Policy

trains-were-designed-to-break-down-after-third-party-repairs,-hackers-find

Trains were designed to break down after third-party repairs, hackers find

DRM, gps tracker, Newag, Poland, Policy, right to repair, trains / /

Unlocking the secret —

The train manufacturer accused the hackers of slander.

Dragon Sector uploaded a video to social media after discovering an

Enlarge / Dragon Sector uploaded a video to social media after discovering an “undocumented ‘unlock code’ which you could enter from the train driver’s panel” fixed “mysterious issues” impacting trains in Poland.

An unusual right-to-repair drama is disrupting railroad travel in Poland despite efforts by hackers who helped repair trains that allegedly were designed to stop functioning when serviced by anyone but Newag, the train manufacturer.

Members of an ethical hacking group called Dragon Sector, including Sergiusz Bazański and Michał Kowalczyk, were called upon by a train repair shop, Serwis Pojazdów Szynowych (SPS), to analyze train software in June 2022. SPS was desperate to figure out what was causing “mysterious failures” that shut down several vehicles owned by Polish train operator the Lower Silesian Railway, Polish infrastructure trade publication Rynek Kolejowy reported. At that point, the shortage of trains had already become “a serious problem” for carriers and passengers, as fewer available cars meant shorter trains and reduced rider capacity, Rynek Kolejowy reported.

Dragon Sector spent two months analyzing the software, finding that “the manufacturer’s interference” led to “forced failures and to the fact that the trains did not start,” and concluding that bricking the trains “was a deliberate action on Newag’s part.”

According to Dragon Sector, Newag entered code into the control systems of Impuls trains to stop them from operating if a GPS tracker indicated that the train was parked for several days at an independent repair shop.

The trains “were given the logic that they would not move if they were parked in a specific location in Poland, and these locations were the service hall of SPS and the halls of other similar companies in the industry,” Dragon Sector’s team alleged. “Even one of the SPS halls, which was still under construction, was included.”

The code also allegedly bricked the train if “certain components had been replaced without a manufacturer-approved serial number,” 404 Media reported.

In a statement, Newag denied developing any so-called “workshop-detection” software that caused “intentional failures” and threatened to sue Dragon Sector for slander and for violating hacking laws.

“Hacking IT systems is a violation of many legal provisions and a threat to railway traffic safety,” Newag said, insisting that the hacked trains be removed from use because they now pose alleged safety risks. Newag’s safety claims are still unsubstantiated, 404 Media reported.

“We categorically deny and negate Newag’s uploading of any functionality in vehicle control systems that limits or prevents the proper operation of vehicles, as well as limiting the group of entities that can provide maintenance or repair services,” Newag’s statement said. According to Newag, Dragon Sector’s report shouldn’t be trusted because it was commissioned by one of Newag’s biggest competitors.

Dragon Sector maintains that the evidence supports its conclusions. Bazański posted on Mastodon that “these trains were locking up for arbitrary reasons after being serviced at third-party workshops. The manufacturer argued that this was because of malpractice by these workshops, and that they should be serviced by them instead of third parties.” In some cases, Bazański wrote, Newag “appeared to be able to lock the train remotely.”

Newag has said that “any remote intervention” is “virtually impossible.”

Lawsuit threats fails to silence hackers

Dragon Sector got the trains running after discovering “an undocumented ‘unlock code’ which you could enter from the train driver’s panel which magically fixed the issue,” Dragon Sector’s team told 404 Media.

Newag has maintained that it has never and will never “introduce into the software of our trains any solutions that lead to intentional failures.”

“We do not know who interfered with the train control software, using what methods and what qualifications,” Newag said. “We also notified the Office of Rail Transport about this so that it could decide to withdraw from service the sets subjected to the activities of unknown hackers.”

Dragon Sector and SPS have denied interfering with the train’s control systems.

While Newag has contacted authorities to investigate the hacking, Janusz Cieszyński, Poland’s former minister of digital affairs, posted on X that the evidence appears to weigh against Newag.

“The president of Newag contacted me,” Cieszyński wrote. “He claims that Newag fell victim to cybercriminals and it was not an intentional action by the company. The analysis I saw indicated something else, but for the sake of clarity, I will write about everything.

