CLIP-ings: February 8, 2019

Internet Governance

German Competition Authority Bars Facebook Plan To Streamline Data: Facebook’s move to streamline user data across WhatsApp, Instagram, and Facebook is being restricted by Germany’s competition authority; Facebook will now have to gain users’ permission before merging data between the applications.

Privacy

European Commission Recalls Smartwatch That Can Track Children: German firm Enox’s Safe-KID-One watch has been recalled by the European Commission because it does not comply with the Radio Equipment Directive and poses serious security risks; the app that accompanies the watch allows for unencrypted communication with its backend server, making it easy to find and change data on location history, phone numbers, and device serial numbers.

Massachusetts Lawmaker Introduces State Consumer Privacy Bill: If passed, the bill would require that businesses provide consumers with notice before collecting their data, give consumers the right to ask businesses to delete their data, allow consumers to restrict third party access to their data, and grant a private right of action to any consumer whose rights are violated—without requiring a showing of monetary or property loss.

Information Security & Cyberthreats

Houston, We Have A Problem: During the recent federal government shutdown, NASA dealt with near continuous cyber threats targeting information about the Administration’s advance technology while nearly 95% of NASA staff was furloughed; after the shutdown, the Department of Homeland Security assed NASA’s security as having no “external-facing, critical issues.

Intellectual Property

Franco-German Compromise Pushes Article 13 Forward: France and Germany reached an agreement about which entities should be bound by Article 13, ending the hiatus on negotiations and pushing the EU’s copyright reform plans into the final stages; under the compromise, services that are publicly available for less than three years, have fewer than 5 million unique monthly visitors, and have less than €10 million in annual turnover are excluded from the Article’s scope.

Free Expression and Censorship

EU Has Reduced Internet Hate Speech: After the EU began cracking down on internet hate speech in 2016 through the implementation of an “opt-in code of conduct,” social media companies are analyzing and removing content flagged as hate speech faster than ever; an EU report states that 89 percent of flagged content is analyzed within 24 hours and 72 percent of the content is ultimately removed.

Practice Note

Florida Appeals Court Limits Peer-To-Peer Cryptocurrency Transactions: A unanimous three-judge panel in Florida’s Third District Court of Appeals overruled a trial judge and ruled that selling cryptocurrency directly to another person constitutes a money transmission and therefore requires registration as a payment instrument seller and money transmitter under Florida law; money transmitter rules have also been at issue in other courts with the growing cryptocurrency and blockchain industries.

On The Lighter Side

Instagram Boyfriends Obsolete: The photo app “SomeOne Very Special” helps users get flattering pictures of themselves without a dedicated Instagram boyfriend behind the camera.

 Announcements

Job and Fellowship Opportunities 

From time-to-time, CLIP-ings will highlight career opportunities in the information law field. Please note the following:

The German Marshall Fund (GMF) is accepting applications for a Fellow and Policy Manager for the new Digital Innovation and Democracy Initiative (DIDI) in Washington D.C.

DIDI harnesses GMF’s extensive networks across the U.S. and Europe to bridge the gap between 20th century policies and 21st century technology.

The Fellow and Policy Manager will report to the Senior Fellow and Director of DIDI to conduct in-depth research and policy development around challenges to industry and policy related developments. The Policy Manager will be a visible spokesperson and representative of GMF and will be expected to develop the formats for high-level meetings and briefings, and track policy developments in the U.S. and Europe. This person will also grow and foster networks and partnerships, representing and presenting the initiative’s work to policy makers, funders and stakeholders at conferences in the U.S. and Europe. The position will involve a mix of research, analysis, writing, management, budgeting and grant writing..

For more information and the online application, click here.

