Crime

UK Police Force Loses 3 Years of Body Camera Footage (independent.co.uk) 61

Slashdot reader Bruce66423 shared this report from the Independent: South Yorkshire Police (SYP) has apologised after revealing more than three years' worth of officer body cam footage has been deleted from its computer systems. SYP said it had referred itself to the Information Commissioner's Office (ICO) after the footage, recorded between July 2020 and May 2023, was found to be missing. The force initially said the incident had been caused by a "significant and unexplained reduction" in stored data on its computer systems and later clarified that the data had been "deleted" and not hacked.

Around 69 cases have been identified as potentially affected by the loss of data and the force said it was working closely with the victims and Crown Prosecution Service. The cases range from cannabis possession through to domestic abuse and sexual offences, SYP told The Independent... Urgent work, led by digital forensic experts, is underway to recover the footage, it added...

It comes just weeks after a major data beach in Northern Ireland, where the force mistakenly published the personal details of officers in response to a freedom of information request. Norfolk and Suffolk police forces, in another freedom of information request incident, released the personal details of more than 1,000 people, including crime victims.

Republicans

Judge Tears Apart Republican Lawsuit Alleging Bias In Gmail Spam Filter (arstechnica.com) 184

An anonymous reader quotes a report from Ars Technica: A federal judge yesterday granted Google's motion to dismiss a lawsuit filed by the Republican National Committee (RNC), which claims that Google intentionally used Gmail's spam filter to suppress Republicans' fundraising emails. An order (PDF) dismissing the lawsuit was issued yesterday by US District Judge Daniel Calabretta. The RNC is seeking "recovery for donations it allegedly lost as a result of its emails not being delivered to its supporters' inboxes," Calabretta noted. But Google correctly argued that the lawsuit claims are barred by Section 230 of the Communications Decency Act, the judge wrote. The RNC lawsuit was filed in October 2022 in US District Court for the Eastern District of California.

"While it is a close case, the Court concludes that... the RNC has not sufficiently pled that Google acted in bad faith in filtering the RNC's messages into Gmail users' spam folders, and that doing so was protected by Section 230. On the merits, the Court concludes that each of the RNC's claims fail as a matter of law for the reasons described below," he wrote. Calabretta, a Biden appointee, called it "concerning that Gmail's spam filter has a disparate impact on the emails of one political party, and that Google is aware of and has not yet been able to correct this bias." But he noted that "other large email providers have exhibited some sort of political bias" and that if Google did not filter spam, it would harm its users by subjecting them "to harmful malware or harassing messages. On the whole, Google's spam filter, though in this instance imperfect, is not morally blameworthy."

The RNC was given leave to amend another claim that alleged intentional interference with prospective economic relations under California law. The judge dismissed the claim as follows: "The RNC argues that Google's conduct was independently wrongful because '(1) it is political discrimination against the RNC, (2) it is dishonest to Google's users and the public, and (3) Google repeatedly lied about it.' As established above, political discrimination is not prohibited by California anti-discrimination laws and so Google's alleged discrimination would not be unlawful. The latter two reasons do not provide a 'determinable legal standard' under which the Court could find the conduct wrongful; they rest on a 'nebulous' theory of wrongfulness which other courts have rejected." The RNC "has failed to establish that Defendant's alleged interference constituted a separate, independently 'wrongful act' that would be an appropriate predicate offense" but "will be granted leave to amend this claim to establish that Defendant's conduct was unlawful by some legal measure," Calabretta wrote.
Google said in a statement: "We welcome the Court's finding that there are no plausible allegations that Gmail's spam filters discriminate for political purposes. We will continue investing in spam-filtering technologies that protect people from unwanted emails while still allowing senders to reach the inboxes of users who want their messages."
Privacy

Taliban Says Huawei to Install Cameras to Locate Militants (bloomberg.com) 71

Afghanistan's Taliban-led government is working with Huawei to install a wide-ranging surveillance system across the country in an effort to identify and target insurgents or terrorism activities, Bloomberg News reported Friday, citing a person familiar with the discussions. From the report: Representatives of the Shenzhen-headquartered tech company met with Interior Ministry officials on Aug. 14, the person said, and a verbal agreement was reached regarding the contract. The Interior Ministry initially posted images and details of the meeting on X, the social media platform formerly known as Twitter. In one post, spokesman Mufti Abdul Mateen Qani said the advanced camera system was being considered "in every province of Afghanistan."

