The National Labor Relations Board (NLRB) has filed charges against Amazon, alleging that the e-commerce giant has illegally refused to bargain with a union representing drivers who are frustrated by what they claim are low wages and dangerous working conditions.
Back in August, drivers celebrated what they considered a major win when the NLRB found that Amazon was a joint employer of sub-contracted drivers, cheering “We are Amazon workers!” At that time, Amazon seemed to be downplaying the designation, telling Ars that the union was trying to “misrepresent” a merit determination that the NLRB confirmed was only “the first step in the NLRB’s General Counsel litigating the allegations after investigating an unfair labor practice charge.”
Amazon has found itself in increasingly hot water ever since the Palmdale drivers joined the International Brotherhood of Teamsters union in 2021. The NLRB’s complaint called out Amazon for terminating its contract with the unionized drivers without ever engaging in bargaining.
The tech company could have potentially avoided the NLRB charges if Amazon had settled with drivers, who claimed that rather than negotiate, Amazon had intimidated employees with security guards and illegally retaliated against workers unionizing.
Although Amazon recently invested $2.1 billion—its “biggest investment yet”—to improve driver safety and increase drivers’ wages, Amazon apparently did not do enough to settle drivers’ complaints.
The NLRB said in a press release sent to Ars that the complaint specifically alleged that “Amazon failed and refused to bargain” with Teamsters “and that it did not afford the union the opportunity to bargain over the effects of terminating” the Palmdale drivers’ contract, “increasing inspections, reducing and termination routes, and terminating employees in the bargaining unit.” Additionally, “the complaint further alleged that Amazon made unlawful threats and promises, held captive audience meetings, delayed employee start times and increased vehicle inspections to discourage union activities, and failed and refused to furnish information to the union.”
DirecTV’s agreement to buy the Dish satellite and streaming TV business from EchoStar is facing opposition from Dish creditors who would be forced to take a loss on the value of their debt.
Dish creditors “plan to block a distressed exchange that’s a key part of its tie-up with rival DirecTV, according to people familiar with the matter,” Bloomberg reported today. “A group of steering committee investors has gained a blocking position in order to negotiate with the company, the people said. They may even explore a better outcome through litigation, said some of the people.” The Bloomberg article was titled, “Dish-DirecTV Deal Sparks Creditor Revolt Over $1.6 Billion Loss.”
As Bloomberg notes, “Dish needs consent from its bondholders to exchange old debts for notes issued out of the new combined entity” in order to complete the deal. A previous Bloomberg article said that “just over two-thirds of [Dish] bondholders in each series of notes have to agree to the exchange, with the deadline set for October 29.” EchoStar executives argue that debt holders will benefit from the merger by “owning debt of a stronger company with lower leverage,” the article said.
Credit-rating firm S&P Global said in a research note that it views “these transactions as tantamount to a default because investors will receive less value than the promise of the original securities,” according to Variety. On the other hand, S&P Global “added that in exchange the new notes will carry a higher rate of 8.875 percent and be secured by assets of the combined businesses of DirecTV and Dish,” Variety wrote.
Debt exchange
DirecTV agreed to buy the Dish satellite TV and Sling TV business for a nominal fee of $1 in exchange for taking on $9.75 billion of Dish debt. But DirecTV’s deal announcement on Monday said the merger needs approval from Dish debt holders, who would see their investments devalued.
Dish notes would be exchanged with “a reduced principal amount of DirecTV debt which will have terms and collateral that mirror DirecTV’s existing secured debt,” DirecTV said. DirecTV’s announcement goes on to say that the principal amount will be reduced by at least $1.568 billion and that the deal can be scrapped if debt holders object:
T-Mobile has agreed to pay a $15.75 million fine and improve its security in a settlement over a series of data breaches over three years that affected tens of millions of customers.
“T-Mobile suffered data breaches in 2021, 2022, and 2023,” the Federal Communications Commission Enforcement Bureau said in an order approving a consent decree yesterday. “Combined, these breaches affected millions of current, former, or prospective T-Mobile customers and millions of end-user customers of T-Mobile wireless service resellers, which operate on T-Mobile’s network infrastructure and are known as mobile virtual network operators (MVNOs).”
Four breaches occurring over three years exposed personal information, including customer names, addresses, dates of birth, Social Security numbers, driver’s license numbers, the features customers subscribed to, and the number of lines on their accounts.
The FCC investigated T-Mobile for several potential violations: failure to meet its legal duty to protect confidentiality of private information; impermissibly using, disclosing, or permitting access to private information without customer approval; failure to take reasonable measures to discover and protect against attempts to gain unauthorized access to private information; unjust and unreasonable information security practices; and making misrepresentations to customers about its information security practices.
“To settle these investigations, T-Mobile will pay a civil penalty of $15,750,000 and commit to spending an additional $15,750,000 over the next two years to strengthen its cybersecurity program, and develop and implement a compliance plan to protect consumers against similar data breaches in the future,” the FCC said.
FCC touts “strong message” to carriers
The fine will be paid to the US Treasury. The FCC Enforcement Bureau said the security improvements that T-Mobile agreed to “will likely require expenditures an order of magnitude greater than the civil penalty here.” T-Mobile reported $19.8 billion in revenue and $2.9 billion in net income in Q2 2024.
In a press release, the FCC touted the settlement as “a model for the mobile telecommunications industry.” T-Mobile will “address foundational security flaws, work to improve cyber hygiene, and adopt robust modern architectures, like zero trust and phishing-resistant multifactor authentication,” the agency said.
