Techdirt

You might have noticed in the last week or two that President Trump has suddenly jumped on the silly bandwagon suggesting that internet platforms like Facebook and Twitter don't have a right to kick people off of their platforms. There have been a bunch of misleading tweets he's made, but we'll just post this one that kicked it all off:In it, Trump says:

CBS isn't exactly known for making coherent decisions. You'll probably recall the company sued Dish Network for simply developing DVR ad-skipping technology consumers asked for. It then went so far as to ban its subsidiary CNET from giving Dish an innovation award for the technology at CES. There was also that time the company sued the public domain for simply existing, or those numerous times it obnoxiously hassled Star Trek fans for their fan service.But this week the company did something exceptionally idiotic, even for CBS. Over at the company's CBS All Access streaming video service, some of the company's TV shows have taken some additional liberties traditionally restricted on broadcast television. Characters on its "Star Trek: Discovery" spin off, for example, now occasionally say "fuck." And its show "The Good Fight," a spin off of its broadcast show "The Good Wife," occasionally takes some more pointed stances politically than its more ambiguously scripted predecessor.One recent episode featured a 90-second animated musical segment written by Jonathan Coulton, poking fun at Chinese censorship, the country's terrible treatment of dissidents, the 1989 Tiananmen Square Massacre, and President Xi Jinping's behavior. CBS's response? To try and completely censor the musical segment:

Is this good news or bad news? It's tough to say. The London Metro Police are proud of their many cameras and their cameras' many features, but there doesn't appear to be any improvement in the facial recognition tech its deploying.Three Freedom of Information requests sent to the Metro Police last year returned documents showing its tech was reporting nothing but false positives. The first response reported a 98% failure rate. A follow-up request generated an admission of a 100% failure rate by the Metro's tech. Now another set of FOI requests has gathered more data from the Metro Police and it appears past reports of consistent failure were pretty indicative of future results.

USA Today has scored a coup. It has partnered with police accountability nonprofit Invisible Institute to obtain misconduct records from around the nation. These paint a pretty bleak picture of American policing -- not just in the number of incidents, but in the number of incidents that go unpunished.Public records requests have resulted in thousands of documents detailing at least 200,000 incidents of alleged misconduct, along with more than 100,000 internal investigations. The database is completely searchable and leads readers, reporters, researchers, etc. directly to the underlying documents.Here are the morbid stats this database has produced:

At this point, it's plainly obvious that YouTube's ContentID platform for doing automated takedowns of videos that supposedly infringe on copyrights is a full on mess. That mess is multi-pronged. The filters themselves suck at identifying actual infringement, and throw up all kinds of false positives. The filters are also so broadly applied that building any nuance into what is blocked and what isn't is basically impossible. Finally, the whole system is so wide open for abuse that it's laughable.The latest iteration of this concerns Beat Saber, a virtual reality rhythm game where you essentially wield two lightsabers to match the beats and rhythms that go along with the music. The game has become so wildly popular that it was recently featured on The Tonight Show with Jimmy Fallon. That's where things went sideways.

We've noted for years how broadband providers have increasingly imposed arbitrary, confusing, and punitive usage caps and overage fees to cash in on the lack of competition in US broadband. Not only have industry executives admitted these limits aren't technically necessary, they've increasingly been abused to hamstring competitors. AT&T, for example, doesn't impose the limits on its broadband customers who use its streaming video service (DirecTV Now), but will impose the added charges if you use a competitor like Netflix.For many years ISPs have slowly but surely imposed such limits hoping that consumers wouldn't notice (think of the frog in the pot of boiling water metaphor). But as streaming services have increasingly embraced high-bandwidth 4K streaming, consumer usage has started to push back hard against some limits. For example, Charter Spectrum last week noted that the average Charter subscriber (one that doesn't subscribe to traditional TV) consumes just over 400 gigabytes of data per month:

The legal uncertainty created by the General Data Protection Regulation (GDPR) is becoming so common, it’s starting to go unnoticed. In yet another recent example, Poland’s data protection authority (DPA), UODO (“Urząd Ochrony Danych Osobowych” in Polish), fined a European company over €220,000 for failing to comply with a GDPR requirement that companies provide individuals with privacy notices. While it hasn’t drawn considerable attention, this case could have considerable implications for many other European companies. The sanction cuts through expectations that data protection authorities (DPAs) will play a constructive role of both regulators and advisors under the GDPR, and it illustrates that the need to clarify the European privacy law is ever more urgent.Bisnode, a European digital marketing company that specializes in data analytics, had collected and processed personal data from publicly available registers on six million individuals to provide creditworthiness scores to banks. The company used its access to the email addresses of about 679,000 users to inform them of the processing of their personal data—to which, out of a sample of 90,000 users, only 10 percent objected. But the operational costs of sending letters to the remaining 5.7 million users whose emails were unavailable would amount to €8 million of postal charges, an estimate which did not even include the related administrative costs. As a result, the company decided to publish a general statement on its website to alert the remaining data subjects. However, the Polish DPA decided that Bisnode did not go far enough in upholding its obligations under the GDPR.The decision to sanction this company is misguided and sets a worrying precedent for two reasons. First, this penalty is a direct consequence of the privacy law’s vague provisions and misleading language, which EU policymakers must urgently clarify. Under Article 14 of the GDPR, organizations collecting and processing personal data must provide privacy notices directly to data subjects. But this obligation does not apply in case providing this information is “impossible, or would involve a disproportionate effort.” The Polish company thought it had fulfilled its obligations under the GDPR, as the exorbitant cost of reaching out to the remaining users could trigger this exception. But while accepting the company’s calculations, UODO regulators did not assess that €8 million would constitute a sufficiently “disproportionate effort.” What is more, because the GDPR is not prescriptive about how companies must provide users with information, UODO claimed that the law does not oblige them to inform users specifically via registered post. Hence UODO considered that a public statement was insufficient because the company could have used other solutions such as sending SMS messages, even though Bisnode did not have telephone numbers for everyone and the costs of doing so would have been high.Second, this decision calls for a clarification of the role of DPAs under the GDPR. The company had taken a number of proactive steps to comply with the GDPR, yet UODO saw it as nothing more than proof that it was aware of its obligations and thus had intentionally violated them. DPAs should not impose penalties when there is ambiguity in the rules and companies are making an honest effort to comply. Instead, DPAs should play the role of educators so as to facilitate companies’ complex journey towards compliance. Before imposing penalties, they should take into account whether companies acted in good faith when establishing compliance strategies, the extent to which they have implemented compliance procedures internally, and the degree of interpretability of the provisions in question.Many EU companies have yet to comply with the privacy law and do not expect that they ever will. EU policymakers should realize that the privacy law’s strict and complex requirements may be the main reason why. But the Polish decision shows that compliance may not even be enough. Companies cannot interpret unclear regulations, so they will continue to face unpredictable decisions. Even if a company appeals a decision, it will take time before the final outcome establishes jurisprudence.EU policymakers and data protection authorities should focus on clarifying the legislation, specifying the technical requirements to provide information, and take into account the costs and difficulties compliance may impose on companies in some cases. Otherwise European businesses will continue to face difficulties interpreting and complying with the GDPR.Eline Chivot is a senior policy analyst at the Center for Data Innovation, based in Brussels. Daniel Castro is the director of the Center for Data Innovation and vice president of the Information Technology and Innovation Foundation.