CLIP-ings: February 1, 2019

Internet Governance

DOJ Charges Huawei: Following an indictment by a Washington grand jury, the Department of Justice announced charges against the Chinese telecom giant for allegedly obstructing justice, stealing trade secrets from T-Mobile, and lying to banks about non-compliance with U.S. sanctions against Iran; a New York grand jury separately indicted Huawei, a U.S. subsidiary, and an Iranian affiliate for bank fraud, conspiracy to commit bank fraud, wire fraud, and conspiracy to commit wire fraud.   

Privacy

Apple Disables Group FaceTime In The Wake Of Security Flaw: Apple disabled group FaceTime calls after a bug in the app was found to allow call initiators to hear, and sometimes see, the person they were calling even before the recipient answered; New York Governor Andrew Cuomo has called the bug an “egregious breach of privacy.”

Illinois Supreme Court Declines To Limit BIPA: The Illinois Supreme Court found that an individual does not “need to allege some actual injury or adverse effect, beyond violation of [his] rights” to be entitled to seek damages under the State’s Biometric Information Privacy Act; the decision could affect Google and Facebook, who have been accused of violating BIPA by tagging faces in photos without user consent.

Information Security & Cyberthreats

Singapore’s HIV Database Leaked: An HIV-positive U.S. citizen leaked the personal data of 14,200 Singaporeans and foreigners living in Singapore after being deported from the country following a drug-and-fraud-related jail term; the leaker allegedly obtained access to the country’s HIV registry through his doctor-partner, who had access to the registry for his work.

Intellectual Property

FBI Arrests Apple Employee For Attempting To Steal Trade Secrets: An Apple employee is accused of stealing confidential information related to Apple’s self-driving car project; the employee was caught taking photos of the project workspace and had transferred information, including “over two thousand files containing confidential and proprietary Apple material, including manuals, schematics, and diagrams” to personal devices.

Free Expression and Censorship

Google Looks To Overturn NLRB Precedent: Google has urged the National Labor Relations Board to overturn precedent that protects employees from punishment for using workplace email to organize around job-related issues by circulating petitions, planning walkouts, and discussing unionization; in a statement, Google clarifies that it is “not lobbying for changes to any rules,” but rather is simply mounting a legal defense to claims at the NLRB.

Practice Note

Yahoo’s Lack Of Disclosure Leads To Rejected Settlement: A U.S. District Judge denied Yahoo’s proposed settlement in the class action suit brought against it as a result of its failure to report data breaches in 2014 and 2016 on the basis that because the proposal failed to disclose the costs of credit monitoring and settlement administration, and did not disclose the total size of the settlement fund, class members could not assess the settlement’s reasonableness.

On The Lighter Side

Robots Poised To Play A Bigger Role In Everyday Life: From critiquing our ping pong skills to providing an exoskeleton for the disabled, the robots on hand at the CES 2019 convention highlight the future interactions humans and robots may have in the not-too-distant future.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Praatika Prasad
Quinn Nicholas D’Isa 
Editorial Fellows, Fordham CLIP

CLIP-ings: January 25, 2019

Internet Governance

Google Pays For General Data Protection Violation: The Commission nationale de l’informatique et des libertés (CNIL) fined Google 50 million for violating the GDPR by failing to meet transparency requirements regarding the use of information for ad personalization and for failing to obtain adequate user consent; Google plans to appeal the fine.   

Privacy

ACLU Brings FOIA Suit Over Government Social Media Surveillance: The American Civil Liberties Union sued seven federal agencies including the Department of Justice, the FBI, and the Department of Homeland Security for failing to comply with a 2018 FOIA request seeking information about how the agencies collect and analyze information about individuals’ social media use.  

Information Security & Cyberthreats

Hacker Falsely Warns Family Of Missile Attack: A California family’s hacked Nest security camera delivered a false alert about North Korean ballistic missiles barreling towards the U.S.; in response, Nest claimed that the hack was the result of third-party activity and encouraged the use of two-factor verification to eliminate security risk.

