CLIP-ings: December 21, 2018

Internet Governance

D.C. Sues Facebook Over Cambridge Analytica Scandal: The Attorney General of the District of Columbia sued Facebook for its involvement in the Cambridge Analytica data scandal; the lawsuit comes in the wake of a New York Times report revealing that the company gave major technology firms including Apple, Netflix, and Amazon special access to users’ personal data and granted them exceptions to its privacy policies.

Uber Loses Appeal Over Drivers’ Employment Status: The U.K. Court of Appeal dismissed Uber’s appeal against employment tribunal rulings that Uber drivers should be classified as workers rather than as independent contractors; if upheld by the Supreme Court, the decision would require Uber to classify all of its drivers as workers, entitling them to workers’ rights such as minimum wage, sick days, and paid holidays.

Privacy

Consumer Groups Allege Google Misleads Kids: A group of consumer, privacy, and public health groups filed a complaint asking the Federal Trade Commission to investigate Google’s marketing of children’s apps in its Google Play Store; the complaint alleges that Google’s endorsement of certain “Family” apps as child-appropriate is misleading because some apps appear to violate the Children’s Online Privacy Protection Act, contain adult content, require children to watch video advertisements, and  encourage children to make in-app purchases.

Information Security and Cyberthreats

U.S. Issues More Sanctions On Russian Hackers: The U.S. Treasury Department issued sanctions against 15 Russian military intelligence officers for their involvement in multiple campaigns against the U.S., including nine members of Russia’s intelligence service who were indicted by special counsel Robert Mueller for their alleged interference in the 2016 presidential election; the sanctions were imposed days after a report detailed Russia’s political disinformation campaign on U.S. social media was more far-reaching than previously understood, with troll farms working to discourage people from voting and exploiting political and racial divisions to help elect Trump in 2016.

EU Investigates Hacked Diplomatic Communications: The European Union is investigating a cyber hack of its diplomatic communications, allegedly by hackers working for China’s People’s Liberation Army; for years, hackers downloaded thousands of communications that revealed concerns about “the Trump administration, struggles to deal with Russia and China, and the threat of Iran reviving its nuclear program.”

Intellectual Property

German Court Grants Qualcomm’s Injunction Against Apple: Apple will stop selling certain models of the iPhone in German stores after a German court ruled that the phones’ use of a combination of chips from Intel and Qorvo violates a Qualcomm “envelope tracking” patent.

Free Expression and Censorship

Google’s Dragonfly Suspended Indefinitely: Development of the censored search engine has been put on hold after an internal rift forced Google engineers to shut down a crucial data analysis system that involved examining queries that Chinese users entered into Beijing-based search engine 265.com.

Practice Note

European Court Will Decide Responsibility For Facebook “Like” Button: The European Court of Justice heard arguments in a case that will decide whether websites that embed data-collecting widgets such as Facebook’s “Like” button are jointly responsible for complying with data collection requirements under the GDPR.

On The Lighter Side

Parrot Befriends Alexa: A mischievous parrot named Rocco was caught using Amazon’s Alexa to order snacks and other items.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: December 14, 2018

Internet Governance

White House Requires Agencies To Strengthen Cybersecurity: A memo issued by the Office of Management and Budget expands the criteria of what constitutes a “high-value asset” and instructs all federal agencies to work with the Department of Homeland Security to ensure those assets are adequately protected.

FCC Allows Carriers To Block Texts: The Federal Communications Commission voted to classify SMS text messages as a Title I “information service” under the Telecommunications Act in an effort to enable phone companies to block spam; critics argue that the decision gives wireless carriers the ability to censor messages and hike rates.

Privacy

Study Shows Apps Track Every Move: A New York Times investigative report explains how thousands of apps aggregate users’ precise location data – sometimes to within a few yards and updated 14,000 times a day – and sell it to advertisers, retailers, and hedge funds seeking consumer insights; while companies that use location data note that phone users who enable location services consent to their information being collected, critics argue that privacy policies do not adequately explain the extent of tracking.

Senators Introduce Privacy Bill: The proposed Data Care Act would assign online service providers fiduciary-like duties and would require the Federal Trade Commission to draft rules for fining companies that misuse private data; the draft is designed to complement rather than replace other bills recently introduced in Congress to protect consumer privacy.

Information Security and Cyberthreats

Another Google+ Bug: Following an October revelation that a vulnerability exposed profile data from 500,000 Google+ accounts, Google discovered a second bug that affected 52.5 million profiles; as a result, Google announced it will shut down the social media service four months earlier than planned.

Audit Shows Border Officers’ Improper Data Processing: The Department of Homeland Security’s Office of the Inspector General released an audit revealing that U.S. Customs and Border Protection officers recklessly handle the personal data of travelers entering the country; one finding exhibits the agency’s failure to delete data on USB drives after traveler information is uploaded to CBP servers.

