worked to stage the dummy servers at a warehouse rented by the pass-through company, according to the indictment. Sun took photos and videos of the staged servers to one of the compliance auditors who instead of conducting the audit was "off-site enjoying entertainment paid for" by the pass-through company, according to the indictment. In another instance, prosecutors said surveillance cameras documented individuals using hair dryers to remove labels and add labels and serial number stickers to the boxes and dummy servers. Super Micro said it's fully cooperating with the investigation, but that hasn't prevented its stock from plunging. It's down nearly 30% following the news.

The company issued the following statement: "The conduct by these individuals alleged in the indictment is a contravention of the Company's policies and compliance controls, including efforts to circumvent applicable export control laws and regulations. Supermicro maintains a robust compliance program and is committed to full adherence to all applicable U.S. export and re-export control laws and regulations."

For the second time in the past month, an AI agent went rogue at Meta -- this time giving an engineer incorrect advice that briefly exposed sensitive data. The Verge reports: A Meta engineer was using an internal AI agent, which Clayton described as "similar in nature to OpenClaw within a secure development environment," to analyze a technical question another employee posted on an internal company forum. But the agent also independently publicly replied to the question after analyzing it, without getting approval first. The reply was only meant to be shown to the employee who requested it, not posted publicly. An employee then acted on the AI's advice, which "provided inaccurate information" that led to a "SEV1" level security incident, the second-highest severity rating Meta uses. The incident temporarily allowed employees to access sensitive data they were not authorized to view, but the issue has since been resolved.

According to Clayton, the AI agent involved didn't take any technical action itself, beyond posting inaccurate technical advice, something a human could have also done. A human, however, might have done further testing and made a more complete judgment call before sharing the information -- and it's not clear whether the employee who originally prompted the answer planned to post it publicly. "The employee interacting with the system was fully aware that they were communicating with an automated bot. This was indicated by a disclaimer noted in the footer and by the employee's own reply on that thread," Clayton commented to The Verge. "The agent took no action aside from providing a response to a question. Had the engineer that acted on that known better, or did other checks, this would have been avoided."

Longtime Slashdot reader UnknowingFool writes: Rapper Afroman, born Joseph Edgar Foreman, famous for his 2000 hit "Because I Got High", has won a defamation lawsuit that seven Ohio police offers filed against him. A jury found he did not defame the officers in music videos he made about a 2022 police raid of his home. In August 2022, Adams County Sheriff's Department raided Afroman's home on suspicion of drug trafficking and kidnapping. Neither drugs nor kidnapping victims were found, and charges were never filed. However, local officials would not pay for damages occurred during the raid including a broken front door and a video surveillance camera. Afroman used his home security footage of the raid to create music rap videos criticizing the police over the incident; "Will You Help Me Repair My Door?", "Why You Disconnecting My Video Camera?", and "Lemon Pound Cake". He posted the videos on YouTube.

In March 2023, seven officers filed a lawsuit against Afroman for invasion of privacy and the unauthorized use of their images from the security footage in addition to defamation claims. The officers requested an injunction for Afroman to stop speaking about them or using their photos. The officers also wanted all proceeds from the videos, song sales, performances, and merchandise claiming they had suffered "emotional distress" due to the videos. Afroman's defense included Freedom of Speech rights to criticize public officials. The ACLU filed an amicus brief supporting the rapper, arguing that the lawsuit was a SLAPP suit only meant to silence criticism. In October 2023, the court agreed and dismissed the invasion of privacy, "right of publicity", and "unauthorized use of individual's persona" claims but allowed the defamation case to proceed.

Defamation claims by the officers included the allegation Afroman repeatedly had sex with the wife of Randolph L. Walters, Jr. When Afroman's lawyer asked Walters "But we all know that's not true, right?", the officer replied he did not know. Defamation from emotional damages requires that harm arise from a false statement; however, if a statement is so outrageous that no one would believe it to be true, then reputational damage cannot be a result.

Walmart has secured patents for systems that use machine learning to forecast demand and automate pricing decisions, "pushing the U.S. retail behemoth into a debate over the use of algorithms to adjust product costs," reports the Financial Times. From the report: In January Walmart obtained a U.S. patent for a "system and method for dynamically and automatically updating item prices" to carry out markdowns in its ecommerce unit, a rapidly growing division that generated more than $150 billion in sales last year. Last week it received another patent for using machine learning to predict demand and recommend prices for goods. [...] Walmart said that both patents were "unrelated to dynamic pricing," as the patent issued in January was specific to markdowns and last week's patent was designed for merchant teams to make decisions, not the technology.

