Utah became the latest state Tuesday to file a lawsuit against TikTok, alleging the company is "baiting" children into addictive and unhealthy social media habits. From a report: TikTok lures children into hours of social media use, misrepresents the app's safety and deceptively portrays itself as independent of its Chinese parent company, ByteDance, Utah claims in the lawsuit. "We will not stand by while these companies fail to take adequate, meaningful action to protect our children. We will prevail in holding social media companies accountable by any means necessary," Republican Gov. Spencer Cox said at a news conference announcing the lawsuit, which was filed in state court in Salt Lake City. Arkansas and Indiana have filed similar lawsuits while the U.S. Supreme Court prepares to decide whether state attempts to regulate social media platforms such as Facebook, X and TikTok violate the Constitution.

An anonymous reader quotes a report from TechCrunch: A California judge has thrown out a $32.5 million verdict win for Sonos against Google after two of Sonos' patents were deemed unenforceable and invalid. As a result, Google has started to re-introduce software features it had removed due to Sonos' lawsuit. In a decision dated October 6, U.S. District Judge William Alsup said that Sonos had wrongfully linked its patent applications for multi-room audio technology to a 2006 application in order to make them appear older and claim that its inventions came before Google's products, as first reported by Reuters.

"Sonos filed the provisional application from which the patents in suit claim priority in 2006, but it did not file the applications for these patents and present the asserted claims for examination until 2019," the decision (PDF) reads. "By the time these patents issued in 2019 and 2020, the industry had already marched on and put the claimed invention into practice. In fact, in 2014, five years before Sonos filed the applications and presented the claims, accused infringer Google LLC shared with Sonos a plan for a product that would practice what would become the claimed invention."

The decision states that the two companies were exploring a potential collaboration, but that it never materialized. Alsup goes on to note that Google began introducing its own products that featured multi-room audio technology in 2015, and also that Sonos waited until 2019 to pursue claims on the invention. "This was not a case of an inventor leading the industry to something new," Alsup wrote. "This was a case of the industry leading with something new and, only then, an inventor coming out of the woodwork to say that he had come up with the idea first — wringing fresh claims to read on a competitor's products from an ancient application." "We recently made a change to speaker groups for Nest speakers, displays, and Chromecast where certain devices can only belong to one speaker group at a time in the Google Home app," the company wrote in a blog post. "A federal judge has found that two patents that Sonos accused our devices of infringing are invalid. In light of this legal decision we're happy to share that we will be rolling back this change."

An anonymous reader quotes a report from Ars Technica: Facebook may have to overhaul its entire ad-targeting system after a California court ruled (PDF) last month that the platform's practice of routinely targeting ads by age, gender, and other protected categories violates a state anti-discrimination law. The decision came after a 48-year-old Facebook user, Samantha Liapes, fought for years to prove that Facebook had discriminated against her as an older woman using the platform's ad-targeting system to shop for life insurance policies.

Liapes filed a class-action lawsuit against Facebook in 2020. In her complaint, Liapes alleged that "Facebook requires all advertisers to choose the age and gender of its users who will receive ads, and companies offering insurance products routinely tell it to not send their ads to women or older people." Further, she alleged that Facebook's ad-delivery algorithm magnifies the problem by using these required inputs to serve the ads to "lookalike audiences." Through its algorithm, Liapes alleged that she found that Facebook "discriminates against women and older people," by intentionally excluding them from seeing certain life insurance ads. This, Liapes alleged, caused harm by preventing her from signing up for deals that "often change and may expire" -- deals which she said were disproportionately being advertised on Facebook to younger and/or male audiences. As evidence, Liapes pointed to ads that Facebook did not serve to her -- allegedly because advertisers used the platform's Audience Selection and Lookalike Audience tools to exclude her -- as an older woman [...]. "As a result, she had a harder time learning about those products or services," Liapes' complaint alleged. [...]