“Today’s mobile networks are top targets for cybercriminals… We will continue to send a strong message to providers entrusted with this delicate information that they need to beef up their systems or there will be consequences,” FCC Chairwoman Jessica Rosenworcel said.
T-Mobile entered into the settlement despite not agreeing with the FCC’s accusations. “The Bureau and T-Mobile disagree about whether T-Mobile’s network and data security program and policies in place at the relevant times violated any standard of care or regulation then applicable to T-Mobile, but in the interest of resolving these investigations, and in the interest of putting consumer security first, the parties enter into this negotiated consent decree,” the agreement said.
eBay has defeated a lawsuit that the US Department of Justice raised last fall, which alleged that eBay violated environmental protection and public safety laws by allowing users to sell hundreds of thousands of banned products.
Among products targeted by the DOJ suit were at least 343,011 “aftermarket products for motor vehicles” used to “tamper with or disable vehicle emissions control systems” and at least 23,000 “unregistered, misbranded, or restricted use pesticides.” The DOJ also took issue with sales of products containing methylene chloride, which is used as a “thinning agent in paint and coating removal products.” Most uses of that chemical were banned by the Environmental Protection Agency this April to prevent causing cancer, liver harm, and death.
In her order, US District Judge Orelia Merchant agreed with eBay that the DOJ failed to prove that eBay was liable for selling some of these targeted products. Ultimately, Merchant ruled that whether the products violated environmental laws or not, Section 230 barred all of the DOJ’s claims, as eBay is shielded from liability for third-party postings (in this case, listings) on its platform.
“eBay contends that it does not actually ‘sell’ any item listed on its platform,” Merchant wrote, pointing to a precedent set in a 2004 lawsuit where the jewelry company Tiffany attempted to sue eBay over counterfeit items. Merchant agreed with the Second Circuit, which affirmed that “eBay did not itself sell counterfeit Tiffany goods; only the fraudulent vendors did,” mainly due to the fact that eBay “never physically possesses” the goods that are sold on its platform. For the same reason, Merchant found that eBay never sold any of the restricted items the DOJ flagged last year.
While the entire motion to dismiss was granted, the DOJ did succeed in arguing that eBay had violated the Toxic Substances Control Act (TSCA) and the Methylene Chloride Rule by not removing some listings for products containing methylene chloride.
Under those laws, the DOJ persuasively alleged that eBay was a “retailer” who introduced and “distributed in commerce” products containing methylene chloride, Merchant’s order noted.
eBay’s attempt to defend against that claim by narrowly arguing that the TSCA should only be applied to the literal first seller to introduce a product to market not only failed, Merchant said, but also threatened to “undermine the TSCA’s regulatory scope” as a law designed to protect the public from any introduction of harmful substances.
However, none of that matters, eBay argued, because Section 230 bars that claim, too. Merchant agreed that without “allegations… eBay fails to remove third-party listings (conduct that is plainly immune under Section 230),” and the government’s complaint “would not state a claim.”
eBay vows to help prevent toxic sales
Perhaps the government had hoped that eBay might settle the lawsuit, as the company did last February in a DOJ case over the sales of pill presses. Similar to the DOJ’s bid to hold eBay liable for enabling product sales causing environmental harms, the DOJ had accused eBay of selling pill presses tied to fentanyl drug rings amid an opioid epidemic killing 100,000 people annually at its peak. Both suits were designed to stop eBay from distributing products causing harms, but only one succeeded.
In the pill press case, eBay did not invoke the Section 230 shield. Instead, eBay admitted no wrongdoing while agreeing to “pay $59 million” and voluntarily removing products targeted by the DOJ. In a statement, eBay said this was “in the best interest of the company and its shareholders as it avoids the costs, uncertainty, and distraction associated with protracted litigation.”
eBay did not appear concerned that the environmental lawsuit might have similarly long legs in court. An eBay spokesperson told Ars that the company appreciated the court’s “thoughtful review,” which “found that the government’s lawsuit should not be permitted to move forward.”
“Maintaining a safe and trusted marketplace for our global community of sellers and buyers is a fundamental principle of our business at eBay,” eBay’s spokesperson said. “As we have throughout our history, eBay will continue to invest significant resources to support its well-recognized and proactive efforts to help prevent prohibited items from being listed on our marketplace.”
Because Merchant granted eBay’s motion to dismiss the DOJ’s lawsuit over alleged environmental harms with prejudice, the DOJ will not have a chance to re-file the case in the same court but could possibly appeal to a higher court.
A married couple can’t sue Uber over severe injuries they suffered in a 2022 car accident because of a mandatory arbitration provision in the ride-sharing company’s terms of use, according to a ruling issued by the New Jersey Superior Court appellate division.
In November 2023, a lower court denied Uber’s motion to compel arbitration and dismiss the complaint filed by plaintiffs Georgia and John McGinty. But the lower-court ruling was reversed on September 20 in a unanimous decision by three appellate court judges.
Georgia McGinty had agreed to Uber’s arbitration clause long before the accident. But the couple challenged the terms in part because they say their minor daughter, then 12, was the one who clicked the most recent terms agreement when the girl ordered food through Uber Eats. Those newer terms were also allegedly less specific about users waiving the right to a jury trial.
The September 20 ruling says:
Uber’s digital records show that on January 8, 2022, Georgia logged into her Uber account using her password, checked the box next to the statement “I have reviewed and agree to the Terms of Use,” and pressed “Confirm.” In their motion opposition, plaintiffs asserted that it was not Georgia but rather their minor daughter who checked that box and clicked the “Confirm” button—even though it required attesting to Uber that she was at least eighteen years old. Plaintiffs claim that their daughter, while using Georgia’s phone and with Georgia’s permission, confirmed her agreement to the December [2021] Terms before ordering food for plaintiffs to be delivered to them through Uber Eats.
