A U.S. federal appeals court ruled that sanctions against Tornado Cash, a crypto transaction anonymization service, must be abandoned, stating that its immutable smart contracts do not constitute "property" under U.S. law and that the Treasury overstepped its authority. The ruling is available here (PDF). CoinDesk reports: The decision answers a controversial privacy debate on whether the government -- via a sanctions list maintained by the U.S. Treasury Department -- has a right to target the technology because it's associated with criminals. The ruling reversed a district court's August ruling that had sided with the government's pursuit of what it had characterized as a "notorious" crypto-mixing service.

OFAC had sanctioned Tornado Cash last year, contending that it was a vital tool used by bad actors including North Korea's Lazarus Group to launder crypto tokens pilfered from platforms and games such as Axie Infinity. Coinbase (COIN) and others had sued the government, claiming it had overreached. Paul Grewal, chief legal officer of crypto exchange Coinbase, cheered the ruling in a Tuesday post on X, calling it a "historic win for crypto." "These smart contracts must now be removed from the sanctions list and U.S. persons will once again be allowed to use this privacy-protecting protocol," Grewal wrote. "Put another way, the government's overreach will not stand." "We readily recognize the real-world downsides of certain uncontrollable technology falling outside of OFAC's sanctioning authority," the judges said, referencing the ineffectiveness of a law that was established well before the world moved online. "But we must uphold the statutory bargain struck (or mis-struck) by Congress, not tinker with it."

Tornado Cash's TORN token has since rallied 500%, passing the $20 mark.

An anonymous reader quotes a report from the New York Times: The founder of an artificial intelligence start-up focused on education was arrested and charged with defrauding her investors, lying about the company's profits and falsely claiming that some of the largest school districts in the country, including New York City's, were her customers. The founder, Joanna Smith-Griffin, started the company, AllHere Education, in 2016, with the goal of using artificial intelligence to increase student and parent engagement and curb absenteeism. In the years that followed, Ms. Smith-Griffin, 33, misrepresented AllHere's revenue and customer base to fraudulently raise almost $10 million in funds, according to the indictment. Once the company's valuation had climbed, she sold some of her stake in it and spent hundreds of thousands of dollars on a down payment for a new home and on her wedding.

Ms. Smith-Griffin was arrested Tuesday in North Carolina, where she lives, and charged with wire fraud, securities fraud and aggravated identity theft. She faces more than 40 years in prison. AllHere is now in bankruptcy proceedings, prosectors said, and all of its employees have been laid off. "Her alleged actions impacted the potential for improved learning environments across major school districts by selfishly prioritizing personal expenses," said James E. Dennehy, the F.B.I. assistant director in New York leading the investigation into Ms. Smith-Griffin. "The F.B.I. will ensure that any individual exploiting the promise of educational opportunities for our city's children will be taught a lesson." Smith-Griffin is the latest Forbes 30 Under 30 honoree to be indicted on fraud. "The Forbes-to-Fraud pipeline includes FTX founder Sam Bankman-Fried and Caroline Ellison, co-CEO of Alameda Research; fintech Frank founder Charlie Javice; and 'Pharma bro' Martin Shkreli," notes TechCrunch.

An anonymous reader quotes a report from Ars Technica: The Supreme Court signaled it may take up a case that could determine whether Internet service providers must terminate users who are accused of copyright infringement. In an order (PDF) issued today, the court invited the Department of Justice's solicitor general to file a brief "expressing the views of the United States."

In Sony Music Entertainment v. Cox Communications, the major record labels argue that cable provider Cox should be held liable for failing to terminate users who were repeatedly flagged for infringement based on their IP addresses being connected to torrent downloads. There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury's finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement "because Cox did not profit from its subscribers' acts of infringement." That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict.

The Supreme Court asking for US input on Sony v. Cox could be a precursor to the high court taking up the case. For example, the court last year asked the solicitor general to weigh in on Texas and Florida laws that restricted how social media companies can moderate their platforms. The court subsequently took up the case and vacated lower-court rulings, making it clear that content moderation is protected by the First Amendment.

