Policy – Page 34

Slack users horrified to discover messages used for AI training

AI, AI training, AI training data, Artificial Intelligence, chat app, machine learning, Policy, slack, slack ai / Kris Guyer / May 19, 2024

After launching Slack AI in February, Slack appears to be digging its heels in, defending its vague policy that by default sucks up customers’ data—including messages, content, and files—to train Slack’s global AI models.

According to Slack engineer Aaron Maurer, Slack has explained in a blog that the Salesforce-owned chat service does not train its large language models (LLMs) on customer data. But Slack’s policy may need updating “to explain more carefully how these privacy principles play with Slack AI,” Maurer wrote on Threads, partly because the policy “was originally written about the search/recommendation work we’ve been doing for years prior to Slack AI.”

Maurer was responding to a Threads post from engineer and writer Gergely Orosz, who called for companies to opt out of data sharing until the policy is clarified, not by a blog, but in the actual policy language.

“An ML engineer at Slack says they don’t use messages to train LLM models,” Orosz wrote. “My response is that the current terms allow them to do so. I’ll believe this is the policy when it’s in the policy. A blog post is not the privacy policy: every serious company knows this.”

The tension for users becomes clearer if you compare Slack’s privacy principles with how the company touts Slack AI.

Slack’s privacy principles specifically say that “Machine Learning (ML) and Artificial Intelligence (AI) are useful tools that we use in limited ways to enhance our product mission. To develop AI/ML models, our systems analyze Customer Data (e.g. messages, content, and files) submitted to Slack as well as other information (including usage information) as defined in our privacy policy and in your customer agreement.”

Meanwhile, Slack AI’s page says, “Work without worry. Your data is your data. We don’t use it to train Slack AI.”

Because of this incongruity, users called on Slack to update the privacy principles to make it clear how data is used for Slack AI or any future AI updates. According to a Salesforce spokesperson, the company has agreed an update is needed.

“Yesterday, some Slack community members asked for more clarity regarding our privacy principles,” Salesforce’s spokesperson told Ars. “We’ll be updating those principles today to better explain the relationship between customer data and generative AI in Slack.”

The spokesperson told Ars that the policy updates will clarify that Slack does not “develop LLMs or other generative models using customer data,” “use customer data to train third-party LLMs” or “build or train these models in such a way that they could learn, memorize, or be able to reproduce customer data.” The update will also clarify that “Slack AI uses off-the-shelf LLMs where the models don’t retain customer data,” ensuring that “customer data never leaves Slack’s trust boundary, and the providers of the LLM never have any access to the customer data.”

These changes, however, do not seem to address a key concern for users who never explicitly consented to sharing chats and other Slack content for use in AI training.

Users opting out of sharing chats with Slack

This controversial policy is not new. Wired warned about it in April, and TechCrunch reported that the policy has been in place since at least September 2023.

But widespread backlash began swelling last night on Hacker News, where Slack users called out the chat service for seemingly failing to notify users about the policy change, instead quietly opting them in by default. To critics, it felt like there was no benefit to opting in for anyone but Slack.

From there, the backlash spread to social media, where SlackHQ hastened to clarify Slack’s terms with explanations that did not seem to address all the criticism.

“I’m sorry Slack, you’re doing fucking WHAT with user DMs, messages, files, etc?” Corey Quinn, the chief cloud economist for a cost management company called Duckbill Group, posted on X. “I’m positive I’m not reading this correctly.”

SlackHQ responded to Quinn after the economist declared, “I hate this so much,” and confirmed that he had opted out of data sharing in his paid workspace.

“To clarify, Slack has platform-level machine-learning models for things like channel and emoji recommendations and search results,” SlackHQ posted. “And yes, customers can exclude their data from helping train those (non-generative) ML models. Customer data belongs to the customer.”

Later in the thread, SlackHQ noted, “Slack AI—which is our generative AI experience natively built in Slack—[and] is a separately purchased add-on that uses Large Language Models (LLMs) but does not train those LLMs on customer data.”

Slack users horrified to discover messages used for AI training Read More »

Financial institutions have 30 days to disclose breaches under new rules

Biz & IT, Policy, Security / Paul Patrick / May 18, 2024

REGULATION S-P —

Amendments contain loopholes that may blunt their effectiveness.

Dan Goodin – May 17, 2024 7: 27 pm UTC

The Securities and Exchange Commission (SEC) will require some financial institutions to disclose security breaches within 30 days of learning about them.

On Wednesday, the SEC adopted changes to Regulation S-P, which governs the treatment of the personal information of consumers. Under the amendments, institutions must notify individuals whose personal information was compromised “as soon as practicable, but not later than 30 days” after learning of unauthorized network access or use of customer data. The new requirements will be binding on broker-dealers (including funding portals), investment companies, registered investment advisers, and transfer agents.