The December Terms to which Georgia agreed—either by herself or through her daughter using her Uber account—contain an arbitration provision. That agreement provides disputes that may arise between Georgia and Uber, including disputes concerning auto accidents or personal injuries, will be resolved through binding arbitration “and not in a court of law.” The agreement also provides that any disputes over arbitrability would be delegated to the arbitrator.
“We hold that the arbitration provision contained in the agreement under review, which Georgia or her minor daughter, while using her cell phone agreed to, is valid and enforceable,” judges wrote.
Lower court said Uber terms were too vague
The case came to the appellate court on appeal from the Superior Court of New Jersey, Law Division, Middlesex County. The lower court found that Uber’s updated terms “fail[ed] to clearly and unambiguously inform plaintiff of her waiver of the right to pursue her claims in a judicial forum,” making it unclear that “arbitration is a substitute for the right to seek relief in our court system.”
While an earlier version of Uber’s terms contained an express jury waiver provision, the newer version did not. The lower court held that the newer agreement “lacks any specificity on what the resolution would look like or what the alternative to such resolution might be.”
Uber argued that even if the newer terms are invalid, the earlier terms would still require arbitration of the dispute, and that Georgia McGinty can’t escape her agreement with Uber by claiming that her daughter agreed to the newer terms on her behalf.
Despite the newer agreement not using the word “jury,” the appellate court said that legal precedent “does not require specific jury trial language to accomplish a waiver of rights.” Judges said the Uber provision requiring disputes to be handled in arbitration “and not in a court of law… clearly and unambiguously evidences a waiver of plaintiffs’ right to pursue any claims against Uber in a court of law and obligates plaintiffs to resolve their claims through binding arbitration.”
“While ‘jury’ is no longer explicitly used in the updated December Terms, magic words are not required for enforceability and the clause clearly intimates that disputes are resolved through arbitration,” the court said.
The question of whether the couple’s daughter was capable of agreeing to the terms must be decided by an arbitrator, according to the ruling:
Georgia certified that her daughter was “capable,” would frequently order food, and she and John were preoccupied with packing, which supports the inference that the daughter acted knowingly on Georgia’s behalf. In summary, the Arbitration Agreement is valid and delegates the threshold question of the scope of the arbitration to the arbitrator. Therefore, Georgia’s reliance on her daughter’s minority to raise an infancy defense shall be determined by the arbitrator.
Following site-wide user protests last year that featured moderators turning thousands of subreddits private or not-safe-for-work (NSFW), Reddit announced that mods now need its permission to make those changes.
Reddit’s VP of community, going by Go_JasonWaterfalls, made the announcement about what Reddit calls Community Types today. Reddit’s permission is also required to make subreddits restricted or to go from NSFW to safe-for-work (SFW). Reddit’s employee claimed that requests will be responded to “in under 24 hours.”
Reddit’s employee said that “temporarily going restricted is exempt” from this requirement, adding that “mods can continue to instantly restrict posts and/or comments for up to 7 days using Temporary Events.” Additionally, if a subreddit has fewer than 5,000 members or is less than 30 days old, the request “will be automatically approved,” per Go_JasonWaterfalls.
Reddit’s post includes a list of “valid” reasons that mods tend to change their subreddit’s Community Type and provides alternative solutions.
Last year’s protests “accelerated” this policy change
Last year, Reddit announced that it would be charging a massive amount for access to its previously free API. This caused many popular third-party Reddit apps to close down. Reddit users then protested by turning subreddits private (or read-only) or by only showing NSFW content or jokes and memes. Reddit then responded by removing some moderators; eventually, the protests subsided.
Reddit, which previously admitted that another similar protest could hurt it financially, has maintained that moderators’ actions during the protests broke its rules. Now, it has solidified a way to prevent something like last year’s site-wide protests from happening again.
Speaking to The Verge, Laura Nestler, who The Verge reported is Go_JasonWaterfalls, claimed that Reddit has been talking about making this change since at least 2021. The protests, she said, were a wake-up call that moderators’ ability to turn subreddits private “could be used to harm Reddit at scale. The protests “accelerated” the policy change, per Nestler.
The announcement on r/modnews reads:
… the ability to instantly change Community Type settings has been used to break the platform and violate our rules. We have a responsibility to protect Reddit and ensure its long-term health, and we cannot allow actions that deliberately cause harm.
After shutting down a tactic for responding to unfavorable Reddit policy changes, Go_JasonWaterfalls claimed that Reddit still wants to hear from users.
“Community Type settings have historically been used to protest Reddit’s decisions,” they wrote.
“While we are making this change to ensure users’ expectations regarding a community’s access do not suddenly change, protest is allowed on Reddit. We want to hear from you when you think Reddit is making decisions that are not in your communities’ best interests. But if a protest crosses the line into harming redditors and Reddit, we’ll step in.”
Last year’s user protests illustrated how dependent Reddit is on unpaid moderators and user-generated content. At times, things turned ugly, pitting Reddit executives against long-time users (Reddit CEO Steve Huffman infamously called Reddit mods “landed gentry,” something that some were quick to remind Go_JasonWaterfalls of) and reportedly worrying Reddit employees.
Although the protests failed to reverse Reddit’s prohibitive API fees or to save most third-party apps, it succeeded in getting users’ concerns heard and even crashed Reddit for three hours. Further, NFSW protests temporarily prevented Reddit from selling ads on some subreddits. Since going public this year and amid a push to reach profitability, Reddit has been more focused on ads than ever. (Most of Reddit’s money comes from ads.)