Initially, a court agreed with Facebook's arguments that Liapes had not provided sufficient evidence establishing Facebook's intent or demonstrating harms caused, but rather than amend her complaint, Liapes appealed. Then, in what tech law expert Eric Goldman on his blog called a "shocking conclusion," a California court last month reversed that initial decision, finding instead that Facebook's ad-targeting tools are not neutral, discriminate against users by age and gender, and are not immune under Section 230 of the Communications Decency Act. Goldman -- who joked that Liapes wanting more Facebook ads is "a desire shared by almost no one" -- said that the potential impact of this ruling goes beyond possibly shaking up Facebook's ad system. It also seemingly implicates every other ad network by finding that "any gender- or age-based ad targeting for any product or service (and targeting based on any other protected characteristics) could violate the Unruh Act." If the ruling is upheld, that could "have devastating effects on the entire Internet ecosystem," Goldman warned. "The court's single-minded determination to find a valid discrimination claim under these conditions casts a long and troubling shadow over the online advertising industry," Goldman wrote in his blog. "Who needs new privacy laws if the Unruh Act already bans most ad targeting?"

"The opinion never expressly says that the Unruh Act regulates ad targeting," Goldman told Ars. "It takes some reading between the lines to reach that conclusion."

Adi Robertson reports via The Verge: California Governor Gavin Newsom has signed AB 1394, a law that would punish web services for "knowingly facilitating, aiding, or abetting commercial sexual exploitation" of children. It's one of several online regulations that California has passed in recent years, some of which have been challenged as unconstitutional. Newsom's office indicated in a press release yesterday that he had signed AB 1394, which passed California's legislature in late September.

The law is set to take effect on January 1, 2025. It adds new rules and liabilities aimed at making social media services crack down on child sexual abuse material, adding punishments for sites that "knowingly" leave reported material online. More broadly, it defines "aiding or abetting" to include "deploy[ing] a system, design, feature, or affordance that is a substantial factor in causing minor users to be victims of commercial sexual exploitation." Services can limit their risks by conducting regular audits of their systems. As motivation, the bill text cites whistleblower complaints that Facebook responded inadequately to child abuse on the platform and a 2022 Forbes article alleging that TikTok Live had become a haven for adults to prey on teenage users.

An economist testified that Google made billions of dollars in extra ad revenue starting in 2017 — by making a secret change to its auction algorithm that bumped their revenues up 15%. Bloomberg reports: Michael Whinston, a professor of economics at the Massachusetts Institute of Technology, said Friday that Google modified the way it sold text ads via "Project Momiji" — named for the wooden Japanese dolls that have a hidden space for friends to exchange secret messages. The shift sought "to raise the prices against the highest bidder," Whinston told Judge Amit Mehta in federal court in Washington.

Google's advertising auctions require the winner to pay only a penny more than the runner-up. In 2016, the company discovered that the runner-up had often bid only 80% of the winner's offer. To help eliminate that 20% between the runner-up and what the winner was willing to pay, Google gave the second-place bidder a built-in handicap to make their offer more competitive, Whinston said, citing internal emails and sealed testimony by Google finance executive Jerry Dischler earlier in the case...

About two-thirds, more than 60%, of Google's total revenue comes from search ads, Dischler said previously, amounting to more than $100 billion in 2020.
In 2021 Google was also accused of running "a secret program to track bids on its ad-buying platform," according to the New York Post (citing reporting by the Wall Street Journal). A Texas-led antitrust suit accused Google "of using the information to gain an unfair market advantage that raked in hundreds of millions of dollars annually, according to a report."

And the Post's article also mentioned "an alleged hush-hush deal in which Google allegedly guaranteed that Facebook would win a fixed percentage of advertising deals."

Nearly 12% of America's population is in California. And the Los Angeles Times is predicting changes to what they eat: California became the first state in the nation to prohibit four food additives found in popular cereal, soda, candy and drinks after Gov. Gavin Newsom signed a ban on them Saturday. The California Food Safety Act will ban the manufacture, sale or distribution of brominated vegetable oil, potassium bromate, propylparaben and red dye No. 3 — potentially affecting 12,000 products that use those substances, according to the Environmental Working Group.

The legislation was popularly known as the "Skittles ban" because an earlier version also targeted titanium dioxide, used as a coloring agent in candies including Skittles, Starburst and Sour Patch Kids, according to the Environmental Working Group. But the measure, Assembly Bill 418, was amended in September to remove mention of the substance...