“Over the last 24 years, the nature, scale, and impact of data breaches has transformed substantially,” SEC Chair Gary Gensler said. “These amendments to Regulation S-P will make critical updates to a rule first adopted in 2000 and help protect the privacy of customers’ financial data. The basic idea for covered firms is if you’ve got a breach, then you’ve got to notify. That’s good for investors.”

Notifications must detail the incident, what information was compromised, and how those affected can protect themselves. In what appears to be a loophole in the requirements, covered institutions don’t have to issue notices if they establish that the personal information has not been used in a way to result in “substantial harm or inconvenience” or isn’t likely to.

The amendments will require covered institutions to “develop, implement, and maintain written policies and procedures” that are “reasonably designed to detect, respond to, and recover from unauthorized access to or use of customer information.” The amendments also:

• Expand and align the safeguards and disposal rules to cover both nonpublic personal information that a covered institution collects about its own customers and nonpublic personal information it receives from another financial institution about customers of that financial institution;

• Require covered institutions, other than funding portals, to make and maintain written records documenting compliance with the requirements of the safeguards rule and disposal rule;

• Conform Regulation S-P’s annual privacy notice delivery provisions to the terms of an exception added by the FAST Act, which provide that covered institutions are not required to deliver an annual privacy notice if certain conditions are met; and

• Extend both the safeguards rule and the disposal rule to transfer agents registered with the Commission or another appropriate regulatory agency.

The requirements also broaden the scope of nonpublic personal information covered beyond what the firm itself collects. The new rules will also cover personal information the firm has received from another financial institution.

SEC Commissioner Hester M. Peirce voiced concern that the new requirements may go too far.

“Today’s Regulation S-P modernization will help covered institutions appropriately prioritize safeguarding customer information,” she https://www.sec.gov/news/statement/peirce-statement-reg-s-p-051624 wrote. “Customers will be notified promptly when their information has been compromised so they can take steps to protect themselves, like changing passwords or keeping a closer eye on credit scores. My reservations stem from the breadth of the rule and the likelihood that it will spawn more consumer notices than are helpful.”

Regulation S-P hadn’t been substantially updated since its adoption in 2000.

Last year, the SEC adopted new regulations requiring publicly traded companies to disclose security breaches that materially affect or are reasonably likely to materially affect business, strategy, or financial results or conditions.

The amendments take effect 60 days after publication in the Federal Register, the official journal of the federal government that publishes regulations, notices, orders, and other documents. Larger organizations will have 18 months to comply after modifications are published. Smaller organizations will have 24 months.

Public comments on the amendments are available here.

Financial institutions have 30 days to disclose breaches under new rules Read More »

Twitter URLs redirect to x.com as Musk gets closer to killing the Twitter name

elon musk, elon musk twitter, elon musk x.com, Policy, Twitter, X-Com / Mike M. / May 17, 2024

Goodbye Twitter.com —

X.com stops redirecting to Twitter.com over a year after company name change.

Jon Brodkin – May 17, 2024 3: 43 pm UTC

Getty Images | Kirill Kudryavtsev

Twitter.com links are now redirecting to the x.com domain as Elon Musk gets closer to wiping out the Twitter brand name over a year and half after buying the company.

“All core systems are now on X.com,” Musk wrote in an X post today. X also displayed a message to users that said, “We are letting you know that we are changing our URL, but your privacy and data protection settings remain the same.”

Musk bought Twitter in October 2022 and turned it into X Corp. in April 2023, but the social network continued to use Twitter.com as its primary domain for more than another year. X.com links redirected to Twitter.com during that time.

There were still remnants of Twitter after today’s change. This morning, I noticed a support link took me to a help.twitter.com page. The link subsequently redirected to a help.x.com page after I sent a message to X’s public relations email, though the timing could be coincidence. After sending that message to [email protected], I got the standard auto-reply from [email protected], just as I have in the past.

You might still encounter Twitter links that don’t redirect to x.com, depending on which browser you use. The Verge said it is “seeing a mix of results depending upon browser choice and whether you’re logged in or not.”

I had no trouble accessing x.com on desktop browsers today. But in Safari on iPhone, I received error messages when trying to access either twitter.com or x.com without first logging in. I eventually succeeded in logging in and was able to view content, but I remained at twitter.com in the iPhone browser instead of being redirected to x.com.

This will presumably be sorted out, but the awkward Twitter-to-X transition has previously been accompanied by technical problems. In early April, Musk’s service started automatically changing “twitter.com” to “x.com” in links posted by users in the iOS app. But the automatic text replacement initially applied to any URL ending in “twitter.com” even if it wasn’t actually a twitter.com link, which meant that phishers could have taken advantage by registering misleading domain names.