Oklahoma Securities Commission Failed To Secure Sensitive Information: A data vulnerability within the Oklahoma Securities Commission left over three terabytes of passwords, bank transaction information, social security numbers, and emails dating back two decades available on an unprotected server and accessible to anyone with an internet connection.

Intellectual Property

Google News May Be Pulled In EU: Google is threatening to pull its News service from the EU if the EU’s controversial copyright directive, which would afford publishers the right to charge web platforms fees for showing snippets of news articles, passes; publishing lobbying groups are calling the threats “scaremongering” tactics.  

Free Expression and Censorship

Supreme Court Won’t Hear Defamatory Yelp Review Case: A case that could have affected web platforms’ legal protections under Section 230 of the Communications Decency Act has been resolved after the Supreme Court declined to consider whether Yelp is required to remove defamatory reviews from its site.

Practice Note

NY Court Finds NYPD Glomar Response Impermissible: A New York State Supreme Court Justice ruled that the NYPD’s Glomar response to a FOIL request for information about police monitoring of Black Lives Matter activists’ social-media accounts was “impermissible” because it “would effectively eliminate any oversight over [the Department’s] handling of protesters” and “runs counter to the very purpose of freedom of information statutes.”

On The Lighter Side

ClickToPray With The Pope: During his traditional Sunday address, Pope Francis launched an app that allows people to “pray together with others,” scroll through other users’ prayers, and leave comments.  


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Praatika Prasad
Quinn Nicholas D’Isa 
Editorial Fellows, Fordham CLIP

CLIP-ings: January 18, 2019

Internet Governance

FCC Chairman Won’t Brief Congress: Citing the federal shutdown, FCC Chairman Ajit Pai refuses to meet with the House Committee on Energy and Commerce to address recent revelations about mobile carriers’ ability to share customers’ location information with third parties.

Privacy

Privacy Big Tech Privacy Proposal Seen As Self-Serving: A leading technology policy think tank’s “grand bargain” proposal argues for any new federal data privacy bill to preempt state privacy laws and repeal sector-specific federal laws in favor of a “common set of protections,” prompting Senator Richard Blumenthal to state that “big tech cannot be trusted to write its own rules.”

Feds Can’t Force Biometric Unlocking: A judge in the U.S. District Court for the Northern District of California ruled that U.S. authorities cannot force individuals to unlock devices with their faces or fingerprints; the judge concluded that biometrics are “testimonial,” as they serve the same purpose as alphanumeric passcodes in unlocking phones.

Information Security and Cyberthreats

“Monster Breach” Revealed: 773 million unique email addresses and 21 million unique passwords aggregated from over 2,000 leaked databases recently became public after being posted to a hacking forum; this breach is unique in part because some of the data is new, passwords are available in plain text, and the data was originally made available on the popular cloud storage site MEGA.

Intellectual Property

Fortnite Sued Over Use Of Popular Dance Moves: Epic Games, the creator of Fortnite, is being sued for copyright and trademark violations for using artists’ non-copyrighted dance moves without permission; the suits could decide if popular dance moves are protected as works of choreography and whether developers are liable for copyright infringement by offering the moves within a game for real-world currency.

Free Expression and Censorship

Roku Changes Course On Infowars: After explaining that it would allow the Alex Jones-owned channel to be downloaded and streamed on its devices based on non-censorship principles, Roku reversed course after receiving feedback from “concerned parties” and removed the channel from its platform.

Practice Note

Court Upholds Twitter’s Unilateral Amendment Clause: An Arizona District Judge rejected a plaintiff’s attempt to invalidate the forum selection clause in Twitter’s terms of service on the basis that the terms allowed for unilateral modification by Twitter; the court noted that Twitter’s terms did not allow retroactive modification and met the requirements for mutuality of obligations.