The posts, which were later deleted, included comments from Abdullah Mukhtar, the deputy minister of the ministry. "We are willing to accept projects that are better in terms of quality and price," he said. "Reports on this meeting are factually incorrect. No plans or agreements were discussed," Huawei said in an emailed statement.

Privacy

NSA Orders Employees To Spy on the World 'With Dignity and Respect' (theintercept.com) 46

The National Security Agency, the shadowy hub for the United States' electronic and cyber spying, has instructed its employees that foreign targets of its intelligence gathering "should be treated with dignity and respect," according to a new policy directive. The Intercept: The directive, released this summer as internal guidance, is for the NSA's vaunted signals intelligence, or SIGINT, division, which is responsible for covert surveillance and data collection worldwide. "In recognition that SIGINT activities must take into account that all persons should be treated with dignity and respect, regardless of their nationality or wherever they might reside," says the previously unreported directive, which was issued by NSA Director Gen. Paul Nakasone.

Civil liberties experts say the PR-friendly directive is an attempt to mollify European partners and American critics amid a simmering congressional debate over whether to reauthorize the NSA's broad surveillance authorities. Experts also pointed to the absurdity that the NSA, an intelligence agency that specializes in electronic eavesdropping including the interception of text messages and emails, could do so respectfully. "This is like the CIA putting out a statement saying that going forward they'll only waterboard people with dignity and respect," Evan Greer, director of the digital rights advocacy group Fight for the Future, told The Intercept. "Mass surveillance is fundamentally incompatible with basic human rights and democracy."

Privacy

College Board Shares Student SAT Scores, GPA with Facebook and TikTok (gizmodo.com) 42

College Board sends student SAT scores and GPA to Facebook and TikTok, according to tests by tech news outlet Gizmodo. Even when searching for colleges, personal academic details are shared with social media companies. From the report: Gizmodo observed the College Board's website sharing data with Facebook and TikTok when a user fills in information about their GPA and SAT scores. When this reporter used the College Board's search filtering tools to find colleges that might accept a student with a C+ grade-point average and a SAT score of 420 out of 1600, the site let the social media companies know. Whether a student is acing their tests or struggling, Facebook and TikTok get the details.

The College Board shares this data via "pixels," invisible tracking technology used to facilitate targeted advertising on platforms such as Facebook and TikTok. The data is shared along with unique user IDs to identify the students, along with other information about how you use the College Board's site. Organizations use pixels and other tools to share data so they can send targeted ads to people who use their apps and websites on other platforms, such as Google, Facebook, and TikTok.

AI

DHS Has Spent Millions On an AI Surveillance Tool That Scans For 'Sentiment and Emotion' (404media.co) 50

New submitter Slash_Account_Dot shares a report from 404 Media, a new independent media company founded by technology journalists Jason Koebler, Emanuel Maiberg, Samantha Cole, and Joseph Cox: Customs and Border Protection (CBP), part of the Department of Homeland Security, has bought millions of dollars worth of software from a company that uses artificial intelligence to detect "sentiment and emotion" in online posts, according to a cache of documents obtained by 404 Media. CBP told 404 Media it is using technology to analyze open source information related to inbound and outbound travelers who the agency believes may threaten public safety, national security, or lawful trade and travel. In this case, the specific company called Fivecast also offers "AI-enabled" object recognition in images and video, and detection of "risk terms and phrases" across multiple languages, according to one of the documents.

Marketing materials promote the software's ability to provide targeted data collection from big social platforms like Facebook and Reddit, but also specifically names smaller communities like 4chan, 8kun, and Gab. To demonstrate its functionality, Fivecast promotional materials explain how the software was able to track social media posts and related Persons-of-Interest starting with just "basic bio details" from a New York Times Magazine article about members of the far-right paramilitary Boogaloo movement. 404 Media also obtained leaked audio of a Fivecast employee explaining how the tool could be used against trafficking networks or propaganda operations. The news signals CBP's continued use of artificial intelligence in its monitoring of travelers and targets, which can include U.S. citizens. This latest news shows that CBP has deployed multiple AI-powered systems, and provides insight into what exactly these tools claim to be capable of while raising questions about their accuracy and utility.
"CBP should not be secretly buying and deploying tools that rely on junk science to scrutinize people's social media posts, claim to analyze their emotions, and identify purported 'risks,'" said Patrick Toomey, deputy director of the ACLU's National Security Project. "The public knows far too little about CBP's Counter Network Division, but what we do know paints a disturbing picture of an agency with few rules and access to an ocean of sensitive personal data about Americans. The potential for abuse is immense."
Piracy