Assemblyman Jesse Gabriel (D-Woodland Hills), who authored AB 418, hailed the move as a "huge step in our effort to protect children and families in California from dangerous and toxic chemicals in our food supply." Gabriel said the bill won't ban any foods or products but will require food companies to make "minor modifications" to their recipes and switch to safer alternative ingredients. The use of the chemicals has already been banned in the European Union's 27 nations as well as many other countries due to scientific research linking them to cancer, reproductive issues, and behavioral and developmental problems in children, Gabriel said. Many major brands and manufacturers — including Coke, Pepsi, Gatorade and Panera — have voluntarily stopped using the additives because of concerns about their affect on human health. Brominated vegetable oil was previously used in Mountain Dew, but Pepsi Co. has since stopped using it in the beverage. It is still used, however, in generic soda brands such as Walmart's Great Value-branded Mountain Lightning. Propylparaben and potassium bromate are commonly found in baked goods. Red dye no. 3 is used by Just Born Quality Confections to color pink and purple marshmallow Peeps candy, according to Consumer Reports. "What we're really trying to get them to do is to change their recipes," Gabriel told The Times in March. "All of these are nonessential ingredients...."

"This is a milestone in food safety, and California is once again leading the nation," said Ken Cook, president of the Environmental Working Group, which co-sponsored the bill along with Consumer Reports. The law could affect food across the country, Cook said, because the size of California's economy might prompt manufacturers to produce just one version of their product rather than separate ones for the state and the rest of the nation.
A study by California's Office of Environmental Health Hazard Assessment (cited in the bill) found that "consumption of synthetic food dyes can result in hyperactivity and other neurobehavioral problems in some children, and that children vary in their sensitivity to synthetic food dyes. The report also found that current federal levels for safe intake of synthetic food dyes may not sufficiently protect children's behavioral health." The reports adds that America's Food and Drug Administration had set levels for the additives" "decades ago," and that those levels "do not reflect newer research."

The Los Angeles Times notes that the law won't take effect until January of 2027 — and that it imposes fines of "up to $10,000 for violations."

The Times also points out that former California governor Arnold Schwarzenegger had endorsed the bill as "common sense".

An anonymous reader shared this report from the Associated Press: A man accused of shooting down a law enforcement drone being used at a business near his Florida home could be sentenced to 10 years in federal prison...

Lake County sheriff's deputies responded to a burglary at a 10-acre industrial property in July 2021 in Mount Dora, northwest of Orlando, according to a plea agreement. As deputies used a $29,000 drone in the outdoor search, gunfire from a neighboring residential property caused it to crash into a metal roof and catch fire, prosecutors said. Deputies went to the property and found Goney, who said he shot down the drone with a .22-caliber rifle because it had been "harassing" him, investigators said.
The man had 29 previous felony convictions — and federal law prohibits most convicted felons from possessing firearms and ammunition...

Since 2004 October has been designated "Cybersecurity Awareness Month" in America, "a collaborative effort between government and industry to enhance cybersecurity awareness, encourage actions by the public to reduce online risk and generate discussion on cyber threats on a national and global scale."

That's according to America's Cybersecurity and Infrastructure Security Agency (or CISA), the operational lead for federal cybersecurity and national coordinator for critical infrastructure security and resilience (specifically designed for collaboration and partnership). It's why the NSA is publicizing the ten most common cybersecurity misconfigurations in large organizations.

But in addition, for consumers CISA is introducing a new program this year that "promotes behavioral change across the Nation, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on the four critical actions..." In a video the director of America's cyberdefense agency calls them steps "that everyone can take to stay safe online."

• Use Strong Passwords, "meaning long, random, and unique to each account. And use a password manager to generate and to save them."

• Turn on Multi-Factor Authentication on All Accounts That Offer It. "You need more than a password on your most important accounts, like email, social media, and financial accounts."

• Recognize and Report Phishing. "Be cautious of unsolicited emails, texts, or calls asking you for personal information, and don't click on links or open attachments from unknown sources.

• Update Your Software. "In fact, enable automatic updates on your software, so the latest security patches just keep your devices continuously up-to-date."

The video ends by noting CISA is asking tech companies and software developers to create products that are "secure by design."

"And let's secure our families by ensuring that our loved ones know what to look for and how to stay safe online."

An anonymous reader shared this report from Reuters: In a new front in the U.S.-China tech war, President Joe Biden's administration is facing pressure from some lawmakers to restrict American companies from working on a freely available chip technology widely used in China — a move that could upend how the global technology industry collaborates across borders...

RISC-V can be used as a key ingredient for anything from a smartphone chip to advanced processors for artificial intelligence... The lawmakers expressed concerns that Beijing is exploiting a culture of open collaboration among American companies to advance its own semiconductor industry, which could erode the current U.S. lead in the chip field and help China modernize its military. Their comments represent the first major effort to put constraints on work by U.S. companies on RISC-V...