On The Lighter Side

Robot Layoffs: Over half of the 243 robots working in Japan’s Hen-na robot hotel were fired for creating more problems than they solved and annoying guests.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Praatika Prasad
Quinn Nicholas D’Isa 
Editorial Fellows, Fordham CLIP

CLIP-ings: January 11, 2019

Internet Governance

Deciding The Scope Of The “Right To Be Forgotten”: An advocate general for the European Court of Justice argued that Google and other search engines should not be forced to apply the “right to be forgotten” outside the European Union due to the risk that “other jurisdictions could use their laws to block information from being accessible within the EU”; a final ruling is expected to be reached in the coming months from the court, which typically follows the advocate general’s opinion.

LA Sues Weather Channel App Owner: The Los Angeles City Attorney filed a lawsuit against the Weather Company, the company behind the popular Weather Channel app, claiming the app deceptively collected, shared, and profited from selling millions of users’ location information; the lawsuit claims the app unfairly manipulated users by failing to disclose that their data would be shared for commercial purposes, such as targeting marketing and analysis by hedge funds.

Privacy

Senators Call On FCC To Investigate Telecoms: Senators are calling on the FCC to investigate telecommunications companies like T-Mobile, AT&T, and Sprint after a Motherboard story revealed that the major mobile carriers are selling customer location data to third parties, which then offer the sensitive information to bounty hunters and others not authorized to handle the data; some senators are also demanding regulation that would prevent unauthorized use and sale of phone location data and ensure that customers are properly informed about how their data is sold.

Information Security and Cyberthreats

Student Confesses To German Data Leak: A 20-year old German student reportedly confessed to exposing the personal details of Chancellor Angela Merkel and hundreds of Germany’s politicians, journalists, and entertainers last month; the student published the individuals’ contact information and personal details —including bank account statements, photos, and chat records — on his Twitter account because he was “angry with the public statements” made by his targets.

Intellectual Property

Potential Rise In Copyright Infringement Suit Costs: Filing a copyright infringement suit could become more expensive for creators if the Supreme Court, after hearing arguments in Fourth Estate Public Benefit Corp. v. Wall-Street.com this week, finds that creators must first obtain approval of their copyright registration.

Free Expression and Censorship

Politicians’ Page Ruled A Public Forum: The U.S. Court of Appeals for the Fourth Circuit upheld a 2017 district court decision finding that the Loudoun County, Virginia, Board of Supervisors chair violated the First Amendment rights of a Facebook user who criticized board members and their relatives by banning him for 12 hours from her Facebook page.

On The Lighter Side

Older Users More Likely To Share Hoaxes: A study conducted by researchers at New York University and Princeton University reveals that Facebook users over the age of 65 were more likely to have shared fake news stories during the 2016 presidential campaign than users in any other age group.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: January 4, 2019

Internet Governance

Arizona Residents Resist Waymo: A New York Times report details how members of the Chandler community—a testing site for Waymo’s autonomous vehicles—displayed hostility towards the company in at least 21 incidents since 2017, including by slashing tires and threatening backup drivers with weapons; Waymo has chosen not to prosecute the assailants.

NYPD Planned To Use Drones On New Year’s Eve: Although thwarted at the last minute by rain, the New York Police Department intended to use drones during the New Year’s Eve celebration in Times Square as part of a larger drone program unveiled last month.

Privacy

Court Dismisses Biometric Lawsuit Against Google: After finding that the plaintiff did not suffer “concrete injuries,” a federal court dismissed a lawsuit alleging that Google’s extraction of “face templates” from images uploaded to its cloud-based photo service violated the Illinois Biometric Information Privacy Act; the plaintiff argued that she did not upload the images of herself and thus did not consent to Google’s collection, storage, or use of her biometric data.

Tracking Devices Installed In Chinese Student Uniforms: Students in certain Chinese schools are required to wear uniforms that track their whereabouts; while a state-run Chinese newspaper describes the rule as an effort to promote attendance, critics raise concern that the uniforms allow authorities to track the students’ locations outside of school.