Newag president Zbigniew Konieczek said that “no evidence was provided that our company intentionally installed the faulty software. In our opinion, the truth may be completely different—that, for example, the competition interfered with the software.”

Konieczek also accused Cieszyński of disseminating “false and highly harmful information about Newag.”

404 Media noted that Newag appeared to be following a common playbook in the right-to-repair world where manufacturers intimidate competitor repair shops with threatened lawsuits and unsubstantiated claims about safety risks of third-party repairs. So far, Dragon Sector does not appear intimidated, posting its success on YouTube and discussing its findings at Poland’s Oh My H@ck conference in Warsaw. The group is also planning “a more detailed presentation” for the 37th Chaos Communication Congress in Hamburg, Germany, at the end of December, The Register reported.

Because of the evidence gathered during their analysis, the Dragon Sector team has doubts about whether Newag will actually follow through with the lawsuit.

“Their defense line is really poor, and they would have no chance defending it,” Kowalczk told 404 Media. “They probably just want to sound scary in the media.”

Trains were designed to break down after third-party repairs, hackers find Read More »

spacex-blasts-fcc-as-it-refuses-to-reinstate-starlink’s-$886-million-grant

SpaceX blasts FCC as it refuses to reinstate Starlink’s $886 million grant

FCC, Policy, spacex starlink / /
A Starlink broadband satellite dish placed outside on the ground.

Enlarge / Starlink satellite dish.

Getty Images | olegda88

SpaceX is furious at the Federal Communications Commission after the agency refused to reinstate an $886 million broadband grant that was tentatively awarded to Starlink during the previous administration.

The FCC announced yesterday that it rejected SpaceX’s appeal. “The FCC followed a careful legal, technical and policy review to determine that this applicant had failed to meet its burden to be entitled to nearly $900 million in universal service funds for almost a decade,” FCC Chairwoman Jessica Rosenworcel said.

In December 2020, shortly before the departure of then-FCC Chairman Ajit Pai, Starlink was tentatively awarded $885.51 million in broadband funding from the Rural Digital Opportunity Fund (RDOF). But the satellite provider still needed FCC approval of a long-form application to receive the money, which is meant to subsidize deployment in areas with little or no high-speed broadband access.

The Rosenworcel FCC rejected the long-form application in August 2022, and SpaceX appealed the decision the next month. The FCC also rejected the long-form application of LTD Broadband, a fixed wireless provider that was originally slated to get $1.3 billion. LTD recently renamed itself “GigFire.”

The Starlink and LTD rejections were the two biggest changes to a $9.2 billion round of grants that, in the Rosenworcel FCC’s words, fueled “complaints that the program was poised to fund broadband to parking lots and well-served urban areas.” The FCC denied LTD’s appeal last week and proposed a fine of $21.7 million for defaulting on grant bids.

SpaceX “disappointed and perplexed”

After yesterday’s Starlink denial, SpaceX quickly filed a response saying the company “is deeply disappointed and perplexed by the Commission’s decision to exclude SpaceX’s Starlink satellite broadband service from the Rural Digital Opportunity Fund.”

“This decision directly undermines the very goal of RDOF: to connect unserved and underserved Americans,” SpaceX told the FCC. “Starlink is demonstrably one of the best options—likely the best option—to accomplish the goals of RDOF. Indeed, Starlink is arguably the only viable option to immediately connect many of the Americans who live and work in the rural and remote areas of the country where high-speed, low-latency Internet has been unreliable, unaffordable, or completely unavailable, the very people RDOF was supposed to connect.”

We asked SpaceX whether it plans to appeal in court and will update this article if we get an answer.

Starlink’s grant was intended to subsidize deployment to 642,925 rural homes and businesses in 35 states. The August 2022 ruling that rejected the grant called Starlink a “nascent LEO [low Earth orbit] satellite technology” with “recognized capacity constraints.” The FCC questioned Starlink’s ability to consistently provide low-latency service with the required download speeds of 100Mbps and upload speeds of 20Mbps.

