CLIP-ings: November 22, 2019

Internet Governance

FCC Chairman Proposes Public Auction Of Spectrum With Potential For 5G Use: The C-band block of spectrum is currently used by satellite companies to deliver video and radio programming to U.S. households and is regarded as the most likely short-term source for 5G technology; major satellite providers advocated for a private sale of the spectrum to wireless providers, which drew criticism from some lawmakers.

Privacy

Uber Will Start Taking Audio Recordings Of Rides: The new functionality, which will be tested in Mexico and Brazil next month before a yet-scheduled U.S. launch, is designed to ensure both driver and passenger safety; recordings will be encrypted, and while neither riders nor drivers will be able to listen to them, they may be made available to law enforcement.

Instagram Sends Cease And Desist Letter To App That Provides Access To Private Profiles Without Users’ Permission: The Ghosty app, which has been downloaded over 500,000 times since April, provides access to private Instagram accounts and also harvests users’ data to find the private profiles they follow, in violation of Instagram’s terms.

Information Security and Cyberthreats

Google Confirms Camera Vulnerability Affecting “Hundreds of Millions”: The security team Checkmarx has revealed a security defect in Android mobile devices that would allow hackers to take photos, make sound recordings, and access user GPS information remotely; Checkmarx was able to develop a functional app capable of exploiting the vulnerability without requiring any special permissions from users other than basic storage access.

Intellectual Property

Supreme Court To Hear Google v. Oracle Copyright Dispute: The Court will decide whether Google is liable to pay Oracle billions of dollars over its use of Oracle’s software code in Android phones; a trial court found in 2016 that Google did not violate copyright law because it had made fair use of the code, but the Federal Circuit overturned the jury verdict last year.

Free Expression and Censorship

Iran Gradually Restoring Internet After Five-Day Shutdown: Sources report the loss in connectivity began last Friday evening, with limited and sporadic connection which is now being restored in “some areas”; protests in multiple cities across Iran began after the government announced a ration on gasoline and a price increase of at least 50%.

Practice Note

Alleged Drug Dealer Charged With Theft After Removing Police GPS Device From His Car: After realizing the device was no longer transmitting data, police obtained a warrant to search the defendant’s home on probable cause that the device had been stolen, and found both the device and methamphetamines; should the Indiana Supreme Court, which heard oral argument in the case earlier this month, find that the defendant’s removal of the device is not theft, all evidence obtained during the search will be inadmissible. 

On the Lighter Side

“Robot Lawyer” Service Launches New Tool To Help Customers Understand License Agreements: Called “Do Not Sign,” the AI tool lets users upload, scan, or copy and paste the URLs of license agreements they wish to review; it then highlights clauses that users should know about, such as data collection opt-out information or service cancellation loopholes.

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton
Executive Director, Fordham CLIP

Alison Gordon
Lawrence Keating
Editorial Fellows

CLIP-ings: November 15, 2019

Internet Governance

Government Demands For Facebook User Data Reach A New High: The number of demands rose 16% during the first half of this year compared to the previous six months—the highest recorded amount since Facebook began reporting the figure in 2013; more than two-thirds of U.S. government requests came with gag orders preventing Facebook from notifying users their data had been sought.

Privacy

Whistleblower Reveals Secret Transfer Of Medical Data To Google From Healthcare Provider: Leaked documents show that the U.S.’s second largest healthcare provider, Ascension, is planning to transfer the medical records of up to 50 million Americans to Google under Project Nightingale; more than 10 million records, which have not been de-identified, have already passed to Google with no effort to notify patients or doctors.

Suspicionless Border Searches Held Unlawful: The District of Massachusetts decided that customs agents’ longstanding practice of searching travelers’ electronic devices without a warrant or reasonable suspicion of a crime violates the Fourth Amendment; the number of searches, which can require travelers to disclose any social media accounts, has been steadily increasing in recent years.