You don't own the exploits you've created. That's the lesson the NSA has learned over the past few years as its hacking tools have made their way into the public domain via leaks. Of course, the harshest parts of this lesson have been felt by the general public, rather than the NSA, however. The leaked tools were swiftly repurposed to generate a new strain of ransomware, which took down dozens of businesses and government services around the world.But it's not just a random assortment of internet baddies wreaking havoc with NSA hacking tools and exploits. It's also state-sponsored hackers making use of these tools. A report from Symantec shows other nations are more than willing to turn our state-sponsored attacks against us -- demonstrating the danger of engaging in a cyberwar using weaponized code.

Your car needs routine checkups to ensure its health. Keep tabs on your car's health with the KOBRA. This wireless scanner can interpret over 3,000 code definitions of generic and manufacturer-specific trouble codes. You just need a WiFi connection and you can diagnose any car problem and unlock massive amounts of data on your car's performance in real time. It works on all cars manufactured after 1996, and is compatible with apps like DashCommand, OBD Auto Doctor, and Torque Pro. It's on sale for $15.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

There's an unfortunate belief among some internet trolls and grandstanding politicians that Section 230 of the Communications Decency Act requires platforms to be "neutral" and that any attempt to moderate content or to have any form of bias in a platform's moderation focus somehow removes 230 protections. Unfortunately, it appears that many in the press are incorrectly buying into this flat out incorrect analysis of CDA 230. We first saw it last year, in Wired's giant cover story about Facebook's battles, in which it twice suggested that too much moderation might lose Facebook its CDA 230 protections:

We've long discussed how the Pai FCC's net neutrality repeal was plagued with millions of fraudulent comments, many of which were submitted by a bot pulling names from a hacked database of some kind. Millions of ordinary folks (like myself) had their identities used to support Pai's unpopular plan, as did several Senators. Numerous journalists have submitted FOIA requests for more data (server logs, IP addresses, API data, anything) that might indicate who was behind the fraudulent comments, who may have bankrolled them, and what the Pai FCC knew about it.But the Pai FCC has repeatedly tried to tap dance around FOIA requests, leading to several journalists (including those at the New York Times and Buzzfeed) suing the FCC. Despite the Times' lawyers best efforts to work with the FCC to tailor the nature of their requests over a period of months, the agency continues to hide behind FOIA exemptions that don't really apply here: namely FOIA exemption 6 (related to protecting privacy) and 7E (related to protecting agency security and law enforcement activity).In court filings made last week, the FCC also reiterated its claim that the primary reason it won't release more data is because it's just super concerned about user privacy:

Because it's so much easier to bust websites than actual criminals, police in Israel have decided to arrest the people behind a dark web site that made the dark web searchable. Zack Whittaker has the details for TechCrunch.

As many of you will be aware, there is a small town in South Dakota, Sturgis, that turns into the place to be if you're into motorcycle rallies. Many of you may not be aware, however, that this rally and town have become the center of a years-running trademark dispute. Sturgis Motorcycle Rally Inc. (SMRI), which helps put on the rally, moved to trademark the name of the town and the rally, and then began bullying local Sturgis businesses for daring to use the town's name or the name of the event. This was done, according to SMRI, for the purpose of protecting the event and town, which makes little to no sense. In the end, the two trademarks in question were one that was a geographical name and one that was almost purely descriptive of a social event.As it turns out, subsequent rulings on the matter did not go in SMRI's favor. This is creating some confusion in Sturgis, as SMRI's strategy for dealing with the legal losses appears to be simply pretending that they didn't occur.