Executives from China's Huawei Technologies have embraced RISC-V as a pillar of that nation's progress in developing its own chips. But the United States and its allies also have jumped on the technology, with chip giant Qualcomm working with a group of European automotive firms on RISC-V chips and Alphabet's Google saying it will make Android, the world's most popular mobile operating system, work on RISC-V chips...

Jack Kang, vice president of business development at SiFive, a Santa Clara, California-based startup using RISC-V, said potential U.S. government restrictions on American companies regarding RISC-V would be a "tremendous tragedy." "It would be like banning us from working on the internet," Kang said. "It would be a huge mistake in terms of technology, leadership, innovation and companies and jobs that are being created."
One U.S. Representative said the Chinese Communist Party was "abusing RISC-V to get around U.S. dominance of the intellectual property needed to design chips.

"U.S. persons should not be supporting a PRC tech transfer strategy that serves to degrade U.S. export control laws."

Tom Perkins writes via The Guardian: Almost half of a federal government panel that helps develop US nutritional guidelines has significant ties to big agriculture, ultra-processed food companies, pharmaceutical companies and other corporate organizations with a significant stake in the process's outcome. The revelation is part of a new report from US Right to Know, a government transparency group that looked for ties to corporate interests among the 20-member panel of food and nutrition experts that makes recommendations for updating the US government's official dietary guidelines.

It found nine members had ties to Nestle, Pfizer, Coca-Cola, the National Egg Board and other prominent food lobby groups, among others. The findings raise questions about whether the panel is looking out for Americans' health or corporate profits, and "erodes confidence in dietary guidelines," said Gary Ruskin of US Right to Know. "Millions of Americans' lives are affected by this report and it's crucial that the report tell the truth to American people and it's not degraded into another sales pitch for big food and big pharma," he said. [...]

"The guidelines affect the entire US food system quite strongly," Ruskin said. US Right to Know scoured public records dating back five years for conflicts of interest among the 20 panel members. In addition to the nine it found with "high-risk conflicts of interest" and connections to the food and drug industry, it found four more members who have possible conflicts of interest. It applauded the agencies for appointing seven members who did not appear to have any conflicts. At least four panelists have connections to at least two companies each among Abbott, Novo Nordisk, the National Dairy Council, Eli Lilly and Weight Watchers International. One panel member has received about $240,000 in grant funding from Eli Lilly.

Jonathan Greig writes via The Record: Genetic testing giant 23andMe confirmed that a data scraping incident resulted in hackers gaining access to sensitive user information and selling it on the dark web. The information of nearly 7 million 23andMe users was offered for sale on a cybercriminal forum this week. The information included origin estimation, phenotype, health information, photos, identification data and more. 23andMe processes saliva samples submitted by customers to determine their ancestry.

When asked about the post, the company initially denied that the information was legitimate, calling it a "misleading claim" in a statement to Recorded Future News. The company later said it was aware that certain 23andMe customer profile information was compiled through unauthorized access to individual accounts that were signed up for the DNA Relative feature -- which allows users to opt in for the company to show them potential matches for relatives. [...] When pressed on how compromising a handful of user accounts would give someone access to millions of users, the spokesperson said the company does not believe the threat actor had access to all of the accounts but rather gained unauthorized entry to a much smaller number of 23andMe accounts and scraped data from their DNA Relative matches.

A researcher approached Recorded Future News after examining the leaked database and found that much of it looked real. [...] The researcher downloaded two files from the BreachForums post and found that one had information on 1 million 23andMe users of Ashkenazi heritage. The other file included data on more than 300,000 users of Chinese heritage. The data included profile and account ID numbers, names, gender, birth year, maternal and paternal genetic markers, ancestral heritage results, and data on whether or not each user has opted into 23andme's health data. The researcher added that he discovered another issue where someone could enter a 23andme profile ID, like the ones included in the leaked data set, into their URL and see someone's profile. The data available through this only includes profile photos, names, birth years and location but does not include test results.