Amazon Sues Online Stores Selling Pirated DVDs 71

Amazon has filed a lawsuit against a group of online stores that sell pirated DVDs of key titles such as "The Lord of the Rings: The Rings of Power" and "The Peripheral." TorrentFreak reports: In a complaint filed at a California federal court, Amazon accuses seven websites of selling pirated discs. These sites, including dvdshelf.com.au, dvds.trade, and dvdwholesale.co.uk, are presumably operated by the same group, using a variety of companies. For the public at large, it may not be immediately obvious that these discs are pirated. However, since Amazon doesn't produce or sell DVDs for these Prime Video series, there is no doubt that they are created from illicit sources.

The piracy operation consists of at least seven websites and these all remain online today. According to Amazon, the sites ship to customers in the U.S. and abroad, twenty-four hours a day, seven days a week, resulting in mass copyright infringement. Before going to court, investigators conducted more than twenty test purchases of pirated DVDs. After these orders arrived, Amazon sent the discs to the Motion Picture Association which independently confirmed that they were all pirated.

The complaint lists Yangchun Zhang as a key suspect. This person presumably resides in China and obtained the 'DVD Shelf' trademark in Australia. In addition, Zhang is also listed as the registrant of several of the domain names involved. The complaint accuses Zhang and the others of both copyright and trademark infringement. Through the lawsuit (PDF), Amazon hopes to recoup damages, which can run in the millions of dollars. Another key priority is to shut the sites down and Amazon asks the court for an injunction to stop all infringing activity.
Crime

Tornado Cash Founders Charged With Laundering More Than $1 Billion (cnbc.com) 36

Two founders of Tornado Cash, the widely known Russian cryptocurrency mixer, have been charged with laundering more than $1 billion in criminal proceeds. From a report: In a newly unsealed indictment, Roman Storm and Roman Semenov have both been accused of sanctions violations and laundering money through Tornado Cash, including hundreds of millions of dollars for the Lazarus Group, a sanctioned North Korean state-backed hacking group. Charges in the indictment include conspiring to commit money laundering, conspiracy to commit sanctions violations and conspiracy to operate an unlicensed money transmitting business. Storm was arrested Wednesday in Washington state, according to a statement from the Justice Department, but Semenov, a Russian national, remains at large. The third co-founder, Alexey Pertsev, who is not mentioned in this action, faces trial in Amsterdam over his involvement with Tornado Cash. "Roman Storm and Roman Semenov allegedly operated Tornado Cash and knowingly facilitated this money laundering," said U.S. Attorney Damian Williams, adding, "While publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes." Further reading: Tornado Cash Co-founder Reports Being Kicked Off GitHub as Industry Reacts To Sanctions (2022);
Coinbase Employees and Ethereum Backers Sue US Treasury Over Tornado Cash Sanctions (2022).
United Kingdom

Teenagers Convicted of Grand Theft Auto, Nvidia Lapsus$ Hacks in the UK (bloomberg.com) 35

Two UK teenagers accused of being key members of the notorious hacking group Lapsus$, behind attacks on companies including Nvidia, Rockstar Games, and Uber, were convicted of their crimes by a London jury Wednesday. From a report: Arion Kurtaj, 18, and a 17-year-old male, who can't be identified, were found to have carried out a number of offenses including serious computer misuse, blackmail and fraud against BT Group's EE network and Nvidia. Kurtaj was also separately accused of hacks into Uber, Rockstar's Grand Theft Auto game, and fintech firm Revolut. The Southwark Crown Court jury only needed to come to a decision on whether Kurtaj was liable for the crimes after he was found by the judge to be unfit to stand trial because of a complex medical condition. The jury found him liable for all 12 charges. The 17-year-old was found guilty of hacking, fraud and blackmail against Nvidia and cleared over two other counts against EE. He had previously plead guilty to two charges relating to the BT hacks. Lapsus$ are an international bunch of loosely connected online extortionists.
Social Networks

A Pennsylvania Court Says State Police Can't Hide How It Monitors Social Media (apnews.com) 32

An anonymous reader quotes a report from the Associated Press: Pennsylvania's Supreme Court ruled Tuesday that the state police can't hide from the public its policy on how it monitors social media. Advocates for civil liberties cheered the decision. The law enforcement agency had argued that fully disclosing its policy for using software to monitor online postings may compromise public safety. All four Democratic justices supported the majority decision, which said the lower Commonwealth Court went beyond its authority in trying to give the state police another attempt to justify keeping details of the policy a secret. Tuesday's order appears to end a six-year legal battle.

