CLIP-ings: September 17, 2021

Internet Governance

Congress Initiates Investigation Into Instagram’s Effect On Teens: After The Wall Street Journal reported on Instagram’s awareness that use of its platform leads to negative mental health effects for teenagers, members of the Senate’s consumer protection subcommittee announced that they will seek information and testimony from Facebook related to the issue; other congress members have written to Facebook, urging it to halt its plan to create an Instagram for kids.
Privacy

Biden Nominates Facial-Recognition And Surveillance Critic To FTC: The nomination of Alvaro Bedoya, who has been critical of facial recognition and other digital surveillance technologies for their impact on civil liberties—especially among marginalized groups—has been lauded among privacy and consumer advocacy experts and reaffirms the expectation that the Commission will strongly focus on Big Tech’s influence.

DoorDash Sues New York City Over Customer-Data-Sharing Law: The lawsuit argues that the ordinance, which was passed in July and requires food delivery services to share customer information with restaurants, is unconstitutional and violates customers’ privacy; many restaurants support the law because it helps ensure that they retain customers even if they stop using a delivery platform.
Information Security and Cyberthreats

Apple Issues Emergency Software Updates To Patch Security Flaw That Allows Spyware To Access Devices Without Users’ Knowledge: The highly-invasive spyware by controversial company NSO, which can activate and access a device’s camera, microphone, messages, emails, calls, and other data, was discovered on a Saudi activists’ iPhone by cybersecurity watchdog CitizenPro; more than 1.65 billion Apple devices may have been vulnerable to the spyware since March.
Intellectual Property

Apple Uncertain About Appeal In Case Against Epic: After a ruling last week that dismissed nearly all of Epic’s claims but which found that Apple’s anti-steering rules, which prohibit app developers from informing users about payment systems other than Apple’s in-app system, violate California law, the company has yet to decide whether to appeal and is focusing on how it might revise its terms to comply with a court order requiring it to allow developers to link to third-party payment systems.
Free Expression and Censorship

TikTok Bans Posts Of “Devious Licks” Trend: The company says that the trend, which involves posting about stealing items from schools, violates its community guidelines; the company is altering search results and deleting hashtags related to the trend.
Practice Note

FTC Extends Health Breach Notification Rule To Health Apps: In a policy statement issued this week, the Commission concluded that the 2009 Rule, which requires that vendors of personal health records notify consumers in the event of a data breach, also applies to health apps that process sensitive health information.
On the Lighter Side

Augmented Reality Steals The Show During One NFL Team’s Opening Weekend: In a viral tweet, the Carolina Panthers show a giant, augmented-reality panther bounding around the team’s stadium during last Sunday’s game.
Ron Lazebnik
Academic Director, Fordham CLIP

Tom Norton
Executive Director, Fordham CLIP

CLIP-ings: September 10, 2021

Internet Governance

High Court Of Australia Finds Media Companies Liable For Third-Party Comments On Their Facebook Posts: In a defamation case brought against three major publishing companies, the court reasoned that the companies’ facilitating and encouraging the posting of third-party comments on their posts “rendered them publishers of those comments” who should “bear the legal consequences” of them.
Privacy

Documents Reveal LAPD Officers Collect Citizens’ Social Media Info: Internal documents recently obtained by the Brennan Center for Justice reveal that officers are instructed to collect the social media account information of every person they interview, regardless of whether they are arrested or accused of a crime; the information is said to be critical for use in “investigations, arrests, and prosecutions,” but privacy advocates warn that it aids in the expansion of network surveillance and predictive policing.

WhatsApp Messages Capable Of Review Despite End-To-End Encryption: A recent investigation by ProPublica revealed that end-to-end-encrypted messages sent through the app may be subject to AI or human review if a recipient flags a message as “improper”; the report also reveals that Facebook, the messaging service’s owner, may share unencrypted message metadata with law enforcement and others.
Information Security and Cyberthreats

Howard University Closes In Response To Ransomware Attack: The university cancelled classes and shut down its network early this week to evaluate the impact of a ransomware attack; on Wednesday, Howard partially reopened as it continues to investigate the hack.