Information Security and Cyberthreats

Terrorists Control Idle Twitter Accounts: Due to a decade-old security flaw, hackers from terrorist groups have been able to hack and post propaganda from dormant accounts by resetting the accounts’ passwords using new email addresses created based on the now-expired or otherwise nonexistent addresses used to initially set up the Twitter handles; Twitter partially directs the blame at email providers that recycle deactivated email addresses.

Unknown Hackers Delay Newspaper Delivery: A strain of malware infected several U.S. newspapers owned by Tribune Publishing—including the LA Times and west coast versions of the New York Times and Wall Street Journal—and delayed their publication and delivery; the motive and source have not been determined.

Intellectual Property

Williams-Sonoma v. Amazon: Williams-Sonoma filed a trademark and design patent infringement lawsuit against Amazon for selling unauthorized Williams-Sonoma merchandise on its website and misrepresenting itself as an authorized seller of the company’s products; the home goods retailer also argued Amazon “unfairly and deceptively engaged in a widespread campaign of copying” designs of its West Elm furniture for Amazon’s own furniture line, Rivet.

Free Expression and Censorship

Netflix Removed Comedy Episode After Saudi Demand: Netflix removed an episode of its show “Patriot Act With Hasan Minhaj” from streaming in Saudi Arabia after the country claimed that the episode violated its anti-cyber crime law barring content that threatens “public order, religious values, public morals, and privacy”; the episode is critical of the United States’ relationship with the Saudi government due to the country’s involvement in the murder of journalist Jamal Khashoggi and the war in Yemen.

Tech Companies Not Responsible For San Bernardino Shooting: A federal judge in San Francisco dismissed a lawsuit seeking to hold Facebook, Google, and Twitter liable to victims of the 2015 mass shooting in San Bernardino, California, on the basis that the attack was not a direct result of the tech companies’ permitting terrorist groups to use their platforms; the judge also found the companies not liable for aiding and abetting terrorism under the 2016 Justice Against Sponsors of Terrorism Act because they were only “generally aware” that terrorists groups have used their services.

On The Lighter Side

AI Stops Wildlife Poachers: Non-profit group Resolve created a pencil-sized, AI-equipped camera to detect animals, humans, and vehicles in real-time, allowing park rangers to detect and stop poachers in Africa before it’s too late.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: December 21, 2018

Internet Governance

D.C. Sues Facebook Over Cambridge Analytica Scandal: The Attorney General of the District of Columbia sued Facebook for its involvement in the Cambridge Analytica data scandal; the lawsuit comes in the wake of a New York Times report revealing that the company gave major technology firms including Apple, Netflix, and Amazon special access to users’ personal data and granted them exceptions to its privacy policies.

Uber Loses Appeal Over Drivers’ Employment Status: The U.K. Court of Appeal dismissed Uber’s appeal against employment tribunal rulings that Uber drivers should be classified as workers rather than as independent contractors; if upheld by the Supreme Court, the decision would require Uber to classify all of its drivers as workers, entitling them to workers’ rights such as minimum wage, sick days, and paid holidays.

Privacy

Consumer Groups Allege Google Misleads Kids: A group of consumer, privacy, and public health groups filed a complaint asking the Federal Trade Commission to investigate Google’s marketing of children’s apps in its Google Play Store; the complaint alleges that Google’s endorsement of certain “Family” apps as child-appropriate is misleading because some apps appear to violate the Children’s Online Privacy Protection Act, contain adult content, require children to watch video advertisements, and  encourage children to make in-app purchases.

Information Security and Cyberthreats

U.S. Issues More Sanctions On Russian Hackers: The U.S. Treasury Department issued sanctions against 15 Russian military intelligence officers for their involvement in multiple campaigns against the U.S., including nine members of Russia’s intelligence service who were indicted by special counsel Robert Mueller for their alleged interference in the 2016 presidential election; the sanctions were imposed days after a report detailed Russia’s political disinformation campaign on U.S. social media was more far-reaching than previously understood, with troll farms working to discourage people from voting and exploiting political and racial divisions to help elect Trump in 2016.