In rejecting SpaceX’s appeal, yesterday’s FCC order said the agency’s Wireline Competition Bureau “followed Commission guidance and correctly concluded that Starlink is not reasonably capable of offering the required high-speed, low-latency service throughout the areas where it won auction support.”

SpaceX CEO Elon Musk has acknowledged Starlink’s capacity limits several times, saying for example that it will face “a challenge [serving everyone] when we get into the several million user range.”

SpaceX blasts FCC as it refuses to reinstate Starlink’s $886 million grant Read More »

ted-cruz-wants-to-stop-the-fcc-from-updating-data-breach-notification-rules

Ted Cruz wants to stop the FCC from updating data-breach notification rules

data breach, federal communications commission, Policy, ted cruz / /
Sen. Ted Cruz speaks at a Senate committee hearing while holding up three fingers.

Enlarge / Sen. Ted Cruz (R-Texas) at a Senate Judiciary Committee hearing on Thursday, November 30, 2023.

Getty Images | Bill Clark

Sen. Ted Cruz (R-Texas) and other Republican senators are fighting a Federal Communications Commission plan to impose new data-breach notification requirements on telecom providers. In a letter sent to FCC Chairwoman Jessica Rosenworcel today, the senators claim the pending FCC action would violate a congressional order.

The letter was sent by Cruz, Sen. Minority Leader Mitch McConnell (R-Ky.), Sen. John Thune (R-S.D.), and Sen. Marsha Blackburn (R-Tenn.). They say the proposed data-breach notification rules are preempted by an action Congress took in 2017 to kill an assortment of privacy and security rules issued by the FCC.

The Congressional Review Act (CRA) was used in 2017 by Congress and then-President Donald Trump to throw out rules that would have required home Internet and mobile broadband providers to get consumers’ opt-in consent before using, sharing, or selling Web browsing history, app usage history, and other private information.

The invalidated FCC rules also included data-breach notification requirements that are similar to those the current FCC now plans to impose. The FCC already enforces data-breach notification requirements, but the pending proposal would expand the scope of those rules.

Rosenworcel’s data-breach proposal is scheduled for a vote at tomorrow’s commission meeting, and it may ultimately be up to the courts to decide whether it violates the 2017 congressional resolution. The Republican senators urged the FCC to rescind the draft plan and remove it from the meeting agenda.

Cruz also protested a recent FCC vote to enforce rules that prohibit discrimination in access to broadband services, calling it “government-mandated affirmative action and race-based pricing.”

Republicans: FCC plan “clearly unlawful”

When an agency-issued rule is nullified by a Congressional Review Act resolution, that rule “may not be reissued in substantially the same form” without authorization from Congress. The key legal question seems to be whether the FCC can re-implement one portion of the nullified rules as long as it doesn’t bring back the entire privacy order.

Cruz and fellow Republicans say that Rosenworcel’s plan would “resurrect a portion of the 2016 Broadband Privacy Order pertaining to data security.”

“This is clearly unlawful: the FCC’s proposed rules in the Report and Order are clearly ‘substantially similar’ to the nullified 2016 rules,” they wrote. “Specifically, the requirements in the Report and Order governing notification to the FCC, law enforcement, and consumers, as well as the recordkeeping requirements with respect to breaches and notifications, are substantially similar to the notification and recordkeeping requirements disapproved by Congress.”

The FCC proposal anticipates this argument but says the agency believes it can re-implement part of the Obama-era privacy order:

We conclude that it would be erroneous to construe the resolution of disapproval as applying to anything other than all of the rule revisions, as a whole, adopted as part of the 2016 Privacy Order. That resolution had the effect of nullifying each and every provision of the 2016 Privacy Order—each part being, under the APA [Administrative Procedure Act], “a rule”—but not “the rule” specified in the resolution of disapproval. By its terms, the CRA does not prohibit the adoption of a rule that is merely substantially similar to a limited portion of the disapproved rule or one that is the same as individual pieces of the disapproved rule.

Thus, according to the FCC proposal, the resolution “does not prohibit the Commission from revising its breach notification rules in ways that are similar to, or even the same as, some of the revisions that were adopted in the 2016 Privacy Order, unless the revisions adopted are the same, in substance, as the 2016 Privacy Order as a whole.”