Justifying what the majority opinion described as heavy or complete redactions on every page of the nine-page regulation, the head of the state police's bureau of criminal investigations argued that greater transparency about the policy would make its investigations less effective. The state Office of Open Records held a private review of the blacked out material and and ruled that making the policy public would not be likely to harm investigations, calling the social media policy processes strictly internal and administrative in nature. Redacted sections addressed the use of open sources, what approval is required, when to go undercover and use an online alias and how to verify information. State police also blacked out the entire section on using social media for employment background investigations.

A panel of three Republican Commonwealth Court judges reversed the Office of Open Records' ruling that the policy should be disclosed without redactions, saying in May 2018 that the state police investigations chief based his analysis about the risk of exposure on his own extensive experience. The majority decision issued Tuesday said Commonwealth Court should not have given the state police a new opportunity to lay out the supposed public safety risks. The majority ruled that Pennsylvania's Right-to-Know Law does not permit Commonwealth Court to order additional fact-finding not sought by state police.
Andrew Christy, a lawyer with the ACLU of Pennsylvania, said the ruling "sort of puts law enforcement on the same playing field as all government agencies. If they have a legal justification to keep something secret, then they have to put forth sufficient evidence to justify that."

"Ultimately that relies on the voters understanding what law enforcement is doing so that then, through their elected representatives, they can rein them in when they're acting in a way that doesn't comport with what the public wants," Christy said.
Bitcoin

Bitcoin Developers Push Back Against Craig Wright's Claim to Billions of Dollars in Bitcoin (coindesk.com) 82

Long-time Slashdot reader UnknowingFool writes: In 2021, Craig Wright sued 12 bitcoin developers who refused help him recover 111,000 bitcoins he claimed were lost in a hack. His company, Tulip Trading, wanted the developers to put in a backdoor mechanism in bitcoin that would override the ownership of the coins, arguing it was the developers "fiduciary duty" to assist him. The developers allege (PDF) that Tulip and Wright never owned the coins and the evidence of ownership provided is "fabricated." Tulip Trading "never owned the digital assets and has commenced this claim fraudulently and in reliance on fabricated documents," the developers' lawyers said in a statement. "Dr. Wright has a long history of fraud, forgery, and dishonesty ... [and is using] the English courts as an instrument of fraud."
Privacy

The Feds Asked TikTok For Lots of Domestic Spying Features (gizmodo.com) 48

A draft agreement between TikTok and the Committee on Foreign Investment in the United States (CFIUS) to avoid a ban would have given U.S. agencies unprecedented access to TikTok's facilities and servers. "Many of the concessions the government asked of TikTok look eerily similar to the surveillance tactics critics have accused Chinese officials of abusing," reports Gizmodo. "To allay fears the short-form video app could be used as a Chinese surveillance tool, the federal government nearly transformed it into an American one instead." The draft of the deal was obtained by Forbes. From a report: Forbes reports that the draft agreement, dated Summer 2022, would have given the US government agencies like the Department of Justice and Department of Defense far more access to TikTok's operations than that of any other social media company. The agreement would let agencies examine TikTok's US facilities, records, and servers with minimal prior notice and veto the hiring of any executive involved with leading TikTok US data security organization. It would also let US agencies block changes to the app's terms of service in the US and order the company to subject itself to various audits, all on TikTok's dime, per Forbes. In extreme cases, the agreement would allow government organizations to demand TikTok temporarily shut off functioning in the U.S..

The draft document, which Gizmodo could not independently verify, is reportedly around 100 pages long and contains comments sent between attorneys representing ByteDance, TikTok's Chinese-owned parent company, and CFIUS. The agreements, if accepted as written at the time, would open TikTok's U.S. operations up to supervision by a number of external third-party auditors and source code inspectors. ByteDance leaders, whom US lawmakers and whistleblowers have accused of maintaining close connections with The Chinese Communist Party, would be excluded from some security-related decisions involving the US version of the app.