EU Investigates Hacked Diplomatic Communications: The European Union is investigating a cyber hack of its diplomatic communications, allegedly by hackers working for China’s People’s Liberation Army; for years, hackers downloaded thousands of communications that revealed concerns about “the Trump administration, struggles to deal with Russia and China, and the threat of Iran reviving its nuclear program.”

Intellectual Property

German Court Grants Qualcomm’s Injunction Against Apple: Apple will stop selling certain models of the iPhone in German stores after a German court ruled that the phones’ use of a combination of chips from Intel and Qorvo violates a Qualcomm “envelope tracking” patent.

Free Expression and Censorship

Google’s Dragonfly Suspended Indefinitely: Development of the censored search engine has been put on hold after an internal rift forced Google engineers to shut down a crucial data analysis system that involved examining queries that Chinese users entered into Beijing-based search engine 265.com.

Practice Note

European Court Will Decide Responsibility For Facebook “Like” Button: The European Court of Justice heard arguments in a case that will decide whether websites that embed data-collecting widgets such as Facebook’s “Like” button are jointly responsible for complying with data collection requirements under the GDPR.

On The Lighter Side

Parrot Befriends Alexa: A mischievous parrot named Rocco was caught using Amazon’s Alexa to order snacks and other items.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: December 14, 2018

Internet Governance

White House Requires Agencies To Strengthen Cybersecurity: A memo issued by the Office of Management and Budget expands the criteria of what constitutes a “high-value asset” and instructs all federal agencies to work with the Department of Homeland Security to ensure those assets are adequately protected.

FCC Allows Carriers To Block Texts: The Federal Communications Commission voted to classify SMS text messages as a Title I “information service” under the Telecommunications Act in an effort to enable phone companies to block spam; critics argue that the decision gives wireless carriers the ability to censor messages and hike rates.

Privacy

Study Shows Apps Track Every Move: A New York Times investigative report explains how thousands of apps aggregate users’ precise location data – sometimes to within a few yards and updated 14,000 times a day – and sell it to advertisers, retailers, and hedge funds seeking consumer insights; while companies that use location data note that phone users who enable location services consent to their information being collected, critics argue that privacy policies do not adequately explain the extent of tracking.

Senators Introduce Privacy Bill: The proposed Data Care Act would assign online service providers fiduciary-like duties and would require the Federal Trade Commission to draft rules for fining companies that misuse private data; the draft is designed to complement rather than replace other bills recently introduced in Congress to protect consumer privacy.

Information Security and Cyberthreats

Another Google+ Bug: Following an October revelation that a vulnerability exposed profile data from 500,000 Google+ accounts, Google discovered a second bug that affected 52.5 million profiles; as a result, Google announced it will shut down the social media service four months earlier than planned.

Audit Shows Border Officers’ Improper Data Processing: The Department of Homeland Security’s Office of the Inspector General released an audit revealing that U.S. Customs and Border Protection officers recklessly handle the personal data of travelers entering the country; one finding exhibits the agency’s failure to delete data on USB drives after traveler information is uploaded to CBP servers.

Intellectual Property

First Sale Doctrine Doesn’t Protect Digital Music Resale: In Capitol Records LLC v. ReDigi Inc., the Second Circuit ruled that ReDigi, an online marketplace for reselling legally-purchased digital music files, infringed copyright holders’ reproduction rights because ReDigi’s technology created unauthorized new copies of digital files instead of merely transferring existing files to a new user.

Free Expression and Censorship

Google Faces Russian Fine: Russia fined the tech giant 500,000 rubles ($7,530) for failing to comply with a legal requirement that it censor its search results by removing certain entries; the fine comes a month after Moscow opened a civil case against the company for its failure to join a registry showing that it lists Kremlin-banned websites.