Ted Cruz wants to stop the FCC from updating data-breach notification rules Read More »

cvs,-rite-aid,-walgreens-hand-out-medical-records-to-cops-without-warrants

CVS, Rite Aid, Walgreens hand out medical records to cops without warrants

Amazon, cops, cvs, health, health privacy, HHS, HIPAA, law enforcement, Medical records, pharmacy, Policy, prescription drugs, rite aid, Science, Walgreens, warrant / /

prescription for privacy —

Lawmakers want HHS to revise health privacy law to require warrants.

CVS, Rite Aid, Walgreens hand out medical records to cops without warrants

All of the big pharmacy chains in the US hand over sensitive medical records to law enforcement without a warrant—and some will do so without even running the requests by a legal professional, according to a congressional investigation.

The revelation raises grave medical privacy concerns, particularly in a post-Dobbs era in which many states are working to criminalize reproductive health care. Even if people in states with restrictive laws cross state lines for care, pharmacists in massive chains, such as CVS, can access records across borders.

Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.), and Rep. Sara Jacobs (D-Calif.)—said their investigation pulled information from briefings with eight big prescription drug suppliers.

They include the seven largest pharmacy chains in the country: CVS Health, Walgreens Boots Alliance, Cigna, Optum Rx, Walmart Stores, Inc., The Kroger Company, and Rite Aid Corporation. The lawmakers also spoke with Amazon Pharmacy.

All eight of the pharmacies said they do not require law enforcement to have a warrant prior to sharing private and sensitive medical records, which can include the prescription drugs a person used or uses and their medical conditions. Instead, all the pharmacies hand over such information with nothing more than a subpoena, which can be issued by government agencies and does not require review or approval by a judge.

Three pharmacies—CVS Health, The Kroger Company, and Rite Aid Corporation—told lawmakers they didn’t even require their pharmacy staff to consult legal professionals before responding to law enforcement requests at pharmacy counters. According to the lawmakers, CVS, Kroger, and Rite Aid said that “their pharmacy staff face extreme pressure to immediately respond to law enforcement demands and, as such, the companies instruct their staff to process those requests in store.”

The rest of the pharmacies—Amazon, Cigna, Optum Rx, Walmart, and Walgreens Boots Alliance—at least require that law enforcement requests be reviewed by legal professionals before pharmacists respond. But, only Amazon said it had a policy of notifying customers of law enforcement demands for pharmacy records unless there were legal prohibitions to doing so, such as a gag order.

HIPAA and transparency

The lawmakers note that the pharmacies aren’t violating regulations under the Health Insurance Portability and Accountability Act (HIPAA). The pharmacies pointed to language in HIPAA regulations that allow health care providers, including pharmacists, to provide medical records if required by law, with subpoenas being a sufficient legal process for such a request. However, the lawmakers note that the HHS has discretion in determining the legal standard here—that is, it has the power to strengthen the regulation to require a warrant, which the lawmakers say it should do.

“We urge HHS to consider further strengthening its HIPAA regulations to more closely align them with Americans’ reasonable expectations of privacy and Constitutional principles,” the three lawmakers wrote.

They also pushed for pharmacies to do better, encouraging them to follow the lead of tech companies. “Pharmacies can and should insist on a warrant, and invite law enforcement agencies that insist on demanding patient medical records with solely a subpoena to go to court to enforce that demand. The requirement for a warrant is exactly the approach taken by tech companies to protect customer privacy.” The trio noted that Google, Microsoft, and Yahoo have since 2010 required law enforcement to have a warrant to obtain customers’ emails.

Also noting tech companies’ lead, the lawmakers encouraged pharmacies to publish annual transparency reports. In the course of the investigation, only CVS Health said it planned to do so.

“Americans deserve to have their private medical information protected at the pharmacy counter and a full picture of pharmacies’ privacy practices, so they can make informed choices about where to get their prescriptions filled,” the lawmakers wrote.