As Techdirt noted a year ago, the entertainment industry has been trying to convince the authorities around the world that "fully-loaded" Kodi boxes, which allow the viewing of unauthorized video streams, are the devil's spawn, and must be eradicated. That obsession has led to efforts to stop even vanilla Kodi boxes being promoted and sold, despite the fact that the open source software they run is perfectly legal. TorrentFreak has a report about the latest salvo in this war on Kodi, and its interesting consequences.It concerns a third-party Kodi add-on called "Exodus", which, like many others, allowed unauthorized streaming videos to be viewed with little effort. The excellent design and resulting popularity of Exodus meant that it was soon targeted by copyright companies. The pressure worked, and the development of the add-on was halted, leaving millions of happy users somewhat less happy. But Exodus had an important hidden feature: it was released under an open source license. That meant that anyone could pick up the code and continue its development independently of the original, without needing to ask permission from anyone. As TorrentFreak points out, that is precisely what has happened, and on a surprisingly large scale. The TVAddons site recently published an article that discusses 12 forks of Exodus, which is only part of the Exodus ecosystem: "Too many Exodus forks are out there to investigate them all."This "hydra" effect -- chop off one head, and two grow in its place -- makes eliminating open-source add-ons for Kodi extremely difficult. Although individual developers may be persuaded to stop working on a particular fork, the code is still out there, and can easily be maintained and improved by others. Since the latter can be anywhere in the world, that makes shutting them down even harder. However, TorrentFreak rightly notes that this doesn't mean that the efforts of the copyright companies are entirely in vain:

The regulation of technology is an extremely important issue that impacts all our lives, but it tends to take a back seat in the world of mainstream politics, and when it does come to the fore, the lack of knowledge on display among elected representatives can be... disheartening, to say the least. In some ways that's starting to change as a generation of people who grew up with modern technology gets more and more involved in politics, but we're still a long, long way away from having a majority of tech-savvy (or even tech-literate) lawmakers. This week, we're joined by lawyer and pioneering law blogger Denise Howell to discuss the challenge of even determining whether a politician knows what they are talking about when it comes to tech.Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes or Google Play, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.

Some CIA phone hacking tools made their way into the wild back in 2017. It didn't take long for the DOJ to find a suspect to charge. Joshua Schulte, a former NSA and CIA operative, was hit with a long list of charges, including espionage, child porn possession, and (at least momentarily) copyright infringement -- the last one on the list being the result of feds discovering a bunch of pirated movies and music on Schulte's server.As this prosecution has slowly moved forward, it has gotten wilder. The DOJ claimed Schulte was continuing to leak classified info, even after being jailed while awaiting his trial. According to the DOJ's filing, Schulte was using a number of smuggled-in phones to smuggle out classified documents turned over to him by the DOJ in response to discovery requests. The government's filing also made mention of "significant encryption" stymieing its attempts to break into Schulte's contraband phone but left the definition of that term open to discussion.Marcy Wheeler (of Emptywheel) was the first to come across Josh Schulte's latest filing in his case. And it's… something. Schulte has been openly critical of his incarceration and the US prison-industrial complex generally. Now, he's attempting to nail down the specifics by filing a complaint [PDF] against the US government for depriving him of a number of his rights and demanding, in a Dr. Evil-esque move, 50 BILLION DOLLARS.The 88-page [!] complaint opens with Schulte's handwritten claim the government has ended a career headed for Bill Gates/Jeff Bezos-level personal fortune. The "Relief" section says:

It is possible that if the Ninth Circuit panel truly realized how badly it messed up Section 230 it might have thought twice about it. So we’ve asked the court to give it a second thought. As did Airbnb and Homeaway, who were most immediately affected by the Ninth Circuit’s recent decision in their challenge of the Santa Monica ordinance that, like the San Francisco ordinance, and ordinances increasingly sprouting up around the country, seeks to make them liable for their users’ expression.The problem: that’s exactly what Section 230 is supposed to prevent – holding a platform liable for user generated content that is wrongful in some way. If Santa Monica, San Francisco, and all those other cities want to make it illegal for people to list homes to rent, that’s fine. It may or may not be good local policy, but it won’t break the Internet. What breaks the Internet is when the law doesn’t just make people legally responsible for their own expression but makes the platform they used to express it liable for it too. Section 230 is supposed to prevent that, because if platforms can be held liable for all the myriad things that can be wrong with all the enormous amounts of user expression they intermediate, then they won’t be able to be platforms anymore. It will simply be too expensive to mitigate and manage this risk, at least not in a way that doesn’t result in enormous amounts of censorship of user content that isn’t even legally wrongful at all.So Airbnb and Homeaway filed a petition for rehearing and rehearing en banc to ask the Ninth Circuit to review their case again, and last week the Copia Institute, along with the R Street Institute, filed an amicus brief in support of their petition. In our brief we reminded the court of what we have discussed here. First, that threatening platforms with liability forces platforms to have to monitor all their user expression, which may or may not even be possible, and at the expense of any monitoring that might be more effective. For instance, in this case, all these cities are asking Airbnb and Homeaway to ensure that every listing it allows to be rented be compliant with the registration requirement, but it might be better if instead they could focus their resources on building a more usable and secure platform, helping to eliminate fraud, or working to satisfy any other priority that would benefit the public more. Threatening platforms with liability for user content inevitably co-opts platforms’ resources, diverting them away from the sort of beneficial monitoring Congress tried to incentivize them to do with Section 230 and into monitoring that is solely self-protective.Secondly, it may likely not even be possible for platforms to do enough monitoring to protect themselves. Although the Ninth Circuit’s decision spoke to the Santa Monica ordinance, there is nothing about the decision that is limited to this specific ordinance in this specific city. A core problem with the decision is the degree to which the court minimized how difficult it will be for Airbnb and Homeaway to even just monitor their user listings to see if they comply with even just this registration requirement in even just this city. But other cities now have ordinances too, thus vastly expanding the task. There is also nothing in the decision that limits what the ordinance can demand for compliance – today it may be registration, but tomorrow it might be habitability concerns, which are even more infeasible for platforms to police, or any other arbitrary policy demand. And there is nothing limiting this tearing open of Section 230’s pre-emption provision preventing local liability from being imposed on platforms for user content to just this sort of local regulation relating to short-term rental platforms. It opens the door to absolutely everything every jurisdiction everywhere can dream up to hold against platforms. There is no way for platforms to be able to successfully monitor every regulatory demand every jurisdiction can make on user expression, so they will either give up and shut down completely or adjust their practices to comply with the most restrictive jurisdiction’s demands and ultimately end up censoring an awful lot of perfectly lawful content – or both. Section 230 was supposed to prevent platforms from finding themselves in this impossible position, and our brief reminded the Ninth Circuit of this fact.Also, as we previously pointed out, the fundamental error of the decision is that it split out facilitating the hosting of user expression from the facilitating of a transaction related to that user transaction. If this were a legitimate distinction, it would make it impossible to ever monetize one’s platform services, because every revenue transaction would always be connected to user content that could be wrongful. It doesn’t do anything to insulate platforms from the hosting of that content if it doesn’t insulate them from being able to afford to host that content. A decision like this one directly threatens the commercial viability of the Internet, which is definitely not what Congress wanted to have happen when it passed Section 230 in order expressly to protect that economic vitality.