Lawyers for the United States on Monday said that Google had created a monopoly with its services to place ads online, closing out an antitrust trial over the company's dominance in advertising technology that could add to the Silicon Valley giant's mounting woes. From a report: The legal case concerns a system of software that is used by advertisers to place ads on websites around the internet. Aaron Teitelbaum, a lawyer for the Justice Department, told Judge Leonie M. Brinkema of the U.S. District Court for the Eastern District of Virginia that the company had linked its products together in a way that made it hard for publishers and advertisers to use alternatives.

"Google is once, twice, three times a monopolist," he said. "These are the markets that make the free and open internet possible." Google's lead lawyer, Karen Dunn, countered that the government had failed to offer the evidence to prove its case and was on shaky legal ground. "Google's conduct is a story of innovation in response to competition," she said. The arguments conclude U.S. et al. v. Google, an antitrust suit that the Justice Department and eight states filed against Google last year. (More states have joined the suit since then.) The agency and states accused the internet giant of abusing control of its ad technology and violating antitrust law, in part through the acquisition of the advertising software company Doubleclick in 2008. Next, Judge Brinkema will decide the merits of the case in the coming months.

Longtime Slashdot reader mspohr shares a report from Gizmodo: Hackers for the Chinese government were able to deeply penetrate U.S. telecommunications infrastructure in ways that President Joe Biden's administration hasn't yet acknowledged, according to new reports from the Washington Post and New York Times. The hackers were able to listen to phone calls and read text messages, reportedly exploiting the system U.S. authorities use to wiretap Americans in criminal cases. The worst part? The networks are still compromised and it may take incredibly drastic measures to boot them from U.S. systems.

The hackers behind the infiltration of U.S. telecom infrastructure are known to Western intelligence agencies as Salt Typhoon, and this particular breach of U.S. equipment was first reported in early October by the Wall Street Journal. But Sen. Mark Warner, a Democrat from Virginia, spoke with the Washington Post and New York Times this week to warn the public that this is so much worse than we initially thought, dubbing it "the worst telecom hack in our nation's history." And those articles based on Warner's warnings were published late Thursday.

Hackers weren't able to monitor or intercept anything encrypted, according to the Times, which means that conversations over apps like Signal and Apple's iMessage were probably protected. But end-to-end encryption over texts between Apple devices and Android devices, for instance, aren't encrypted in the same way, meaning they were vulnerable to interception by Salt Typhoon, according to the Times. The details about how the hackers were able to push so deeply into U.S. systems are still scarce, but it has something to do with the ways in which U.S. authorities wiretap suspects in this country with a court order.

An anonymous reader quotes a report from Reuters: Google has sued one of its former engineers in Texas federal court, accusing him of stealing trade secrets related to its chip designs and sharing them publicly on the internet. The lawsuit, filed on Tuesday (PDF), said that Harshit Roy "touted his dominion" over the secrets in social media posts, tagging competitors and making threatening statements to the company including "I need to take unethical means to get what I am entitled to" and "remember that empires fall and so will you."

Google hired Roy in 2020 to develop computer chips used in Google Pixel devices like smartphones. Google said in the lawsuit that Roy resigned in February and moved from Bangalore, India to the United States in August to attend a doctorate program at the University of Texas at Austin. According to the complaint, Roy began posting confidential Google information to his X account later that month along with "subversive text" directed at the company, such as "don't expect me to adhere to any confidentiality agreement." The posts included photographs of internal Google documents with specifications for Pixel processing chips.

The lawsuit said that Roy ignored Google's takedown requests and has posted additional trade secrets to X and LinkedIn since October. Google alleged that Roy tagged competitors Apple and Qualcomm in some of the posts, "presumably to maximize the potential harm of his disclosure." Google's complaint also said that several news outlets have published stories with confidential details about Google's devices based on the information that Roy leaked. Google asked the court for an unspecified amount of monetary damages and court orders blocking Roy from using or sharing its secrets.