For now, HIPAA regulations grant patients the right to know who is accessing their health records. But, to do so, patients have to specifically request that information—and almost no one does that. “Last year, CVS Health, the largest pharmacy in the nation by total prescription revenue, only received a single-digit number of such consumer requests,” the lawmakers noted.

“The average American is likely unaware that this is even a problem,” the lawmakers said.

CVS, Rite Aid, Walgreens hand out medical records to cops without warrants Read More »

tesla-again-threatens-to-sue-cybertruck-buyers-who-try-to-resell-the-cars

Tesla again threatens to sue Cybertruck buyers who try to resell the cars

Cars, Policy, Tesla Cybertruck / /

Do not sell happy fun truck —

Clause deleted from public version of terms is in the contract sent to buyers.

Tesla's boxy cybertruck displayed outdoors in New York.

Enlarge / Tesla Cybertruck displayed at Lincoln Center in New York.

Getty Images | Roman Tiraspolsky

Tesla has revived a contract clause that says the electric carmaker could sue Cybertruck buyers for $50,000 or more if they resell during their first year of ownership.

As we reported a month ago, the Cybertruck-only clause was added to the public version of Tesla’s Motor Vehicle Order Agreement Terms & Conditions and then deleted after the lawsuit threat attracted some attention. But now, people who ordered the limited launch edition “Foundation Series” Cybertruck say the order agreement they received from Tesla has the clause added back in.

The clause says Cybertruck buyers must offer the car back to Tesla at a reduced price before any attempt to resell the vehicle within one year of delivery. If Tesla declines to buy the Cybertruck back, the owner could resell it only if Tesla provides “written consent.”

“You agree that in the event you breach this provision, or Tesla has reasonable belief that you are about to breach this provision, Tesla may seek injunctive relief to prevent the transfer of title of the Vehicle or demand liquidated damages from you in the amount of $50,000 or the value received as consideration for the sale or transfer, whichever is greater. Tesla may also refuse to sell you any future vehicles,” the clause said.

Ars was contacted by one Cybertruck buyer who provided us with a copy of the order agreement he received after submitting a $122,135 order. The agreement received by this buyer contains the resale-lawsuit clause that was deleted last month from the public version of the order agreement. The public version has a rule against quick resales but not a specific lawsuit threat.

The buyer told us that he paid a $250 order fee on Friday and previously paid a $100 reservation fee. According to the order agreement, Tesla doesn’t have to refund those types of fees if a buyer cancels a purchase after submitting a completed order.

Invitations to order sent Friday

The clause’s reappearance was also confirmed Friday in a post on a Cybertruck buyers forum. People who made early Cybertruck reservations received their invitations to order the limited-availability Foundation Series edition on Friday.

As an Electrek article notes, it’s unclear whether the clause applies only to the Foundation Series version of the Cybertruck. “It might just be for the Foundation series, or might be for all Cybertrucks for a while—until it is available in more than ‘limited quantity,'” the article said.

The public version of Tesla’s Cybertruck pre-order agreement has an anti-resale clause that says the company “may unilaterally cancel any order that we believe has been made with a view toward resale of the Vehicle or that has otherwise been made in bad faith.” That version doesn’t include the lawsuit threat that was sent to buyers.

One person who posted in the Cybertruck forum was unhappy that they only received the version of the order agreement with the lawsuit warning after paying a $250 order fee. The buyer who provided us with a copy of his order agreement called it “ridiculous” that the clause “is not in bold print on the order page.”

The $120,000 Foundation Series is reportedly limited to 1,000 cars. Tesla’s website says the Cybertruck versions costing $68,890 and $96,390 will be available in 2024, and a $49,890 version will be available in 2025.

Tesla again threatens to sue Cybertruck buyers who try to resell the cars Read More »

opec-members-keep-climate-accords-from-acknowledging-reality

OPEC members keep climate accords from acknowledging reality

carbon emissions, climate change, COP28, fossil fuels, paris agreement, Policy, Science, UN / /

Avoiding the truth —

COP28 agreement draft no longer includes calls to phase out fossil fuels.

Image of a person standing in front of a doorway with

Enlarge / Saudi Arabia’s presence at COP28 has reportedly been used to limit progress on fossil fuel cutbacks.