The Project Management Professional Certification Training Bundle features 10 courses designed to get you up and running as a project manager. You'll prepare for certification exams by learning the fundamental knowledge, terminology, and processes of effective project management. Various methods of project management are covered as well including Six Sigma, Risk Management, Prince and more. The bundle is on sale for $49.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

As you'll recall in the run up to passing FOSTA last year, supporters of the bill -- backed in secret by Hollywood lobbyists whose sole goal was to create liability for internet companies and force them to install filters -- kept insisting that it was all about "protecting women." There was an infamously misleading Public Service Announcement that supporters of the bill put together, staring into the camera and talking grimly about how necessary it was to amend Section 230 to save women. It starred a bunch of famous actors, including Amy Schumer, Tony Shalhoub, Josh Charles, Seth Meyers, and others.Of course, since FOSTA passed, it has yet to be used against any website. Indeed, the website that everyone kept holding up as proof for why FOSTA was needed, Backpage, was actually shut down a week before FOSTA became law under existing laws.And yet, FOSTA has created tremendous real world damage. A bunch of sites and individuals have been silenced out of fear that it might be used against them, creating massive chilling effects -- including chilling effects on advocacy and information providing groups who try to help sex trafficking victims, but who now may violate FOSTA in continuing to do that work.Lura Chaberlian has now published a deep dive into how FOSTA is a "hostile law" with "a human cost" for Fordham Law School. The quick summary of the paper is that FOSTA hasn't done anything to help sex trafficking victims, but has created real harms for many women, especially those engaged in consensual sex work.

Back in March, the Pai FCC proclaimed that new FCC data indicated that the agency's decision to effectively neuter itself at telecom lobbyist behest was resulting in vast, wonderful benefits for American consumers. According to the FCC, its blind fealty to AT&T, Verizon, and Comcast quickly resulted in massive steps toward "closing the digital divide," something Pai has repeatedly claimed is the top priority of his tenure:

An 18-year-old resident of New York City is suing Apple for $1 billion. His lawsuit alleges Apple uses facial recognition technology as part of its stores' security systems and that this led directly to him being accused of multiple thefts across a handful of states… despite him bearing zero resemblance to the thief caught on tape.Ousmane Bah's lawsuit [PDF] alleges Apple failed in its duty of care by attributing all these thefts to him, despite him not being the thief, resulting in numerous harms and injuries.

We cover a fair amount of video game news here, with much of it revolving around either intellectual property concerns or the common claims that video games are responsible for all the world's ills. The latter posts can be separated into two categories: one in which the violence in games is blamed for violence in the real world and one in which those who do not enjoy the medium blaming games for producing young people who those same people decide are deficient in some way.It's enough to make you think there are really only two camps. One camp thinks video games are evil in all of the possible ways. The other camp thinks video games are great in all of the possible ways. But this isn't how the real world works. Like any other artistic medium, some products are good, some are not. Some are wholesome or thought-provoking, while others are empty calories. Even the notion that video games are solely an artistic or entertainment medium is a false premise, as demonstrated by a recent use of gaming to help identify Alzheimer's Disease before serious symptoms show up.

Former Michigan State Trooper Mark Bessner is going to jail. Bessner originally faced a second-degree murder charge for tasing a teen riding an ATV, but was ultimately convicted of a lesser charge. The details here are provided by the New York Times, which seems to be trying to further exonerate the former law enforcement officer with its reporting.

Much of the time we bring up the Trademark Office and the trademarks it approves or denies, our focus tends to be on how the general posture seems to be one geared towards approval and the often laughable approved marks that come out of that. The only example I'm going to continue to cite of this ridiculousness in these trademark posts is going to be that of the San Diego Comic-Con, which somehow has an approved trademark on "comic-con" and its variants, despite that being a plainly descriptive mark. The chaos that has caused has resulted in ongoing coverage here, but it is hardly the only example.Making it all the more frustrating are the occasions when the Trademark Office gets things right. One will occasionally catch glimpses of the USPTO doing nuanced analysis and actually applying the standards of trademark law and public confusion, and denying a trademark application. For instance, Universal Music Group attempted to get a trademark for the phrase "As Heard On TV" for its music catalog of tracks designed to be used in television. That application was denied.