The patent granted in January involves an "end-to-end price markdown system" for ecommerce platforms such as Walmart.com based on data including predicted demand and consumers' price sensitivity. Last week's approved patent outlines ways to forecast demand and set prices at levels that will move stock over periods such as a week, a month or a quarter. "Example categories may include, for example, a food item, outdoor equipment, clothing, housewares, toys, workout equipment, vegetables, spices," according to the filing. The "demand forecasting and price recommendation" tool envisaged in the patent would incorporate sources including purchases, prices, methods of payment and customer ID, such as a passport or driver's license number. "Dynamic pricing or anything that smells like it is playing with fire," said Matt Hamory, a grocery industry consultant at AlixPartners, who cited "the goodwill that you can lose by getting customers to think or suspect or worry even slightly that you are doing things with pricing that are to your benefit and their detriment."

An anonymous reader quotes a report from Reuters: Microsoft is considering legal action against its partner OpenAI and Amazon over a $50 billion deal that could violate its exclusive cloud agreement with the ChatGPT maker, the Financial Times reported on Wednesday. Last month, Amazon and OpenAI signed several agreements, including one that makes Amazon Web Services the exclusive third-party cloud provider for Frontier, OpenAI's enterprise platform for building and running AI agents. The dispute centers on whether OpenAI can offer Frontier via AWS without violating the Microsoft partnership, which requires the startup's models to be accessed through the Windows maker's Azure cloud platform, the FT report said, citing sources.

OpenAI and Microsoft recently stated together that "Azure remains the exclusive cloud provider of stateless OpenAI APIs," a Microsoft spokesperson said in an emailed statement, referring to software interfaces used to access OpenAI's models. "We are confident that OpenAI understands and respects the importance of living up to this legal obligation," the spokesperson added. FT said Microsoft executives believed the approach was not feasible and would violate the spirit, if not the letter, of their agreement, and added that the companies were in talks to resolve the dispute without litigation ahead of Frontier's launch. "We know our contract," a person familiar with Microsoft's position told the newspaper. "We will sue them if they breach it. If Amazon and OpenAI want to take a bet on the creativity of their contractual lawyers, I would back us, not them."

An anonymous reader quotes a report from TechCrunch: The FBI has resumed purchasing reams of Americans' data and location histories to aid federal investigations, the agency's director, Kash Patel, testified to lawmakers on Wednesday. This is the first time since 2023 that the FBI has confirmed it was buying access to people's data collected from data brokers, who source much of their information -- including location data -- from ordinary consumer phone apps and games, per Politico. At the time, then-FBI director Christopher Wray told senators that the agency had bought access to people's location data in the past but that it was not actively purchasing it.

When asked by U.S. Senator Ron Wyden, Democrat of Oregon, if the FBI would commit to not buying Americans' location data, Patel said that the agency "uses all tools ... to do our mission." "We do purchase commercially available information that is consistent with the Constitution and the laws under the Electronic Communications Privacy Act -- and it has led to some valuable intelligence for us," Patel testified Wednesday. Wyden said buying information on Americans without obtaining a warrant was an "outrageous end-run around the Fourth Amendment," referring to the constitutional law that protects people in America from device searches and data seizures.

Cloudflare is appealing a 14.2 million-euro fine from Italy for refusing to comply with its "Piracy Shield" law, which requires blocking access to websites on its 1.1.1.1 DNS service within 30 minutes. The company argues the system lacks oversight, risks widespread overblocking, and could undermine core Internet infrastructure. Ars Technica's Jon Brodkin reports: Piracy Shield is "a misguided Italian regulatory scheme designed to protect large rightsholder interests at the expense of the broader Internet," Cloudflare said in a blog post this week. "After Cloudflare resisted registering for Piracy Shield and challenged it in court, the Italian communications regulator, AGCOM, fined Cloudflare... We appealed that fine on March 8, and we continue to challenge the legality of Piracy Shield itself." Cloudflare called the fine of 14.2 million euros ($16.4 million) "staggering." AGCOM issued the penalty in January 2026, saying Cloudflare flouted requirements to disable DNS resolution of domain names and routing of traffic to IP addresses reported by copyright holders.