Weeks after federal regulators announced a "click-to-cancel" rule for subscription businesses, a New York judge has ruled that SiriusXM made it too difficult for customers to end their service. Deadline: New York State Supreme Court Justice Lyle Frank's ruling, issued Thursday, upheld elements of a lawsuit filed against the satellite audio firm in 2023 by New York Attorney General Letitia James. In a post on X after Frank's ruling, she wrote that the company "illegally forced people to go through a long and burdensome process to simply cancel their subscriptions. We sued SiriusXM to protect people's wallets, and now, SiriusXM must simplify its cancellation process and stop taking advantage of New Yorkers."

Netflix is looking toward Discord for help in figuring out who, exactly, is leaking unreleased footage from some of its popular shows. From a report: The Northern District of California court issued a subpoena on Thursday to compel Discord to share information that can help identify a Discord user who's reportedly involved in leaking episodes and images from Netflix shows like Arcane and Squid Game.

Documents filed alongside the subpoena specifically call out an unreleased and copyrighted image from the second season of Squid Game, posted by a Discord user @jacejohns4n. In an interview linked on the user's now deleted X account, published on Telegram, the leaker claimed responsibility for the self-described "worst leak in streaming history," where episodes of Arcane, Heartstopper, Dandadan, Terminator Zero, and other shows were published online. Netflix confirmed in August that a post production studio was hacked.

Mozilla has warned that the Justice Department's proposed breakup of Google could harm independent web browsers, pushing back against a key element of the government's antitrust remedy.

The maker of Firefox browser said in a statement the DOJ's blanket ban on search revenue-sharing deals would disproportionately impact smaller players that rely on such agreements, while failing to meaningfully increase competition in search.

Firefox and similar browsers account for a small share of US search queries but provide crucial alternatives for privacy-conscious consumers, Mozilla said. The DOJ's wide-ranging proposal, submitted to a federal court in Washington, includes forcing Google to sell its Chrome browser and prohibiting the company from paying other firms to set Google as their default search engine.

The plan follows an August ruling that found Google illegally monopolized the search market. In a statement, Mozilla argued that rather than an outright prohibition on search agreements, remedies should focus on "addressing the barriers to competition and facilitating a marketplace that promotes competition and consumer choice."

An anonymous reader quotes a report from PYMNTS: The Justice Department's proposal to resolve its antitrust case over online search against Google reportedly would force the tech giant to unwind its partnership with artificial intelligence (AI) company Anthropic. A recommendation in the Justice Department's court filing Wednesday (Nov. 20) that Google be barred from partnerships with companies that control where consumers search for information, is intended to apply to the company's investment in Anthropic, Bloomberg reported Thursday (Nov. 21). [...]

It was reported in October 2023 that Google had invested $500 million in Anthropic and agreed to contribute another $1.5 billion over time. During that same month, PYMNTS reported that Anthropic's commitment to building and deploying what the company said are generative AI capabilities with stronger built-in guardrails, differentiated it from other foundational AI models on the market. On Tuesday (Nov. 19), the U.K.'s competition watchdog, the Competition and Markets Authority (CMA), cleared Google's partnership with Anthropic, saying that it had determined that the deal between the tech giant and the AI startup did not warrant additional investigation. "The CMA does not believe that Google has acquired material influence over Anthropic as a result of the partnership," the regulator said in its assessment of the arrangement. U.S. regulators also call for a sale of Google's Chrome browser and restrictions to prevent Android from favoring its own search engine.

"DOJ had a chance to propose remedies related to the issue in this case: search distribution agreements with Apple, Mozilla, smartphone OEMs and wireless carriers," Google said in a Thursday blog post. "Instead, DOJ chose to push a radical interventionist agenda that would harm Americans and America's global technology leadership."

An anonymous reader quotes a report from Ars Technica: A federal court yesterday ruled against parents who sued a Massachusetts school district for punishing their son who used an artificial intelligence tool to complete an assignment. Dale and Jennifer Harris sued Hingham High School officials and the School Committee and sought a preliminary injunction requiring the school to change their son's grade and expunge the incident from his disciplinary record before he needs to submit college applications. The parents argued that there was no rule against using AI in the student handbook, but school officials said the student violated multiple policies.