Oil-producing countries are apparently succeeding in their attempts to eliminate language from an international climate agreement that calls for countries to phase out the use of fossil fuels. Draft forms of the agreement had included text that called upon the countries that are part of the Paris Agreement to work toward “an orderly and just phase out of fossil fuels.” Reports now indicate that this text has gone missing from the latest versions of the draft.

The agreement is being negotiated at the United Nations’ COP28 climate change conference, taking place in the United Arab Emirates. The COP, or Conference of the Parties, meetings are annual events that attempt to bring together UN members to discuss ways to deal with climate change. They were central to the negotiations that brought about the Paris Agreement, which calls for participants to develop plans that should bring the world to net-zero emissions by the middle of the century.

Initial plans submitted by countries would lower the world’s greenhouse gas emissions, but not by nearly enough to reach net zero. However, the agreement included mechanisms by which countries would continue to evaluate their progress and submit more stringent goals. So, additional COP meetings have included what’s termed a “stocktake” to evaluate where countries stand, and statements are issued to encourage and direct future actions.

The language of that statement needs to be agreed upon by every party and is invariably contentious. This year’s statement has been especially difficult, as early drafts (such as this one) included the potential to call for parties to stop using fossil fuels, along with a separate, vague alternative:

Option 1: An orderly and just phase out of fossil fuels;

Option 2: Accelerating efforts toward phasing out unabated fossil fuels and to rapidly reducing their use so as to achieve net zero CO2 in energy systems by or around mid-century;

Option 3: No text.

The “unabated” language in the alternative is widely interpreted as referring to abatement via the use of large-scale carbon capture to offset the emissions from continued fossil fuel use.

While we know that carbon capture can work, it has not been tried at large scales, much less on anything close to the scales needed to offset continued fossil fuel use. Critical details like the capacity and stability of different storage options haven’t been worked out, nor has the very tricky question of who will be paying to operate all the infrastructure that would be required for it to work.

As a result, carbon capture is not generally considered a viable option for offsetting anything more than a few difficult-to-decarbonize use cases, such as international shipping. Which why most countries and NGOs are supporting the UN’s secretary-general, who promoted the alternate language calling for a phase-out of fossil fuels.

Most, but not all. One notable NGO, OPEC, directly called on its members to reject any language that targeted fossil fuels. And a prominent OPEC member, Saudia Arabia, appears to have been trying to block any deals that would include that language, in part by bogging down all negotiations at COP28. Matters weren’t helped when a video surfaced that showed the conference’s host, Sultan Al Jaber, saying that there was “no science” behind calls to phase out fossil fuels, although he quickly disavowed that position.

The loss of Option 1 from the latest drafts is a sign that oil-producing nations have succeeded. Which in turn indicates that they have no intention of slowing production even as indications of continued warming and its consequences have grown ever more dramatic. It will also provide cover for many other countries that may be looking for excuses to act.

That said, the same draft includes several actions that do not have any alternative language and call for countries to take significant actions:

  • Triple renewable energy capacity by 2030.
  • Double the annual rate of energy efficiency improvements.
  • Immediately stop issuing permits for coal plants that do not include carbon capture and rapidly phase out any existing plants of this sort.
  • Rapidly phase in zero-emissions vehicles.
  • Eliminate fossil fuel subsidies.

Negotiations are ongoing, and that draft is nearly a week old, but it may indicate that some positive things could be accomplished while everyone is distracted by arguments over the phase-out of fossil fuels.

OPEC members keep climate accords from acknowledging reality Read More »

after-losing-everywhere-else,-elon-musk-asks-scotus-to-get-sec-off-his-back

After losing everywhere else, Elon Musk asks SCOTUS to get SEC off his back

elon musk, elon musk sec, Policy, Supreme Court / /

Musk v. SEC —

Musk’s last-ditch effort to terminate settlement over “funding secured” tweets.

Elon Musk on stage at an event, resting his chin on his hand

Enlarge / Elon Musk at an AI event with Britain Prime Minister Rishi Sunak in London on Thursday, Nov. 2, 2023.