Cloudflare had previously resisted a blocking order it received in February 2025, arguing that it would require installing a filter on DNS requests that would raise latency and negatively affect DNS resolution for sites that aren't subject to the dispute over piracy. Cloudflare co-founder and CEO Matthew Prince said that censoring the 1.1.1.1 DNS resolver would force the firm "not just to censor the content in Italy but globally."

Piracy Shield was designed to combat pirated streams of live sports events, requiring network operators to block domain names and IP addresses within 30 minutes of receiving a copyright notification. Cloudflare said the fine should have been capped at 140,000 euros ($161,000), or 2 percent of its Italian earnings, but that "AGCOM calculated the fine based on our global revenue, resulting in a penalty nearly 100 times higher than the legal limit."

Despite its complaints about the size of the fine, Cloudflare said the principles at stake "are even larger" than the financial penalty. "Piracy Shield is an unsupervised electronic portal through which an unidentified set of Italian media companies can submit websites and IP addresses that online service providers registered with Piracy Shield are then required to block within 30 minutes," Cloudflare said. Cloudflare is pushing for the law to be struck down, arguing that it is "incompatible with EU law, most notably the Digital Services Act (DSA), which requires that any content restriction be proportionate and subject to strict procedural safeguards."

In addition to appealing the fine, Cloudflare says it will continue to challenge Piracy Shield in Italian courts, engage with EU officials, and seek full access to AGCOM's Piracy Shield records.

ProPublica reports that federal cybersecurity reviewers had serious, yearslong concerns about Microsoft's GCC High cloud offering, yet they approved it anyway because the product was already deeply embedded across government. As one member of the team put it: "The package is a pile of shit." From the report: In late 2024, the federal government's cybersecurity evaluators rendered a troubling verdict on one of Microsoft's biggest cloud computing offerings. The tech giant's "lack of proper detailed security documentation" left reviewers with a "lack of confidence in assessing the system's overall security posture," according to an internal government report reviewed by ProPublica. For years, reviewers said, Microsoft had tried and failed to fully explain how it protects sensitive information in the cloud as it hops from server to server across the digital terrain. Given that and other unknowns, government experts couldn't vouch for the technology's security.

Such judgments would be damning for any company seeking to sell its wares to the U.S. government, but it should have been particularly devastating for Microsoft. The tech giant's products had been at the heart of two major cybersecurity attacks against the U.S. in three years. In one, Russian hackers exploited a weakness to steal sensitive data from a number of federal agencies, including the National Nuclear Security Administration. In the other, Chinese hackers infiltrated the email accounts of a Cabinet member and other senior government officials. The federal government could be further exposed if it couldn't verify the cybersecurity of Microsoft's Government Community Cloud High, a suite of cloud-based services intended to safeguard some of the nation's most sensitive information.

Yet, in a highly unusual move that still reverberates across Washington, the Federal Risk and Authorization Management Program, or FedRAMP, authorized the product anyway, bestowing what amounts to the federal government's cybersecurity seal of approval. FedRAMP's ruling -- which included a kind of "buyer beware" notice to any federal agency considering GCC High -- helped Microsoft expand a government business empire worth billions of dollars. "BOOM SHAKA LAKA," Richard Wakeman, one of the company's chief security architects, boasted in an online forum, celebrating the milestone with a meme of Leonardo DiCaprio in "The Wolf of Wall Street."

It was not the type of outcome that federal policymakers envisioned a decade and a half ago when they embraced the cloud revolution and created FedRAMP to help safeguard the government's cybersecurity. The program's layers of review, which included an assessment by outside experts, were supposed to ensure that service providers like Microsoft could be entrusted with the government's secrets. But ProPublica's investigation -- drawn from internal FedRAMP memos, logs, emails, meeting minutes, and interviews with seven former and current government employees and contractors -- found breakdowns at every juncture of that process. It also found a remarkable deference to Microsoft, even as the company's products and practices were central to two of the most damaging cyberattacks ever carried out against the government.

An anonymous reader quotes a report from Ars Technica: Musi, a free music streaming app that had tens of millions of iPhone downloads and garnered plenty of controversy over its method of acquiring music, has lost an attempt to get back on Apple's App Store. A federal judge dismissed Musi's lawsuit against Apple with prejudice and sanctioned Musi's lawyers for "mak[ing] up facts to fill the perceived gaps in Musi's case."

