A longtime Slashdot reader writes: Regular Slashdot users will certainly be aware of the saga unfolding between the country of Brazil and X. Reuters has already reported that what I have to relay here will come as no surprise to Elon Musk, but reporting on CNN confirms that Brazilian Justice Alexandre de Moraes has ordered X to suspend operations in Brazil until X names a representative to appear on X's behalf in Brazilian Courts.

Is this the end of X or some brilliant Machiavellian ploy on the part of Elon Musk? Only time and the informed and spirited debate of the users here at /. can be sure. Here's a recap of the saga, as told by X's Grok-2 chatbot: The Beginning: Alexandre de Moraes, a Brazilian Supreme Court Justice with a reputation for tackling misinformation, especially around elections, found himself at odds with Elon Musk, the space-faring, electric-car magnate turned social media mogul. The conflict kicked off when Moraes ordered X to block certain accounts in Brazil, part of his broader crackdown on what he deemed as misinformation.

The Escalation: Musk, never one to shy away from a fight, especially when it involves what he perceives as free speech issues, declared on X that he would not comply with Moraes' orders. This defiance wasn't just a tweet; it was a digital declaration of war. Musk accused Moraes of overstepping his bounds, betraying the constitution, and even likened him to Darth Vader in a less than flattering comparison. Moraes, not amused, opened an investigation into Musk for obstruction of justice, accusing him of inciting disobedience and disrespecting Brazil's sovereignty. The stakes were raised with fines of around $20,000 per day for each reactivated account, and threats of arresting X employees in Brazil.

The Drama Unfolds: The internet, as it does, had a field day. Posts on X ranged from Musk supporters calling Moraes a dictator to others backing Moraes, arguing he was defending democracy against foreign billionaires. The conflict became a global spectacle, with Musk's posts drawing international attention, comparing the situation to a battle for free speech versus censorship. Musk, in true Musk fashion, didn't just stop at defiance. He shared all of Moraes' demands publicly, suggesting users use VPNs, and even hinted at closing X's operations in Brazil, which eventually happened, citing the need to protect staff safety.

The Latest Chapter: Recently, X announced the closure of its operations in Brazil, a move seen as the culmination of this legal and ideological battle. Musk framed it as a stand against what he saw as an assault on free speech, while critics viewed it as an overreaction or a strategic retreat.

An anonymous reader quotes a report from Gizmodo: Thousands of Tennesseans were illegally denied Medicaid and other benefits due to programming and data errors in an algorithmic system the state uses to determine eligibility for low-income residents and people with disabilities, a U.S. District Court judge ruled this week. The TennCare Connect system -- built by Deloitte and other contractors for more than $400 million -- is supposed to analyze income and health information to automatically determine eligibility for benefits program applicants. But in practice, the system often doesn't load the appropriate data, assigns beneficiaries to the wrong households, and makes incorrect eligibility determinations, according to the decision (PDF) from Middle District of Tennessee Judge Waverly Crenshaw Jr.

"When an enrollee is entitled to state-administered Medicaid, it should not require luck, perseverance, and zealous lawyering for him or her to receive that healthcare coverage," Crenshaw wrote in his opinion. The decision was a result of a class action lawsuit filed in 2020 on behalf of 35 adults and children who were denied benefits. [...] ]Crenshaw found that TennCare Connect did not consider whether applicants were eligible for all available programs before it terminated their coverage. Deloitte was a major beneficiary of the nationwide modernization effort, winning contracts to build automated eligibility systems in more than 20 states, including Tennessee and Texas. Advocacy groups have asked (PDF) the Federal Trade Commission to investigate Deloitte's practices in Texas, where they say thousands of residents are similarly being inappropriately denied life-saving benefits by the company's faulty systems.