The Harris' motion for an injunction was rejected in an order (PDF) issued yesterday from US District Court for the District of Massachusetts. US Magistrate Judge Paul Levenson found that school officials "have the better of the argument on both the facts and the law."

"On the facts, there is nothing in the preliminary factual record to suggest that HHS officials were hasty in concluding that RNH [the Harris' son, referred to by his initials] had cheated," Levenson wrote. "Nor were the consequences Defendants imposed so heavy-handed as to exceed Defendants' considerable discretion in such matters." "On the evidence currently before the Court, I detect no wrongdoing by Defendants," Levenson also wrote. "The manner in which RNH used Grammarly -- wholesale copying and pasting of language directly into the draft script that he submitted -- powerfully supports Defendants' conclusion that RNH knew that he was using AI in an impermissible fashion," Levenson wrote. While "the emergence of generative AI may present some nuanced challenges for educators, the issue here is not particularly nuanced, as there is no discernible pedagogical purpose in prompting Grammarly (or any other AI tool) to generate a script, regurgitating the output without citation, and claiming it as one's own work," the order said.

Levenson concluded with a quote from a 1988 Supreme Court ruling that said the education of youth "is primarily the responsibility of parents, teachers, and state and local school officials, and not of federal judges." According to Levenson, "This case well illustrates the good sense in that division of labor. The public interest here weighs in favor of Defendants."

An anonymous reader shares a report: Lawyers for The New York Times and Daily News, which are suing OpenAI for allegedly scraping their works to train its AI models without permission, say OpenAI engineers accidentally deleted data potentially relevant to the case. Earlier this fall, OpenAI agreed to provide two virtual machines so that counsel for The Times and Daily News could perform searches for their copyrighted content in its AI training sets.

In a letter, attorneys for the publishers say that they and experts they hired have spent over 150 hours since November 1 searching OpenAI's training data. But on November 14, OpenAI engineers erased all the publishers' search data stored on one of the virtual machines, according to the aforementioned letter, which was filed in the U.S. District Court for the Southern District of New York late Wednesday. OpenAI tried to recover the data -- and was mostly successful. However, because the folder structure and file names were "irretrievably" lost, the recovered data "cannot be used to determine where the news plaintiffs' copied articles were used to build [OpenAI's] models," per the letter. "News plaintiffs have been forced to recreate their work from scratch using significant person-hours and computer processing time," counsel for The Times and Daily News wrote.

In a 23-page document (PDF) filed late Wednesday, U.S. regulators asked a federal judge to break up Google after a court found the tech giant of maintaining an abusive monopoly through its dominant search engine. As punishment, the DOJ calls for a sale of Google's Chrome browser and restrictions to prevent Android from favoring its own search engine. The Associated Press reports: Although regulators stopped short of demanding Google sell Android too, they asserted the judge should make it clear the company could still be required to divest its smartphone operating system if its oversight committee continues to see evidence of misconduct. [...] The Washington, D.C. court hearings on Google's punishment are scheduled to begin in April and Mehta is aiming to issue his final decision before Labor Day. If [U.S. District Judge Amit Mehta] embraces the government's recommendations, Google would be forced to sell its 16-year-old Chrome browser within six months of the final ruling. But the company certainly would appeal any punishment, potentially prolonging a legal tussle that has dragged on for more than four years.

Besides seeking a Chrome spinoff and a corralling of the Android software, the Justice Department wants the judge to ban Google from forging multibillion-dollar deals to lock in its dominant search engine as the default option on Apple's iPhone and other devices. It would also ban Google from favoring its own services, such as YouTube or its recently-launched artificial intelligence platform, Gemini. Regulators also want Google to license the search index data it collects from people's queries to its rivals, giving them a better chance at competing with the tech giant. On the commercial side of its search engine, Google would be required to provide more transparency into how it sets the prices that advertisers pay to be listed near the top of some targeted search results. The measures, if they are ordered, threaten to upend a business expected to generate more than $300 billion in revenue this year. "The playing field is not level because of Google's conduct, and Google's quality reflects the ill-gotten gains of an advantage illegally acquired," the Justice Department asserted in its recommendations. "The remedy must close this gap and deprive Google of these advantages."