Information Security and Cyberthreats

WhatsApp Makes Novel Legal Argument In Anti-Hacking Lawsuit: The complaint alleges that Israeli cyber-surveillance firm NSO Group Technologies bypassed WhatsApp’s end-to-end encryption by hacking the phones of WhatsApp users to obtain already-decrypted messages; WhatsApp contends that NSO falsely agreed to WhatsApp’s terms of service and breached the Computer Fraud and Abuse Act by using its servers to stage the attack, even though the users’ phones—not WhatsApp’s servers—were the target of the attacks. 

Intellectual Property

Supreme Court Will Consider “Booking.com” Trademark Case: The USPTO, which is appealing a Fourth Circuit decision allowing the trademark, argues that the mere addition of “.com” to the generic word “booking” does not make the name distinctive.

USPTO Seeks Comments On AI’s Effect On Copyright Law: Questions posed by the USPTO in the Federal Register seek to address difficult issues related to content created by AI without human contribution, including authorship, ownership, and how to treat potential copyright infringement by AI.

Free Expression and Censorship

Facebook, YouTube Remove Content Naming Alleged Trump Impeachment Whistleblower: Following a recent decision to remove political ads featuring the whistleblower’s name, Facebook is now removing other content purporting to name the whistleblower on the basis that the content violates the platform’s rules against coordinating harm; Twitter, in contrast, has stated that tweeting the name does not violate the platform’s rules.

On the Lighter Side

20 Hacks Of IT Provider Discovered Only After Hacker Maxes Out Provider’s Storage: The FTC is suing Utah-based InfoTrax Systems for failing to detect the 20 attacks which took place over a 22-month period and allowed the hacker to access the data of 1 million customers.

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton
Executive Director, Fordham CLIP

Alison Gordon
Lawrence Keating
Editorial Fellows

CLIP-ings: November 8, 2019

Internet Governance

TikTok Attracts Further Congressional And Regulatory Scrutiny: TikTok was criticized this week after it declined to appear at a Senate Judiciary Subcommittee hearing investigating links between big tech companies and the Chinese government; the Committee on Foreign Investment in the U.S. has also commenced a national security review of TikTok owner ByteDance’s acquisition of the social media app Musical.ly, which later merged into TikTok.

California’s Attorney General Reveals Investigation Into Facebook’s Privacy Practices: The investigation was made public in court documents alleging that the social media company failed to comply with subpoenas seeking information related to the Cambridge Analytica scandal.

Privacy

Florida State Court Approves Warrant To Search DNA Database Of Over 1.2 Million Users: The warrant, which authorized a Florida detective to search the database of DNA site GEDmatch, is believed to be the first authorizing the search of a consumer DNA database for genetic information; the development has stoked concerns that law enforcement, which historically has been “deliberately cautious about approaching [DNA] sites with court orders,” will now be encouraged to request similar warrants for larger sites.

Information Security and Cyberthreats

Former Twitter Employees Charged With Leaking Personal Information To Saudi Royal Family: Two individuals who worked for Twitter from 2013 to 2015 have been charged with leaking as many as 6,000 profile records to Saudi officials claiming to represent the royal family, including records related to critics of the royal family and murdered journalist Jamal Khashoggi.

Researchers Command Alexa And Other Voice Assistants Via Laser: Using equipment estimated to cost less than $400, researchers were able to silently issue voice commands to smart speakers by encoding the command in the intensity of the laser beam and shining it on the device’s microphone to trigger the microphone’s diaphragm; the study raises security concerns as researchers successfully ordered products through Amazon and took control of smart home devices.

Intellectual Property

Judge Rules Against Netflix, Hulu’s Motion To Dismiss In DivX Patent Infringement Suit: DivX, one of the internet’s first high-quality video streaming enablers, allege in separate suits that Netflix and Hulu infringe a number of its patents covering video compression technology; the Judge rejected both Netflix and Hulu’s arguments that the DivX patents fail the Alice test on the basis that the arguments rest on “factual disputes that are better resolved on a more robust record after the scope of the claims is better understood.”