A recent indictment (PDF) of an Alaska man stands out due to the sophisticated use of multiple encrypted communication tools, privacy-focused apps, and dark web technology. "I've never seen anyone who, when arrested, had three Samsung Galaxy phones filled with 'tens of thousands of videos and images' depicting CSAM, all of it hidden behind a secrecy-focused, password-protected app called 'Calculator Photo Vault,'" writes Ars Technica's Nate Anderson. "Nor have I seen anyone arrested for CSAM having used all of the following: [Potato Chat, Enigma, nandbox, Telegram, TOR, Mega NZ, and web-based generative AI tools/chatbots]." An anonymous reader shares the report: According to the government, Seth Herrera not only used all of these tools to store and download CSAM, but he also created his own -- and in two disturbing varieties. First, he allegedly recorded nude minor children himself and later "zoomed in on and enhanced those images using AI-powered technology." Secondly, he took this imagery he had created and then "turned to AI chatbots to ensure these minor victims would be depicted as if they had engaged in the type of sexual contact he wanted to see." In other words, he created fake AI CSAM -- but using imagery of real kids.

The material was allegedly stored behind password protection on his phone(s) but also on Mega and on Telegram, where Herrera is said to have "created his own public Telegram group to store his CSAM." He also joined "multiple CSAM-related Enigma groups" and frequented dark websites with taglines like "The Only Child Porn Site you need!" Despite all the precautions, Herrera's home was searched and his phones were seized by Homeland Security Investigations; he was eventually arrested on August 23. In a court filing that day, a government attorney noted that Herrera "was arrested this morning with another smartphone -- the same make and model as one of his previously seized devices."

The government is cagey about how, exactly, this criminal activity was unearthed, noting only that Herrera "tried to access a link containing apparent CSAM." Presumably, this "apparent" CSAM was a government honeypot file or web-based redirect that logged the IP address and any other relevant information of anyone who clicked on it. In the end, given that fatal click, none of the "I'll hide it behind an encrypted app that looks like a calculator!" technical sophistication accomplished much. Forensic reviews of Herrera's three phones now form the primary basis for the charges against him, and Herrera himself allegedly "admitted to seeing CSAM online for the past year and a half" in an interview with the feds.

A U.S. appeals court has revived a lawsuit against TikTok over a child's death, potentially limiting tech companies' legal shield under Section 230. The 3rd U.S. Circuit Court of Appeals ruled that the law does not protect TikTok from claims that its algorithm recommended a deadly "blackout challenge" to a 10-year-old girl.

Judge Patty Shwartz wrote that Section 230 only immunizes third-party content, not recommendations made by TikTok's own algorithm. The decision marks a departure from previous rulings, citing a recent Supreme Court opinion that platform algorithms reflect "editorial judgments." This interpretation could significantly impact how courts apply Section 230 to social media companies' content curation practices.

Yelp has filed an antitrust lawsuit against Google, accusing the search giant of maintaining its local search monopoly by preferencing its own services over competitors, harming competition and reducing quality. "Yelp claims that the way Google directs users toward its own local search vertical from its general search engine results page should be considered illegal tying of separate products to keep rivals from reaching scale," adds The Verge. From the report: Yelp wants the court to order Google to stop the allegedly anticompetitive conduct and to pay it damages. It demanded a jury trial and filed the suit in the Northern District of California, where a different jury found that Google had an illegal monopoly through its app store in its fight against Epic Games.

The company was emboldened to bring its own lawsuit against Google after the DOJ's win in its antitrust case about the company's allegedly exclusionary practices around the distribution of search services. Yelp CEO Jeremy Stoppelman told The New York Times that following that decision, "the winds on antitrust have shifted dramatically." Previously, he told the Times, he'd hesitated to bring a suit because of the resources it would require and because he saw it as the government's job to enforce the antitrust laws. "Yelp's claims are not new," Google spokesperson Peter Schottenfels said in a statement. "Similar claims were thrown out years ago by the FTC, and recently by the judge in the DOJ's case. On the other aspects of the decision to which Yelp refers, we are appealing. Google will vigorously defend against Yelp's meritless claims."

Three former Backpage executives, including co-founder Michael Lacey, were sentenced to prison for promoting prostitution and laundering money while disguising their activities as a legitimate classified business. The Associated Press reports: A jury convicted Lacey, 76, of a single count of international concealment money laundering last year, but deadlocked on 84 other prostitution facilitation and money laundering charges. U.S. District Judge Diane Humetewa later acquitted Lacey of dozens of charges for insufficient evidence, but he still faces about 30 prostitution facilitation and money laundering charges. Authorities say the site generated $500 million in prostitution-related revenue from its inception in 2004 until it was shut down by the government in 2018.