Musi built a streaming service without striking its own deals with copyright holders. It did so by playing music from YouTube, writing in its 2024 lawsuit against Apple that "the Musi app plays or displays content based on the user's own interactions with YouTube and enhances the user experience via Musi's proprietary technology." Musi's app displayed its own ads but let users remove them for a one-time fee of $5.99. Musi claimed it complied with YouTube's terms, but Apple removed it from the App Store in September 2024. Musi does not offer an Android app. Musi alleged that Apple delisted its app based on "unsubstantiated" intellectual property claims from YouTube and that Apple violated its own Developer Program License Agreement (DPLA) by delisting the app.

Musi was handed a resounding defeat yesterday in two rulings from US District Judge Eumi Lee in the Northern District of California. Lee found that Apple can remove apps "with or without cause," as stipulated in the developer agreement. Lee wrote (PDF): "The plain language of the DPLA governs because it is clear and explicit: Apple may 'cease marketing, offering, and allowing download by end-users of the [Musi app] at any time, with or without cause, by providing notice of termination.' Based on this language, Apple had the right to cease offering the Musi app without cause if Apple provided notice to Musi. The complaint alleges, and Musi does not dispute, that Apple gave Musi the required notice. Therefore, Apple's decision to remove the Musi app from the App Store did not breach the DPLA."

Arizona has filed criminal charges against Kalshi, accusing it of operating an illegal gambling business. "Kalshi may brand itself as a 'prediction market,' but what it's actually doing is running an illegal gambling operation and taking bets on Arizona elections, both of which violate Arizona law," Arizona Attorney General Kris Mayes said in a statement. The case could ultimately head to the Supreme Court to decide whether federal oversight by the Commodity Futures Trading Commission overrides state gambling laws. Bloomberg reports: While state regulators have taken steps to crack down on what they say is unlicensed betting on Kalshi's site, Arizona appears to be the first state to escalate to criminal charges. The charges cited in the complaint are misdemeanors, which carry less serious penalties than felonies. [...] Prediction market exchanges like Kalshi have said they should continue to be regulated by the US Commodity Futures Trading Commission despite opposition from some state officials, who argue the trading should come under state gambling laws.

Arizona's criminal complaint follows Kalshi's move last week to block the state's gaming department from taking enforcement action against the company. "These are the first criminal charges of any kind filed against Kalshi in any court in the United States, but it will likely be the first of several," said Daniel Wallach, a sports and gaming attorney.

Residents in rural Ohio are pushing a constitutional amendment to ban large data centers over 25 megawatts, citing concerns about energy use, water consumption, and lack of transparency around proposed projects. "My biggest concern is because I love Adams County," Nikki Gerber told Cleveland.com. "What it feels like they are doing is just taking advantage of the unzoned rural areas of Ohio, where they can go ahead and put in whatever they want." From the report: Gerber and a handful of residents from Adams and Brown counties gathered about 1,800 signatures in eight days to start the ballot process. They submitted those petitions to the Ohio attorney general's office on Monday. That's the first step before supporters can begin collecting signatures statewide.

State law requires at least 1,000 valid voter signatures to begin the process. The petitions must also include the full text of the proposed amendment and a summary explaining what it would do. Attorney General Dave Yost's office now has 10 days to decide whether the summary fairly and truthfully describes the proposal. If it does, the measure will move to the Ohio Ballot Board. Supporters would then need to gather about 413,000 valid signatures by July to place the amendment before voters this November. The report notes that a 25-megawatt limit "would effectively block most modern data centers from being built in Ohio."

An anonymous reader quotes a report from Inside Climate News: Republican lawmakers in multiple states and Congress are advancing proposals to shield polluters from climate accountability and prevent any type of liability for climate change harms -- even as these harms and their associated costs continue to mount. It's the latest in a counter-offensive that has unfolded on multiple fronts, from the halls of Congress and the White House to courts and state attorneys general offices across the country.

Dozens of local communities, states and individuals are suing major oil and gas companies and their trade associations over rising climate costs and for allegedly lying to consumers about climate change risks and solutions. At the same time, some states are enacting or considering laws modeled after the federal Superfund program that would impose retroactive liability on large fossil fuel producers and levy a one-time charge on them to help fund climate adaptation and resiliency measures. But many of these cases and climate superfund laws could be stopped in their tracks, either by the conservative majority on the U.S. Supreme Court or by the Republican-controlled Congress.