This is the price we're paying to win fight stand our ground during participate in a drug war. We take criminals under our wing, turn them into informants, and send them out into the general population to engage in criminal activity -- all under the assumption this will eventually lead to the dismantling of a drug cartel.Of course, this is the same rationale propelling civil asset forfeiture. But no matter how much property is taken from people never charged with crimes, drug cartels remain intact and their products continue to flow into the country. But that's only dollars and cars and houses lost. This case [PDF] -- presided over by the Tenth Circuit Appeals Court -- deals with the loss of innocence and life… all at the hands of a DEA informant.The backstory of the DEA informant is so much easier to take than the backstory of the lawsuit, so we'll start there.

Students socialize via the internet more often than not... you know, just like the rest of us do. More and more frequently, they're being surveilled by their schools. This first came to light a half-decade ago, when documents surfaced showing a California school district had purchased social media monitoring software to keep tabs on its students. Similar stories followed, including one incident where a test publisher admitted to monitoring social media posts of students taking its tests.In about half the country, this is now standard operating procedure for schools. The Brennan Center for Justice reports schools are purchasing social media monitoring tools with increasing frequency, allowing them to track and surveil students far past the borders of the school grounds.

The Complete Machine Learning A to Z Bundle has 9 courses designed to help you become proficient with this important technology. Deep learning isn't just about helping computers learn from data—it's about helping those machines determine what's important in those data sets. This is what allows for Tesla's Model S to drive on its own or for Siri to determine where the best brunch spots are. You'll learn TensorFlow, Python's scikit-learn, Apache MXNet, PyTorch, and more. You'll learn how to build chatbots with Google DialogFlow and Amazon Lex, and you'll learn to build voice apps for Amazon Lex. It's on sale for $35.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Like a teenaged heterosexual boy, it appears that Facebook has no clue how to deal with naked female breasts. Going back over a decade, the quintessential example used to show the impossibility of coming up with clear, reasonable rules for content moderation at scale is Facebook and breasts. In the early days, as Facebook realized it needed to do some content moderation, and had to establish a clear set of rules that could be applied consistently by a larger team, it started with a simple "no nudity" policy -- and then after that raised questions, it was narrowed down to define female nipples as forbidden. As a wonderful episode of Radiolab detailed last year, questions kept getting raised about how specific do you need to be (each paragraph here is a different speaker, but since Radiolab doesn't supply transcripts, I'm not entirely sure who's speaking):

While Facebook (usually justly) gets the lion's share of privacy criticism, wireless carriers haven't been too far behind. In the last few years we've learned that they're frequently hoovering up your daily location data and then selling it to a long chain of often dubious companies. More recently they've been busted even selling access to E-911 location data, which is increasingly even more accurate in tracking users than traditional GPS. We've noted repeatedly that lax ethical standards result in this data often being abused by dubious third parties, or used illegally by law enforcement or those pretending to be law enforcement.Throughout these evolving scandals, the Pai FCC hasn't done much of anything to ensure the public this is being adequately looked into. There's been no critical statement about this practice issued by the FCC, and no meaningful investigation launched (at least publicly). And while wireless carriers have insisted they've stopped collecting and selling this data (which they've been doing for the better part of the last decade without anybody in either party much caring), their promises historically haven't been worth all that much when it comes to the subject of privacy.To truly address the location data scandal(s), carriers need to voluntarily or by force make it transparently clear they've stopped collecting and selling this data (which in several instances like E-911 data is against the law). Hoping to add a little fuel to the fire, FCC Commissioner Jessica Rosenworcel this week ramped up her criticisms of the practice and the FCC's apathy:

Law enforcement officers tend to frown on citizens interfering with their revenue generation. This has led to a number of First Amendment lawsuits from people arrested for warning others about [check notes] the existence of police officers in the vicinity.One citizen was told as much when he was arrested for holding up a sign reading "Cops Ahead." One cop kept on script, referring to the man's actions as "interfering with an investigation." It wasn't an investigation. It was a distracted driving sting. The cop actually hauling him to the station was more to the point, telling the man he was arresting him for "interfering with our livelihood." First Amendment violation or felony interference with a business model? Why not both?A lawsuit was filed in 2018 seeking a declaration that honking a car's horn is protected expression. And, all the way back in 2011, a class action lawsuit was filed over citations and arrests for flashing headlights to warn drivers of unseen officers.A federal judge has decided -- albeit not very firmly -- that at least one of these actions is protected by the First Amendment. Wisconsin Magistrate Judge Stephen Crocker says flashing your headlights to warn drivers of speed traps is expressive speech -- something cops would be better off not trying to punish. (via Volokh Conspiracy)Andrew Obriecht passed a speed trap outside Caledonia, Wisconsin. After passing it, he flashed his headlights to warn oncoming drivers to slow down. He was then pulled over by a state trooper, who issued him a citation for violating a state statute that doesn't really appear to fit the alleged crime:

This week, our first place winner on the insightful side is Nathan F with a simple question about the Supreme Court's request for the White House to weigh in on API copyrights:

Five Years AgoThis week in 2014, while Senators Feinstein and Chambliss were taking yet another shot at a new, concerning cybersecurity bill, they were also backing down on attempts to require transparency from the administration regarding drone strikes. The German government blocked Ed Snowden from testifying before parliament to mollify the US, we learned that the UK'S GCHQ had hidden its access to the NSA's PRISM database from its parliamentary overseers, and we were wondering why Verizon's pushback against bulk records requests was so much weaker than it could have been. This was also the week that John Oliver's Last Week Tonight debuted, with its first episode featuring an interview with Keith Alexander that we couldn't help but notice might be the toughest interview he'd yet faced, even with all the jokes.Ten Years AgoThis week in 2009, dumb tweets about swine flu led to an early preview of concerns about disinformation on social media. The BBC was happily promoting MPAA propaganda about movie piracy while claiming it was being balanced, German publishers were demanding ISPs block file sharing sites, France was still trying to adopt a three strikes law even as Nicolas Sarkozy was paying up for his own copyright infringement, and in general legacy industries were showing a real sense of entitlement with regards to the internet (not that piracy freak-outs regarding technology were anything new). The USTR finally got Canada bumped up to its Priority Watchlist for intellectual property (for some reason), Warner Music made the very foolish decision to issue a DMCA takedown of a presentation by Larry Lessig, and we learned just how bad the revolving door is with the revelation that former RIAA lawyers now working for the government only had to stay away from issues impacting their former employees for one year.Fifteen Years AgoThis week in 2004, we took a look at the one-sided file sharing propaganda being foisted on school students by the entertainment industry — and boy did it ever seem like brainwashing. The Senate was looking at four different intellectual property bills including one that would let the FBI start filing civil suits for its entertainment industry buddies, and one that would expand California's ban on video cameras inside movie theaters. TiVo was pushing advertiser dollars onto the web, an attempt to force cable companies to offer a la carte channels fell through, self-publishing was shedding some of its stigma as it got easier, and the first federal charges were brought under the recent CAN SPAM laws. This was also the week that, after much anticipation, Google officially filed for its IPO — which of course everyone had to weigh in on, including us.

When it comes to how game developers react and interact with those that pirate their games, there are obviously plenty of ways to go about it. There's the ineffective legal route, which puts developers in a bad PR light. There's the DRM route, which is a hellish waste of time. And, on the other end of the spectrum, there are devs that choose to embrace the internet and attempt to monetize piracy through human connections and innovative business models.Somewhere in the middle is the less-traveled path of simply fucking with infringers. Whether its embedding antipiracy messages into the gameplay itself, or simply overlaying the entire game with the drone of a vuvuzela, there are a couple of recent examples where developers figured out how to detect cracked versions of their games and using that to torture pirates. While I would argue there are better ways developers could be spending this time and human capital, such as innovating, it's also true that it's hard not to smile when the pirates get messed with.But this goes back much further than the last few years. The always excellent Tech Rules YouTube channel put out the following video on how Spyro 2 on the Playstation 1 tortured those using pirated copies of the game.The slow burn of this prank on pirates is what makes it both so effective and so infuriating if you believe, as I do, that all of this is mostly time wasted. The joke being played here, with the effects of using a pirated version of the game getting incrementally and progressively more profound, is indeed funny. You can just picture the person playing a cracked version of the game very, very slowly realize he or she is being screwed with.But it also appears to have taken quite an effort to pull off. And for what? We have no idea how many would-be pirates were converted into paying customers of Spyro 2 by any of this, but I cannot imagine anyone thinks that unknown number is significant. The game was reviewed well, and sold well in several regions, but not at numbers that would seem to justify the time commitment spent to convert whatever the fraction of pirates turned into customers was.So, again, funny? Yes, absolutely. Mean or harmful? Nah. A useful use of the game developers' time? I can't see an argument for that, so why bother with any of this?

The easiest way to control a certain percentage of the populace is to strip it of its humanity. It happens in prisons and jails every day. It happens to immigrants all the time. For the Chicago Police Department, dehumanizing the citizens they serve makes it that much easier to minimize their complaints and avoid treating them with any level of respect.The City of Chicago's Inspector General has released a hefty, disturbing report [PDF] on the Chicago PD's gang database. This collection of people -- all lumped together as gang members or associates -- is shared with over 500 government agencies. Given this alarming fact, you'd think the CPD would be a bit more professional when compiling it. But you'd be wrong. The thing that leaps out immediately is how demeaning the database is, thanks to officers' input.

You might recall that in 2016 Charter merged with Time Warner Cable and Bright House Networks, promising that the new, combined company would offer a revolution in customer service, broadband speeds, and TV. Instead, what the company's customers got was a steady parade of rate hikes, and a company that has found itself under fire for repeatedly trying to kill or tap dance around merger obligations (like the one stating it can't cap broadband usage for six years). New York State deemed the company's service and behavior so atrocious, it seriously contemplated kicking the company out of the state.Not too surprisingly, raising rates and offering terrible customer service continue to take a toll on the company. The company lost another 145,000 cable TV customers in the first quarter, as users (annoyed by price hikes) continue to flock to cheaper, more flexible TV options:

Roy Moore, alleged sexual abuser of teens and apparent front runner for US Senate seat, continues to sue entertainer Sacha Baron Cohen for ruining his pristine reputation. Moore was duped into appearing in a segment with Cohen in which Cohen pretended to have acquired a "pedophile detector" crafted by the Israeli Army. During the bit, the alarm beeped twice in the vicinity of Moore.According to Moore's own lawsuit, this subterfuge and subsequent beeping caused him $95 million in reputational damage because it gave viewers the impression he was, and I quote, "a sex offender." Unfortunately for Moore, this is an impression many viewers likely already had, thanks to an extended news cycle featuring a line of women accusing Moore of engaging in inappropriate behavior with them when they were teens.Even more unfortunately, Moore has decided to hire Larry Klayman as his lawyer. I suppose if you're going to lose, you may as well lose as loudly as possible. The lawsuit is far from over, though. So, that's going to give Moore the opportunity to pay Klayman repeatedly for irritating presiding judges and otherwise fail to advance Moore's case.Right now, there's an argument over jurisdiction. Moore wants the lawsuit to remain in the Washington DC court, arguing that the "injury" occurred in this location since that's where the bit featuring Moore was recorded. Cohen wants it moved to Manhattan, since that's where Moore is legally bound to bring a lawsuit according to the agreement he signed with the defendants (Cohen, CBS, and Showtime) prior to taping.The judge has decided to move the lawsuit to Manhattan despite Klayman's protests to the contrary. Klayman and Moore were likely going to lose this jurisdictional decision anyway, but Klayman made sure the loss would leave an impression on both the judge in Washington DC and the judges awaiting assignment of the incoming case. Zoe Tillman has the details at BuzzFeed.