Practice Note

Health Tracking Lawsuit Dismissal Affirmed: The Ninth Circuit affirmed dismissal of a suit alleging that Facebook illegally gathered data about user-plaintiffs’ visits to medical websites; the Court found that the users had consented to the tracking and collection by agreeing to Facebook’s privacy policy, and that their browsing history on the medical websites was not so “sensitive” or “qualitatively different” that it fell outside the scope of Facebook’s terms of service.

On The Lighter Side

Bee Backpacks Keep Wearable Tech Buzzing: Researchers at the University of Washington have developed a 102-milligram sensor system that rides on the backs of bumblebees and collects data about temperature, humidity, and light intensity.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: December 7, 2018

Internet Governance

Australia’s New Anti-Encryption Law: Australia passed a bill that will require technology companies to provide law enforcement and security agencies with access to encrypted data, despite criticism that doing so could undermine national security and privacy; Australia is the first nation in the Five Eyes intelligence network—which is comprised of the United States, Canada, Britain, and New Zealand—to force broad access requirements, with fines of up to A$10 million ($7.3 million) for institutions and prison terms for individuals who fail to provide data on suspected illegal activities.

Facebook Cherry-Picked Special Access To Data: Facebook gave favored partners such as Netflix and Airbnb special access to user data, while restricting competitors’ access to its platform, according to internal Facebook documents released by a British parliamentary committee investigating online disinformation; the documents also reveal how Facebook considered restricting app developers’ access to user data unless those developers bought advertising—a policy the company now claims it never enacted.

Privacy

NYPD Unveils New Drone System: The New York Police Department unveiled plans to deploy 14 drones and train 29 officers to operate them, raising concerns about the department’s possible misuse of the devices and growing surveillance capacity; according to police officials, while the drones will be used to monitor large crowds, investigate hazardous waste spills, handle hostage situations, and reach remote areas in crime scenes, they will not be used for routine police patrols or traffic enforcement, will not be weaponized, and will not conduct warrantless surveillance.

Secret Service Tests Facial Recognition At White House: The Secret Service is testing a pilot facial recognition system that matches images of individuals outside the White House with “subjects of interest,” according to a Department of Homeland Security report revealed by the American Civil Liberties Union; while the program is currently limited to trying to match the faces of volunteer staff members, the report acknowledges a privacy risk for members of the public who are inadvertently recorded.

Information Security and Cyberthreats

500 Million Affected In Marriott Data Breach: Hackers breached Marriott’s Starwood hotels reservation system and stole the personal data of up to 500 million guests in an attack that began four years ago; the attack has prompted Senators to call for stronger data security laws and data breach penalties, and Marriott plans to provide customers with free identity theft monitoring and reimburse hack victims for new passports.

NRCC Emails Hacked In 2018 Midterms: The National Republican Congressional Committee (“NRCC”) was hacked during the 2018 midterm election campaigns, exposing thousands of emails from four senior NRCC aides to an unknown entity; neither Senior House Republicans nor rank-and-file members were told of the breach until this week, as the committee opted to withhold information to shield an investigation of the hack and not tip off the culprit.

Intellectual Property

Google Seeks Review Of Spreadsheet Patent Decision: Google petitioned the Federal Circuit for en banc review of an October panel decision finding that an invention for navigating through complex electronic spreadsheets is a patent-eligible improvement; in its petition, Google argued that the technology, which enables electronic tabbing akin to paper tabbing, is directed to an abstract idea and is therefore un-patentable under Alice.

Free Expression and Censorship

Tumblr Bans Porn: Just weeks after it was removed from the iOS App Store over an incident involving child pornography, Tumblr announced that it will permanently ban adult content on its platform starting December 17, 2018; the machine learning technology Tumblr will use to filter prohibited images has been the target of skepticism due to, among other things, its inaccuracy and inability to contextualize images.