Reddit’s Nestler told The Verge that the new policy was reviewed by Reddit’s Mod Council. Reddit is confident that it won’t lose mods because of the change, she said.
“Demotes us all to janitors”
The news marks another broad policy change that is likely to upset users and make Reddit seem unwilling to give into user feedback, despite Go_JasonWaterfalls saying that “protest is allowed on Reddit.” For example, in response, Reddit user CouncilOfStrongs said:
Don’t lie to us, please.
Something that you can ignore because it has no impact cannot be a protest, and no matter what you say that is obviously the one and only point of you doing this – to block moderators from being able to hold Reddit accountable in even the smallest way for malicious, irresponsible, bad faith changes that they make.
Reddit user belisaurius, who is listed as a mod for several active subreddits, including a 336,000-member one for the Philadelphia Eagles NFL team, said that the policy change “removes moderators from any position of central responsibility and demotes us all to janitors.”
As Reddit continues seeking profits and seemingly more control over a platform built around free user-generated content and moderation, users will have to either accept that Reddit is changing or leave the platform.
Advance Publications, which owns Ars Technica parent Condé Nast, is the largest shareholder in Reddit.
Enlarge/ Waves roll ashore along Lake Michigan in Whiting, Indiana.
This article originally appeared on Inside Climate News, a nonprofit, independent news organization that covers climate, energy, and the environment. It is republished with permission. Sign up for their newsletter here.
The aquifer from which Joliet, Illinois, sources its drinking water is likely going to run too dry to support the city by 2030—a problem more and more communities are facing as the climate changes and groundwater declines. So Joliet eyed a huge water source 30 miles to the northeast: Lake Michigan.
It’s the second-largest of the Great Lakes, which together provide drinking water to about 10 percent of the US population, according to the National Oceanic and Atmospheric Administration’s Office for Coastal Management.
Soon, Joliet residents will join them. After years of deliberation, their city government decided last year to replace the aquifer by piping it in from Lake Michigan, buying it from the city of Chicago.
Project construction will start in 2025 with the intent to have water flowing to residents by 2030, said Theresa O’Grady, an engineering consultant working with the city of Joliet. Joliet will foot the approximately $1 billion bill for the project, including the cost to build 65 miles of piping that will transport water from Chicago to Joliet and neighboring communities.
Not just anyone can gain access to Lake Michigan’s pristine, saltless water. That’s rooted in the Great Lakes Compact, an agreement that governs how much water each state or Canadian province can withdraw from the lakes each day. With some exceptions, only municipalities located within the 295,200-square-milebasin (which includes the surface area of the lakes themselves) can get approved for a diversion to use Great Lakes drinking water.
Joliet is one of those exceptions.
“I’ve seen occasional news stories about, ‘Is Kansas suddenly going to get Lake Michigan water because Joliet got Lake Michigan water?’ We are going above and beyond to demonstrate how much we respect the privilege we have to use Lake Michigan water. We are spending hundreds of millions of dollars to be good stewards of that,” said Allison Swisher, Joliet’s director of public utilities.
In April 2023, then-Chicago Mayor Lori Lightfoot signed an agreement with Joliet and five other nearby communities to supply them with treated Lake Michigan water. Now, legal experts and other Great Lakes communities are left wondering how Joliet, located well outside of the Great Lakes basin, fits in.
The exemption in the Great Lakes Compact
The Great Lakes Region, which encompasses portions of New York, Pennsylvania, Ohio, Indiana, Illinois, Michigan, Wisconsin, and Minnesota, as well as the Canadian province of Ontario, is governed through the Great Lakes Compact, enacted in 2008.
“If you do not live in a straddling community, or you’re not a city in a straddling county, you don’t have a ticket to the dance. You can’t even ask for a Great Lakes water diversion,” said Peter Annin, director of the Mary Griggs Burke Center for Freshwater Innovation at Northland College and author of The Great Lakes Water Wars.
“With the exception of the state of Illinois,” he added.
The Chicago exemption, as it is often referred to, has roots in the 1800s, when animal waste from the city’s stockyards would flush into the Chicago River, ultimately pouring into Lake Michigan.
“That’s why Chicago embarks on this massive Panama Canal-like water diversion project, to take all that sewage and put it into this long canal, which then would connect with the Des Plaines River southwest of the city, and then the Illinois River, and then the Mississippi River,” Annin said, referring to the infamous reversal of the Chicago River. “Chicago’s solution was to flush its toilet to St. Louis.”
Every day, Chicago had the right to use billions of gallons of Lake Michigan water to divert this water and dilute the pollution downstream. The state of Wisconsin began challenging the diversion in the 1920s, arguing that Illinois’ superfluous water use was depleting water levels in the lake. In 1967, the Supreme Court sided with Illinois, and now, Chicago can do whatever it wants with its 2.1 billion gallons per day.
“So here we are today with this really kind of unbelievable Joliet water diversion proposal,” Annin said.
Nick Dedeke is an associate teaching professor at Northeastern University, Boston. His research interests include digital transformation strategies, ethics, and privacy. His research has been published in IEEE Management Review, IEEE Spectrum, and the Journal of Business Ethics. He holds a PhD in Industrial Engineering from the University of Kaiserslautern-Landau, Germany. The opinions in this piece do not necessarily reflect the views of Ars Technica.
In an earlier article, I discussed a few of the flaws in Europe’s flagship data privacy law, the General Data Protection Regulation (GDPR). Building on that critique, I would now like to go further, proposing specifications for developing a robust privacy protection regime in the US.