Free Expression and Censorship

Lawsuit Against Facebook Alleges Discriminatory Advertising Again: The proposed class action alleges that Facebook enabled advertisers of loans, life insurance, and other financial services to target users by age and gender; the lawsuit follows a settlement between Facebook and civil rights groups earlier this year in which the company agreed that advertisers of housing, employment, and credit would no longer be able to target users based on age, gender, or ZIP code.

On the Lighter Side

FTC Releases Informational Brochure To Help Keep Social Media Influencers On Brand: In an effort to remind influencers about best practices and necessary disclosures, the FTC has released a new brochure and video to educate influencers; in response to public pressure, the FTC has been increasingly scrutinizing influencers, sending more than 90 letters to infringing individuals in 2017.

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton
Executive Director, Fordham CLIP

Alison Gordon
Lawrence Keating
Editorial Fellows

CLIP-ings: November 1, 2019


Internet Governance

FCC Proposes Rule Requiring Telecoms To Remove Huawei And ZTE Equipment: The proposal, which cites national security concerns, would prohibit telecommunications giants from using money received from the FCC’s Universal Service Fund to purchase equipment from the Chinese companies, and would also require removal of any banned products that have already been installed.

Privacy

Australian Government Considers Face Verification For Pornography Viewers: While conducting an inquiry into age controls for restricting access to online porn and gambling, the Department of Home Affairs has proposed using the country’s Face Verification Service—which “matches a person’s photo against images used on one of their evidence of identity documents”—to assist in age verification; a similar proposal was dropped in the United Kingdom earlier this month.

Information Security and Cyberthreats

Senators Ask Intelligence Community To Investigate TikTok Over National Security Concerns: In a recent letter to the Acting Director of National Intelligence, Senators Tom Cotton and Chuck Schumer requested an assessment of the national security risks posed by the video app popular with young people; the letter notes that TikTok’s parent company is required to adhere to Chinese law and may be required to support and cooperate with intelligence work directed by the Chinese Communist Party.

Officials Confirm India Nuclear Power Plant Hack: Following initial denials of any breach, officials from the Nuclear Power Corporation of India Limited now confirm that its Kudankulam Plant was exposed to malware; while it is unclear if any data was actually stolen, the attack has been attributed to North Korean state actors.

Intellectual Property

U.K. Supreme Court Hears Arguments Over English Courts’ Jurisdiction To Set Global Licensing Rates For Multinational Patent Portfolios: Unwired Planet International, a U.S. firm that licenses patents related to wireless technology, won a ruling in the English courts that Huawei infringed various of its patents; the U.K.’s Supreme Court will now decide whether it is appropriate for the country’s courts to set global licensing rates in a case that will have international impact as to whether national courts can set the terms for global patent licenses. 

Free Expression and Censorship

Twitter Announces Ban On All Political Advertising: The ban, which takes effect on November 22, was announced amidst ongoing criticism of Facebook’s position on political advertising; Twitter’s ban will affect candidate ads and issue ads, but will not apply to ads encouraging voter registration.

Instagram Imposes Ban On Fictional Depictions Of Self-Harm: In response to public pressure, Instagram has expanded its ban on content depicting self-harm and suicide to include fictional portrayals, such as comics or memes; under the policy update, accounts that share self-harm-related content will not be featured on the platform’s search or explore functions. 

On the Lighter Side

California Man Enters Gubernatorial Race So He Can Run False Ads On Facebook: To protest Facebook’s policy of allowing politicians to run factually inaccurate ads, a San Francisco political activist is now running for Governor so he run his own false ads about Donald Trump, Mark Zuckerberg, and other Facebook executives.

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton
Executive Director, Fordham CLIP

Alison Gordon
Lawrence Keating
Editorial Fellows