An anonymous reader shares a report: On Tuesday morning, the air quality in India's capital under a widely used index stood at 485. While that is almost five times the threshold for healthy breathing, it felt like a relief: The day before, the reading had shot up to 1,785. Infinitesimal air particles were still clogging lungs and arteries, but it was possible to see sunlight again, and to smell things.

[...] Every year this suffocating smog accompanies the drop in temperatures as the plains of north India shed their unbearable heat for wintertime cool. And like clockwork, political leaders roll out emergency measures intended to quit making the problem worse. Yet India seems powerless to reduce the effects of this public health catastrophe, as its politicians stay busy trading blame and trying to outmaneuver one another in legal battles.

The haze was so shocking this week that Delhi's chief minister, Atishi, who goes by one name, declared it a "medical emergency" endangering the lives of children and older people. The Supreme Court, whose members also live in the capital, chided the national government for responding too slowly and ordered special measures: halting construction work and blocking some vehicles from the roads. Schools were closed indefinitely to protect students.

One of India's largest news agencies, Asian News International, has sued OpenAI in a case that could set a precedent for how AI companies use copyrighted news content in the world's most populous nation. From a report: Asian News International filed a 287-page lawsuit in the Delhi High Court on Monday, alleging the AI company illegally used its content to train its AI models and generated false information attributed to the news agency. The case marks the first time an Indian media organization has taken legal action against OpenAI over copyright claims.

WhatsApp's newly unsealed court documents have exposed the extensive reach of NSO Group's Pegasus spyware operation, which targeted "between hundreds and tens of thousands" of devices, according to testimony from the company's head of research and development. The Israeli surveillance firm charged government customers up to $6.8 million for one-year licenses, generating at least $31 million in revenue in 2019 alone, TechCrunch first reported.

The documents detail previously unknown hacking tools named "Hummingbird," "Eden," and "Heaven," developed specifically to compromise WhatsApp users' devices. The revelations emerge from WhatsApp's ongoing 2019 lawsuit against NSO Group for alleged violations of U.S. anti-hacking laws.

Further reading: NSO, Not Government Clients, Operates Its Spyware.

According to Bloomberg, the U.S. Justice Department wants Google to sell off its Chrome browser as part of its ongoing search monopoly case. The recommendations will be made official on Wednesday. 9to5Google reports: At the top of the list is having Google sell Chrome "because it represents a key access point through which many people use its search engine." There are many questions about how that works, including what the impact on the underlying Chromium codebase would be. Would Google still be allowed to develop the open-source project by which many other browsers, like Microsoft Edge use? "The government has the option to decide whether a Chrome sale is necessary at a later date if some of the other aspects of the remedy create a more competitive market," reports Bloomberg. Google, which plans to appeal, previously said that "splitting off Chrome or Android would break them."

Bloomberg reports that "antitrust officials pulled back from a more severe option that would have forced Google to sell off Android." However, the government wants Google to "uncouple its Android smartphone operating system from its other products, including search and its Google Play mobile app store, which are now sold as a bundle." Meanwhile, other recommendations include licensing Google Search data and results, as well as allowing websites that are indexed for Search to opt out of AI training.

An anonymous reader quotes a report from Ars Technica: An AI-generated nude photo scandal has shut down a Pennsylvania private school. On Monday, classes were canceled after parents forced leaders to either resign or face a lawsuit potentially seeking criminal penalties and accusing the school of skipping mandatory reporting of the harmful images. The outcry erupted after a single student created sexually explicit AI images of nearly 50 female classmates at Lancaster Country Day School, Lancaster Online reported. Head of School Matt Micciche seemingly first learned of the problem in November 2023, when a student anonymously reported the explicit deepfakes through a school portal run by the state attorney's general office called "Safe2Say Something." But Micciche allegedly did nothing, allowing more students to be targeted for months until police were tipped off in mid-2024.