Lacey's lawyers say their client was focused on running an alternative newspaper chain and wasn't involved in day-to-day operations of Backpage. But Humetewa told Lacey during Wednesday's sentencing he was aware of the allegations against Backpage and did nothing. "In the face of all this, you held fast," Humetewa said. "You didn't do a thing." Two other Backpage executives, Chief Financial Officer John Brunst and Executive Vice President Scott Spear, also were convicted last year and were each sentenced on Wednesday to 10 years in prison. The judge ordered Lacey and the two executives to report to the U.S. Marshals Service in two weeks to start serving their sentences.

An anonymous reader shares a report: Following the arrest of Telegram CEO and co-founder Pavel Durov Saturday, the 39-year-old billionaire, Drov has been indicted on multiple charges after appearing in front of a Paris Court on Wednesday. He has been indicted on charges of Complicity in the administration of an online platform to enable an illicit transaction, by an organized gang. This charge carries a maximum penalty of 10 years imprisonment and a fine of $555,000.

He was also indicted on charges of refusal to communicate at the request of authorities; Complicity in the offenses in particular of making available without legitimate reason a program or data designed to an attack on an automated data processing system, organized gang dissemination of images of minors of a child pornography nature, drug trafficking, organized gang fraud, criminal conspiracy with a view to committing crimes or offenses; Laundering of crimes or offenses by organized games; Provision of cryptology services aimed at ensuring confidentiality functions without compliant declaration. Durov has been placed under judicial supervision with an obligation to provide a deposit of 5 million euros and he must report to the police station twice a week and is banned from leaving France. From earlier today: Telegram CEO Released By Police, Transferred To Court For Possible Indictment.

Telegram CEO Pavel Durov is heading to court for a possible indictment after being released from police custody, authorities in France said on Wednesday. From a report: "An investigating judge has ended Pavel Durov's police custody and will have him brought to court for a first appearance and a possible indictment," according to a statement from the Paris prosecutor's office that was quoted in an Associated Press article. Durov was arrested in Paris on Saturday and questioned by police for several days. The French investigative judge will "decide whether to place him under formal investigation following his arrest as part of a probe into organized crime on the messaging app," Reuters wrote today.

"Being placed under formal investigation in France does not imply guilt or necessarily lead to trial, but indicates that judges consider there is enough to the case to proceed with the probe. Investigations can last years before being sent to trial or shelved," Reuters wrote. The judge's decision on a formal investigation is expected today, the article said. On Monday, prosecutor Laure Beccuau issued a statement saying Durov was arrested "in the context of a judicial investigation" into a "person unnamed." The wording leaves open the possibility that the unnamed person is someone else, but the prosecutor's statement listed a raft of potential charges that may indicate what Durov could be charged with. Update: Telegram CEO Indicted in Paris Court .

U.S. Securities and Exchange Commission (SEC) has issued a Wells notice to OpenSea, the leading non-fungible token (NFT) marketplace, threatening legal action over alleged securities violations. The SEC contends that NFTs traded on OpenSea's platform may constitute securities, a move that could have far-reaching implications for the digital art and collectibles industry. OpenSea CEO Devin Finzer denounced the SEC's action as an overreach that could stifle innovation and harm creators. The company pledged $5 million to cover legal fees for NFT creators and developers who receive Wells notices.

An anonymous reader shared this story from the blog Decrypt: Michael Lewis, author of Going Infinite, an account of the rise and fall of Sam Bankman-Fried, has argued that the disgraced FTX founder didn't have "the character of a thief" in a new The Washington Post article. "His crime was of a piece with his character. The character wasn't the character of a thief. It was the character of a person numb to risk." Lewis explained in the final paragraphs of a 4,500 word essay adapted from a new introduction to his book. "Unable to feel risk himself, he can't really imagine other people feeling much at all about the risk he has subjected them to...."

Lewis doubled down on previous claims that Bankman-Fried wasn't running a Ponzi scheme, arguing that "The crime was unnecessary to the business in a way that, say, Bernie Madoff's was not," and that "The crime made no sense." The collapse of FTX, he added, "might have been avoided and FTX might have survived."