Provisions described in the guidelines weren't always agreed on by both parties. In several instances, according to Forbes, TikTok's attorneys pushed back against terms that would let the government alter what types of user data ByteDance employees could view. Another point of disagreement emerged when the government reportedly asked for limitless veto power over TikTok's future contracts. At one point, TikTok reportedly altered language that would have allowed government officials to demand changes to the apps recommendations algorithm if it promoted content the agencies disagreed with.
A TikTok spokesperson said in a statement: "As has been widely reported, we've been working with CFIUS for well over a year to implement a national security agreement and have invested significant resources in implementing a firewall to isolate U.S. user data. Today, all new protected U.S. user data is stored in the Oracle Cloud Infrastructure in the U.S. with tightly controlled and monitored gateways. We are doing more than any peer company to safeguard U.S. national security interests."
AI

AI-Generated Art Cannot Receive Copyrights, US Court Says 57

A U.S. court in Washington, D.C. today has ruled that artwork created by artificial intelligence without any human input cannot be copyrighted under U.S. law. Reuters reports: Only works with human authors can receive copyrights, U.S. District Judge Beryl Howell said on Friday, affirming the Copyright Office's rejection of an application filed by computer scientist Stephen Thaler on behalf of his DABUS system. The Friday decision follows losses for Thaler on bids for U.S. patents covering inventions he said were created by DABUS, short for Device for the Autonomous Bootstrapping of Unified Sentience. Thaler has also applied for DABUS-generated patents in other countries including the United Kingdom, South Africa, Australia and Saudi Arabia with limited success.
Privacy

Cellebrite Asks Cops To Keep Its Phone Hacking Tech 'Hush Hush' (techcrunch.com) 50

An anonymous reader shares a report: For years, cops and other government authorities all over the world have been using phone hacking technology provided by Cellebrite to unlock phones and obtain the data within. And the company has been keen on keeping the use of its technology "hush hush." As part of the deal with government agencies, Cellebrite asks users to keep its tech -- and the fact that they used it -- secret, TechCrunch has learned. This request concerns legal experts who argue that powerful technology like the one Cellebrite builds and sells, and how it gets used by law enforcement agencies, ought to be public and scrutinized.

In a leaked training video for law enforcement customers that was obtained by TechCrunch, a senior Cellebrite employee tells customers that "ultimately, you've extracted the data, it's the data that solves the crime, how you got in, let's try to keep that as hush hush as possible." "We don't really want any techniques to leak in court through disclosure practices, or you know, ultimately in testimony, when you are sitting in the stand, producing all this evidence and discussing how you got into the phone," the employee, who we are not naming, says in the video.

The Almighty Buck

Thousands of Crypto Scammers are Enslaved by Human-Trafficking Gangsters, Says Bloomberg Reporter (bloomberg.com) 100

A Bloomberg investigative reporter wrote a new book titled Number Go Up: Inside Crypto's Wild Rise and Staggering Fall. This week Bloomberg published an excerpt that begins when the reporter received a flirtatious text message from a woman named Vicky Ho for a scam that's called "pig butchering".

"Vicky's random text had found its way to pretty much exactly the wrong target. I'd been investigating the crypto bubble for more than a year..." After a day, Vicky revealed her true love language: Bitcoin price data. She started sending me charts. She told me she'd figured out how to predict market fluctuations and make quick gains of 20% or more. The screenshots she shared showed that during that week alone she'd made $18,600 on one trade, $4,320 on another and $3,600 on a third... For days, she went on chatting without asking for me to send any money. I was supposed to be the mark, but I had to work her to con me.... Vicky sent me a link to download an app called ZBXS. It looked pretty much like other crypto-exchange apps. "New safe and stable trading market," a banner read at the top. Then Vicky gave me some instructions. They involved buying one cryptocurrency using another crypto-exchange app, then transferring the crypto to ZBXS's deposit address on the blockchain, a 42-character string of letters and numbers...

People around the world really were losing huge sums of money to the con. A project finance lawyer in Boston with terminal cancer handed over $2.5 million. A divorced mother of three in St. Louis was defrauded of $5 million. And the victims I spoke to all told me they'd been told to use Tether, the same coin Vicky suggested to me. Rich Sanders, the lead investigator at CipherBlade, a crypto-tracing firm, said that at least $10 billion had been lost to crypto romance scams.