Last month the court decided to take up a petition lodged by oil companies Suncor and ExxonMobil in a climate-damages case brought against the companies by Boulder, Colorado. The petition argues that Boulder's claims are barred by federal law, and if the justices agree, it could knock out not only Boulder's lawsuit but also many others like it. The court is expected to hear the case during its upcoming term that starts in October. There is also a possibility that Republicans in Congress will take action before then to gift the fossil fuel industry legal immunity, similar to that granted to gun manufacturers with the 2005 Protection of Lawful Commerce in Arms Act. Sixteen Republican attorneys general wrote (PDF) to U.S. Attorney General Pam Bondi in June suggesting that the Department of Justice could recommend legislation creating precisely this type of liability shield. And last month, one Republican congresswoman announced that such legislation is indeed in the works. "The ultimate democratic institution in America is the jury," said former Washington Gov. Jay Inslee. Enacting policies that prevent or block climate-related lawsuits against polluters, he said, would effectively shutter "the doors of the courthouse to Americans that have been injured by oil and gas company pollution and by their lies and deceit about that pollution."

"I really think it's an un-American effort to deny Americans the traditional right of access to a jury," Inslee said. Oil and gas executives are "terrified" by the prospect of having to stand before a jury and face evidence of their climate-change lies and deception, he added. "You'll see the steam coming out of the jury's ears when they hear about how they've been lied to for decades. [Oil companies] understand why juries will be outraged by it, and they are shaking in their boots. The day of reckoning is coming, and that's why they're afraid."

Encyclopedia Britannica has sued OpenAI, alleging its AI models were trained on nearly 100,000 copyrighted articles and sometimes reproduce or misattribute passages to the encyclopedia. The lawsuit also claims trademark infringement and argues tools like ChatGPT divert traffic away from Britannica and Merriam-Webster sites. Engadget reports: More specifically, Britannica alleged that OpenAI illegally used its "copyrighted content at a massive scale" when training its AI models. Not just with training, the encyclopedia company claimed that ChatGPT's responses to user queries sometimes contain "full or partial verbatim reproductions of [Britannica's] copyright articles."

Along with claims of copyright violations, Britannica argued that OpenAI was also responsible for trademark infringement. According to the lawsuit, ChatGPT generates "made-up content or 'hallucinations' and falsely attributes them" to Encyclopedia Britannica. The lawsuit doesn't specify an amount for monetary damages, but Britannica is also seeking an injunction to prevent OpenAI from repeating these accusations.

A German court ruled that TCL misled consumers by marketing certain TVs as "QLED" when they "do not deliver the color reproduction expected from QLED TVs." It has ordered the company to stop advertising or selling those models in Germany. TechRadar reports: The case was filed by Samsung, which claimed that TCL was running deceptive advertising, and more court cases on the same topic are coming in other countries, including the US. The lawsuits all make the same claim: that what TCL calls a QLED isn't a QLED as it's commonly understood, and that consumers are being mis-sold TVs as a result. The court found that TCL's quantum dot TVs, such as the QLED870 series available in Germany, didn't deliver the characteristics of a quantum dot LED, and that consumers were being misled as a result.

The tests were commissioned by Seoul chemicals company Hansol Chemical (which, it's worth noting, works with Samsung, a key TCL rival, and which heavily promoted the results of these tests alongside launching the court case) and carried out by Geneva's SGS and the UK's Intertek. According to ET News (via Google Translate), "no indium (In) or cadmium (Cd) was detected in three TCL QD TV models. Indium and cadmium are essential materials that cannot be omitted for QD implementation... if neither is present, QD technology cannot be said to have been applied." You can see the test results here.

TCL disputed the findings -- "The QD content may vary depending on the supplier, but it definitely contains cadmium," it responded -- and published its own tests, including a test by SGS, the same firm that conducted tests for Hansol. The results contradicted Hansol Chemical's tests, but those tests used a different methodology: where TCL's tests focused on TCL's quantum dot films, Hansol's commissioned tests were on finished TCL TVs. [...] Hansol Chemical has filed a complaint against TCL with the US Federal Trade Commission, alleging false advertising, and TCL is also facing class action lawsuits in several US states making the same claim. TCL isn't alone here: Hisense has also been targeted in the US.

NBC News investigates North Korea's "wide-ranging effort to place remote workers at U.S. companies in order to funnel money back to its coffers and, in some cases, steal sensitive information."