An anonymous reader quotes a report from Motherboard: A man who admitted attempting to assassinate Queen Elizabeth II with a crossbow after discussing his plan with an AI-powered chatbot has been sentenced to 9 years in prison for treason. It's the UK's first treason conviction in more than 40 years. Jaswant Singh Chail, who was 19 at the time of his arrest on Christmas Day, 2021, scaled the walls of Windsor Castle's grounds with a mask and a loaded high-power crossbow. He said his intent was, as a British Sikh, to assassinate the Queen in a Star Wars-inspired plan to avenge the 1919 Jallianwalla Bagh massacre, a colonial-era atrocity during British rule in India. Prosecutors said that Chail was encouraged to undertake this plot after discussing it at length with an AI-powered chatbot that egged him on and bolstered his resolve. [...] Chail is currently being held at Broadmoor high-security hospital and will remain there until he is psychologically well enough to serve his sentence.

Slash_Account_Dot shares a report from 404 Media, written by Joseph Cox: In a bombshell report, an oversight body for the Department of Homeland Security (DHS) found that Immigration and Customs Enforcement (ICE), Customs and Border Enforcement (CBP), and the Secret Service all broke the law while using location data harvested from ordinary apps installed on smartphones. In one instance, a CBP official also inappropriately used the technology to track the location of coworkers with no investigative purpose. For years U.S. government agencies have been buying access to location data through commercial vendors, a practice which critics say skirts the Fourth Amendment requirement of a warrant. During that time, the agencies have typically refused to publicly explain the legal basis on which they based their purchase and use of the data. Now, the report shows that three of the main customers of commercial location data broke the law while doing so, and didn't have any supervisory review to ensure proper use of the technology. The report also recommends that ICE stop all use of such data until it obtains the necessary approvals, a request that ICE has refused.

The report, titled "CBP, ICE, and Secret Service Did Not Adhere to Privacy Policies or Develop Sufficient Policies Before Procuring and Using Commercial Telemetry Data," is dated September 28, 2023, and comes from Joseph V. Cuffari, the Inspector General for DHS. The report was originally marked as "law enforcement sensitive," but the Inspector General has now released it publicly.

James Hunt reports via The Block: A group of FTX U.S.-based employees stumbled across a backdoor for its affiliated trading firm Alameda Research months before the crypto exchange collapsed in Nov. 2022, the Wall Street Journal reported, citing people familiar with the matter. The backdoor allowed Alameda to have a negative balance of up to $65 billion using customer funds, according to previous court filings revealing code buried in FTX's systems. Negative balances were not possible for other FTX users, who would be automatically liquidated if they fell into the red.

The employees reportedly alerted their division boss to the discovery, who discussed it with former FTX CEO Sam Bankman Fried's lieutenant Nishad Singh, but the issue was never resolved. Instead, the leader of the team who raised the concern was sacked, the WSJ said. [...] The backdoor forms a key part of the prosecution's case in Bankman-Fried's trial. Bankman-Fried faces multiple fraud charges and could serve decades in prison. He pleaded not guilty to all charges.

An anonymous reader quotes a report from TechCrunch: Following preliminary objections over Google's data terms, set out back in January by Germany's antitrust watchdog, the tech giant has agreed to make changes that will give users a better choice over its use of their information, the country's Federal Cartel Office (FCO) said today. The commitments cover situations where Google would like to combine personal data from one Google service with personal data from other Google or non-Google sources or cross-use these data in Google services that are provided separately, per the authority.

Per the FCO decision document (PDF): "The Commitments cover in principle all services operated by Google and directed to end users in Germany with more than one million monthly active users (MAU) in Germany [and Android Automotive whether it meets that threshold or not]." But, as we report below, Google's core platform services designated under the EU's DMA are not covered -- nor is Fitbit, which the document notes is already subject to "far-reaching obligations regarding the cross-service processing of health and wellness data" as a result of EU merger control. [...]

Per the FCO decision document, the implementation date (in principle) for Google's commitments is September 30, 2024 — with an earlier date of March 6, 2024 for commitments covering Google Assistant and Contacts. But the FCO notes that it may provide Google with an extension upon "substantiated request". Once implemented, the commitments will have a five year duration from their start date. The document also notes that if, in the future, a Google service falls out of the DMA designation as a core platform service and meets the FCO usage threshold then these local commitments will be applied to it. The converse will also apply; meaning if the European Commission designates one of the Google services covered by this commitments to the DMA list of core platform services it would no longer fall under this arrangement. Gmail is an interesting example here as the EU recently accepted Google's arguments to exclude the web mail service from the DMA list of core platform services -- but the tech giant is facing future restrictions on how it can use Gmail users' data under the FCO commitments (even if these will only apply in Germany). Commenting in a statement, Andreas Mundt, president of the Bundeskartellamt, said: "Data are key for many business models used by large digital companies. The market power of large digital companies is based on the collection, processing and combination of data. Google's competitors do not have these data and are thus faced with serious competitive disadvantages. In the future users of Google services will have a much better choice as to what happens to their data, how Google can use them and whether their data may be used across services. This not only protects the users' right to determine the use of their data but also curbs Google's data-driven market power. Large digital companies offer a wide range of different digital services. Without the users' free and informed consent the data from Google's services and third-party services can no longer be cross-used in separate services offered by Google or even be combined. We have made sure that Google will provide a separate choice option in the future."