The huge sums involved weren't the most shocking part. I learned that whoever was posing as Vicky was likely a victim as well — of human trafficking. Most "pig-butchering" operations were orchestrated by Chinese gangsters based in Cambodia or Myanmar. They'd lure young people from across Southeast Asia to move abroad with the promise of well-paying jobs in customer service or online gambling. Then, when the workers arrived, they'd be held captive and forced into a criminal racket. Thousands have been tricked this way. Entire office towers are filled with floor after floor of people sending spam messages around the clock, under threat of torture or death.

With the assistance of translators, I started video chatting with people who'd escaped...

I'd heard that [southwestern Cambodia's giant building complex] Chinatown alone held as many as 6,000 captive workers like "Vicky Ho."

Two of the workers interviewed "said they'd seen workers murdered." And another worker said Tether was used specifically because "It's more safe. We are afraid people will track us... It's untraceable."

The reporter's conclusion? "It was hard to see how this slave complex could exist without cryptocurrency."
The Courts

AI-Generated Works Aren't Protected By Copyrights, US Judge Rules (billboard.com) 28

A U.S. federal judge "ruled Friday that U.S. copyright law does not cover creative works created by artificial intelligence," reports Billboard magazine: In a 15-page written opinion, Judge Beryl Howell upheld a decision by the U.S. Copyright Office to deny a copyright registration to computer scientist Stephen Thaler for an image created solely by an AI model. The judge cited decades of legal precedent that such protection is only afforded to works created by humans. "The act of human creation — and how to best encourage human individuals to engage in that creation, and thereby promote science and the useful arts — was ... central to American copyright from its very inception," the judge wrote. "Non-human actors need no incentivization with the promise of exclusive rights under United States law, and copyright was therefore not designed to reach them."

In a statement Friday, Thaler's attorney Ryan Abbot said he and his client "disagree with the district court's judgment" and vowed to appeal: "In our view, copyright law is clear that the public is the main beneficiary of the law and this is best achieved by promoting the generation and dissemination of new works, regardless of how they are created."

Though novel, the decision was not entirely surprising. Federal courts have long strictly limited to content created by humans, rejecting it for works created by animals, by forces of nature, and even those claimed to have been authored by divine spirits, like religious texts.

The Hollywood Reporter notes that "various courts have reached the same conclusion." In another case, a federal appeals court said that a photo captured by a monkey can't be granted a copyright since animals don't qualify for protection, though the suit was decided on other grounds. Howell cited the ruling in her decision. "Plaintiff can point to no case in which a court has recognized copyright in a work originating with a non-human," the order, which granted summary judgment in favor of the copyright office, stated.
Music

Record Companies Sue Internet Archive For Preserving Old 78 Rpm Recordings (reuters.com) 73

Long-time Slashdot reader bshell shared this announcement from the Internet Archive: Some of the world's largest record labels, including Sony and Universal Music Group, filed a lawsuit against the Internet Archive and others for the Great 78 Project, a community effort for the preservation, research and discovery of 78 rpm records that are 70 to 120 years old.

The project has been in operation since 2006 to bring free public access to a largely forgotten but culturally important medium. Through the efforts of dedicated librarians, archivists and sound engineers, we have preserved hundreds of thousands of recordings that are stored on shellac resin, an obsolete and brittle medium. The resulting preserved recordings retain the scratch and pop sounds that are present in the analog artifacts; noise that modern remastering techniques remove.

"The labels' lawsuit said the project includes thousands of their copyright-protected recordings," reports Reuters, including Bing Crosby's "White Christmas" and Chuck Berry's "Roll Over Beethoven."

"The lawsuit said the recordings are all available on authorized streaming services and 'face no danger of being lost, forgotten, or destroyed.'" The labels' lawsuit filed in a federal court in Manhattan said the Archive's "Great 78 Project" functions as an "illegal record store" for songs by musicians including Frank Sinatra, Ella Fitzgerald, Miles Davis and Billie Holiday. They named 2,749 sound-recording copyrights that the Archive allegedly infringed. The labels said their damages in the case could be as high as $412 million.
Piracy

File-Hosting Icon AnonFiles Throws In the Towel, Domain For Sale 28

An anonymous reader quotes a report from TorrentFreak: Founded in 2011, AnonFiles.com became known as a popular hosting service that allowed users to share files up to 20GB without download restrictions. As the name suggests, registering an account wasn't required either; both up and downloading files was totally anonymous. The same also applies to BayFiles.com, an affiliated file-hosting service that was launched by The Pirate Bay. Both sites launched around the same time and shared a similar design and identical features. Both sites had millions of visitors but AnonFiles stood out with over 18 million visitors a month. This popularity didn't go unnoticed by rightsholders, who repeatedly flagged AnonFiles as a "notorious" pirate site.