And working with the FBI, one corporate security/investigations company decided to knowingly hire one of North Korea's remote workers — then "ship him a laptop and gain as much information as possible" about this "sprawling international employment scheme that is estimated to include hundreds of American companies, thousands of people and hundreds of millions of dollars per year." It worked.... Over a roughly three-month investigation, Nisos uncovered an apparent network of at least 20 North Korean operatives including "Jo" who had collectively applied to at least 160,000 roles. During that time, workers in the network — which some evidence showed were based in China — were employed by five U.S.-based companies and allegedly helped by an American citizen operating out of two nondescript suburban homes in Florida...

Nisos estimated that in about a year, "Jo", who was likely a newer member of the team, applied to about 5,000 jobs... "They attended interviews all day every day, and then once they secured a job, they would collect paychecks until they were terminated," [according to Jared Hudson, Nisos' chief technology officer]... With the ability to see which other U.S. companies Jo and his team were working for — all remote technology roles — Nisos' CEO, Ryan LaSalle, began making calls to their security teams to alert them of the fraud. "Most of the companies weren't aware of it, even if they had pretty robust security teams," LaSalle said. "It wasn't really high on the radar."
NBC News describes North Korea's 10-year effort — and its educational pipeline that steers promising students into "computer science and hacking training before being placed into cyberunits under military and state agencies, according to a recent report by DTEX, a risk-adaptive security and behavioral intelligence firm that tracks North Korea's cybercrime." In one case, a North Korean worker stole sensitive information related to U.S. military technology, according to the Justice Department. In another, an American accomplice obtained an ID that enabled access to government facilities, networks and systems. At least three organizations have been extorted and suffered hundreds of thousands of dollars in damages after proprietary information was posted online by IT workers... Analysts warn that North Korean IT workers are targeting larger organizations, increasing extortion attempts and seeking out employers that pay salaries in cryptocurrency. More recently, security researchers have uncovered fake job application platforms impersonating major U.S. cryptocurrency and AI firms, including Anthropic, designed to infect legitimate applicants' networks with malware to be utilized once hired. The global cybersecurity company CrowdStrike identified a 220% rise in 2025 in instances of North Koreans gaining fraudulent employment at Western companies to work remotely as developers...

The payoff flowing back to Pyongyang from these schemes is enormous. Some North Korean IT workers earn more than $300,000 per year, far more than they'd be able to earn domestically, with as much as 90% of their wages directed back to the regime, according to congressional testimony from Bruce Klinger, a former CIA deputy division chief for Korea. The United Nations estimates the schemes, which proliferated after the pandemic when more companies' workforces went remote, generate as much as $600 million annually, while a U.S. State Department-led sanctions monitoring assessment placed earnings for 2024 as high as $800 million... So far, at least 10 alleged U.S.-based facilitators have been federally charged, including one active-duty member of the U.S. Army, for their alleged roles in hosting laptop farms, laundering payments and moving proceeds through shell companies. At least six other alleged U.S. facilitators have been identified in court documents but not named...

"We believe there are many more hundreds of people out there who are participating in these schemes," said Rozhavsky, the FBI assistant director. "They could never pull this off if they didn't have willing facilitators in the U.S. helping them...." The scheme itself is also becoming more complex. North Korean IT teams are now subcontracting work to developers in Pakistan, Nigeria and India, expanding into fields like customer service, financial processing, insurance and translation services — roles far less scrutinized than software development.

He's "the most famous anonymous man in the world," suggests Reuters. But investigating Banksy's artworks in a bombed Ukrainian village (and other clues in the U.K. and Manhattan) have led them to "a hand-written confession by the artist to a long-ago misdemeanor charge of disorderly conduct — a document that revealed, beyond dispute, Banksy's true identity."

But Banksy's long-time lawyer "urged us not to publish this report, saying doing so would violate the artist's privacy, interfere with his art and put him in danger" and "would harm the public, too." Working "anonymously or under a pseudonym serves vital societal interests," he wrote. "It protects freedom of expression by allowing creators to speak truth to power without fear of retaliation, censorship or persecution — particularly when addressing sensitive issues such as politics, religion or social justice."

Reuters took into account Banksy's privacy claims — and the fact that many of his fans wish for him to remain anonymous. Yet we concluded that the public has a deep interest in understanding the identity and career of a figure with his profound and enduring influence on culture, the art industry and international political discourse... As for the risk he might face of retaliation or censorship, Britain's legal and political establishments seem comfortable with Banksy's messages and how he delivers them...