Getty Images | WPA Pool

Elon Musk yesterday appealed to the Supreme Court in a last-ditch effort to terminate his settlement with the Securities and Exchange Commission. Musk has claimed he was coerced into the deal with the SEC and that it violates his free speech rights, but the settlement has been upheld by every court that’s reviewed it so far.

In his petition asking the Supreme Court to hear the case, Musk said the SEC settlement forced him to “waive his First Amendment rights to speak on matters ranging far beyond the charged violations.”

The SEC case began after Musk’s August 2018 tweets stating, “Am considering taking Tesla private at $420. Funding secured” and “Investor support is confirmed. Only reason why this is not certain is that it’s contingent on a shareholder vote.” The SEC sued Musk and Tesla, saying the tweets were false and “led to significant market disruption.”

The settlement required Musk and Tesla to each pay $20 million in penalties, forced Musk to step down from his board chairman post, and required Musk to get Tesla’s pre-approval for tweets or other social media posts that may contain information material to the company or its shareholders.

Musk told the Supreme Court that the need to get pre-approval for tweets “is a quintessential prior restraint that the law forbids.”

In the settlement, “the SEC demanded that Mr. Musk refrain indefinitely from making any public statements on a wide range of topics unless he first received approval from a securities lawyer,” Musk’s petition said. “Only months later, the SEC sought to hold Mr. Musk in contempt of court on the basis that Mr. Musk allegedly had not obtained such approval for a post on Twitter (now X). In effect, the SEC sought contempt sanctions—up to and including imprisonment—for Mr. Musk’s exercise of his First Amendment rights.”

Musk’s court losses

In April 2022, Musk’s attempt to get out of the settlement was rejected by a US District Court judge. Musk appealed to the US Court of Appeals for the 2nd Circuit, but a three-judge panel unanimously ruled against him in May 2023. Musk asked the appeals court for an en banc rehearing in front of all the court’s judges, but that request was denied in July, leaving the Supreme Court as his only remaining option.

The 2nd Circuit panel ruling dismissed Musk’s argument that the settlement is a “prior restraint” on his speech, writing that “Parties entering into consent decrees may voluntarily waive their First Amendment and other rights.” The judges also saw “no evidence to support Musk’s contention that the SEC has used the consent decree to conduct bad-faith, harassing investigations of his protected speech.”

There is no guarantee that the Supreme Court will take up Musk’s case. Musk’s petition says the case presents the constitutional question of whether “a party’s acceptance of a benefit prevents that party from contending that the government violated the unconstitutional conditions doctrine in requiring a waiver of constitutional rights in exchange for that benefit.”

Musk argues that his settlement violates the unconstitutional conditions doctrine, which “limits the government’s ability to condition benefits on the relinquishment of constitutional rights.” He says his case also presents the question of “whether the government can insulate its demands that settling defendants waive constitutional rights from judicial scrutiny.”

“This petition presents an apt opportunity for the Court to clarify that government settlements are not immune from constitutional scrutiny, to the immediate benefit of the hundreds of defendants who settle cases with the SEC each year,” Musk’s petition said.

Musk complains about SEC investigations

Musk claims he is burdened with an “ever-present chilling effect that results from the pre-approval provision” and complained that the SEC has continued to investigate him. “In the past three years, the SEC has at all times kept at least one investigation open regarding Mr. Musk or Tesla. The SEC’s actions—in seeking contempt and then maintaining a steady stream of investigations—chills Mr. Musk’s speech,” the petition said.

As previously noted, the 2nd Circuit appeals court judges did not think the SEC investigations of Musk had gone too far. “To the contrary, the record indicates that the SEC has opened just three inquiries into Musk’s tweets since 2018,” the May 2023 appeals court decision said. The first of those three investigations led to the settlement that Musk is trying to get out of. The second and third investigations sought information about tweets in 2019 and 2021.

Although Musk has repeatedly lost his attempts to undo the SEC settlement, he prevailed against a class-action lawsuit that sought financial damages for Tesla shareholders. The judge in that case ruled that Musk’s tweets about having secured funding to take Tesla private were false and reckless, but a jury sided with Musk on the questions of whether he knew the tweets were false and whether they caused Tesla investors to lose money.