Rightsholders and law enforcement authorities were not the only ones unhappy with the illegal content posted to the site. For AnonFiles' operators, it caused major problems too. The current owners purchased the site two years ago but didn't expect the abuse to be so massive that the only option would be to shut it down. According to a goodbye message posted on the site, they simply can't continue. "After trying endlessly for two years to run a file sharing site with user anonymity, we have been tired of handling the extreme volumes of people abusing it and the headaches it has created for us."

The operators tried to contain the abuse by setting up all sorts of automated filters and filename restrictions, taking thousands of false positives for granted, but that didn't help much. With tens of millions of uploads and petabytes of data, no anti-abuse measure was sufficient. And when the site's proxy service pulled the plug a few days ago, AnonFiles decided to call it quits. "We have auto banned contents of hundreds of thousands files. Banned file names and also banned specific usage patterns connected to abusive material," the AnonFiles team writes. "Even after all this the high volume of abuse will not stop. This is not the kind of work we imagine when acquiring it and recently our proxy provider shut us down. This can not continue."
The current owners have invited others to buy the domain name and give it a shot themselves.
Censorship

Mozilla Foundation Warns France's Proposed Web Blocking Law 'Could Threaten the Free Internet' (mozilla.org) 66

The Mozilla Foundation has started a petition to stop the French government from forcing browsers like Mozilla's Firefox to censor websites. "It would set a dangerous precedent, providing a playbook for other governments to also turn browsers like Firefox into censorship tools," says the organization. "The government introduced the bill to parliament shortly before the summer break and is hoping to pass this as quickly and smoothly as possible; the bill has even been put on an accelerated procedure, with a vote to take place this fall." You can add your name to their petition here.

The bill in question is France's SREN Bill, which sets a precarious standard for digital freedoms by empowering the government to compile a list of websites to be blocked at the browser level. The Mozilla Foundation warns that this approach "is uncharted territory" and could give oppressive regimes an operational model that could undermine the effectiveness of censorship circumvention tools.

"Rather than mandate browser based blocking, we think the legislation should focus on improving the existing mechanisms already utilized by browsers -- services such as Safe Browsing and Smart Screen," says Mozilla. "The law should instead focus on establishing clear yet reasonable timelines under which major phishing protection systems should handle legitimate website inclusion requests from authorized government agencies. All such requests for inclusion should be based on a robust set of public criteria limited to phishing/scam websites, subject to independent review from experts, and contain judicial appellate mechanisms in case an inclusion request is rejected by a provider."
Privacy

Worldcoin Ignored Initial Order To Stop Iris Scans in Kenya, Records Show (techcrunch.com) 11

Months before Kenya finally banned iris scans by Sam Altman's crypto startup Worldcoin, the Office of the Data Protection Commissioner (ODPC) had ordered its parent company, Tools for Humanity, to stop collecting personal data. From a report: The ODPC had in May this year instructed the crypto startup to stop iris scans and the collection of facial recognition and other personal data in Kenya, a letter sent to Worldcoin and seen by TechCrunch shows. Tools for Humanity, the company building Worldcoin, did not stop taking biometric data until early this month when Kenya's ministry of interior and administration, a more powerful entity, suspended it following its official launch. Worldcoin's official launch led to a spike in the number of people queuing up to have their eyeballs scanned in exchange for "free money," drawing the attention of authorities.

The letter shows that ODPC had instructed Worldcoin to cease collecting data for intruding on individuals' privacy by gathering biometric data without a well-established and compelling justification. Further, it said Worldcoin had failed to obtain valid consent from people before scanning their irises, saying its agents failed to inform its subjects about the data security and privacy measures it took, and how the data collected would be used or processed. "Your client is hereby instructed to cease the collection of all facial recognition data and iris scans, from your subscribers. This cessation should be implemented without delay and should include all ongoing and future data processing activities," said Rose Mosero, in a letter to Tools for Humanity that outlined the concerns.

Slashdot Top Deals