On The Lighter Side

New Home of the Whopper? Burger King’s new app uses geofencing technology to offer customers a Whopper for a penny if they order on the app within 600 feet of a McDonald’s.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP

CLIP-ings: November 30, 2018

Internet Governance

DOJ Dismantles Digital Ad Scams: With the help of the FBI, the Department of Homeland Security, and private companies, the Department of Justice indicted eight individuals who are alleged to have created fake internet advertising companies to scam legitimate companies out of a collective $36 million; while three defendants were arrested, five remain at large.

FTC Discusses Holding Tech Companies Accountable: Sitting before the Senate Commerce Consumer Protection Subcommittee, FTC Commissioners would not comment on the agency’s investigation into whether Facebook’s Cambridge Analytica scandal showed that the social network violated a 2011 consent decree; the FTC did state that it lacks sufficient resources to combat data abuse, and as a result often opts for settlement over costly trial.

Ohio Will Accept Bitcoin For Taxes: Despite regulatory concerns around cryptocurrency, Ohio became the first state to accept bitcoin for paying business taxes; the State wants to compete for new businesses and establish itself as the “national and international leader in blockchain technology.”

Privacy

Six Flags Lawsuit Tests Biometric Privacy Law: Illinois’ highest court will determine whether a “person aggrieved” under the State’s Biometric Information Privacy Act must suffer actual harm from the collection of biometric information in violation of the statute, or whether a technical violation alone confers standing to sue.

UK Police Use AI To Predict Crime: A law enforcement software known as the National Data Analytics Solution leverages 1,400 indicators from pooled police data sets across the U.K. and uses machine learning to identify individuals who are on a trajectory toward committing serious violent crimes so they can be offered assistance such as counselling; privacy critics raise concerns about bias reinforcement and the intrusiveness of pre-emptive intervention.

Information Security and Cyberthreats

U.S. Indicts Hackers Behind Nationwide Extortion: The U.S. Treasury Department for the first time added two cryptocurrency wallets to its sanctions list after indicting two Iranian hackers for extorting $6 million from more than 200 victims — including 43 U.S. states — through ransomware software that ordered victims to send money to the bitcoin accounts; one high-profile incident involved an attack on Atlanta that affected major basic municipal functions.

Facebook Faces Vitriol From International Community: At a rare joint hearing with policymakers from nine countries, Facebook was harshly criticized for its inability to stop the spread of fake news; U.K. House of Commons member Damian Collins pointed to documents that allegedly show Facebook was aware of Russia’s malicious involvement with the platform as early as 2014, and suggested that the recently obtained documents will be published “within a week.”

Intellectual Property

Australia Tightens Online Piracy Laws: The Australian parliament passed the Copyright Amendment (Online Infringement) Bill 2018, which, among other things, entitles copyright owners to apply for injunctions that force ISPs to prevent customers from accessing pirate sites and allows ISPs to block mirror and proxy sites without returning to court; the Australian Digital Alliance and other organizations warn that the legislation “removes public interest protections and puts legitimate sites and activities of the public at risk.”

Free Expression and Censorship

Gmail Avoids Gender-Based Pronouns: Gmail stopped its “Smart Compose” text prediction feature, which autosuggests text for Gmail users composing emails, from suggesting gender-based pronouns due to concerns that the technology might perpetuate real-world gender bias.

Practice Note

Ethical Rules Regarding Crowdfunding: The District of Columbia Bar’s Legal Ethics Committee issued an opinion analyzing lawyers’ ethical obligations when clients use crowdfunding to pay for representation, which the opinion concludes vary according to the extent of a lawyer’s involvement in fundraising efforts.

On The Lighter Side

How The Senate Stopped Grinch Bots From Stealing Christmas: Just before the holiday season, Congress members proposed the “Stopping Grinch Bots Act of 2018” to outlaw the use of online shopping bots and the resale of items they purchase.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

Tom Norton 
Executive Director, Fordham CLIP

Tommine McCarthy 
Subrina Chowdhury 
Editorial Fellows, Fordham CLIP