Cecilia Kang recently had a good article in the NY Times about Mark Zuckerberg's bizarre call for governments to take over content moderation on internet platforms. Lots of people pointed out that this is obviously unconstitutional under the First Amendment, and wondered how any lawyer at Facebook could have signed off on the statement. According to Kang, Facebook is quietly arguing that it really only meant for that "regulate me!" claim to be implemented outside the US:

The Complete Raspberry Pi 3B+ Starter Kit & Course Bundle has 3 courses and a kit with a Pi 3B+ to get you up and running in no time. This starter kit is perfect for anybody with an interest in STEM projects. You'll get a new Raspberry Pi 3B+, along with a Sensor Kit that has 37 sensor modules along with instructions for 35 products, allowing you to launch your Raspberry Pi journey. Two courses cover the fundamentals of working with Pi and a third course teaches you how to integrate your projects with Amazon Alexa. The bundle is on sale for $140.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

It looks like a passcode still beats a fingerprint when it comes to securing your info. Maybe not from criminals, but definitely from the government. Lisa Vaas of Naked Security reports the ATF has received permission from a federal judge to apply a suspect's fingerprints to a phone to unlock it.

Like most internet of broken things products, we've noted how "smart" door locks often aren't all that smart. More than a few times we've written about smart lock consumers getting locked out of their own homes without much recourse. Other times we've noted how the devices simply aren't that secure, with one study finding that 12 of 16 smart locks they tested could be relatively easily hacked thanks to flimsy security standards, something that's the primary feature of many internet of broken things devices.One such vendor, Latch, has increasingly had its products used by landlords eager to simply access to their properties and sell the technology as an advantage. That hasn't gone over all that well in New York City, where some residents have sued their landlords over the use of the locks, which many residents found cumbersome and difficult to use. Latch at the time reached out to us to note this shouldn't be a major obstacle, since users have the option of a smartphone app, a door code, and a physical key card to access their properties.But there's another issue that has popped up regarding these products: the amount of data they're collecting and doling out to property managers. Privacy experts, for example, say the company's terms of service are overly broad, allowing the sharing of too much data with valued partners and landlords:

The Office of the Director of National Intelligence (ODNI) has released the 2018 Transparency Report [PDF]. In it, the ODNI covers the government's multiple surveillance programs, detailing (but with a minimum of detail) how much intelligence we're collecting under which authorities.It's far from perfect but it's also far more than we had prior to the Snowden leaks. Transparency was forced on the Intelligence Community following Snowden's whistleblowing. It's still an uncomfortable fit for No Such Agency and the agencies benefiting from its data and communication collections.Even though the NSA's Section 215 program appears to be on the ropes, plenty of other info, data, and communications were gathered under other authorities. Some of the data provided in the report suggests intelligence collection efforts are becoming more efficient.National Security Letters (NSLs), the self-issued demands for info favored by the FBI, are experiencing a downturn in use. Some of this may be due to the government now having to justify the indefinite gag orders attached to every NSL. It's definitely made it a lot less fun to use, seeing as most major tech companies are routinely challenging the secrecy demands attached to this paperwork.But, while NSL use may be declining, the amount of information collected remains about the same.Nearly 20,000 NSLs were issued in 2013 with 38,832 ROIs (requests for information) attached. In 2018, only 10,235 NSLs were needed to obtain nearly the same ROI total (38,872).As was mentioned above, Section 215 -- modified by the USA Freedom Act -- has all but been abandoned by the NSA. Technical difficulties already present in the program were made worse when the storage of data reverted back to the telcos the NSA approached. According to a national security advisor, this program wasn't used at all this year, and there's reason to believe it wasn't the NSA's focus last year. Despite that, the NSA still managed to obtain 434 million phone records via Section 215 in 2018.That number raises questions, some of them voiced by Senator Ron Wyden. The number of records obtained isn't even the complete total, according to his statement, and it shows the NSA is still not being honest about a collection program it now says it doesn't think is worth continuing.

Techdirt readers with good memories may recall the long saga of the EU-Canada Comprehensive Economic and Trade Agreement (CETA). One important moment was when Canada agreed to use the EU's proposed replacement for corporate sovereignty, the Investor Court System (ICS). Both are versions of so-called "investor-state dispute settlement" (ISDS), which allows companies to sue countries for alleged losses caused by government decisions. Although ICS was devised in order to blunt the growing criticism of traditional ISDS, it amounts to little more than lipstick on a pig. It still gives foreign investors unique legal privileges not possessed by local companies. However, as part of the deal to persuade the Belgian region of Wallonia not to veto CETA, the EU agreed to allow Belgium to ask the region's top court to rule on whether the new ICS was compatible with EU law.As is usual in such referrals, one of the top legal advisers of the Court of the Justice of the European Union (CJEU) offered a preliminary opinion. In this case, Advocate General Yves Bot found that the ICS was compatible with EU law. The main CJEU has now issued its own judgment (pdf), essentially agreeing with Bot on every point. The key ruling is that, according to the CJEU, the ICS won't be able to overturn EU decisions:

A correct conclusion was almost reached by the Washington Supreme Court… but it was foiled by the fact that only eight justices reviewed the case. Here's the backstory to the decision that almost was, via Nick Sibilla of Forbes.