Despite the class-action suit’s failure, Tesla investors are getting some money. The $40 million in fines paid to the SEC by Musk and Tesla, plus interest, is in the process of being distributed to investors.

After losing everywhere else, Elon Musk asks SCOTUS to get SEC off his back Read More »

verizon-fell-for-fake-“search-warrant,”-gave-victim’s-phone-data-to-stalker

Verizon fell for fake “search warrant,” gave victim’s phone data to stalker

Policy, stalking, verizon, verizon wireless / /
A Verizon logo on top of a black background.

Enlarge / A Verizon logo at GSMA Mobile World Congress 2019 on February 26, 2019 in Barcelona, Spain.

Verizon Wireless gave a female victim’s address and phone logs to an alleged stalker who pretended to be a police officer, according to an affidavit filed by an FBI special agent. The man, Robert Michael Glauner, was later arrested near the victim’s home and found to be carrying a knife at the time, according to the affidavit submitted in court yesterday.

Glauner allegedly traveled from New Mexico to Raleigh, North Carolina, after finding out where she lived and, before arriving, sent a threatening message that said, “if I can’t have you no one can.” He also allegedly threatened to send nude photos of the victim to her family members.

Glauner was charged yesterday with stalking and fraud “in connection with obtaining confidential phone records” in US District Court for the Eastern District of North Carolina. We aren’t posting or linking directly to the court record because it seems to contain the victim’s home address. The incident was previously reported by 404 Media.

Glauner and the victim met in August or September 2023 on xhamster.com, a porn website with dating features, and “had an online romantic relationship,” the affidavit said. The victim ended the relationship, but Glauner “continued to contact or try to contact” her, the document said.

Glauner tricked Verizon into providing sensitive information by sending an email and fake search warrant to [email protected], the email address for the Verizon Security Assistance Team (VSAT), which handles legal requests. Verizon didn’t realize the request was fraudulent even though it came from a Proton Mail address rather than from a police department or other governmental agency, according to the affidavit filed yesterday by FBI Special Agent Michael Neylon.

Fake cop, forged judge’s signature

An email to Verizon from “[email protected]” on September 26, 2023, said, “Here is the pdf file for search warrant. We are in need if the [sic] this cell phone data as soon as possible to locate and apprehend this suspect. We also need the full name of this Verizon subscriber and the new phone number that has been assigned to her. Thank you.”

The email’s attached document contained a fake affidavit written by “Detective Steven Cooper” of the Cary, North Carolina Police Department. The Cary Police Department confirmed that no officer named Steven Cooper is employed by their agency, Neylon wrote.

VSAT received a phone call the same day from a man identifying himself as Cooper, who stated that he needed information on a suspect in a homicide case. “The caller stated that the person involved changed her phone number,” Neylon wrote.

The fake affidavit asked for the new phone number as well as “call records both outgoing and incoming” and “locations and text messages incoming and outgoing.” The affidavit for a search warrant was supposedly approved by Superior Court Judge Gale Adams.

Adams is a real judge and she later confirmed to authorities “that the signature displayed on the document was not hers,” Neylon wrote. Neylon’s affidavit also said the “search warrant” was “not in the proper format and does not have form AOC-CR-119, as required for State of North Carolina search warrants.”

Verizon provides address and phone logs

But after reviewing the email and document sent by “Cooper,” Verizon provided an address and phone logs. “On October 5, 2023, Verizon Wireless provided Victim 1’s phone records, including address and phone logs, to Glauner,” according to Neylon’s affidavit.

Verizon’s website says that the Verizon Security Assistance Team ensures that “court orders, search warrants, subpoenas and other legal demands served upon Verizon are processed confidentially and in compliance with all applicable law.”

“Verizon Security Assistance Team will only accept valid legal demands (subpoena, court order or search warrant) for records,” the VSAT webpage says.

We contacted Verizon about the incident today and will update this article if we get a response. A Verizon spokesperson told 404 Media that the company is cooperating with law enforcement on this matter.

Verizon fell for fake “search warrant,” gave victim’s phone data to stalker Read More »