Cops arrested the student accused of creating the harmful content in August. The student's phone was seized as cops investigated the origins of the AI-generated images. But that arrest was not enough justice for parents who were shocked by the school's failure to uphold mandatory reporting responsibilities following any suspicion of child abuse. They filed a court summons threatening to sue last week unless the school leaders responsible for the mishandled response resigned within 48 hours. This tactic successfully pushed Micciche and the school board's president, Angela Ang-Alhadeff, to "part ways" with the school, both resigning effective late Friday, Lancaster Online reported.

In a statement announcing that classes were canceled Monday, Lancaster Country Day School -- which, according to Wikipedia, serves about 600 students in pre-kindergarten through high school -- offered support during this "difficult time" for the community. Parents do not seem ready to drop the suit, as the school leaders seemingly dragged their feet and resigned two days after their deadline. The parents' lawyer, Matthew Faranda-Diedrich, told Lancaster Online Monday that "the lawsuit would still be pursued despite executive changes." Classes are planned to resume on Tuesday, Lancaster Online reported. But students seem unlikely to let the incident go without further action to help girls feel safe at school. Last week, more than half the school walked out, MSN reported, forcing classes to be canceled as students and some faculty members called for resignations and additional changes from remaining leadership.

jojowombl shares a report from The Guardian: Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker -- and not its government customers -- is the party that "installs and extracts" information from mobile phones targeted by the company's hacking software. The new details were contained in sworn depositions from NSO Group employees, portions of which were published for the first time on Thursday.

It comes five years after WhatsApp, the popular messaging app owned by Facebook, first announced it was filing suit against NSO. The company, which was blacklisted by the Biden administration in 2021, makes what is widely considered the world's most sophisticated hacking software, which -- according to researchers -- has been used in the past in Saudi Arabia, Dubai, India, Mexico, Morocco and Rwanda. [...] At the heart of the legal fight was an allegation by WhatsApp that NSO had long denied: that it was the Israeli company itself, and not its government clients around the world, who were operating the spyware. NSO has always said that its product is meant to be used to prevent serious crime and terrorism, and that clients are obligated not to abuse the spyware. It has also insisted that it does not know who its clients are targeting. [...]

To make its case, WhatsApp was allowed by Judge Phyllis Hamilton to make its case, including citing depositions that have previously been redacted and out of public view. In one, an NSO employee said customers only needed to enter a phone number of the person whose information was being sought. Then, the employee said, "the rest is done automatically by the system." In other words, the process was not operated by customers. Rather NSO alone decided to access WhatsApp's servers when it designed (and continuously upgraded) Pegasus to target individuals' phones. A spokesperson for NSO, Gil Lainer, said in a statement: "NSO stands behind its previous statements in which we repeatedly detailed that the system is operated solely by our clients and that neither NSO nor its employees have access to the intelligence gathered by the system. We are confident that these claims, like many others in the past, will be proven wrong in court, and we look forward to the opportunity to do so."

Eighteen Republican state attorneys general have sued the U.S. Securities and Exchange Commission (SEC) and Chair Gary Gensler on Thursday, challenging the agency's authority to regulate cryptocurrency markets.

The lawsuit, led by Kentucky Attorney General Russell Coleman, alleges the SEC has exceeded its statutory powers by attempting to assume broad regulatory control over digital assets without congressional authorization. The complaint argues the agency's actions infringe on states' rights to develop their own cryptocurrency regulations and harm consumers by imposing ill-fitting federal securities laws on digital assets.

Speaking at a legal conference Thursday, Gensler defended the agency's approach, citing consistent court support for SEC enforcement actions in cryptocurrency cases. The regulatory landscape appears set for change following President-elect Trump's victory. Trump, who previously dismissed cryptocurrency as a "scam," has pledged to make the U.S. the "crypto capital of the planet" and remove Gensler.