An anonymous reader quotes a report from Ars Technica: Within the past year, there have been approximately five times more school shooting hoaxes called in to police than actual school shootings reported in 2023. Where data from Everytown showed "at least 103 incidents of gunfire on school grounds" in 2023, The Washington Post recently uncovered what seems to be a coordinated campaign of active shooter hoaxes causing "swattings" -- where police respond with extreme force to fake crimes -- at more than 500 schools nationwide over the past year. In just one day in February, "more than 30 schools were targeted," The Post reported.

The Post "examined police reports, emergency call recordings, body-camera footage, or call logs in connection with incidents in 24 states," which seemed to reveal a "distinct pattern" potentially linking swatting hoaxes nationwide. A man who "speaks with a heavy accent" -- and possibly uses a device or app to alter his voice in real time -- relies on a virtual private network (VPN) to mask his IP address, then places the hoax calls on non-emergency lines using free Internet-calling services. He frequently pretends to be a teacher hiding from the fake shooter on campus and sometimes falsely reports student shootings. To some law enforcement officials, the voice sounds too similar from call to call to be chalked up to coincidence. The Post stitched together audio that shows why many authorities believe these hoax calls might be coming from the same caller, whose motivations are currently unknown. It's possible the hoax calls are being orchestrated by one person with a hostile compulsion or by one or several perpetrators advertising swatting services available for hire online. [...]

According to The Post, the FBI has been investigating this string of school shooting hoaxes, but it's unclear how far that investigation has gotten -- mostly because tracing the hoax calls has perplexed many law enforcement agencies nationwide. Tracing calls is difficult partly because many VPN providers outside the US don't always cooperate with law enforcement, and some of the most popular free Internet-calling services only require an email address to sign up. However, The Post reported that it has increasingly become clear to law enforcement that one particular Internet-calling service appears to be the most popular choice for hoax callers reporting school shootings: TextNow. One police captain in Lousiana, Shannon Mack -- who is described as specializing in "cases involving Internet-based phone services -- told The Post that "nine times out of 10," hoax calls she has investigated have come from a TextNow number.

An anonymous reader quotes a report from Wired: Crime predictions generated for the police department in Plainfield, New Jersey, rarely lined up with reported crimes, an analysis by The Markup has found, adding new context to the debate over the efficacy of crime prediction software. Geolitica, known as PredPol until a 2021 rebrand, produces software that ingests data from crime incident reports and produces daily predictions on where and when crimes are most likely to occur. We examined 23,631 predictions generated by Geolitica between February 25 and December 18, 2018, for the Plainfield Police Department (PD). Each prediction we analyzed from the company's algorithm indicated that one type of crime was likely to occur in a location not patrolled by Plainfield PD. In the end, the success rate was less than half a percent. Fewer than 100 of the predictions lined up with a crime in the predicted category, that was also later reported to police. Diving deeper, we looked at predictions specifically for robberies or aggravated assaults that were likely to occur in Plainfield and found a similarly low success rate: 0.6 percent. The pattern was even worse when we looked at burglary predictions, which had a success rate of 0.1 percent.

Long-time Slashdot reader schwit1 shares a report from The Intercept: The Heat Initiative, a nonprofit child safety advocacy group, was formed earlier this year to campaign against some of the strong privacy protections Apple provides customers. The group says these protections help enable child exploitation, objecting to the fact that pedophiles can encrypt their personal data just like everyone else. When Apple launched its new iPhone this September, the Heat Initiative seized on the occasion, taking out a full-page New York Times ad, using digital billboard trucks, and even hiring a plane to fly over Apple headquarters with a banner message. The message on the banner appeared simple: 'Dear Apple, Detect Child Sexual Abuse in iCloud' -- Apple's cloud storage system, which today employs a range of powerful encryption technologies aimed at preventing hackers, spies, and Tim Cook from knowing anything about your private files.

