A federal district court has ruled that backdoor searches of Americans' private communications collected under Section 702 of FISA are unconstitutional without a warrant. "The landmark ruling comes in a criminal case, United States v. Hasbajrami, after more than a decade of litigation, and over four years since the Second Circuit Court of Appeals found that backdoor searches constitute 'separate Fourth Amendment events' and directed the district court to determine a warrant was required," reports the Electronic Frontier Foundation (EFF). "Now, that has been officially decreed." Longtime Slashdot reader schwit1 shares the report: Hasbajrami involves a U.S. resident who was arrested at New York JFK airport in 2011 on his way to Pakistan and charged with providing material support to terrorists. Only after his original conviction did the government explain that its case was premised in part on emails between Mr. Hasbajrami and an unnamed foreigner associated with terrorist groups, emails collected warrantless using Section 702 programs, placed in a database, then searched, again without a warrant, using terms related to Mr. Hasbajrami himself.

The district court found that regardless of whether the government can lawfully warrantlessly collect communications between foreigners and Americans using Section 702, it cannot ordinarily rely on a "foreign intelligence exception" to the Fourth Amendment's warrant clause when searching these communications, as is the FBI's routine practice. And, even if such an exception did apply, the court found that the intrusion on privacy caused by reading our most sensitive communications rendered these searches "unreasonable" under the meaning of the Fourth Amendment. In 2021 alone, the FBI conducted 3.4 million warrantless searches of US person's 702 data.

LinkedIn has been sued by Premium customers alleging the platform disclosed private messages to third parties without consent to train generative AI models. The lawsuit seeks damages for breach of contract and privacy violations, accusing LinkedIn of attempting to minimize scrutiny over its actions. Reuters reports: According to a proposed class action filed on Tuesday night on behalf of millions of LinkedIn Premium customers, LinkedIn quietly introduced a privacy setting last August that let users enable or disable the sharing of their personal data. Customers said LinkedIn then discreetly updated its privacy policy on Sept. 18 to say data could be used to train AI models, and in a "frequently asked questions" hyperlink said opting out "does not affect training that has already taken place."

This attempt to "cover its tracks" suggests LinkedIn was fully aware it violated customers' privacy and its promise to use personal data only to support and improve its platform, in order to minimize public scrutiny and legal fallout, the complaint said. The lawsuit was filed in the San Jose, California, federal court on behalf of LinkedIn Premium customers who sent or received InMail messages, and whose private information was disclosed to third parties for AI training before Sept. 18. It seeks unspecified damages for breach of contract and violations of California's unfair competition law, and $1,000 per person for violations of the federal Stored Communications Act. LinkedIn said in a statement: "These are false claims with no merit."

An anonymous reader quotes a report from TorrentFreak: Meta is among a long list of companies being sued for allegedly using pirated material to train its AI models. Meta has never denied using copyrighted works but stressed that it would rely on a fair use defense. However, with rightsholders in one case asking for torrent client data and 'seeding lists' for millions of books allegedly shared in public, the case now takes a geeky turn. [...] A few weeks ago, the plaintiffs asked for permission to submit a third amended complaint (PDF). After uncovering Meta's use of BitTorrent to source copyright-infringing training data from pirate shadow library, LibGen, the request was justified, they argued. Specifically, the authors say that Meta willingly used BitTorrent to download pirated books from LibGen, knowing that was legally problematic. As a result, Meta allegedly shared copies of these books with other people, as is common with the use of BitTorrent.

"By downloading through the bit torrent protocol, Meta knew it was facilitating further copyright infringement by acting as a distribution point for other users of pirated books," the amended complaint notes. "Put another way, by opting to use a bit torrent system to download LibGen's voluminous collection of pirated books, Meta 'seeded' pirated books to other users worldwide." Meta believed that the allegations weren't sufficiently new to warrant an update to the complaint. The company argued that it was already a well-known fact that it used books from these third-party sources, including LibGen. However, the authors maintained that the 'torrent' angle is novel and important enough to warrant an update. Last week, United States District Judge Vince Chhabria agreed, allowing the introduction of these new allegations. In addition to greenlighting the amended complaint, the Judge also allowed the authors to conduct further testimony on the "seeding" angle. "[E]vidence about seeding is relevant to the existing claim because it is potentially relevant to the plaintiffs' assertion of willful infringement or to Meta's fair use defense," Judge Chhabria wrote last week.

With the court recognizing the relevance of Meta's torrenting activity, the plaintiffs requested reconsideration of an earlier order, where discovery on BitTorrent-related matters was denied. Through a filing submitted last Wednesday, the plaintiffs hope to compel Meta to produce its BitTorrent logs and settings, including peer lists and seeding data. "The Order denied Plaintiffs' motion to compel production of torrenting data, including Meta's BitTorrent client, application logs, and peer lists. This data will evidence how much content Meta torrented from shadow libraries and how much it seeded to third parties as a host of this stolen IP," they write. While archiving lists of seeders is not a typical feature for a torrent client, the authors are requesting Meta to disclose any relevant data. In addition, they also want the court to reconsider its ruling regarding the crime-fraud exception. That's important, they suggest, as Meta's legal counsel was allegedly involved in matters related to torrenting. "Meta, with the involvement of in-house counsel, decided to obtain copyrighted works without permission from online databases of copyrighted works that 'we know to be pirated, such as LibGen," they write. The authors allege that this involved "seeding" files and that Meta attempted to "conceal its actions" by limiting the amount of data shared with the public. One Meta employee also asked for guidance, as "torrenting from a corporate laptop doesn't feel right."

CNN reports: TikTok appears to be coming back online just hours after President-elect Donald Trump pledged Sunday that he would sign an executive order Monday that aims to restore the banned app. Around 12 hours after first shutting itself down, U.S. users began to have access to TikTok on a web browser and in the app, although the page still showed a warning about the shutdown.
The brief outage was "the first time in history the U.S. government has outlawed a widely popular social media network," reports NPR. Apple and Google removed TikTok from their app stores. (And Apple also removed Lemon8).

The incoming president announced his pending executive order "in a post on his Truth Social account," reports the Associated Press, "as millions of TikTok users in the U.S. awoke to discover they could no longer access the TikTok app or platform."

But two Republican Senators said Sunday that the incoming president doesn't have the power to pause the TikTok ban. Tom Cotton of Arkansas and Peter Ricketts of Nebraska posted on X.com that "Now that the law has taken effect, there's no legal basis for any kind of 'extension' of its effective date. For TikTok to come back online in the future, ByteDance must agree to a sale... severing all ties between TikTok and Communist China. Only then will Americans be protected from the grave threat posted to their privacy and security by a communist-controlled TikTok."

The Associated Press reports that the incoming president offered this rationale for the reprieve in his Truth Social post. "Americans deserve to see our exciting Inauguration on Monday, as well as other events and conversations." The law gives the sitting president authority to grant a 90-day extension if a viable sale is underway. Although investors made a few offers, ByteDance previously said it would not sell. In his post on Sunday, Trump said he "would like the United States to have a 50% ownership position in a joint venture," but it was not immediately clear if he was referring to the government or an American company...

"A law banning TikTok has been enacted in the U.S.," a pop-up message informed users who opened the TikTok app and tried to scroll through videos on Saturday night. "Unfortunately that means you can't use TikTok for now." The service interruption TikTok instituted hours earlier caught most users by surprise. Experts had said the law as written did not require TikTok to take down its platform, only for app stores to remove it. Current users had been expected to continue to have access to videos until the app stopped working due to a lack of updates... "We are fortunate that President Trump has indicated that he will work with us on a solution to reinstate TikTok once he takes office. Please stay tuned," read the pop-up message...

Apple said the apps would remain on the devices of people who already had them installed, but in-app purchases and new subscriptions no longer were possible and that operating updates to iPhones and iPads might affect the apps' performance.

In the nine months since Congress passed the sale-or-ban law, no clear buyers emerged, and ByteDance publicly insisted it would not sell TikTok. But Trump said he hoped his administration could facilitate a deal to "save" the app. TikTok CEO Shou Chew is expected to attend Trump's inauguration with a prime seating location. Chew posted a video late Saturday thanking Trump for his commitment to work with the company to keep the app available in the U.S. and taking a "strong stand for the First Amendment and against arbitrary censorship...."

On Saturday, artificial intelligence startup Perplexity AI submitted a proposal to ByteDance to create a new entity that merges Perplexity with TikTok's U.S. business, according to a person familiar with the matter...
The article adds that TikTok "does not operate in China, where ByteDance instead offers Douyin, the Chinese sibling of TikTok that follows Beijing's strict censorship rules."

Sunday morning Republican House speaker Mike Johnson offered his understanding of Trump's planned executive order, according to Politico. Speaking on Meet the Press, Johnson said "the way we read that is that he's going to try to force along a true divestiture, changing of hands, the ownership.

"It's not the platform that members of Congress are concerned about. It's the Chinese Communist Party and their manipulation of the algorithms."

Thanks to long-time Slashdot reader ArchieBunker for sharing the news.

"The FDIC sued 17 former executives and directors of Silicon Valley Bank on Thursday, seeking to recover billions of dollars for alleged gross negligence and breaches of fiduciary duty," reports Reuters. The move comes almost two years after Silicon Valley Bank's March 2023 collapse, which shocked financial markets and ended up benefiting big players like JPMorgan Chase. From the report: In a complaint filed in San Francisco federal court, the FDIC, in its capacity the bank's receiver, said the defendants ignored fundamental standards of prudent banking and the bank's own risk policies in letting the bank take on excessive risks to boost short-term profit and its stock price. The FDIC faulted the bank's overreliance on unhedged, interest rate-sensitive long-term government bonds such as US Treasuries and mortgage-backed securities, as rates looked set to -- and eventually did -- rise. It also objected to the payment of a "grossly imprudent" $294 million dividend to its parent that drained needed capital "at a time of financial distress and management weakness" in December 2022, less than three months before its demise.

"SVB represents a case of egregious mismanagement of interest-rate and liquidity risks by the bank's former officers and directors," the complaint said. The defendants include former Chief Executive Gregory Becker, former Chief Financial Officer Daniel Beck, four other former executives and 11 former directors.

Longtime Slashdot reader tlhIngan writes: In what is perhaps the greatest irony ever, the operators of RedNote (known as Xiaohongshu) have decided to "wall off" US TikTok refugees fleeing to its service as the TikTok ban looms. The reason? The Chinese Communist Party (CCP) wants to prevent American influence from spreading to Chinese citizens. The ban is expected to be in place next week, while many believe that the influx of Americans to be temporary and just a reaction to the TikTok ban to move to another Chinese app. Many Chinese users are not happy with the influx as having "ruined" their ability to connect with "Chinese culture, Chinese values and Chinese news."

An anonymous reader shares a report: The Supreme Court on Friday unanimously upheld the federal law banning TikTok beginning Sunday unless it's sold by its China-based parent company, holding that the risk to national security posed by its ties to China overcomes concerns about limiting speech by the app or its 170 million users in the United States.

A sale does not appear imminent and, although experts have said the app will not disappear from existing users' phones once the law takes effect on Jan. 19, new users won't be able to download it and updates won't be available. That will eventually render the app unworkable, the Justice Department has said in court filings.

Ars Technica's Jon Brodkin reports: AT&T has stopped offering its 5G home Internet service in New York instead of complying with a new state law that requires ISPs to offer $15 or $20 plans to people with low incomes. New York started enforcing its Affordable Broadband Act yesterday after a legal battle of nearly four years. [...] The law requires ISPs with over 20,000 customers in New York to offer $15 broadband plans with download speeds of at least 25Mbps, or $20-per-month service with 200Mbps speeds. The plans only have to be offered to households that meet income eligibility requirements, such as qualifying for the National School Lunch Program, Supplemental Nutrition Assistance Program, or Medicaid. [...]

Ending home Internet service in New York is relatively simple for AT&T because it is outside the 21-state wireline territory in which the telco offers fiber and DSL home Internet service. "AT&T Internet Air is currently available only in select areas and where AT&T Fiber is not available. New York is outside of our wireline service footprint, so we do not have other home Internet options available in the state," the company said. AT&T will continue offering its 4G and 5G mobile service in New York, as the state law only affects home Internet service. People with smartphones or other mobile devices connected to the AT&T wireless network should thus see no change.

Existing New York-based users of AT&T Internet Air can only keep it for 45 days and won't be charged during that time, AT&T said. "During this transition, customers will be able to keep their existing AT&T Internet Air service for up to 45 days, at no charge, as they find other options for broadband. We will work closely with our customers throughout this transition," AT&T said. Residential users will be sent "a recovery kit with instructions on how to return their AIA equipment, while business customers can keep any device they purchased at no charge," AT&T said.

An anonymous reader quotes a report from Reuters: Toyota Motor unit Hino Motors has agreed a $1.6 billion settlement with U.S. agencies and will plead guilty over excess diesel engine emissions in more than 105,000 U.S. vehicles, the company and U.S. government said on Wednesday. The Japanese truck and engine manufacturer was charged with fraud in U.S. District Court in Detroit for unlawfully selling 105,000 heavy-duty diesel engines in the United States from 2010 through 2022 that did not meet emissions standards. The settlement, which still must be approved by a U.S. judge, includes a criminal penalty of $521.76 million, $442.5 million in civil penalties to U.S. authorities and $236.5 million to California.

A company-commissioned panel said in a report in 2022 Hino had falsified emissions data on some engines going back to at least 2003. Hino agreed to plead guilty to engaging in a multi-year criminal conspiracy and serve a five-year term of probation, during which it will be barred from importing any diesel engines it has manufactured into the U.S., and carry out a comprehensive compliance and ethics program, the Justice Department and Environmental Protection Agency said. [...] The settlement includes a mitigation program, valued at $155 million, to offset excess air emissions from the violations by replacing marine and locomotive engines, and a recall program, valued at $144.2 million, to fix engines in 2017-2019 heavy-duty trucks

The EPA said Hino admitted that between 2010 and 2019, it submitted false applications for engine certification approvals and altered emission test data, conducted tests improperly and fabricated data without conducting any underlying tests. Hino President Satoshi Ogiso said the company had improved its internal culture, oversight and compliance practices. "This resolution is a significant milestone toward resolving legacy issues that we have worked hard to ensure are no longer a part of Hino's operations or culture," he said in a statement. Toyota's Hino Motors isn't the only automaker to admit to selling vehicles with excess diesel emissions. Volkswagen had to pay billions in fines after it admitted in 2015 to cheating emissions tests by installing "defeat devices" and sophisticated software in nearly 11 million vehicles worldwide. Daimler (Mercedes-Benz), BMW, Opel/Vauxhall (General Motors), and Fiat Chrysler have been implicated in similar practices.

A pastor in Pasco, Washington, has been indicted on 26 counts of fraud for orchestrating a cryptocurrency scam that defrauded over 1,500 investors of nearly $5.9 million between 2021 and 2023. Many of the investors were members of his congregation. BleepingComputer reports: The US Department of Justice says the pastor, Francier Obando Pinillo, 51, used his position to recruit investors into a fraudulent cryptocurrency venture called "Solano Fi," which he told them "came to him in a dream" and was a guaranteed investment. "Pinillo used his position as pastor to induce members of his congregation and others to invest their money in a cryptocurrency investment business known as Solano Fi," reads the US Department of Justice announcement. "Pinillo claimed the idea for Solano Fi had come to him in a dream and that it was a safe and guaranteed investment."

The pastor also set up a Facebook page for Solano Fi to attract more investors outside his direct sphere of influence, as well as a Telegram group named 'Multimillionarios SolanoFi,' which had 1,500 members. The indictment alleged that Pinillo promised investors they would receive guaranteed monthly investment returns of 34.9% at no risk whatsoever. The indictment further claims he directed the victims to make cryptocurrency transfers to wallets under his control, and instead of investing the funds, he diverted them for personal use. Investors were provided access to a Solano Fi web app where they could manage their funds; however, the app showed fake balances and investment returns. Those convinced by the fraud were encouraged to recruit more investors for additional returns, expanding the victims' circle. As in similar scams, when the victims attempted to withdraw money from the Solano Fi app, the transaction failed.

Executives and researchers leading Meta's AI efforts obsessed over beating OpenAI's GPT-4 model while developing Llama 3, according to internal messages unsealed by a court in one of the company's ongoing AI copyright cases, Kadrey v. Meta. From a report: "Honestly... Our goal needs to be GPT-4," said Meta's VP of Generative AI, Ahmad Al-Dahle, in an October 2023 message to Meta researcher Hugo Touvron. "We have 64k GPUs coming! We need to learn how to build frontier and win this race."

Though Meta releases open AI models, the company's AI leaders were far more focused on beating competitors that don't typically release their model's weights, like Anthropic and OpenAI, and instead gate them behind an API. Meta's execs and researchers held up Anthropic's Claude and OpenAI's GPT-4 as a gold standard to work toward. The French AI startup Mistral, one of the biggest open competitors to Meta, was mentioned several times in the internal messages, but the tone was dismissive. "Mistral is peanuts for us," Al-Dahle said in a message. "We should be able to do better," he said later.

The Australian Open has introduced a project called AO Animated -- "near-live, commentated coverage of the Australian Open, free to anyone across the world via YouTube, enhanced via a stream of comments from a like-minded online community," reports The Guardian. Blending real-world data with virtual avatars, the animated coverage has garnered significant viewer interest, especially among gamers and tech enthusiasts. From the report: [I]t's no surprise a project called AO Animated has taken off at this year's grand slam tournament at Melbourne Park. The catch? The players, ball and court are all computer-generated. That hasn't dissuaded hundreds of thousands of viewers from tuning into this vision of the Australian Open, featuring video game-like avatars but using real-world data in an emerging category of sports broadcasting helping tennis reach new fans.

The loophole allows the Australian Open to show a version of live events at the tournament on its own channels, despite having sold lucrative exclusive broadcast rights to partners across the globe. The technology made its debut at the grand slam last year and audiences peaked for the men's final, the recording of which has attracted almost 800,000 views on YouTube. Interest appears to be trending up this year and the matches are attracting roughly four times as many viewers than the equivalent time in 2024.

The director of innovation at Tennis Australia, Machar Reid, said although the technology was far from polished it was developing quickly. "Limb tracking is complex, you've got 12 cameras trying to process the silhouette of the human in real time, and stitch that together across 29 points in the skeleton," he said. "It's not as seamless as it could be -- we don't have fingers -- but in time you can begin to imagine a world where that comes." The data from sensors on the court is ingested and fed into a system that can produce the graphic reproduction with a two-minute delay. The same commentary and arena noises that would otherwise be heard on the television -- as well as interstitial vision direct from the broadcast -- are synced with the virtual representation of the match.

Pixelfed has launched its mobile app for iOS and Android, solidifying its position as a viable alternative to Instagram. The move also comes at a pivotal moment, as a potential Supreme Court ban on TikTok could drive users to explore other social media platforms. Pixelfed is ad-free, open source, decentralized, defaults to chronological feeds and doesn't share user data with third parties. Engadget reports: The platform launched in 2018, but was only available on the web or through third-party app clients. The Android app debuted on January 9 and the iOS app released today. Creator Daniel Supernault posted on Mastodon Monday evening that the platform had 11,000 users join over the preceding 24 hours and that more than 78,000 posts have been shared to Pixelfed to date. The platform runs on ActivityPub, the same protocol that powers several other decentralized social networks in the fediverse, such as Mastodon and Flipboard. The iOS and Android apps are available at their respective links.

Further reading: Meta Is Blocking Links to Decentralized Instagram Competitor Pixelfed

An anonymous reader quotes a report from Gizmodo: Texas has sued (PDF) one of the nation's largest car insurance providers alleging that it violated the state's privacy laws by surreptitiously collecting detailed location data on millions of drivers and using that information to justify raising insurance premiums. The state's attorney general, Ken Paxton, said the lawsuit against Allstate and its subsidiary Arity is the first enforcement action ever filed by a state attorney general to enforce a data privacy law. It also follows a deceptive business practice lawsuit he filed against General Motors accusing the car manufacturer of misleading customers by collecting and selling driver data.

In 2015, Allstate developed the Arity Driving Engine software development kit (SDK), a package of code that the company allegedly paid mobile app developers to install in their products in order to collect a variety of sensitive data from consumers' phones. The SDK gathered phone geolocation data, accelerometer, and gyroscopic data, details about where phone owners started and ended their trips, and information about "driving behavior," such as whether phone owners appeared to be speeding or driving while distracted, according to the lawsuit. The apps that installed the SDK included GasBuddy, Fuel Rewards, and Life360, a popular family monitoring app, according to the lawsuit.

Paxton's complaint said that Allstate and Arity used the data collected by its SDK to develop and sell products to other insurers like Drivesight, an algorithmic model that assigned a driving risk score to individuals, and ArityIQ, which allowed other insurers to "[a]ccess actual driving behavior collected from mobile phones and connected vehicles to use at time of quote to more precisely price nearly any driver." Allstate and Arity marketed the products as providing "driver behavior" data but because the information was collected via mobile phones the companies had no way of determining whether the owner was actually driving, according to the lawsuit. "For example, if a person was a passenger in a bus, a taxi, or in a friend's car, and that vehicle's driver sped, hard braked, or made a sharp turn, Defendants would conclude that the passenger, not the actual driver, engaged in 'bad' driving behavior," the suit states. Neither Allstate and Arity nor the app developers properly informed customers in their privacy policies about what data the SDK was collecting or how it would be used, according to the lawsuit. The lawsuit violates Texas' Data Privacy and Security Act (DPSA) and insurance code by failing to address violations within the required 30-day cure period. "In its complaint, filed in federal court, Texas requested that Allstate be ordered to pay a penalty of $7,500 per violation of the state's data privacy law and $10,000 per violation of the state's insurance code, which would likely amount to millions of dollars given the number of consumers allegedly affected," adds the report.

"The lawsuit also asks the court to make Allstate delete all the data it obtained through actions that allegedly violated the privacy law and to make full restitution to customers harmed by the companies' actions."

An anonymous reader quotes a report from CBS News: The Supreme Court on Monday said it will not consider whether to quash lawsuits brought by Honolulu seeking billions of dollars from oil and gas companies for the damage caused by the effects of climate change, clearing the way for the cases to move forward. The legal battle pursued in Hawaii state court is similar to others filed against the nation's largest energy companies by state and local governments in their courts. The suits claim that the oil and gas industry engaged in a deceptive campaign and misled the public about the dangers of their fossil fuel products and the environmental impacts.

A group of 15 energy companies asked the Supreme Court to review a decision from the Hawaii Supreme Court that allowed a lawsuit brought by the city and county of Honolulu, as well as its Board of Water Supply, to proceed. The suit was brought in Hawaii state court in March 2020, and Honolulu raised (PDF) several claims under state law, including creating a public nuisance and failure to warn the public of the risks posed by their fossil fuel products. The city accused the oil and gas industry of contributing to global climate change, leading to flooding, erosion and more frequent and intense extreme weather events. These changes, they said, have led to property damage and a drop in tax revenue as a result of less tourism.

The energy companies unsuccessfully sought to have the case moved to federal court, arguing that the claims raised by Honolulu under state law were overridden by federal law and the Clean Air Act. A state trial court denied their efforts to dismiss the case. The oil and gas industry has argued that greenhouse-gas emissions "flow from billions of daily choices, over more than a century, by governments, companies and individuals about what types of fuels to use, and how to use them." Honolulu, the companies said, was seeking damages for the "cumulative effect of worldwide emissions leading to global climate change." The Hawaii Supreme Court ultimately allowed (PDF) the lawsuit to proceed. The state's highest court determined that the Clean Air Act displaced federal common law governing suits seeking damages for interstate pollution. It also rejected the oil companies' argument that Honolulu was seeking to regulate emissions through its lawsuit, finding that the city instead wanted to challenge the promotion and sale of fossil fuel products "without warning and abetted by a sophisticated disinformation campaign."

"Plaintiffs' state tort law claims do not seek to regulate emissions, and there is thus no 'actual conflict' between Hawaii tort law and the [Clean Air Act]," the Hawaii Supreme Court ruled. "These claims potentially regulate marketing conduct while the CAA regulates pollution." The oil companies asked the U.S. Supreme Court to review the ruling from the Hawaii high court and urged it to stop Honolulu's lawsuit from going forward. Regulation of interstate pollution is a federal area governed by federal law, lawyers for the energy industry argued. [...] The Supreme Court in June asked the Biden administration to weigh in on the cases and whether it should step into the dispute. In a filing submitted to the Supreme Court before the transfer of presidential power, the Biden administration urged the justices to turn away the appeals, in part because it said it is too soon for them to intervene.

Ars Technica's Jon Brodkin reports: The New York law requiring Internet providers to offer cheap plans to people with low incomes will take effect on Wednesday this week following a multi-year court battle in which the state defeated broadband industry lobby groups. A US appeals court upheld the law in April 2024, reversing the ruling of a district judge who blocked it in 2021. The Supreme Court last month decided not to hear the broadband industry's challenge, leaving the appeals court ruling in place. The state law requires Internet providers to offer $15- or $20-per-month service to people with low incomes.

As we've written, the battle between New York and ISPs was an important test case for how states can regulate broadband providers when the Federal Communications Commission isn't doing so. The Biden-era FCC's attempt to reinstate net neutrality rules and regulate broadband providers as common carriers was blocked in court, but ISPs lost the fight against the New York affordability law and an earlier fight against California's net neutrality law.

New York-based ISPs can comply by offering $15 broadband plans with download speeds of at least 25Mbps, or $20-per-month service with 200Mbps speeds. The price must include "any recurring taxes and fees such as recurring rental fees for service provider equipment required to obtain broadband service and usage fees." Price increases are to be capped at 2 percent per year, and state officials will periodically review whether minimum required speeds should be raised. New York Public Service Commission Chair Rory Christian last week issued an order stating that the law will take effect on January 15. "On December 16, 2024, the United States Supreme Court denied the Plaintiff's request for further review," the order said. "As part of the litigation, the [New York attorney general] agreed not to enforce the ABA [Affordable Broadband Act] until 30 days after the date when the US Supreme Court decided the writ of Certiorari. Thus, the ABA will once again take effect and may be enforced in New York on January 15, 2025." The order said it plans to implement the law quickly because of "developments at the federal level impacting the affordability of broadband service."

ISPs can receive one-month exemptions by filing paperwork by Wednesday confirming they meet the subscriber threshold, notes Ars. To secure longer-term exemptions, ISPs must submit detailed financial information by February 15.

"Oracle has informed us they won't voluntarily withdraw their trademark on 'JavaScript'." That's the word coming from the company behind Deno, the alternative JavaScript/TypeScript/WebAssembly runtime, which is pursuing a formal cancellation with the U.S. Patent and Trademark Office.

So what happens next? Oracle "will file their Answer, and we'll start discovery to show how 'JavaScript' is widely recognized as a generic term and not controlled by Oracle." Deno's social media posts show a schedule of various court dates that extend through July of 2026, so "The dispute between Oracle and Deno Land could go on for quite a while," reports InfoWorld: Deno Land co-founder Ryan Dahl, creator of both the Deno and Node.js runtimes, said a formal answer from Oracle is expected before February 3, unless Oracle extends the deadline again. "After that, we will begin the process of discovery, which is where the real legal work begins. It will be interesting to see how Oracle argues against our claims — genericide, fraud on the USPTO, and non-use of the mark."

The legal process begins with a discovery conference by March 5, with discovery closing by September 1, followed by pretrial disclosure from October 16 to December 15. An optional request for an oral hearing is due by July 8, 2026.
Oracle took ownership of JavaScript's trademark in 2009 when it purchased Sun Microsystems, InfoWorld notes.

But "Oracle does not control (and has never controlled) any aspect of the specification or how the phrase 'JavaScript' can be used by others," argues an official petition filed by Deno Land Inc. with the United States Patent and Trademark Office: Today, millions of companies, universities, academics, and programmers, including Petitioner, use "JavaScript" daily without any involvement with Oracle. The phrase "JavaScript" does not belong to one corporation. It belongs to the public. JavaScript is the generic name for one of the bedrock languages of modern programming, and, therefore, the Registered Mark must be canceled.

An open letter to Oracle discussing the genericness of the phrase "JavaScript," published at https://javascript.tm/, was signed by 14,000+ individuals at the time of this Petition to Cancel, including notable figures such as Brendan Eich, the creator of JavaScript, and the current editors of the JavaScript specification, Michael Ficarra and Shu-yu Guo. There is broad industry and public consensus that the term "JavaScript" is generic.
The seven-page petition goes into great detail, reports InfoWorld. "Deno Land also accused Oracle of committing fraud in its trademark renewal efforts in 2019 by submitting screen captures of the website of JavaScript runtime Node.js, even though Node.js was not affiliated with Oracle."

As an ecological disaster devastated two coastal California cities, more than 7,500 firefighters pushed back against the wildfires. 900 of them are inmates, reports NPR. That's about 12%: California is one of more than a dozen states that operates conservation camps, commonly known as fire camps, for incarcerated people to train to fight fires and respond to other disasters... There are now 35 such camps in California, all of which are minimum-security facilities... When they are not fighting fires, they also respond to floods and other disasters and emergencies. Otherwise, the crews do community service work in areas close to their camp, according to the state corrections department...

A 2018 Time investigation found that incarcerated firefighters are at a higher risk for serious injuries. They also are more than four times as likely to get cuts, bruises or broken bones compared to professional firefighters working the same fires, the report found. They were also more than eight times as likely to face injuries after inhaling smoke, ash and other debris compared with other firefighters, the report said.
"Two of the camps are for incarcerated women," reports the BBC. One of them — since released — remembers that "It felt like you were doing something that mattered instead of rotting away in a cell," according to the nonprofit new site CalMatters. They can also earn credits that help reduce their prison sentences, the BBC learned from the California Department of Corrections and Rehabilitation.

Friday one local California news report shared the perspective of formerly incarcerated Californian, Matthew Hahn (from a 2021 Washington Post column). "Yes, the decision to take part is largely made under duress, given the alternative. Yes, incarcerated firefighters are paid pennies for an invaluable task. And yes, it is difficult though not impossible for participants to become firefighters after leaving prison," Hahn said. "Despite this, fire camps remain the most humane places to do time in the California prison system."
From that 2021 Washington Post column: California prisons have, on average, three times the murder rate of the country overall and twice the rate of all American prisons. These figures don't take into account the sheer number of physical assaults that occur behind prison walls. Prison feels like a dangerous place because it is. Whether it's individual assaults or large-scale riots, the potential for violence is ever-present. Fire camp represents a reprieve from that risk. Sure, people can die in fire camp as well — at least three convict-firefighters have died working to contain fires in California since 2017 — but the threat doesn't weigh on the mind like the prospect of being murdered by a fellow prisoner. I will never forget the relief I felt the day I set foot in a fire camp in Los Angeles County, like an enormous burden had been lifted...

[When his 12-man crew was called to fight the Jesusita Fire], the fire had ignited one home's deck and was slowly burning its way to the structure. We cut the deck off the house, saving the home. I often fantasize about the owners returning to see it still standing, unaware and probably unconcerned that an incarcerated fire crew had saved it. There was satisfaction in knowing that our work was as valuable as that of any other firefighter working the blaze and that the gratitude expressed toward first responders included us.

There are other reasons for prisoners to choose fire camp if given the opportunity. They are often located in secluded natural settings, giving inmates the chance to live in an environment that doesn't remotely resemble a prison. There are no walls, and sometimes there aren't even fences. Gun towers are conspicuously absent, and the guards aren't even armed.... [C]onsider the guy pushing a broom in his cell block making the equivalent of one Top Ramen noodle packet per day, just so he can have the privilege of making a collect call to his mother. Or think of the man scrubbing the streaks out of the guards' toilets, making seven cents an hour, half of which goes to pay court fees and restitution, just so he can have those couple of hours outside his cage for the day...

So, while we may have faced the heat of a wildfire for a few bucks a day, and we may have saved a few homes and been happy doing so, understand that we were rational actors. We wanted to be there, where some of our dignity was returned to us.

An anonymous reader shared this report from the New York Times: Russia fined TikTok for not removing prohibited content. The results of a presidential election in Romania were thrown out over concerns the app had been used to spread foreign influence. Albania banned TikTok for a year following the stabbing death of a teenager by another one after the two quarreled online... That was all in just the last month...

TikTok has confronted legal and political scrutiny around the world in recent years, facing outright or partial bans in at least 20 countries, as governments have grown alarmed by its ties to China and its wide influence, especially among young people... [A]s TikTok's algorithm captured attention spans around the world, it alarmed lawmakers, who say TikTok has quickly turned from a domain of cat videos and dance trends into a potentially disruptive social, political and economic force. Officials from Montana to New Zealand have warned that TikTok could be used to incite violence, spread false information and worsen mental health. Lawmakers also worry TikTok could share user data like location and browsing history with the Chinese government. Young people need to be protected from "the frightening pitfalls of the algorithm," [Albania prime minister Edi] Rama said.
TikTok lost its largest audience (India) "after India's simmering geopolitical conflict with China boiled over into hand-to-hand combat along their shared border" — resulting in a total ban in the world's single most-populous country. And the article notes TikTok is also blocked on government devices in Taiwan, Britain, Australia, France, and Canada, "as well as the executive arm of the European Union and New Zealand's Parliament..."

But "Despite the mounting scrutiny, TikTok remains incredibly popular worldwide. More than a billion people use the app every month."

"Microsoft's Digital Crimes Unit is taking legal action to ensure the safety and integrity of our AI services," according to a Friday blog post by the unit's assistant general counsel. Microsoft blames "a foreign-based threat-actor group" for "tools specifically designed to bypass the safety guardrails of generative AI services, including Microsoft's, to create offensive and harmful content.

Microsoft "is accusing three individuals of running a 'hacking-as-a-service' scheme," reports Ars Technica, "that was designed to allow the creation of harmful and illicit content using the company's platform for AI-generated content" after bypassing Microsoft's AI guardrails: They then compromised the legitimate accounts of paying customers. They combined those two things to create a fee-based platform people could use. Microsoft is also suing seven individuals it says were customers of the service. All 10 defendants were named John Doe because Microsoft doesn't know their identity.... The three people who ran the service allegedly compromised the accounts of legitimate Microsoft customers and sold access to the accounts through a now-shuttered site... The service, which ran from last July to September when Microsoft took action to shut it down, included "detailed instructions on how to use these custom tools to generate harmful and illicit content."

The service contained a proxy server that relayed traffic between its customers and the servers providing Microsoft's AI services, the suit alleged. Among other things, the proxy service used undocumented Microsoft network application programming interfaces (APIs) to communicate with the company's Azure computers. The resulting requests were designed to mimic legitimate Azure OpenAPI Service API requests and used compromised API keys to authenticate them. Microsoft didn't say how the legitimate customer accounts were compromised but said hackers have been known to create tools to search code repositories for API keys developers inadvertently included in the apps they create. Microsoft and others have long counseled developers to remove credentials and other sensitive data from code they publish, but the practice is regularly ignored. The company also raised the possibility that the credentials were stolen by people who gained unauthorized access to the networks where they were stored...

The lawsuit alleges the defendants' service violated the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, the Lanham Act, and the Racketeer Influenced and Corrupt Organizations Act and constitutes wire fraud, access device fraud, common law trespass, and tortious interference.