Writers must overcome several hurdles to have a chance at persuading readers about possible flaws in the GDPR. First, some readers are skeptical of any piece criticizing the GDPR because they believe the law is still too young to evaluate. Second, some are suspicious of any piece criticizing the GDPR because they suspect that the authors might be covert supporters of Big Tech’s anti-GDPR agenda. (I can assure readers that I am not, nor have I ever, worked to support any agenda of Big Tech companies.)
In this piece, I will highlight the price of ignoring the GDPR. Then, I will present several conceptual flaws of the GDPR that have been acknowledged by one of the lead architects of the law. Next, I will propose certain characteristics and design requirements that countries like the United States should consider when developing a privacy protection law. Lastly, I provide a few reasons why everyone should care about this project.
The high price of ignoring the GDPR
People sometimes assume that the GDPR is mostly a “bureaucratic headache”—but this perspective is no longer valid. Consider the following actions by administrators of the GDPR in different countries.
In May 2023, the Irish authorities hit Meta with a fine of $1.3 billion for unlawfully transferring personal data from the European Union to the US.
On July 16, 2021, the Luxembourg National Commission for Data Protection (CNDP) issued a fine of 746 million euros ($888 million) to Amazon Inc. The fine was issued due to a complaint from 10,000 people against Amazon in May 2018 orchestrated by a French privacy rights group.
On September 5, 2022, Ireland’s Data Protection Commission (DPC) issued a 405 million-euro GDPR fine to Meta Ireland as a penalty for violating GDPR’s stipulation regarding the lawfulness of children’s data (see other fines here).
In other words, the GDPR is not merely a bureaucratic matter; it can trigger hefty, unexpected fines. The notion that the GDPR can be ignored is a fatal error.
9 conceptual flaws of the GDPR: Perspective of the GDPR’s lead architect
Axel Voss is one of the lead architects of the GDPR. He is a member of the European Parliament and authored the 2011 initiative report titled “Comprehensive Approach to Personal Data Protection in the EU” when he was the European Parliament’s rapporteur. His call for action resulted in the development of the GDPR legislation. After observing the unfulfilled promises of the GDPR, Voss wrote a position paper highlighting the law’s weaknesses. I want to mention nine of the flaws that Voss described.
First, while the GDPR was excellent in theory and pointed a path toward the improvement of standards for data protection, it is an overly bureaucratic law created largely using a top-down approach by EU bureaucrats.
Second, the law is based on the premise that data protection should be a fundamental right of EU persons. Hence, the stipulations are absolute and one-sided or laser-focused only on protecting the “fundamental rights and freedoms” of natural persons. In making this change, the GDPR architects have transferred the relationship between the state and the citizen and applied it to the relationship between citizens and companies and the relationship between companies and their peers. This construction is one reason why the obligations imposed on data controllers and processors are rigid.
Third, the GDPR law aims to empower the data subjects by giving them rights and enshrining these rights into law. Specifically, the law enshrines nine data subject rights into law. They are: the right to be informed, the right to access, the right to rectification, the right to be forgotten/or to erasure, the right to data portability, the right to restrict processing, the right to object to the processing of personal data, the right to object to automated processing and the right to withdraw consent. As with any list, there is always a concern that some rights may be missing. If critical rights are omitted from the GDPR, it would hinder the effectiveness of the law in protecting privacy and data protection. Specifically, in the case of the GDPR, the protected data subject rights are not exhaustive.
Fourth, the GDPR is grounded on a prohibition and limitation approach to data protection. For example, the principle of purpose limitation excludes chance discoveries in science. This ignores the reality that current technologies, e.g., machine learning and artificial Intelligence applications, function differently. Hence, these old data protection mindsets, such as data minimization and storage limitation, are not workable anymore.
Fifth, the GDPR, on principle, posits that every processing of personal data restricts the data subject’s right to data protection. It requires, therefore, that each of these processes needs a justification based on the law. The GDPR deems any processing of personal data as a potential risk and forbids its processing in principle. It only allows processing if a legal ground is met. Such an anti-processing and anti-sharing approach may not make sense in a data-driven economy.
Sixth, the law does not distinguish between low-risk and high-risk applications by imposing the same obligations for each type of data processing application, with a few exceptions requiring consultation of the Data Processing Administrator for high-risk applications.
Seventh, the GDPR also excludes exemptions for low-risk processing scenarios or when SMEs, startups, non-commercial entities, or private citizens are the data controllers. Further, there are no exemptions or provisions that protect the rights of the controller and of third parties for such scenarios in which the data controller has a legitimate interest in protecting business and trade secrets, fulfilling confidentiality obligations, or the economic interest in avoiding huge and disproportionate efforts to meet GDPR obligations.
Eighth, the GDPR lacks a mechanism that allows SMEs and startups to shift the compliance burden onto third parties, which then store and process data.
Ninth, the GPR relies heavily on government-based bureaucratic monitoring and administration of GDPR privacy compliance. This means an extensive bureaucratic system is needed to manage the compliance regime.
There are other issues with GDPR enforcement (see pieces by Matt Burgess and Anda Bologa) and its negative impacts on the EU’s digital economy and on Irish technology companies. This piece will focus only on the nine flaws described above. These nine flaws are some of the reasons why the US authorities should not simply copy the GDPR.
The good news is that many of these flaws can be resolved.
Enlarge/ Former US President Donald Trump and Republican vice presidential nominee JD Vance at the National 9/11 Memorial and Museum on September 11, 2024, in New York City.
Getty Images | Michael M. Santiago
Elon Musk’s X is blocking links to the JD Vance “dossier” containing the Trump campaign’s research on the vice presidential nominee. X also suspended Ken Klippenstein, the journalist who published the dossier that apparently comes from an Iranian hack of the Trump campaign.
“Ken Klippenstein was temporarily suspended for violating our rules on posting unredacted private personal information, specifically Sen. Vance’s physical addresses and the majority of his Social Security number,” X’s safety account wrote yesterday. Klippenstein’s account was still suspended as of this writing.
X is blocking attempts to post links to the Klippenstein article in which he explained why he published the leaked dossier. An error message says, “We can’t complete this request because the link has been identified by X or our partners as being potentially harmful.”
Klippenstein’s article explains that the “dossier has been offered to me and I’ve decided to publish it because it’s of keen public interest in an election season. It’s a 271-page research paper the Trump campaign prepared to vet now vice presidential candidate JD Vance.”
The article doesn’t contain Vance’s address or Social Security number, but it provides a download link for the dossier. Klippenstein published another article yesterday after his X suspension, writing that he stands by his decision not to redact Vance’s private information. But the version of the Vance dossier available on Klippenstein’s website today has redactions of addresses and his Social Security number.
“I never published any private information on X”
“Self-styled free speech warrior Elon Musk’s X (Twitter) banned me after I published a copy of the Donald Trump campaign’s JD Vance research dossier,” Klippenstein wrote. “X says that I’ve been suspended for ‘violating our rules against posting private information,’ citing a tweet linking to my story about the JD Vance dossier. First, I never published any private information on X. I linked to an article I wrote here, linking to a document of controversial provenance, one that I didn’t want to alter for that very reason.”
Klippenstein also wrote, “We should be honest about so-called private information contained in the dossier and ‘private’ information in general. It is readily available to anyone who can buy it. The campaign purchased this information from commercial information brokers.”
US intelligence agencies said last week that “Iranian malicious cyber actors” have been sending “stolen, non-public material associated with former President Trump’s campaign to US media organizations.” This is part of a strategy “to stoke discord and undermine confidence in our electoral process,” US agencies said. Most media outlets decided not to publish the materials.
Musk slammed Twitter’s Hunter Biden decision
Elon Musk claimed that he bought Twitter in order to protect free speech, and he criticized the social network for an October 2020 incident in which Twitter blocked a New York Post story about Hunter Biden’s emails for allegedly violating a policy against posting hacked materials.
“Suspending the Twitter account of a major news organization for publishing a truthful story was obviously incredibly inappropriate,” Musk wrote in April 2022, one day after he struck a deal to buy Twitter for $44 billion. After completing the purchase, Musk leaked so-called “Twitter Files” containing the company’s internal deliberations about the Hunter Biden laptop story and other matters.
Twitter’s Hunter Biden decision drew immediate criticism when it happened, and the company changed its hacked materials policy just one day later. Under the October 2020 policy change, Twitter said it would stop removing hacked content unless it was directly shared by hackers or those acting in concert with them and that it would label tweets to provide context instead of blocking links from being shared on Twitter.
“Straight blocking of URLs was wrong, and we updated our policy and enforcement to fix,” Jack Dorsey, Twitter’s former CEO, wrote at the time. “Our goal is to attempt to add context, and now we have capabilities to do that.”
Meanwhile, The New York Times examined five days’ worth of Musk’s X posts in an article published today. “In 171 posts and reposts during that frenetic five-day period, the tech mogul railed against illegal immigration, boosted election fraud conspiracy theories and attacked Democratic candidates, according to a New York Times analysis… Nearly a third of his posts last week were false, misleading or missing vital context. They included misleading posts claiming Democrats were making memes ‘illegal’ and falsehoods that they want to ‘open the border’ to gain votes from illegal immigrants,” the article said.
Valve Corporation, tired of paying arbitration fees, has removed a mandatory arbitration clause from Steam’s subscriber agreement. Valve told gamers in yesterday’s update that they must sue the company in order to resolve disputes.
The subscriber agreement includes “changes to how disputes and claims between you and Valve are resolved,” Steam wrote in an email to users. “The updated dispute resolution provisions are in Section 10 and require all claims and disputes to proceed in court and not in arbitration. We’ve also removed the class action waiver and cost and fee-shifting provisions.”
The Steam agreement previously said that “you and Valve agree to resolve all disputes and claims between us in individual binding arbitration.” Now, it says that any claims “shall be commenced and maintained exclusively in any state or federal court located in King County, Washington, having subject matter jurisdiction.”
Steam’s email to users said the updated terms “will become effective immediately when you agree to it, including when you make most purchases, fund your Steam wallet, or otherwise accept it. Otherwise, the updated Steam Subscriber Agreement will become effective on November 1, 2024, unless you delete or discontinue use of your Steam account before then.” Steam also pushed a pop-up message to gamers asking them to agree to the new terms.
One likely factor in Valve’s decision to abandon arbitration is mentioned in a pending class-action lawsuit over game prices that was filed last month in US District Court for the Western District of Washington. The Steam users who filed the suit previously “mounted a sustained and ultimately successful challenge to the enforceability of Valve’s arbitration provision,” their lawsuit said. “Specifically, the named Plaintiffs won binding decisions from arbitrators rendering Valve’s arbitration provision unenforceable for both lack of notice and because it impermissibly seeks to bar public injunctive relief.”
Mandatory arbitration clauses are generally seen as bad for consumers, who are deprived of the ability to seek compensation through individual or class-action lawsuits. But many Steam users were able to easily get money from Valve through arbitration, according to law firms that filed the arbitration cases over allegedly inflated game prices.
Valve sued lawyers behind arbitration claims
Valve used to prefer arbitration because few consumers brought claims and the process kept the company’s legal costs low. But in October 2023, Valve sued a law firm in an attempt to stop it from submitting loads of arbitration claims on behalf of gamers.
Valve’s suit complained that “unscrupulous lawyers” at law firm Zaiger, LLC presented a plan to a potential funder “to recruit 75,000 clients and threaten Valve with arbitration on behalf of those clients, thus exposing Valve to potentially millions of dollars of arbitration fees alone: 75,000 potential arbitrations times $3,000 in fees per arbitration is two hundred and twenty-five million dollars.”
Valve said that Zaiger’s “extortive plan” was to “offer a settlement slightly less than the [arbitration] charge—$2,900 per claim or so—attempting to induce a quick resolution.”
“Zaiger targeted Valve and Steam users for its scheme precisely because the arbitration clause in the SSA [Steam Subscriber Agreement] is ‘favorable’ to Steam users in that Valve agrees to pay the fees and costs associated with arbitration,” Valve said.
Zaiger has a “Steam Claims” website that says, “Tens of thousands of Steam users have engaged Zaiger LLC to hold Steam’s owner, Valve, accountable for inflated prices of PC games.” The website said that through arbitration, “many consumers get compensation offers without doing anything beyond completing the initial form.” Another law firm called Mason LLP used a similar strategy to help gamers bring arbitration claims against Steam.
There hadn’t previously been many arbitration cases against Steam, Valve’s lawsuit against Zaiger said. “In the five years before Zaiger began threatening Valve, 2017 to 2022, there were only two instances where Valve and a Steam user could not resolve that user’s issue before proceeding to arbitration. Both of those arbitrations were resolved in Valve’s favor, and Valve paid all of the arbitrator fees and costs for both Valve and the impacted Steam user,” Valve said.
Valve’s lawsuit against Zaiger was dismissed without prejudice on August 20, 2024. The ruling in US District Court for the Western District of Washington said the case was dismissed because the court lacks jurisdiction over Zaiger.
Google wound down its defense in the US Department of Justice’s ad tech monopoly trial this week, following a week of testimony from witnesses that experts said seemed to lack credibility.
The tech giant started its defense by showing a widely mocked chart that Google executive Scott Sheffer called a “spaghetti football,” supposedly showing a fluid industry thriving thanks to Google’s ad tech platform but mostly just “confusing” everyone and possibly even helping to debunk its case, Open Markets Institute policy analyst Karina Montoya reported.
“The effect of this image might have backfired as it also made it evident that Google is ubiquitous in digital advertising,” Montoya reported. “During DOJ’s cross-examination, the spaghetti football was untangled to show only the ad tech products used specifically by publishers and advertisers on the open web.”
One witness, Marco Hardie, Google’s current head of industry, was even removed from the stand, his testimony deemed irrelevant by US District Judge Leonie Brinkema, Big Tech On Trial reported. Another, Google executive Scott Sheffer, gave testimony Brinkema considered “tainted,” Montoya reported. But perhaps the most heated exchange about a witness’ credibility came during the DOJ’s cross-examination of Mark Israel, the key expert that Google is relying on to challenge the DOJ’s market definition.
Google’s case depends largely on Brinkema agreeing that the DOJ’s market definition is too narrow, with an allegedly outdated focus on display ads on the open web, as opposed to a broader market including display ads appearing in apps or on social media. But experts monitoring the trial suggested that Brinkema may end up questioning Israel’s credibility after DOJ lawyer Aaron Teitelbaum’s aggressive cross-examination.
According to Big Tech on Trial, which posted the exchange on X (formerly Twitter), Teitelbaum’s line of questioning came across as a “striking and effective impeachment of Mark Israel’s credibility as a witness.”
During his testimony, Israel told Brinkema that Google’s share of the US display ads market is only 25 percent, minimizing Google’s alleged dominance while emphasizing that Google faced “intense competition” from other Big Tech companies like Amazon, Meta, and TikTok in this broader market, Open Markets Institute policy analyst Karina Montoya reported.
On cross-examination, Teitelbaum called Israel out as a “serial ‘expert’ for companies facing antitrust challenges” who “always finds that the companies ‘explained away’ market definition,” Big Tech on Trial posted on X. Teitelbaum even read out quotes from past cases “in which judges described” Israel’s “expert testimony as ‘not credible’ and having ‘misunderstood antitrust law.'”
Israel was also accused by past judges of rendering his opinions “based on false assumptions,” according to USvGoogleAds, a site run by the digital advertising watchdog Check My Ads with ad industry partners. And specifically for the Google ad tech case, Teitelbaum noted that Israel omitted ad spend data to seemingly manipulate one of his charts.
“Not a good look,” the watchdog’s site opined.
Perhaps most damaging, Teitelbaum asked Israel to confirm that “80 percent of his income comes from doing this sort of expert testimony,” suggesting that Israel seemingly depended on being paid by companies like Jet Blue and Kroger-Albertsons—and even previously by Google during the search monopoly trial—to muddy the waters on market definition. Lee Hepner, an antitrust lawyer with the American Economic Liberties Project, posted on X that the DOJ’s antitrust chief, Jonathan Kanter, has grown wary of serial experts supposedly sowing distrust in the court system.
“Let me say this clearly—this will not end well,” Kanter said during a speech at a competition law conference this month. “Already we see a seeping distrust of expertise by the courts and by law enforcers.”
“Best witnesses money can buy”
In addition to experts and Google staffers backing up Google’s proposed findings of fact and conclusions of law, Google brought in Courtney Caldwell—the CEO of a small business that once received a grant from Google and appears in Google’s marketing materials—to back up claims that a DOJ win could harm small businesses, Big Tech on Trial reported.
Google’s direct examination of Caldwell was “basically just a Google ad,” Big Tech on Trial said, while Check My Ads’ site suggested that Google mostly just called upon “the best witnesses their money can buy, and it still did not get them very far.”
According to Big Tech on Trial, Google is using a “light touch” in its defense, refusing to go “pound for pound” to refute the DOJ’s case. Using this approach, Google can seemingly ignore any argument the DOJ raises that doesn’t fit into the picture Google wants Brinkema to accept of Google’s ad empire growing organically, rather than anti-competitively constructed with the intent to shut out rivals through mergers and acquisitions.
Where the DOJ wants the judge to see “a Google-only pipeline through the heart of the ad tech stack, denying non-Google rivals the same access,” Google argues that it has only “designed a set of products that work efficiently with each other and attract a valuable customer base.”
Evidence that Brinkeman might find hard to ignore include a 2008 statement from Google’s former president of display advertising, David Rosenblatt, confirming that it would “take an act of god” to get people to switch ad platforms because of extremely high switching costs. Rosenblatt also suggested in a 2009 presentation that Google acquiring DoubleClick for Publishers would make Google’s ad tech like the New York Stock Exchange, putting Google in a position to monitor every ad sale and doing for display ads “what Google did to search.” There’s also a 2010 email where now-YouTube CEO Neal Mohan recommended getting Google ahead in the display ad market by “parking” a rival with “the most traction.”
On Friday, testimony concluded abruptly after the DOJ only called one rebuttal witness, Big Tech on Trial posted on X. Brinkema is expected to hear closing arguments on November 25, Big Tech on Trial reported, and rule in December, Montoya reported.
Most members of Dell’s sales team will no longer have the option to work remotely, starting on Monday, Reuters reported this week, citing an internal memo. The policy applies to salespeople worldwide and is aimed at helping “grow skills,” per the note.
Like the rest of Dell’s workforce, Dell’s salespeople have previously been allowed to work remotely two days per week. A memo, which a Reddit user claims to have posted online (The Register reported that the post “mirrors” one that it viewed separately), says that field sellers aren’t required to go into an office but “should prioritize time spent in person with customers and partners.” The policy doesn’t apply to “remote sales team members,” but Dell said to expect additional unspecified communications regarding remote workers “in the coming weeks.” Bloomberg reported that top sales executives Bill Scannell, Dell’s president of global sales and customer operations, and John Byrne, president of sales and global regions at Dell Tech Select, signed the memo, saying:
… our data showed that sales teams are more productive when onsite.
Dell is viewing mandatory on-site work as a way to maintain its sales team’s culture and drive growth, according to the memo, which mentions things like “real-time feedback” and “dynamic” office energy. Moving forward, remote work will be permitted as an exception, Dell said.
Notably, the letter, which was reportedly sent to workers on Thursday, doesn’t give employees much time for adjustments. The memo acknowledges that workers have built schedules around working from home regularly but doesn’t offer immediate solutions.
In a statement to The Register, a Dell spokesperson confirmed the policy change.
“We continually evolve our business so we’re set up to deliver the best innovation, value and service to our customers and partners,” they said. “That includes more in-person connection to drive market leadership.”
Dell’s RTO push
After permitting full-time remote work in response to the COVID-19 pandemic, in February, Dell started requiring workers to go into the office 39 days per quarter (or about three days per week) or be totally remote. The latter, however, seemed discouraged, as Dell reportedly told remote workers they were ineligible for promotions in March. Still, nearly 50 percent of Dell workers chose to stay remote, Business Insider reported in June, citing internal Dell Data.
Dell’s return-to-office (RTO) mandates have reportedly been enforced with VPN and badge tracking. Some employees have accused Dell of trying to reduce headcount with RTO policies. Other companies pushing workers back into offices have also been accused of this; there’s research showing that at least some companies have used RTO policies to lower headcount while avoiding layoffs. Dell laid off 13,000 people in 2023 and plans more layoffs. In August, it announced plans to lay off an undisclosed additional number of people. The company is expected to have 120,000 employees.
Dell’s RTO change follows an announcement this week requiring Amazon employees to work on-site five days a week starting next year. Following the announcement, a survey of 2,585 US Amazon employees found that 73 percent of Amazon workers are “considering looking for an another job” in response.
“Yes, this is a shift…”
The memo, according to Reddit, acknowledges to workers, “Yes, this is a shift from current expectations.” Dell’s RTO push represents an about-face from previously stated positions on remote work from the company. In 2022, for example, CEO and founder Michael Dell wrote a blog that said Dell “found no meaningful differences” between remote and on-site workers, including before the pandemic. Dell COO Jeff Clarke made similar arguments in 2020.
The idea that remote work hinders productivity has been a hot topic of debate, especially as companies grapple with their remote work policies following pandemic restrictions. Dell says that its decision to force sales workers back into offices is backed by data, and its claims of boosted productivity could potentially be true when it comes to this specific Dell division. However, there have also been studies suggesting that return-to-office mandates hurt productivity. For example, a Great Place to Work survey conducted in July 2023 of 4,400 employees concluded that “productivity was lower for both on-site and remote employees when their employer mandated where they work.” Workers with companies allowing employees to choose between remote and on-site work were more likely to give “extra effort,” the survey found.