His mastery of disguise began as a way of shaking the police, says former manager [Steve] Lazarides. In an interview, Lazarides said anonymity served a practical purpose in Bristol, where authorities enforced "draconian" policies against graffiti... Eventually, keeping the secret became a burden. By the end of their partnership, Lazarides estimates he spent half or more of his time managing and maintaining the artist's mystique. "I think it became a good gag, and then, if you want my honest, honest opinion, I think it then became a disease," he said.
Lazarides wrote a two-volume book about managing Banksy from the late 1990s to 2008, including a story about Banksy's arrest in 2000 for this defacing of a billboard. Reuters geolocated that building, then found police documents and a court file including the hand-written confession. This investigation spawned a 7,000-word article with everything from a comic strip Banksy drew when he was 11 to his connections with Robert Del Naja of the trip hop band Massive Attack — and a 2017 podcast interview where a music producer apparently revealed Banksy's real first name.

But the article also reveals how protective the art community is of Banksy's secret. Reuters investigated that Banksy auctioned in 2018 for $1.4 million — and then immediately started shredding itself with a device Banksy embedded in its frame: That piece, renamed "Love is in the Bin," sold three years later for about $25 million. Art dealer [Robert] Casterline was at the auction and remembers when the shredder began to beep. He pulled out his phone to take pictures. "Unfortunately, there was one person standing in front of me," blocking the view, he said. It was an eccentric-looking man with a broad neck scarf and thick eyewear. Oddly, the man wasn't watching the painting get shredded. He was looking in the other direction, observing the crowd's reaction. Only later, reviewing what he shot, did Casterline notice that the man's glasses appeared to have a small camera built into the bridge. (Banksy later posted a video of the stunt, including shots of the astonished audience.)
Having seen a photo of the man suspected of being Banksy, Casterline confirmed to Reuters that he was "pretty sure" it was the same man.

But "I don't want to be the guy who exposes Banksy."

While AI CEOs worry governments might nationalize AI, others are advocating for something similar. Canadian security professional Bruce Schneier and Harvard data scientist Nathan Sanders published this call to action in Canada's most widely-read newspaper (with a readership over 6 million): "Canada Needs Nationalized, Public AI." While there are Canadian AI companies, they remain for-profit enterprises, their interests not necessarily aligned with our collective good. The only real alternative is to be bold and invest in a wholly Canadian public AI: an AI model built and funded by Canada for Canadians, as public infrastructure. This would give Canadians access to the myriad of benefits from AI without having to depend on the U.S. or other countries. It would mean Canadian universities and public agencies building and operating AI models optimized not for global scale and corporate profit, but for practical use by Canadians...

We are already on our way to having AI become an inextricable part of society. To ensure stability and prosperity for this country, Canadian users and developers must be able to turn to AI models built, controlled, and operated publicly in Canada instead of building on corporate platforms, American or otherwise... [Switzerland's funding of a public AI model, Apertus] represents precisely the paradigm shift Canada should embrace: AI as public infrastructure, like systems for transportation, water, or electricity, rather than private commodity... Public AI systems can incorporate mechanisms for genuine public input and democratic oversight on critical ethical questions: how to handle copyrighted works in training data, how to mitigate bias, how to distribute access when demand outstrips capacity, and how to license use for sensitive applications like policing or medicine...

Canada already has many of the building blocks for public AI. The country has world-class AI research institutions, including the Vector Institute, Mila, and CIFAR, which pioneered much of the deep learning revolution. Canada's $2-billion Sovereign AI Compute Strategy provides substantial funding. What's needed now is a reorientation away from viewing this as an opportunity to attract private capital, and toward a fully open public AI model.
Long-time Slashdot reader sinij has a different opinion. "To me, this sounds dystopian, because I can also imagine AI declining your permits, renewal of license, or medication due to misalignment or 'greater good' reasons."

But the Schneier/Sanders essays argues this creates "an alternative ownership structure for AI technology" that is allocating decision-making authority and value "to national public institutions rather than foreign corporations."

Wikipedia describes Freenet as "a peer-to-peer platform for censorship-resistant, anonymous communication," released in the year 2000. "Both Freenet and some of its associated tools were originally designed by Ian Clarke," Wikipedia adds. (And in 2000 Clarke answered questions from Slashdot's readers...)

And now Ian Clarke (aka Sanity — Slashdot reader #1,431) returns to share this announcement: Freenet's new generation peer-to-peer network is now operational, along with the first application built on the network: a decentralized group chat system called River.