Intellectual Property

First Sale Doctrine Doesn’t Protect Digital Music Resale: In Capitol Records LLC v. ReDigi Inc., the Second Circuit ruled that ReDigi, an online marketplace for reselling legally-purchased digital music files, infringed copyright holders’ reproduction rights because ReDigi’s technology created unauthorized new copies of digital files instead of merely transferring existing files to a new user.

Free Expression and Censorship

Google Faces Russian Fine: Russia fined the tech giant 500,000 rubles ($7,530) for failing to comply with a legal requirement that it censor its search results by removing certain entries; the fine comes a month after Moscow opened a civil case against the company for its failure to join a registry showing that it lists Kremlin-banned websites.

Practice Note

Health Tracking Lawsuit Dismissal Affirmed: The Ninth Circuit affirmed dismissal of a suit alleging that Facebook illegally gathered data about user-plaintiffs’ visits to medical websites; the Court found that the users had consented to the tracking and collection by agreeing to Facebook’s privacy policy, and that their browsing history on the medical websites was not so “sensitive” or “qualitatively different” that it fell outside the scope of Facebook’s terms of service.

On The Lighter Side

Bee Backpacks Keep Wearable Tech Buzzing: Researchers at the University of Washington have developed a 102-milligram sensor system that rides on the backs of bumblebees and collects data about temperature, humidity, and light intensity.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: December 7, 2018

Internet Governance

Australia’s New Anti-Encryption Law: Australia passed a bill that will require technology companies to provide law enforcement and security agencies with access to encrypted data, despite criticism that doing so could undermine national security and privacy; Australia is the first nation in the Five Eyes intelligence network—which is comprised of the United States, Canada, Britain, and New Zealand—to force broad access requirements, with fines of up to A$10 million ($7.3 million) for institutions and prison terms for individuals who fail to provide data on suspected illegal activities.

Facebook Cherry-Picked Special Access To Data: Facebook gave favored partners such as Netflix and Airbnb special access to user data, while restricting competitors’ access to its platform, according to internal Facebook documents released by a British parliamentary committee investigating online disinformation; the documents also reveal how Facebook considered restricting app developers’ access to user data unless those developers bought advertising—a policy the company now claims it never enacted.

Privacy

NYPD Unveils New Drone System: The New York Police Department unveiled plans to deploy 14 drones and train 29 officers to operate them, raising concerns about the department’s possible misuse of the devices and growing surveillance capacity; according to police officials, while the drones will be used to monitor large crowds, investigate hazardous waste spills, handle hostage situations, and reach remote areas in crime scenes, they will not be used for routine police patrols or traffic enforcement, will not be weaponized, and will not conduct warrantless surveillance.

Secret Service Tests Facial Recognition At White House: The Secret Service is testing a pilot facial recognition system that matches images of individuals outside the White House with “subjects of interest,” according to a Department of Homeland Security report revealed by the American Civil Liberties Union; while the program is currently limited to trying to match the faces of volunteer staff members, the report acknowledges a privacy risk for members of the public who are inadvertently recorded.

Information Security and Cyberthreats

500 Million Affected In Marriott Data Breach: Hackers breached Marriott’s Starwood hotels reservation system and stole the personal data of up to 500 million guests in an attack that began four years ago; the attack has prompted Senators to call for stronger data security laws and data breach penalties, and Marriott plans to provide customers with free identity theft monitoring and reimburse hack victims for new passports.

NRCC Emails Hacked In 2018 Midterms: The National Republican Congressional Committee (“NRCC”) was hacked during the 2018 midterm election campaigns, exposing thousands of emails from four senior NRCC aides to an unknown entity; neither Senior House Republicans nor rank-and-file members were told of the breach until this week, as the committee opted to withhold information to shield an investigation of the hack and not tip off the culprit.

Intellectual Property

Google Seeks Review Of Spreadsheet Patent Decision: Google petitioned the Federal Circuit for en banc review of an October panel decision finding that an invention for navigating through complex electronic spreadsheets is a patent-eligible improvement; in its petition, Google argued that the technology, which enables electronic tabbing akin to paper tabbing, is directed to an abstract idea and is therefore un-patentable under Alice.

Free Expression and Censorship

Tumblr Bans Porn: Just weeks after it was removed from the iOS App Store over an incident involving child pornography, Tumblr announced that it will permanently ban adult content on its platform starting December 17, 2018; the machine learning technology Tumblr will use to filter prohibited images has been the target of skepticism due to, among other things, its inaccuracy and inability to contextualize images.

On The Lighter Side

New Home of the Whopper? Burger King’s new app uses geofencing technology to offer customers a Whopper for a penny if they order on the app within 600 feet of a McDonald’s.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP