Policy

hackers-seek-ransom-after-getting-ssns,-banking-info-from-state-gov’t-portal

Hackers seek ransom after getting SSNs, banking info from state gov’t portal

Hackers trying to extort the Rhode Island government infiltrated the state’s public benefits system, causing state officials to shut down online services that let residents apply for Medicaid and other assistance programs.

“As part of this investigation today, we discovered that within the Rhode Island Bridges system, a cybercriminal had installed dangerous malware that constituted an urgent threat,” Governor Dan McKee said at a Friday night press conference, according to The Providence Journal. “That is why tonight we have shut down the system. That means customers will temporarily not be able to access any customer portal related to the services on Rhode Island Bridges.”

The vendor “Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges,” McKee’s office said in a press release. Rhode Island has “proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible.”

The state decided to sign a new three-year contract with Deloitte in 2021 despite its earlier failure to build a stable system. RIBridges, originally called Unified Health Infrastructure Project (UHIP), launched in 2016 and “suffered from massive cost overruns before launch and catastrophic failures afterward,” WPRI wrote in 2021.

The hack disclosed on Friday has already inspired a class-action lawsuit against Deloitte. The lawsuit was filed in a federal court yesterday.

Many state programs impacted

Information obtained by hackers “may include names, addresses, dates of birth and Social Security numbers, as well as certain banking information,” the governor’s office said Friday, noting that analysis of the breach was not complete.

“To the best of our knowledge, any individual who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this leak,” the governor’s office said. This includes Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Child Care Assistance Program (CCAP), health coverage purchased through HealthSource RI, Rhode Island Works (RIW), Long-Term Services and Supports (LTSS), and the General Public Assistance (GPA) Program.

An updates page said the state and Deloitte are still “focused on addressing the threat” and aren’t yet saying when the RIBridges system will be restored. “We understand this is an alarming situation for our customers. Current customers will not be able to log into their account through the portal or the mobile app while the system is offline… Rhode Islanders seeking to apply for benefits can still submit a paper application.”

Hackers seek ransom after getting SSNs, banking info from state gov’t portal Read More »

amazon-facing-strike-threats-as-senate-report-details-hidden-widespread-injuries

Amazon facing strike threats as Senate report details hidden widespread injuries


“Obsessed with speed and productivity”

Amazon ignores strike threats, denies claims of “uniquely dangerous warehouses.”

Just as Amazon warehouse workers are threatening to launch the “first large-scale” unfair labor practices strike at Amazon in US history, Sen. Bernie Sanders (I-Vt.) released a report accusing Amazon of operating “uniquely dangerous warehouses” that allegedly put profits over worker safety.

As chair of the Senate Committee on Health, Education, Labor, and Pensions, Sanders started investigating Amazon in June 2023. His goal was “to uncover why Amazon’s injury rates far exceed those of its competitors and to understand what happens to Amazon workers when they are injured on the job.”

According to Sanders, Amazon “sometimes ignored” the committee’s requests and ultimately only supplied 285 documents requested. The e-commerce giant was mostly only willing to hand over “training materials given to on-site first aid staff,” Sanders noted, rather than “information on how it tracks workers, the quotas it imposes on workers, and the disciplinary actions it takes when workers cannot meet those quotas, internal studies on the connection between speed and injury rates, and the company’s treatment of injured workers.”

To fill in the gaps, Sanders’ team “conducted an exhaustive inquiry,” interviewing nearly 500 workers who provided “more than 1,400 documents, photographs, and videos to support their stories.” And while Amazon’s responses were “extremely limited,” Sanders said that the Committee was also able to uncover internal studies that repeatedly show that “Amazon chose not to act” to address safety risks, allegedly “accepting injuries to its workers as the cost of doing business.”

Perhaps most critically, key findings accuse Amazon of manipulating workplace injury data by “cherry-picking” data instead of confronting the alleged fact that “an analysis of the company’s data shows that Amazon warehouses recorded over 30 percent more injuries than the warehousing industry average in 2023.” The report also alleged that Amazon lied to federal regulators about injury data, discouraged workers from receiving outside care to hide injuries, and terminated injured workers while on approved medical leave.

“This evidence reveals a deeply troubling picture of how one of the largest corporations in the world treats its workforce,” Sanders reported, documenting “a corporate culture obsessed with speed and productivity.”

Amazon disputed Sanders’ report

In a statement, Amazon spokesperson Kelly Nantel disputed the report as “wrong on the facts.”

Sanders’ report allegedly “weaves together out-of-date documents and unverifiable anecdotes to create a pre-conceived narrative that he and his allies have been pushing for the past 18 months,” Nantel said. “The facts are, our expectations for our employees are safe and reasonable—and that was validated both by a judge in Washington after a thorough hearing and by the State’s Board of Industrial Insurance Appeals, which vacated ergonomic citations alleging a hazardous pace of work.”

Nantel said that Sanders ignored that Amazon has made “meaningful progress on safety—improving our recordable incident rates by 28 percent in the US since 2019, and our lost time incident rates (the most serious injuries) by 75 percent.”

But Sanders’ report anticipated this response, alleging that “many” workers “live with severe injuries and permanent disabilities because of the company’s insistence on enforcing grueling productivity quotas and its refusal to adequately care for injured workers.” Sanders said if Amazon had compelling evidence that refuted workers’ claims, the company failed to produce it.

“Although the Committee expects Amazon will dispute the veracity of the evidence those workers provided, Amazon has had eighteen months to offer its own evidence and has refused to do so,” Sanders reported.

Amazon Labor Union preparing to strike

In August, the National Labor Relations Board (NLRB) determined that Amazon is a joint employer of contracted drivers hired to ensure the e-commerce giant delivers its packages when promised. The Amazon Labor Union (ALU)—which nearly unanimously voted to affiliate with the International Brotherhood of Teamsters this summer—considered this a huge win after Amazon had long argued that it had no duty to bargain with driver unions and no responsibility for alleged union busting.

Things seemed to escalate quickly after that, with the NLRB in October alleging that Amazon illegally refused to bargain with the union, which reportedly represents thousands of drivers who are frustrated by what they claim are low wages and dangerous working conditions. As the NLRB continues to seemingly side with workers, Amazon allegedly is “teaming up with Elon Musk in a lawsuit to get the NLRB declared unconstitutional,” workers said in an email campaign reviewed by Ars.

Now, as the holidays approach and on-time deliveries remain Amazon’s top priority, the ALU gave the tech company until Sunday to come to the bargaining table or else “hundreds of workers are prepared to go on strike” at various warehouses. In another email reviewed by Ars, the ALU pushed for donations to support workers ahead of the planned strike.

“It’s one of the busiest times of year for Amazon,” the email said. “The threat of hundreds of workers at one of its busiest warehouses walking out has real power.”

In a statement provided to Ars, Amazon spokesperson Eileen Hards said that Sanders refused to visit Amazon facilities to see working conditions “firsthand” and instead pushed a “pre-conceived narrative” that Amazon claims is unsupported. Her statement also seemed to suggest that Amazon isn’t taking the threat of workers striking seriously, alleging that the ALU also pushes a “false narrative” by supposedly exaggerating the number of workers who have unionized. (Amazon’s full statement disputing Sanders’ claims in-depth is here.)

“For more than a year now, the Teamsters have continued to intentionally mislead the public—claiming that they represent ‘thousands of Amazon employees and drivers,’” Hards said. “They don’t, and this is another attempt to push a false narrative. The truth is that the Teamsters have actively threatened, intimidated, and attempted to coerce Amazon employees and third-party drivers to join them, which is illegal and is the subject of multiple pending unfair labor practice charges against the union.”

Workers seem unlikely to be quieted by such statements, telling Sanders that Amazon allegedly regularly ignores their safety concerns, orders workers to stay in roles causing them pain, denies workers’ medical care, and refuses to accommodate disabilities. Among the support needed for workers preparing to walk out are medical care and legal support, including “worker retaliation defense funds,” the union’s campaign said.

While Amazon seemingly downplays the number of workers reportedly past their breaking point, Sanders alleged that the problem is much more widespread than Amazon admits. According to his report, Amazon workers over “the past seven years” were “nearly twice as likely to be injured as workers in warehouses operated by the rest of the warehousing industry,” and “more than two-thirds of Amazon’s warehouses have injury rates that exceed the industry average.”

Amazon allegedly refuses to accept these estimates, even going so far as repeatedly claiming that “worker injuries were actually the result of workers’ ‘frailty’ and ‘intrinsic likelihood of injury,'” Sanders reported, rather than due to Amazon’s fast-paced quotas.

Laws that could end Amazon’s alleged abuse

On top of changes that Amazon could voluntarily make internally to allegedly improve worker safety, Sanders recommended a range of regulatory actions to force Amazon to end the allegedly abusive practices.

Among solutions is a policy that would require Amazon to disclose worker quotas that allegedly “force workers to move quickly and in ways that cause injuries.” Such transparency is required in some states but could become federal law, if the Warehouse Worker Protection Act passes.

And likely even more impactful, Sanders pushed to pass the Protecting America’s Workers Act (PAWA), which would increase civil monetary penalties for violations of worker safety laws.

In his report, Sanders noted that Amazon is much too big to be held accountable by current maximum penalties for workplace safety violations, which are just over $16,000. Penalties for 50 violations for one two-year period were just $300,000, Sanders said, which was “approximately 1 percent of Amazon CEO Andy Jassy’s total compensation in 2023.”

Passing PAWA would spike the maximum penalty for willful and repeated violations to $700,000 and is necessary, Sanders advocated, to “hold Amazon accountable for its failure to protect its workers.”

Additional legal protections that Congress could pass to protect workers include laws protecting workers’ rights to organize, banning Amazon from disciplining workers based on automated systems allegedly “prone to errors,” and ending Amazon’s alleged spying, partly by limiting worker surveillance.

In his report, Sanders suggested that his findings align with workers’ concerns that have become “the basis of efforts to organize warehouses in New York, Kentucky, Florida, Alabama, Missouri, and beyond.” And as many workers seem ready to strike at Amazon’s busiest time of year, instead of feeling optimistic that Amazon will bargain with workers, they’re bracing for suspected retaliation and planning to hit Amazon where it hurts most—the e-commerce giant’s bottom line.

In an email Monday, the campaign suggested that “Amazon only speaks one language, and that’s money.”

“We’re ready to withhold our labor if they continue to ignore their legal obligation to come to the table,” the email said, noting that when it comes to worker well-being, “our message is clear: We can’t wait anymore.”

Photo of Ashley Belanger

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

Amazon facing strike threats as Senate report details hidden widespread injuries Read More »

t-mobile-users-can-try-starlink-enabled-phone-service-for-free-during-beta

T-Mobile users can try Starlink-enabled phone service for free during beta

T-Mobile today said it opened registration for the “T-Mobile Starlink” beta service that will enable text messaging via satellites in dead zones not covered by cell towers.

T-Mobile’s announcement said the service using Starlink’s low-Earth orbit satellites will “provid[e] coverage for the 500,000 square miles of land in the United States not covered by earth-bound cell towers.” Starlink parent SpaceX has so far launched over 300 satellites with direct-to-cell capabilities, T-Mobile noted.

A registration page says, “We expect the beta to begin in early 2025, starting with texting and expanding to data and voice over time. The beta is open to all T-Mobile postpaid customers for free, but capacity is limited.”

T-Mobile said the beta “is expected to work with most modern mobile phones” but will work best with “select smartphones.” People with those “select” devices will apparently have a better chance of getting into the beta.

“T-Mobile postpaid customers with optimized devices will be admitted on a ‘first come, first served’ basis,” T-Mobile said. “We’ll expand the beta to more customers and more devices as more satellites launch.”

Businesses and first responders can also register. “Because of the critical role these first responder agencies and individuals play in safeguarding our communities, T-Mobile is prioritizing this audience for the beta program,” the carrier said.

Commercial service sometime in 2025

T-Mobile said the commercial service will launch “sometime in 2025” but did not say how much it will cost.

T-Mobile users can try Starlink-enabled phone service for free during beta Read More »

elon-musk-slams-sec-as-agency-threatens-charges-in-twitter-stock-probe

Elon Musk slams SEC as agency threatens charges in Twitter stock probe

An SEC spokesperson told Ars today that the commission’s policy is “to conduct investigations on a confidential basis to preserve the integrity of its investigative process. The SEC therefore does not comment on the existence or nonexistence of a possible investigation.”

A Reuters source confirmed the settlement offer. “The SEC sent Musk a settlement offer on Tuesday seeking a response in 48 hours, but extended it to Monday after a request for more time, the source said,” according to a Reuters article today.

The settlement offer was also confirmed by a source who spoke to The Washington Post. “One person familiar with the probe, who spoke on the condition of anonymity to describe a confidential law enforcement proceeding, confirmed that Musk had been sent a settlement offer in recent days,” the Post wrote last night. “But the person said they believed the tech billionaire had actually been given until Monday to evaluate the offer—adding that rejecting a settlement still would not immediately trigger charges by the SEC, which typically sends formal notices before such cases are brought.”

Musk has had several legal battles with the SEC. In 2018, he and Tesla each agreed to $20 million payments in a settlement over the SEC’s complaint that “Musk’s misleading tweets” about taking Tesla private caused the stock price to jump “and led to significant market disruption.” He has tried and failed to get out of that settlement, claiming that he was “forced” into signing the deal and that the SEC used the 2018 consent decree to “micro-manage” his social media activity.

Musk to have influence in Trump admin

Musk won’t have to worry as much about government regulation once Trump takes over. Trump picked Musk to lead a new Department of Government Efficiency, or “DOGE,” which will make recommendations for eliminating regulations, cutting expenses, and restructuring federal agencies.

As Reuters wrote today, Musk “is set to gain extraordinary influence after spending more than a quarter of a billion dollars to help Donald Trump win November’s presidential election. His companies are expected to be well insulated from regulation and enforcement measures.”

The SEC’s November announcement of Gensler’s planned departure from the agency touted his work to adopt “several rules to ensure that investors get the disclosure they need from public companies and companies seeking to go public.”

Trump chose Paul Atkins to replace Gensler as SEC chair, calling Atkins an advocate “for common sense regulations.” Atkins, a former SEC commissioner who founded the Patomak Global Partners consultancy firm, testified to Congress in 2019 that the SEC should reduce its disclosure requirements.

Elon Musk slams SEC as agency threatens charges in Twitter stock probe Read More »

don’t-use-crypto-to-cheat-on-taxes:-bitcoin-bro-gets-2-years

Don’t use crypto to cheat on taxes: Bitcoin bro gets 2 years

A bitcoin investor who went to increasingly great lengths to hide $1 million in cryptocurrency gains on his tax returns was sentenced to two years in prison on Thursday.

It seems that not even his most “sophisticated” tactics—including using mixers, managing multiple wallets, and setting up in-person meetings to swap bitcoins for cash—kept the feds from tracing crypto trades that he believed were untraceable.

The Austin, Texas, man, Frank Richard Ahlgren III, started buying up bitcoins in 2011. In 2015, he upped his trading, purchasing approximately 1,366 using Coinbase accounts. He waited until 2017 before cashing in, earning $3.7 million after selling about 640 at a price more than 10 times his initial costs. Celebrating his gains, he bought a house in Utah in 2017, mostly funded by bitcoins he purchased in 2015.

Very quickly, Ahlgren sought to hide these earnings, the Department of Justice said in a press release. Rather than report them on his 2017 tax return, Ahlgren “lied to his accountant by submitting a false summary of his gains and losses from the sale of his bitcoins.” He did this by claiming that the bitcoins he purchased in 2015 were much higher than his actual costs, even being so bold as to claim he as charged prices “greater than the highest price bitcoins sold for in the market prior to the purchase of the Utah house.”

First tax evasion prosecution centered solely on crypto

Ahlgren’s tax evasion only got bolder as the years passed after this first fraud, the DOJ said.

In 2018 and 2019, he sold more bitcoins, earning more than $650,000 and deciding not to report any of it on his tax returns for those years. That meant that he needed to actively conceal the earnings, but he’d been apparently researching how mixers are used to disguise where bitcoins come from since at least 2014, the feds found, referencing a blog he wrote exhibiting his knowledge. And that’s not the only step he took to try to trick the Internal Revenue Service.

Don’t use crypto to cheat on taxes: Bitcoin bro gets 2 years Read More »

character.ai-steps-up-teen-safety-after-bots-allegedly-caused-suicide,-self-harm

Character.AI steps up teen safety after bots allegedly caused suicide, self-harm

Following a pair of lawsuits alleging that chatbots caused a teen boy’s suicide, groomed a 9-year-old girl, and caused a vulnerable teen to self-harm, Character.AI (C.AI) has announced a separate model just for teens, ages 13 and up, that’s supposed to make their experiences with bots safer.

In a blog, C.AI said it took a month to develop the teen model, with the goal of guiding the existing model “away from certain responses or interactions, reducing the likelihood of users encountering, or prompting the model to return, sensitive or suggestive content.”

C.AI said “evolving the model experience” to reduce the likelihood kids are engaging in harmful chats—including bots allegedly teaching a teen with high-functioning autism to self-harm and delivering inappropriate adult content to all kids whose families are suing—it had to tweak both model inputs and outputs.

To stop chatbots from initiating and responding to harmful dialogs, C.AI added classifiers that should help C.AI identify and filter out sensitive content from outputs. And to prevent kids from pushing bots to discuss sensitive topics, C.AI said that it had improved “detection, response, and intervention related to inputs from all users.” That ideally includes blocking any sensitive content from appearing in the chat.

Perhaps most significantly, C.AI will now link kids to resources if they try to discuss suicide or self-harm, which C.AI had not done previously, frustrating parents suing who argue this common practice for social media platforms should extend to chatbots.

Other teen safety features

In addition to creating the model just for teens, C.AI announced other safety features, including more robust parental controls rolling out early next year. Those controls would allow parents to track how much time kids are spending on C.AI and which bots they’re interacting with most frequently, the blog said.

C.AI will also be notifying teens when they’ve spent an hour on the platform, which could help prevent kids from becoming addicted to the app, as parents suing have alleged. In one case, parents had to lock their son’s iPad in a safe to keep him from using the app after bots allegedly repeatedly encouraged him to self-harm and even suggested murdering his parents. That teen has vowed to start using the app whenever he next has access, while parents fear the bots’ seeming influence may continue causing harm if he follows through on threats to run away.

Character.AI steps up teen safety after bots allegedly caused suicide, self-harm Read More »

report:-at&t,-verizon-aren’t-notifying-most-victims-of-chinese-call-records-hack

Report: AT&T, Verizon aren’t notifying most victims of Chinese call-records hack

Telecom companies aren’t required to notify customers about every breach. A Federal Communications Commission order in December 2023 adopted a “harm-based notification trigger” in which “notification of a breach to consumers is not required in cases where a carrier can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach, or where the breach solely involves encrypted data and the carrier has definitive evidence that the encryption key was not also accessed, used, or disclosed.”

The FCC said that harm requiring notifications can include, but is not limited to, “financial harm, physical harm, identity theft, theft of services, potential for blackmail, the disclosure of private facts, the disclosure of contact information for victims of abuse, and other similar types of dangers.”

The FCC order argued that the harm-based standard would let carriers “focus their time, effort, and financial resources on the most important and potentially harmful incidents” and protect “customers from over-notification and notice fatigue, specifically in instances where the carrier has reasonably determined that no harm is likely to occur.”

Senator: Telecoms should tell customers

US Sen. Ron Wyden (D-Ore.) this week criticized the carriers for having weak security and the FCC for “let[ting] phone companies write their own cybersecurity rules.” Wyden proposed legislation to beef up telecom security requirements.

A spokesperson for Wyden today said that carriers should notify the affected customers.

“Senator Wyden strongly supports the phone companies notifying their customers about the theft of their data,” the spokesperson told Ars. “Not only do Americans have a right to be told that their information was stolen, but this is useful information that could result in some consumers voting with their wallets and switching service to carriers that retain less data and or have better cybersecurity.”

Stanford University researchers collected and studied telephone metadata for a 2016 paper to determine how it could be used against customers. “Using crowdsourced telephone logs and social networking information, we find that telephone metadata is densely interconnected, susceptible to reidentification, and enables highly sensitive inferences,” they wrote.

Report: AT&T, Verizon aren’t notifying most victims of Chinese call-records hack Read More »

photobucket-opted-inactive-users-into-privacy-nightmare,-lawsuit-says

Photobucket opted inactive users into privacy nightmare, lawsuit says

Photobucket was sued Wednesday after a recent privacy policy update revealed plans to sell users’ photos—including biometric identifiers like face and iris scans—to companies training generative AI models.

The proposed class action seeks to stop Photobucket from selling users’ data without first obtaining written consent, alleging that Photobucket either intentionally or negligently failed to comply with strict privacy laws in states like Illinois, New York, and California by claiming it can’t reliably determine users’ geolocation.

Two separate classes could be protected by the litigation. The first includes anyone who ever uploaded a photo between 2003—when Photobucket was founded—and May 1, 2024. Another potentially even larger class includes any non-users depicted in photographs uploaded to Photobucket, whose biometric data has also allegedly been sold without consent.

Photobucket risks huge fines if a jury agrees with Photobucket users that the photo-storing site unjustly enriched itself by breaching its user contracts and illegally seizing biometric data without consent. As many as 100 million users could be awarded untold punitive damages, as well as up to $5,000 per “willful or reckless violation” of various statutes.

If a substantial portion of Photobucket’s entire 13 billion-plus photo collection is found infringing, the fines could add up quickly. In October, Photobucket estimated that “about half of its 13 billion images are public and eligible for AI licensing,” Business Insider reported.

Users suing include a mother of a minor whose biometric data was collected and a professional photographer in Illinois who should have been protected by one of the country’s strongest biometric privacy laws.

So far, Photobucket has confirmed that at least one “alarmed” Illinois user’s data may have already been sold to train AI. The lawsuit alleged that most users eligible to join the class action likely similarly only learned of the “conduct long after the date that Photobucket began selling, licensing, and/or otherwise disclosing Class Members’ biometric data to third parties.”

Photobucket opted inactive users into privacy nightmare, lawsuit says Read More »

report:-google-told-ftc-microsoft’s-openai-deal-is-killing-ai-competition

Report: Google told FTC Microsoft’s OpenAI deal is killing AI competition

Google reportedly wants the US Federal Trade Commission (FTC) to end Microsoft’s exclusive cloud deal with OpenAI that requires anyone wanting access to OpenAI’s models to go through Microsoft’s servers.

Someone “directly involved” in Google’s effort told The Information that Google’s request came after the FTC began broadly probing how Microsoft’s cloud computing business practices may be harming competition.

As part of the FTC’s investigation, the agency apparently asked Microsoft’s biggest rivals if the exclusive OpenAI deal was “preventing them from competing in the burgeoning artificial intelligence market,” multiple sources told The Information. Google reportedly was among those arguing that the deal harms competition by saddling rivals with extra costs and blocking them from hosting OpenAI’s latest models themselves.

In 2024 alone, Microsoft generated about $1 billion from reselling OpenAI’s large language models (LLMs), The Information reported, while rivals were stuck paying to train staff to move data to Microsoft servers if their customers wanted access to OpenAI technology. For one customer, Intuit, it cost millions monthly to access OpenAI models on Microsoft’s servers, The Information reported.

Microsoft benefits from the arrangement—which is not necessarily illegal—of increased revenue from reselling LLMs and renting out more cloud servers. It also takes a 20 percent cut of OpenAI’s revenue. Last year, OpenAI made approximately $3 billion selling its LLMs to customers like T-Mobile and Walmart, The Information reported.

Microsoft’s agreement with OpenAI could be viewed as anti-competitive if businesses convince the FTC that the costs of switching to Microsoft’s servers to access OpenAI technology is so burdensome that it’s unfairly disadvantaging rivals. It could also be considered harming the market and hampering innovation by seemingly disincentivizing Microsoft from competing with OpenAI in the market.

To avoid any disruption to the deal, however, Microsoft could simply point to AI models sold by Google and Amazon as proof of “robust competition,” The Information noted. The FTC may not buy that defense, though, since rivals’ AI models significantly fall behind OpenAI’s models in sales. Any perception that the AI market is being foreclosed by an entrenched major player could trigger intense scrutiny as the US seeks to become a world leader in AI technology development.

Report: Google told FTC Microsoft’s OpenAI deal is killing AI competition Read More »

micron’s-$6b-chips-funding-should-have-more-strings-attached,-critics-say

Micron’s $6B CHIPS funding should have more strings attached, critics say


Micron’s NY fabs are the only CHIPS projects undergoing full environmental review.

Micron Technology will receive more than $6.1 billion after the US Department of Commerce finalized one of the largest CHIPS Act awards ever to “the only US-based manufacturer of memory chips,” Vice President Kamala Harris said in a press statement.

Micron will use the funding to construct “several state-of-the-art memory chips facilities” in New York and Idaho, Harris said. The chipmaker has committed to a “$125 billion investment over the next few decades” and promised to create “at least 20,000 jobs,” Harris confirmed.

Additionally, Micron “agreed to preliminary terms for an additional investment of $275 million to expand” its facility in Manassas, Virginia, Harris confirmed. Those facilities will mostly be used to manufacture chips for automotive and defense industries, Harris noted.

Because of billions in CHIPS funding doled out by the Biden administration, Harris said, the US’s “share of advanced memory manufacturing” will go “from nearly 0 percent today to 10 percent over the next decade.”

The Semiconductor Industry Association, a trade and lobbying group that bills itself as “the voice of the semiconductor industry,” celebrated Micron’s award. In a press release, its president and CEO, John Neuffer, said that the award sets the US on a path to become a leading memory chip innovator.

“Memory is a technology critical to America’s economic future and national security, and Micron’s historic investments in producing memory chips in the US will strengthen US leadership for the long term,” Neuffer said.

In a statement, Micron President and CEO Sanjay Mehrotra said that “Micron is uniquely positioned to bring leading-edge memory manufacturing to the U.S., strengthening the country’s technology leadership and fostering advanced innovation.”

“Micron’s investments in domestic semiconductor manufacturing capabilities, supported by the bipartisan CHIPS Act, will help drive economic growth and ensure that the US remains at the forefront of technological advancements,” Mehrotra said.

Advocates: Micron needs to explain what a “good job” is

But while Neuffer joined Harris’ and the Commerce Department’s chorus, praising the award for creating “high-paying American jobs,” bolstering US national and economic security, and fueling “innovation for years to come,” communities are raising questions.

Advocates with Jobs to Move America (JMA)—who are organizing ahead of Micron’s New York construction starting in 2026—are concerned that Micron hasn’t been clear about what a “good job” is before moving into an area with “one of the highest poverty rates in the country.”

“There has been little discussion or firm commitments made regarding what exactly a ‘good job’ is, or how equitable access for said jobs will be achieved for current local residents,” JMA’s “Good Jobs Platform,” drafted earlier this year with more than 20 local advocacy groups, said.

“We define a ‘good job’ as one that guarantees: workers have a fair and clear process to organize a union without employer opposition, family-sustaining wages and comprehensive benefits, safe working conditions, equitable hiring and employment practices, and is supported by an accessible workforce pipeline,” the platform said.

And equally important are communities’ and workers’ health and safety concerns, the platform noted, urging that “a good job is a safe job.”

A senior researcher and policy coordinator for JMA, Anna Smith, told Ars that Harris’ statement was missing any mention of a community impact statement. And while Harris mentioned “utilizing project labor agreements and registered apprenticeship programs, which will further strengthen local economies” and “support workers,” more enforceable commitments are needed to protect communities as Micron’s construction begins, Smith said.

The “Good Jobs Platform” recommends a range of commitments, from labor peace agreements that would ensure workers can unionize to community workforce agreements keeping workers involved in key discussions regarding ongoing training and career development. Local labor leaders have sought similar commitments, urging Micron to commit to a community benefits agreement “that enshrines legally enforceable provisions that protect the community, its workers, and the environment.”

In his statement, Mehrotra said that Micron had formed local partnerships to build a “community investment framework” that would “revitalize central New York.”

Micron first CHIPS fabs to get full environmental review

More transparency is also urgently needed regarding Micron’s environmental commitments, advocates told Ars. In New York, Micron’s fabs are preparing to wipe out over 200 acres of mature forested wetlands, and so far, Micron has not provided a public “detailed mitigation plan to compensate for the loss,” a local environmental expert, Catherine Landis, warned during a public comment period on Micron’s plan to pave over the wetlands.

Unlike any other fab site in the US receiving CHIPS Act funding, Micron’s New York fabs must release a full environmental impact statement (EIS), which is currently being drafted and expected to be distributed to agencies this month, advocates told Ars. Construction has been delayed until the EIS is completed, at which point the public will gain a better understanding of how much harm could be caused by the project and what steps Micron will take to mitigate harms.

JMA has warned about potential impacts, like increased flooding in the area impacting both communities and Micron’s fabs. Destroying the wetlands will also displace federally protected endangered animal populations, JMA said, including the northern long-eared bat and the sedge wren. Potential chemical spills, reported at other US fabs, could endanger water quality, as could any mismanaged handling of chemical waste. And perhaps most critically, the energy demand to operate Micron’s facilities could risk setting back New York’s climate goals, JMA advocates said.

More transparency would help communities better prepare to welcome Micron and other chipmakers developing fabs across the US. JMA and local experts have agreed that the promised economic benefits Micron’s fabs will deliver in New York are a positive development, as are Micron’s commitments guaranteeing New York construction workers can unionize.

But communities will likely be the ones raising alarms as Micron’s operations introduce to the environment “thousands of compounds used in chip manufacture (most unregulated)” with “short- and long-term effects on plants, animals, people” still largely unknown, Landis said. And that’s where JMA hopes to make an impact, submitting freedom of information acts to request undisclosed data and pushing for community benefit agreements and other commitments from Micron to ensure communities aren’t irreversibly harmed by new fabs.

JMA expects that the EIS could help galvanize communities preparing for Micron’s construction to start in New York.

“I do think it is a really helpful tool that we have in our belt, and something that will help the public engage about concerns that we have,” Smith told Ars. “It spans, of course, air emissions, wastewater, runoff, toxics, wetlands, but it also includes things like housing and transportation, and those are things that we think that the Syracuse community is very concerned about.”

The EIS could mean that New York residents have a clearer understanding of how CHIPS funding may be polluting their communities. Most of the other communities nationwide impacted by CHIPS projects likely won’t have the same level of detailed information. Eric Romann, a JMA regional director, told Ars that, while “it’s positive that a higher bar has been set” for Micron’s New York project, that’s only “compared to the very low bar set for the other projects around the country, or you could say very low to non-existent bar.”

Micron declined to comment directly on workers’ concerns. In a statement provided to Ars, Micron’s spokesperson said that “Micron is committed to environmental stewardship across our global operations, including developing and maintaining critical environmental protections for our planned investment” in New York.

“A required environmental impact statement is currently in production with both federal and state lead agencies, and we are working closely with government stakeholders to ensure we meet any environmental permitting required for the project,” Micron’s spokesperson said. “We look forward to engaging with the public and government stakeholders during comment periods for the project’s draft environmental impact statement and environmental permitting in the near future.”

Photo of Ashley Belanger

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

Micron’s $6B CHIPS funding should have more strings attached, critics say Read More »

location-data-firm-helps-police-find-out-when-suspects-visited-their-doctor

Location data firm helps police find out when suspects visited their doctor

The intake form “was included in an email thread between a Fog representative and Bryan Kimbell, chief human trafficking investigator at the Office of the Attorney General in Georgia,” according to 404 Media.

Services like Fog Data Science have triggered concerns about how police might use location tracking to prosecute abortions. “For several thousand dollars annually, the software lets police trace unique borders around large, customized regions to generate a list of devices in the area. Police can use Fog Reveal to geofence entire buildings or street blocks—like the area surrounding an abortion clinic—and get information on devices used within and surrounding those buildings to identify suspects,” Ars wrote in November 2022.

The EFF’s 2022 investigation found that Fog obtained data from the firm Venntel, which is the subject of a Federal Trade Commission action. The FTC last week announced a proposed settlement with Venntel and its owner, Gravy Analytics. The FTC alleged that “Gravy Analytics and Venntel violated the FTC Act by unfairly selling sensitive consumer location data, and by collecting and using consumers’ location data without obtaining verifiable user consent for commercial and government uses.”

“Surreptitious surveillance by data brokers undermines our civil liberties and puts servicemembers, union workers, religious minorities, and others at risk,” Samuel Levine, director of the FTC Bureau of Consumer Protection, said in the announcement. According to the FTC, Gravy Analytics used geofencing “to identify and sell lists of consumers who attended certain events related to medical conditions and places of worship and sold additional lists that associate individual consumers to other sensitive characteristics.”

If the proposed order takes effect, “Gravy Analytics and Venntel will be prohibited from selling, disclosing, or using sensitive location data in any product or service, and must establish a sensitive data location program,” the FTC said. One of the FTC’s two Republicans partially dissented from the decision, which may not be finalized until after President-elect Trump takes office.

Location data firm helps police find out when suspects visited their doctor Read More »

apple-hit-with-$1.2b-lawsuit-after-killing-controversial-csam-detecting-tool

Apple hit with $1.2B lawsuit after killing controversial CSAM-detecting tool

When Apple devices are used to spread CSAM, it’s a huge problem for survivors, who allegedly face a range of harms, including “exposure to predators, sexual exploitation, dissociative behavior, withdrawal symptoms, social isolation, damage to body image and self-worth, increased risky behavior, and profound mental health issues, including but not limited to depression, anxiety, suicidal ideation, self-harm, insomnia, eating disorders, death, and other harmful effects.” One survivor told The Times she “lives in constant fear that someone might track her down and recognize her.”

Survivors suing have also incurred medical and other expenses due to Apple’s inaction, the lawsuit alleged. And those expenses will keep piling up if the court battle drags on for years and Apple’s practices remain unchanged.

Apple could win, a lawyer and policy fellow at the Stanford Institute for Human-Centered Artificial Intelligence, Riana Pfefferkorn, told The Times, as survivors face “significant hurdles” seeking liability for mishandling content that Apple says Section 230 shields. And a win for survivors could “backfire,” Pfefferkorn suggested, if Apple proves that forced scanning of devices and services violates the Fourth Amendment.

Survivors, some of whom own iPhones, think that Apple has a responsibility to protect them. In a press release, Margaret E. Mabie, a lawyer representing survivors, praised survivors for raising “a call for justice and a demand for Apple to finally take responsibility and protect these victims.”

“Thousands of brave survivors are coming forward to demand accountability from one of the most successful technology companies on the planet,” Mabie said. “Apple has not only rejected helping these victims, it has advertised the fact that it does not detect child sex abuse material on its platform or devices thereby exponentially increasing the ongoing harm caused to these victims.”

Apple hit with $1.2B lawsuit after killing controversial CSAM-detecting tool Read More »