Readers here will know that we rather enjoy when an ordinary person takes extraordinary steps to clap back against government intrusions over speech and technology. A recent example of this was a Canadian man routing around a years-long battle with his government over a vanity license plate for his last name, which happens to be Assman. One thing to note on the technology side of the equation is that as legislation seeks more and more to demonize anything to do with technology, even in some cases rightly, it causes those enforcing the laws to engage in ridiculous behavior.For example, one man in Connecticut has only just won a legal battle that lasted over a year, and cost him far more than the $300 traffic ticket he'd been given, by convincing a court that a McDonald's hash brown is not in fact a smart phone. This, I acknowledge, may require some explanation.

A wealthy Canadian businessman dragged into the ridiculous "pizzagate" conspiracy theory -- thanks to his ties to the Clinton Foundation -- is suing Twitter for harming his reputation. The lawsuit filed by Frank Giustra doesn't target the users posting these allegedly defamatory statements, but rather Twitter itself… as though Twitter were the publisher of the tweets, rather than just the platform carrying them.

A wealthy Canadian businessman dragged into the ridiculous "pizzagate" conspiracy theory -- thanks to his ties to the Clinton Foundation -- is suing Twitter for harming his reputation. The lawsuit filed by Frank Giustra doesn't target the users posting these allegedly defamatory statements, but rather Twitter itself… as though Twitter were the publisher of the tweets, rather than just the platform carrying them.

For most of the history of Techdirt, we've talked about what an incredible mess the US patent system has been. There are many, many reasons for this, but a big one was that for decades, the appeals court that handles all patent cases, the Court of Appeals for the Federal Circuit (or CAFC), kept expanding what it considered to be patentable subject matter, and the Supreme Court completely ignored the issue. This culminated, ridiculously, in the State Street decision, which massively expanded what was considered patentable software (before that there was software covered by patents, but it was very, very limited). What made this situation truly hellish for innovators, is that (1) the software world was exploding with all different kinds of apps, and (2) almost no software was documented in the very few areas where patent examiners look for prior art: mainly, other patent applications and scientific journals. There was no need to document software in those places, because (1) when most people recognized software shouldn't be patented, very few even tried, and (2) why would you?That resulted in a perfect storm in which patent trolls rushed in to fill the void. Tons upon tons of ridiculously broad patents were filed (or older ones were dug up and "repurposed" for use in trolling). Then it just became a shakedown game of numbers. Find companies doing something vaguely like what's broadly and oddly described in your patent, tell them they're infringing -- and offer to "settle" for less than the cost to win in court.The tide started to change over the last decade and a half or so, in part because of a few changes to the law, but more importantly, the Supreme Court started to wake up to the fact that the CAFC had gone rogue and had massively rewritten patent law. And then over a period of about a decade, case by case by case, the Supreme Court smacked down CAFC. Two of the biggest such smackdowns came in the Mayo Labs ruling in 2012 which rejected medical diagnostic patents, and the Alice ruling in 2014, which rejected patents on software that performs "generic functions" (which is basically all software).Both of these cases focused on Section 101 of the Patent Act, which defines what actually is patentable subject matter. It's short and sweet:

Ruby on Rails has been used to build some of the most complex websites in existence, and is a hugely valuable tool for any aspiring web developer. Pay what you want for The Complete Ruby on Rails Master Class Bundle and you'll get the Comprehensive Ruby on Rails course. If you beat the average price, you'll unlock 10 more courses covering everything you need to know to master Ruby on Rails.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Social media platforms regularly engage in "content moderation"—the depublication, downranking, and sometimes outright censorship of information and/or user accounts from social media and other digital platforms, usually based on an alleged violation of a platform's "community standards" policy. In recent years, this practice has become a matter of intense public interest. Not coincidentally, thanks to growing pressure from governments and some segments of the public to restrict various types of speech, it has also become more pervasive and aggressive, as companies struggle to self-regulate in the hope of avoiding legal mandates.Many of us view content moderation as a given, an integral component of modern social media. But the specific contours of the system were hardly foregone conclusions. In the early days of social media, decisions about what to allow and what not to were often made by small teams or even individuals, and often on the fly. And those decisions continue to shape our social media experience today.Roz Bowden—who spoke about her experience at UCLA's All Things in Moderation conference in 2017—ran the graveyard shift at MySpace from 2005 to 2008, training content moderators and devising rules as they went along. Last year, Bowden told the BBC:

An ongoing lawsuit by the EFF and ACLU challenging warrantless device searches at the border has uncovered some disturbing news. The CBP and ICE have guidelines that govern these searches but they're so expansive they allow these agencies to search any device for almost any reason. We know this because it came straight from the agencies in their testimony during this case.The government has long argued -- mostly successfully -- that the our rights as Americans (and those we extend to those entering our country) simply don't apply at the border. Why? The best the government can offer is that national security trumps the Constitution within 100 miles of any border, port, or international airport. Securing the nation apparently can't be done without violating rights, so rights will just have to be violated.The CBP has been searching devices with increasing frequency over the past couple of years, providing plenty of ammo for court challenges. Unfortunately, none have been successful. But maybe this damning testimony showing the government granting itself all sorts of leeway might finally result in some restoration of our rights at our borders. The many details of border search policies are detailed in the EFF/ACLU's motion for summary judgment [PDF], asking the court to side with Americans and their rights, rather than exaggerated claims about the insecurity of our nation.The CBP's policies place almost no restrictions on searches of devices. Basic searches -- which involve an agent paging through a phone's contents manually, rather than using another device to perform a forensic search -- can be done with zero reasonable suspicion.Policy allows officers to retain devices for as long as they want. The policy says retention shouldn't exceed five days, but there is no upper limit to how long the CBP can hold onto a device with supervisory approval. The policies also allow the CBP to retain data from devices even when it has no probable cause to do so.This information is then shared with a number of other agencies, which the CBP can't be bothered to vet.