The new version is a complete redesign of the original project, focusing on real-time decentralized applications rather than static content distribution. Applications run as WebAssembly-based contracts across a small-world peer network, allowing software to operate directly on the network without centralized infrastructure.

An introductory video demonstrating the system is available on YouTube.
"While the original Freenet was like a decentralized hard drive, the new Freenet is like a full decentralized computer," Clarke wrote in 2023, "allowing the creation of entirely decentralized services like messaging, group chat, search, social networking, among others... designed for efficiency, flexibility, and transparency to the end user."

"Freenet 2023 can be used seamlessly through your web browser, providing an experience that feels just like using the traditional web,"

It's America's first large-scale offshore wind project, reports WBUR — enough clean energy to power 400,000 homes in Massachusetts from 62 offshore wind turbines generating 800 megawatts.

But it took a while... The plant's first construction delay happened back in 2019, they point out — and then "Just three months ago, when the project was 95% complete, the U.S. Interior Department issued a stop-work order." But after successfully challenging that order in court, and "with a stretch of good weather offshore, the developers behind the $4.5 billion project managed to get over the finish line."

The Associated Press notes it was "one of five major East Coast offshore wind projects the Trump administration halted construction on days before Christmas, citing national security concerns." Developers and states sued, and federal judges allowed all five to resume construction, essentially concluding that the government did not show that the national security risk was so imminent that construction must halt. Another one of the five, Revolution Wind, began sending power for the first time to New England's electric grid on Friday and will scale up in the weeks ahead until it is fully operational.
"That project is nearly complete as well," notes WBUR, "and will eventually be capable of powering up to 350,000 homes."

Plug-in (or "balcony") solar panels can also be hung out a window or be set up in a backyard, reports NPR. They channel energy from the sun straight into a home's electrical outlet, generating enough electricity to power a refrigerator or microwave while "displacing electricity that otherwise would come in from the grid..."

But what's holding up their adoption in America? For the panels to become more widely available in the U.S., state lawmakers are proposing bills that eliminate complicated utility connection agreements, which are required for larger rooftop solar installations and, most utilities say, should apply to plug-in solar too. Those agreements, along with permitting and other installation costs, can double the price of solar panels. Utah enacted the first law, last May, supporting plug-in solar, and now some 30 pieces of similar legislation have been introduced around the United States. [And Virginia seems poised to pass a similar law.]

But the drive toward plug-in solar is facing pushback from electric utilities. They are raising safety concerns and prompting legislators to delay votes on the bills. So far, utilities have won over lawmakers in five states and convinced them to delay votes on plug-in solar bills... Plug-in solar advocates say that safety concerns about the new technology have been addressed and that utilities are really just worried about losing business, because every kilowatt-hour generated by a plug-in solar panel is one less the utility sells to a customer... There are safety risks with any electrical appliance, and it's true that plug-in solar panels present some unique problems. But safety experts also say those issues can be managed....

German utilities expressed many of the same concerns nearly a decade ago when plug-in solar started to become popular in Germany. But with more than a million systems installed, no safety incidents have been reported for customers who used the panels as instructed, according to a research paper funded by the U.S. Department of Energy.

Last week System76 CEO Carl Richell criticized age-verification laws for operating systems — but he now sees a "real possibility" Colorado's law might exclude open-source.

Phoronix reports that the System76 CEO met with the state Senator who co-authored Colorado's bill, and then posted on X.com that the Senator "suggested excluding open source software from the bill." Richell: This appears to be a real possibility. Amendments are expected... It's my hope we can move fast enough to influence excluding open source.. No illusions, it's an uphill battle, but we have an open door to advocate for the open source community.
Vague language has been a recurring problem with new state age-verification legislation. Richell pointed out later that "In one proposed bill, Garmin would have to verify the age of their watch customers at device setup." Richell also sees New York's bill as "unlikely to be applicable to Linux distributions," since its language calls for "commercially reasonable age assurance" that free operating systems could use — and Richell isn't sure one exists as described by the bill. "As written today, it's extremely broad and vague and that makes it scary."

Richell answered several follow-up questions about operating system age-verification laws. "What about California?" someone asked... Richell: We hope to make sensible, strong arguments for excluding open source which then becomes a standard for other states. It's going to be difficult.

Q: Open source is not the only target to exclude. Please ensure that the bill is amended so that it does not require applications that have no possible use for the age bracket to ask about it.

Richell: We discussed this as well. I proposed that apps that do not require age to modify app behavior or access by some other legislation be barred from reading age brackets to better protect privacy.