New Zealand Banks And Post Offices Hit In Continuing DDoS Attack: A distributed denial-of-service attack that began last week against one of the country’s largest ISPs has seemingly continued, with banks, post offices, and a weather forecaster targeted in a new wave of activity; government officials have said little about who is responsible for the attacks.
Intellectual Property

Spotify Playlist Creators Face Takedown Abuse: According to playlist curators, the music streaming service doesn’t do enough to curb bad actors, who report popular playlists so that their own playlists get more visibility once the reported ones are removed.
Free Expression and Censorship

Brazil’s Bolsonaro Bans Social Media Companies From Censoring Some Content: Under new rules issued this week, platforms may only remove certain specified content and would have to obtain a court order to remove other content, which makes it more challenging for social media sites to moderate misinformation around topics such as COVID-19 and election fraud; the rules are provisional in nature and will expire after 120 days unless the country’s congress makes them permanent, which analysts expect won’t happen, as numerous lawsuits are already underway to block the measures.
On the Lighter Side

Show Me Where It Hurts, Using Emojis: A team of researchers is exploring the use of emojis and similar iconography to assist in creating “standardisation, universality and familiarity” in medical diagnosis and recovery.
Ron Lazebnik
Academic Director, Fordham CLIP

Tom Norton
Executive Director, Fordham CLIP

CLIP-ings: September 3, 2021

Internet Governance

South Korea Passes Law Forcing Apple, Google, To Allow Third-Party Payment Processing: The amendment to the country’s Telecommunications Business Act, which awaits the signature of President Moon Jae-in, will prevent platforms from requiring app developers to rely on built-in payment systems and will allow for the use of outside payment processors; Google and Apple contend that the model threatens the quality, security, and effectiveness of their platforms.

House Minority Leader Threatens Retaliation Against Tech Companies That Comply With January 6th Commission Preservation Orders: Representative McCarthy vowed to “hold accountable” any of the 35 technology companies that comply with requests by a special committee to preserve the phone and social-media records of 11 Congress members who are being scrutinized for their potential role in the January insurrection.
Privacy

Australia Passes Government Surveillance Bill: The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, which passed both houses of the federal parliament this week, authorizes law enforcement to target criminal activity through three new warrants that permit the modification or deletion of suspects’ data, allow for the collection of information about criminal network activity, and enable law enforcement to take over suspects’ online accounts.
Information Security and Cyberthreats

Security Experts Suspect Microsoft Exchange Hack Intended To Siphon Data For AI Training: An attack on Microsoft Exchange servers in March by a group of cybercriminals associated with the Chinese government that targeted a broad range of businesses could have been for the purpose of collecting data to train AI systems, experts suggest.
Free Expression and Censorship

Texas Poised To Ban Censorship Of Conservative Content By Social Media Platforms: The bill, which passed in a special session this summer and now awaits Governor Abbott’s signature, makes it illegal for social media sites with more than 50 million users to censor content based on political views or geographic location; a similar law in Florida was struck down earlier this year for being “wholly at odds with accepted constitutional principles.”

Reddit Bans Popular Misinformation Subreddit: After other subreddits called for the platform to take action to curb the spread of misinformation, the site banned r/NoNewNormal, a subreddit that became a breeding ground for COVID-19 misinformation; Reddit cites frequent brigades—where members of one subreddit flood to another en masse to harass—as the reason for the ban.
Practice Note

Irish Data Protection Commission Fines WhatsApp €225 Million For GDPR Violations: After a lengthy investigation that began in 2018, the Commission fined the Facebook-owned messaging app for failing to fulfill its obligations under the GDPR to be transparent about its data processing practices.
On the Lighter Side

Apple, Eight States, Partner To Add IDs To Apple Wallet: The states that have enrolled in the program will allow people to add their state IDs or driver’s licenses to their Apple Wallet for use at TSA airport security checkpoints.
Ron Lazebnik
Academic Director, Fordham CLIP
Tom Norton Executive Director, Fordham CLIP