"That doesn't mean I think that Sam Bankman-Fried is innocent. It merely informs how I feel about him," Lewis explained. "I think the truth is closer to 'young person with an intellectually defensible but socially unacceptable moral code makes a huge mistake in trying to live by it' than "criminal on the loose in the financial system.'"
From from The Daily Beast: Lewis also pointed to bankruptcy court filings from FTX in the weeks after Bankman-Fried's sentencing showing that "against the $8.7 billion in missing customer deposits, FTX was now sitting on something like $14.5 to $16.3 billion." "Whatever the exact sum, it was enough to repay all depositors and various other creditors at least 118 cents on the dollar — that is, everyone who imagined they had lost money back in November 2022 would get their money back, with interest," Lewis writes.
Michael Lewis's article offers some vivid details: Inside of three years, he'd gone from socially and emotionally isolated 25-year-old with an upper-middle-class bank account to leader of a small army of math nerds and (according to Forbes magazine) not merely the world's richest person under 30 but maybe the fastest creator of wealth in recorded history... He'd gone from having no friends as a child to having too many as an adult without ever developing a capacity for friendship....

The prosecutors didn't need Sam's help. Sam helped them anyway by ignoring the counsel of his lawyers and testifying on his own behalf... As Lewis Kaplan, the federal judge who presided over the case, said later: "When he wasn't outright lying, he was often evasive, hairsplitting, dodging questions and trying to get the prosecutor to reword questions in ways that he could answer in ways he thought less harmful than a truthful answer to the question that was posed would have been. I've been doing this job for close to 30 years. I've never seen a performance quite like that...." [T]he judge ordered Sam to rise so that he might address him directly. Two hours or so earlier, Sam had shuffled into the courtroom in prison khakis with his head down and his hands oddly clasped behind his back. Just before he'd entered, his guards had told him he was meant to be wearing handcuffs and asked if he could create the impression that he was doing so...

"There is a risk that this man will be in a position to do something very bad in the future, and it's not a trivial risk, not a trivial risk at all," said the judge. "So, in part, my sentence will be for the purpose of disabling him." He then sentenced Sam to 25 years in prison, with no possibility of parole.

A few minutes later, Sam dutifully clasped his hands behind his back and shuffled out of the courtroom.
Lewis adapted his 4,500-word article from the upcoming (updated) paperback edition of his book — which was originally published in 2023 on the same day jurors were selected for Bankman-Fried's trial...

Six months after going public, Reddit "is winning over advertisers," reports Bloomberg, "by showing that it's different than other internet platforms, which often rely on users' identities and personal information to target ads." Instead, Reddit is targeting people based on their interests, relying on the site's [100,000+] deeply detailed communities — called subreddits — to match advertisers with potential customers... Early returns on that strategy have been promising. The text-based site easily surpassed expectations in its first two earnings reports this year, disclosing strong sales and better-than-expected projected growth. The stock is up 66% from its $34 initial public offering price in March.

Beyond targeting subreddits, the company also can use specific keywords to sell what it calls conversation ads. If a Redditor in r/HydroHomies — a community about the benefits of drinking water that has more than 1.2 million users — asks for advice about a specific brand of water bottle, an ad for that exact product could appear next to that user's post. These conversation ads are the fastest-growing ad format on the platform, the company said. They also give marketers a chance to appear in subreddits where customers are already talking about them...

Despite being around for close to 20 years, Reddit only started investing heavily in its advertising business in 2018, and is now hoping that marketers and investors are ready to acknowledge the site has grown up. Executives often point to its unique form of content moderation as proof that it's a safer place for brands than other sites. Reddit largely relies on a group of more than 60,000 human moderators — users who volunteer to serve as a sort of content police — to flag or take down unsavory content. On top of that, the site has a voting system so users can rate the quality of content. "From everything we're seeing, they have a level of brand safety and content safety for advertisers that is very comparable to most other social platforms," said Jack Johnston, senior social innovation director at performance marketing agency Tinuiti, which buys ads on Meta, Pinterest, X and Reddit. "That wasn't necessarily the case a couple years ago."

Those improvements have paid dividends. Reddit recently signed new content partnerships with major sports leagues, including the NFL, NBA and MLB, and the majority of Reddit's advertising revenue comes from Fortune 500 companies. Last year, the site made close to $800 million in ad sales, and counts marquee brands like Toyota, Disney, Samsung and Ulta Beauty among its advertisers. This year, analysts expect Reddit's overall advertising business to eclipse $1.1 billion in revenue and see the company reaching $2 billion in sales as soon as 2027, according to data compiled by Bloomberg. To get there, Reddit will need to court smaller marketers, too. The company makes more than 25% of its revenue from just 10 advertisers, meaning any unexpected pullback from a key partner could have a significant impact on the company's business, said Dan Salmon, lead analyst at New Street Research. "This army of small businesses — that's the most important thing for all of those platforms, for Reddit, for Pinterest, for X," he said...

Advertisers large and small say they're already planning to spend more on Reddit in the coming quarters.
The article points out that more than 90 million people visit Reddit each day.

The Verge's Adi Robertson reports: An appeals court revived a lawsuit against the anonymous messaging service Yolo, which allegedly broke a promise to unmask bullies on the app. In a ruling (PDF) issued Thursday, the Ninth Circuit Court of Appeals said Section 230 of the Communications Decency Act shouldn't block a claim that Yolo misrepresented its terms of service, overruling a lower court decision. But it determined the app can't be held liable for alleged design defects that allowed harassment, letting a different part of that earlier ruling stand.

Yolo was a Snapchat-integrated app that let users send anonymous messages, but in 2021, it was hit with a lawsuit after a teenage user died by suicide. The boy, Carson Bride, had received harassing and sexually explicit messages from anonymized users that -- he believed -- he likely knew. Bride and his family attempted to contact Yolo for help, but Yolo allegedly never answered, and in some cases, emails to the company simply bounced. Snap banned Yolo and another app targeted in the lawsuit, and a year later, it banned all anonymous messaging integration. Bride's family and a collection of other aggrieved parents argued that Yolo broke a legally binding promise to its users. They pointed to a notification where Yolo claimed people would be banned for inappropriate use and deanonymized if they sent "harassing messages" to others. But as the ruling summarizes, the plaintiffs argued that "with a staff of no more than ten people, there was no way Yolo could monitor the traffic of ten million active daily users to make good on its promise, and it in fact never did." Additionally, they claimed Yolo should have known its anonymous design facilitated harassment, making it defective and dangerous.

A lower court threw out both of these claims, saying that under Section 230, Yolo couldn't be held responsible for its users' posts. The appeals court was more sympathetic. It accepted the argument that families were instead holding Yolo responsible for promising users something it couldn't deliver. "Yolo repeatedly informed users that it would unmask and ban users who violated the terms of service. Yet it never did so, and may have never intended to," writes Judge Eugene Siler, Jr. "While yes, online content is involved in these facts, and content moderation is one possible solution for Yolo to fulfill its promise, the underlying duty ... is the promise itself." The Yolo suit built on a previous Ninth Circuit ruling that let another Snap-related lawsuit circumvent Section 230's shield. In 2021, it found Snap could be sued for a "speed filter" that could implicitly encourage users to drive recklessly, even if users were responsible for making posts with that filter. (The overall case is still ongoing.) On top of their misrepresentation claim, the plaintiffs argued Yolo's anonymous messaging capability was similarly risky, an argument the Ninth Circuit didn't buy -- "we refuse to endorse a theory that would classify anonymity as a per se inherently unreasonable risk," Siler wrote.

The Register's Connor Jones reports: The U.S. is suing one of its leading research universities over a litany of alleged failures to meet cybersecurity standards set by the Department of Defense (DoD) for contract awardees. Georgia Institute of Technology (GIT), commonly referred to as Georgia Tech, and its contracting entity, Georgia Tech Research Corporation (GTRC), are being investigated following whistleblower reports from insiders Christopher Craig and Kyle Koza about alleged (PDF) failures to protect controlled unclassified information (CUI). The series of allegations date back to 2019 and continued for years after, although Koza was said to have identified the issues as early as 2018.

Among the allegations is the suggestion that between May 2019 and February 2020, Georgia Tech's Astrolavos Lab -- ironically a group that focuses on cybersecurity issues affecting national security -- failed to develop and implement a cybersecurity plan that complied with DoD standards (NIST 800-171). When the plan was implemented in February 2020, the lawsuit alleges that it wasn't properly scoped -- not all the necessary endpoints were included -- and that for years afterward, Georgia Tech failed to maintain that plan in line with regulations. Additionally, the Astrolavos Lab was accused of failing to implement anti-malware solutions across devices and the lab's network. The lawsuit alleges that the university approved the lab's refusal to deploy the anti-malware software "to satisfy the demands of the professor that headed the lab," the DoJ said. This is claimed to have occurred between May 2019 and December 2021. Refusing to install anti-malware solutions at a contractor like this is not allowed. In fact, it violates federal requirements and Georgia Tech's own policies, but allegedly happened anyway.

The university and the GTRC also, it is claimed, submitted a false cybersecurity assessment score in December 2020 -- a requirement for all DoD contractors to demonstrate they're meeting compliance standards. The two organizations are accused of issuing themselves a score of 98, which was later deemed to be fraudulent based on various factors. To summarize, the issue centers around the claim that the assessment was carried out on a "fictitious" environment, so on that basis the score wasn't given to a system related to the DoD contract, the US alleges. The claims are being made under the False Claims Act (FCA), which is being utilized by the Civil Cyber-Fraud Initiative (CCFI), which was introduced in 2021 to punish entities that knowingly risk the safety of United States IT systems. It's a first-of-its-kind case being pursued as part of the CCFI. All previous cases brought under the CCFI were settled before they reached the litigation stage.

An anonymous reader shares a report: Language models generate text based on statistical probabilities. This led to serious false accusations against a veteran court reporter by Microsoft's Copilot. German journalist Martin Bernklau typed his name and location into Microsoft's Copilot to see how his culture blog articles would be picked up by the chatbot, according to German public broadcaster SWR. The answers shocked Bernklau. Copilot falsely claimed Bernklau had been charged with and convicted of child abuse and exploiting dependents. It also claimed that he had been involved in a dramatic escape from a psychiatric hospital and had exploited grieving women as an unethical mortician.

Copilot even went so far as to claim that it was "unfortunate" that someone with such a criminal past had a family and, according to SWR, provided Bernklau's full address with phone number and route planner. I asked Copilot today who Martin Bernklau from Germany is, and the system answered, based on the SWR report, that "he was involved in a controversy where an AI chat system falsely labeled him as a convicted child molester, an escapee from a psychiatric facility, and a fraudster." Perplexity.ai drafts a similar response based on the SWR article, explicitly naming Microsoft Copilot as the AI system.

New submitter ElimGarak000 shares a report from CyberScoop: The Texas-based voice service provider that sent AI-generated robocalls of President Joe Biden to New Hampshire voters ahead of its Democratic presidential primary has agreed to pay a $1 million fine and implement enhanced verification protocols designed to prevent robocalls and phone number spoofing in a settlement with the Federal Communications Commission. The fine represents half the amount the FCC was originally seeking in an enforcement action proposed against Lingo Telecom in May. Despite that, agency leaders characterized the settlement (PDF) as a successful effort to defend U.S. telecommunications networks and election infrastructure from nascent AI and deepfake technologies. [...]

In addition to the fine, the settlement requires Lingo Telecom to follow regulatory protocols that were put in place in 2020 to ensure telecommunications carriers authenticate caller identities using their networks. The protocols, known as STIR/SHAKEN, require carriers like Lingo to digitally verify and formally attest to the FCC that callers are legitimate and own the phone number they display on Caller ID. In the New Hampshire robocall case, Kramer and Life Corporation spoofed the phone number of Kathy Sullivan, a former state Democratic party official who was running a write-in campaign for Biden.

The FCC cited Lingo's inability to properly implement and enforce STIR/SHAKEN as a key failure in a February cease-and-desist letter, and again in May when the agency proposed a $2 million enforcement action. The company was also named in a civil lawsuit filed by the League of Women Voters and New Hampshire residents, seeking damages over the incident. Per terms of the settlement, Lingo Telecom must hire a senior manager knowledgeable in STIR/SHAKEN protocols and develop a compliance plan, new operating procedures and training programs. They must also report any incidents of non-compliance with STIR/SHAKEN within 15 days of discovery. "Every one of us deserves to know that the voice on the line is exactly who they claim to be," FCC Chairwoman Jessica Rosenworcel said in a statement. "If AI is being used, that should be made clear to any consumer, citizen, and voter who encounters it. The FCC will act when trust in our communications networks is on the line."

An anonymous reader quotes a report from NBC News: The former CEO of a small Kansas bank was sentenced to more than 24 years in prison for looting the bank of $47 million -- which he sent to cryptocurrency wallets controlled by scammers who had duped him in a "pig butchering" scheme that appealed to his greed, federal prosecutors said. The massive embezzlement by ex-CEO Shan Hanes in a series of wire transfers over just eight weeks last year led to the collapse and FDIC takeover of Heartland Tri-State Bank in Elkhart, one of only five U.S. banks that failed in 2023. Hanes, 53, also swindled funds from a local church and investment club -- and a daughter's college savings account -- to transfer money, purportedly to buy cryptocurrency as the scammers insisted they needed more funds to unlock the supposed returns on his investments, according to records from U.S. District Court in Wichita, Kansas. But Hanes never realized any profit and lost all of the money he stole as a result of the scam. Judge John Broomes on Monday sentenced Hanes to 293 months in prison -- 29 months more than what prosecutors requested after he pleaded guilty in May to a single count of embezzlement by a bank officer. [...]

[P]rosecutors and bank regulators said that Hanes, who has three daughters with his school teacher wife, began stealing after being targeted in a pig-butchering scheme in late 2022. That scheme was described in a court filing as "a scammer convincing a victim (a pig) to invest in supposedly legitimate virtual currency investment opportunities and then steals the victim's money -- butchering the pig." Hanes, who had served on the board of the American Bankers Association, and been chairman of the Kansas Bankers Association, in December 2022 began making transactions to buy cryptocurrency, which "appeared to be precipitated by communication with an unidentified co-conspirator on the electronic messaging app 'WhatsApp,'" prosecutors wrote in a court filing. "To date, the true identity of the co-conspirator, or conspirators, remain unknown," the filing notes. Hanes initially used personal funds to buy crypto, but in early 2023 he stole $40,000 from Elkhart Church of Christ and $10,000 from the Santa Fe Investment Club, according to prosecutors and a defense filing. He also used $60,000 taken from a daughter's college fund, and nearly $1 million in stock from the Elkhart Financial Corporation, his lawyer said in a filing.

In May 2023, he began to make wire transfers from Heartland Tri-State Bank to accounts controlled by scammers, at first with a $5,000 transfer. Two weeks later, on May 30, Hanes wired $1.5 million and a day after that, he sent another transfer of the same amount the following day, filings show. Three days later he directed two wire transfers totaling $6.7 million to be sent by the bank to the crypto wallet, and a whopping $10 million less than two weeks later, and another $3.3 million days afterward. Hanes told bank employees to execute the wire transfers, and "made many misrepresentations to various people" to get access to the funds so they could be transferred, prosecutors wrote. Heartland Tri-State employees circumvented the bank's own wire policy and daily limits to approve Hanes' wire transfers, according to a report by the Office of the Inspector General of the Board of Governors of the Federal Reserve System.

An anonymous reader quotes a report from Ars Technica: Chrome users who declined to sync their Google accounts with their browsing data secured a big privacy win this week after previously losing a proposed class action claiming that Google secretly collected personal data without consent from over 100 million Chrome users who opted out of syncing. On Tuesday, the 9th US Circuit Court of Appeals reversed (PDF) the prior court's finding that Google had properly gained consent for the contested data collection. The appeals court said that the US district court had erred in ruling that Google's general privacy policies secured consent for the data collection. The district court failed to consider conflicts with Google's Chrome Privacy Notice (CPN), which said that users' "choice not to sync Chrome with their Google accounts meant that certain personal information would not be collected and used by Google," the appeals court ruled.

Rather than analyzing the CPN, it appears that the US district court completely bought into Google's argument that the CPN didn't apply because the data collection at issue was "browser agnostic" and occurred whether a user was browsing with Chrome or not. But the appeals court -- by a 3-0 vote -- did not. In his opinion, Circuit Judge Milan Smith wrote that the "district court should have reviewed the terms of Google's various disclosures and decided whether a reasonable user reading them would think that he or she was consenting to the data collection." "By focusing on 'browser agnosticism' instead of conducting the reasonable person inquiry, the district court failed to apply the correct standard," Smith wrote. "Viewed in the light most favorable to Plaintiffs, browser agnosticism is irrelevant because nothing in Google's disclosures is tied to what other browsers do."

Smith seemed to suggest that the US district court wasted time holding a "7.5-hour evidentiary hearing which included expert testimony about 'whether the data collection at issue'" was "browser-agnostic." "Rather than trying to determine how a reasonable user would understand Google's various privacy policies," the district court improperly "made the case turn on a technical distinction unfamiliar to most 'reasonable'" users, Smith wrote. Now, the case has been remanded to the district court where Google will face a trial over the alleged failure to get consent for the data collection. If the class action is certified, Google risks owing currently unknown damages to any Chrome users who opted out of syncing between 2016 and 2024. According to Smith, the key focus of the trial will be weighing the CPN terms and determining "what a 'reasonable user' of a service would understand they were consenting to, not what a technical expert would."

An anonymous reader shares a report: U.S. agencies are increasingly accessing parts of a half-billion encrypted chat message haul that has rocked the global organized crime underground, using the chats as part of multiple drug trafficking prosecutions, according to a 404 Media review of U.S. court records. In particular, U.S. authorities are using the chat messages to prosecute alleged maritime drug smugglers who traffic cocaine using speedboats and commercial ships.

The court records show the continued fallout of the massive hack of encrypted phone company Sky in 2021, in which European agencies obtained the intelligence goldmine of messages despite Sky being advertised as end-to-end encrypted. European authorities have used those messages as the basis for many prosecutions and drug seizures across the continent. Now, it's clear that the blast radius extends to the United States.

U.S. District Judge Ada Brown in Dallas blocked the FTC's rule banning noncompete agreements, arguing the FTC lacks authority to implement such broad regulations and did not adequately justify the sweeping prohibition. Reuters reports: Brown had temporarily blocked the rule in July while she considered a bid by the U.S. Chamber of Commerce, the country's largest business lobby, and tax service firm Ryan to strike it down entirely. The rule was set to take effect Sept. 4. Brown in her ruling said that even if the FTC had the power to adopt the rule, the agency had not justified banning virtually all noncompete agreements. "The Commission's lack of evidence as to why they chose to impose such a sweeping prohibition ... instead of targeting specific, harmful non-competes, renders the Rule arbitrary and capricious," wrote Brown, an appointee of Republican former President Donald Trump.

FTC spokesperson Victoria Graham said the agency was disappointed with the ruling and is "seriously considering a potential appeal." "Today's decision does not prevent the FTC from addressing noncompetes through case-by-base enforcement actions," Graham said in a statement. The Democratic-controlled FTC approved the ban on noncompete agreements in a 3-2 vote in May. The commission and supporters of the rule say the agreements are an unfair restraint on competition that violate U.S. antitrust law and suppress workers' wages and mobility.

An anonymous reader shares a report: Disney has now agreed that a wrongful death lawsuit should be decided in court following backlash for initially arguing the case belonged in arbitration because the grieving widower had once signed up for a Disney Plus trial. "With such unique circumstances as the ones in this case, we believe this situation warrants a sensitive approach to expedite a resolution for the family who have experienced such a painful loss," chairman of Disney experiences Josh D'Amaro said in a statement to The Verge. "As such, we've decided to waive our right to arbitration and have the matter proceed in court."

The lawsuit was filed in February by Jeffrey Piccolo, the husband of a 42-year-old woman who died last year due to an allergic reaction that occurred after eating at a restaurant in the Disney Springs shopping complex in Orlando. The case gained widespread media attention after Piccolo's legal team challenged Disney's motion to dismiss the case, arguing that a forced arbitration agreement Piccolo signed was effectively invisible.