Something the Heat Initiative has not placed on giant airborne banners is who's behind it: a controversial billionaire philanthropy network whose influence and tactics have drawn unfavorable comparisons to the right-wing Koch network. Though it does not publicize this fact, the Heat Initiative is a project of the Hopewell Fund, an organization that helps privately and often secretly direct the largesse -- and political will -- of billionaires. Hopewell is part of a giant, tightly connected web of largely anonymous, Democratic Party-aligned dark-money groups, in an ironic turn, campaigning to undermine the privacy of ordinary people.

For an organization demanding that Apple scour the private information of its customers, the Heat Initiative discloses extremely little about itself. According to a report in the New York Times, the Heat Initiative is armed with $2 million from donors including the Children's Investment Fund Foundation, an organization founded by British billionaire hedge fund manager and Google activist investor Chris Cohn, and the Oak Foundation, also founded by a British billionaire. The Oak Foundation previously provided $250,000 to a group attempting to weaken end-to-end encryption protections in EU legislation, according to a 2020 annual report. The Heat Initiative is helmed by Sarah Gardner, who joined from Thorn, an anti-child trafficking organization founded by actor Ashton Kutcher. [...] Critics say these technologies aren't just uncovering trafficked children, but ensnaring adults engaging in consensual sex work. "My goal is for child sexual abuse images to not be freely shared on the internet, and I'm here to advocate for the children who cannot make the case for themselves," Gardner said, declining to name the Heat Initiative's funders. "I think data privacy is vital. I think there's a conflation between user privacy and known illegal content."

Todd Shields and Loren Grush reporting via Bloomberg: Dish Network Corp. was fined $150,000 by US regulators for leaving a retired satellite parked in the wrong place in space, reflecting official concern over the growing amount of debris orbiting Earth and the potential for mishaps. The Federal Communications Commission called the action its first to enforce safeguards against orbital debris. "This is a breakthrough settlement, making very clear the FCC has strong enforcement authority and capability to enforce its vitally important space debris rules," Loyaan A. Egal, the agency's enforcement bureau chief, said in a statement.

Dish's EchoStar-7 satellite, which relayed pay-TV signals, ran short of fuel, and the company retired it at an altitude roughly 76 miles (122 kilometers) above its operational orbit. It was supposed to have been parked 186 miles above its operational orbit, the FCC said in an order (PDF). The company admitted it failed to park EchoStar-7 as authorized. It agreed to implement a compliance plan and pay a $150,000 civil penalty, the FCC said.

Ian Freeman, a New Hampshire man in his 40s, has been sentenced to eight years in prison for running an unlicensed bitcoin exchange business. He will also be fined at least $40,000, although the exact amount still has to be determined in a hearing. The Associated Press reports: Ian Freeman was taken away in handcuffs following his sentencing in U.S. District Court in Concord. Prosecutors said Freeman, a libertarian activist and radio show host, created a business that catered to fraudsters who targeted elderly women with romance scams, serving as "the final step in permanently separating the victims from their money." Freeman, who is in his 40s, said in court he did not believe he broke the law. He said he was trying to get people to adopt bitcoin. He said there were times he detected fraud and protected many potential scam victims. He apologized for not being able to help them all. "I don't want people to be taken advantage of," said Freeman, who said he cooperated with law enforcement to help some people get their money back.

Freeman said he devised a series of questions for customers, including whether a third party was putting them up to their transactions or if they were under duress. Some victims lied about their circumstances, he said. Freeman also said he didn't learn about scam victims until he saw their stories in the news. "It didn't matter how strict I was or how many questions I asked," he said. After a two-week trial, he was convicted of eight charges in December, although his conviction on a money laundering charge was later overturned by the judge. The prosecution is appealing it to the 1st Circuit Court of Appeals.

Freeman was sentenced on the remaining charges, which include operating an unlicensed money transmitting business and conspiracy to commit money laundering and wire fraud. Freeman's lawyers said they planned to appeal and asked that he remain free on bail for now, but U.S. District Court Judge Joseph LaPlante didn't allow it. The sentencing guidelines called for much longer term, ranging from about 17 years to nearly 22 years in prison.