Twitter URLs redirect to x.com as Musk gets closer to killing the Twitter name Read More »

Robert F. Kennedy Jr. sues Meta, citing chatbot’s reply as evidence of shadowban

2024 election, automated spam filter, bobby Kennedy, censorship, chatbot, content moderation, facebook, generative ai, Instagram, mark zuckerberg, Meta, Meta AI, Policy, rfk jr, robert f kennedy jr, shadow bans, Twitter, who is bobby Kennedy, X / Mike M. / May 17, 2024

Screenshot from the documentary <em>Who Is Bobby Kennedy?</em>” src=”https://cdn.arstechnica.net/wp-content/uploads/2024/05/Who-Is-Bobby-Kennedy-screenshot-via-YouTube-800×422.jpg”></img><figcaption>
<p><a data-height=

In a lawsuit that seems determined to ignore that Section 230 exists, Robert F. Kennedy Jr. has sued Meta for allegedly shadowbanning his million-dollar documentary, Who Is Bobby Kennedy? and preventing his supporters from advocating for his presidential campaign.

According to Kennedy, Meta is colluding with the Biden administration to sway the 2024 presidential election by suppressing Kennedy’s documentary and making it harder to support Kennedy’s candidacy. This allegedly has caused “substantial donation losses,” while also violating the free speech rights of Kennedy, his supporters, and his film’s production company, AV24.

Meta had initially restricted the documentary on Facebook and Instagram but later fixed the issue after discovering that the film was mistakenly flagged by the platforms’ automated spam filters.

But Kennedy’s complaint claimed that Meta is still “brazenly censoring speech” by “continuing to throttle, de-boost, demote, and shadowban the film.” In an exhibit, Kennedy’s lawyers attached screenshots representing “hundreds” of Facebook and Instagram users whom Meta allegedly sent threats, intimidated, and sanctioned after they shared the documentary.

Some of these users remain suspended on Meta platforms, the complaint alleged. Others whose temporary suspensions have been lifted claimed that their posts are still being throttled, though, and Kennedy’s lawyers earnestly insisted that an exchange with Meta’s chatbot proves it.

Two days after the documentary’s release, Kennedy’s team apparently asked the Meta AI assistant, “When users post the link whoisbobbykennedy.com, can their followers see the post in their feeds?”

“I can tell you that the link is currently restricted by Meta,” the chatbot answered.

Chatbots, of course, are notoriously inaccurate sources of information, and Meta AI’s terms of service note this. In a section labeled “accuracy,” Meta warns that chatbot responses “may not reflect accurate, complete, or current information” and should always be verified.

Perhaps more significantly, there is little reason to think that Meta’s chatbot would have access to information about internal content moderation decisions.

Techdirt’s Mike Masnick mocked Kennedy’s reliance on the chatbot in the case. He noted that Kennedy seemed to have no evidence of the alleged shadow-banning, while there’s plenty of evidence that Meta’s spam filters accidentally remove non-violative content all the time.

Meta’s chatbot is “just a probabilistic stochastic parrot, repeating a probable sounding answer to users’ questions,” Masnick wrote. “And these idiots think it’s meaningful evidence. This is beyond embarrassing.”

Neither Meta nor Kennedy’s lawyer, Jed Rubenfeld, responded to Ars’ request to comment.

Robert F. Kennedy Jr. sues Meta, citing chatbot’s reply as evidence of shadowban Read More »

Tesla must face fraud suit for claiming its cars could fully drive themselves

Policy, Tesla, tesla self-driving / Mike M. / May 16, 2024

Getty Images | SOPA Images

A federal judge ruled yesterday that Tesla must face a lawsuit alleging that it committed fraud by misrepresenting the self-driving capabilities of its vehicles.

California resident Thomas LoSavio’s lawsuit points to claims made by Tesla and CEO Elon Musk starting in October 2016, a few months before LoSavio bought a 2017 Tesla Model S with “Enhanced Autopilot” and “Full Self-Driving Capability.” US District Judge Rita Lin in the Northern District of California dismissed some of LoSavio’s claims but ruled that the lawsuit can move forward on allegations of fraud:

The remaining claims, which arise out of Tesla’s alleged fraud and related negligence, may go forward to the extent they are based on two alleged representations: (1) representations that Tesla vehicles have the hardware needed for full self-driving capability and, (2) representations that a Tesla car would be able to drive itself cross-country in the coming year. While the Rule 9(b) pleading requirements are less stringent here, where Tesla allegedly engaged in a systematic pattern of fraud over a long period of time, LoSavio alleges, plausibly and with sufficient detail, that he relied on these representations before buying his car.

Tesla previously won a significant ruling in the case when a different judge upheld the carmaker’s arbitration agreement and ruled that four plaintiffs would have to go to arbitration. But LoSavio had opted out of the arbitration agreement and was given the option of filing an amended complaint.

LoSavio’s amended complaint seeks class-action status on behalf of himself “and fellow consumers who purchased or leased a new Tesla vehicle with Tesla’s ADAS [Advanced Driver Assistance System] technology but never received the self-driving car that Tesla promised them.”

Cars not fully autonomous

Lin didn’t rule on the merits of the claims but found that they are adequately alleged. LoSavio points to a Tesla statement in October 2016 that all its cars going forward would have the “hardware needed for full self-driving capability,” and a November 2016 email newsletter stating that “all Tesla vehicles produced in our factory now have full self-driving hardware.”

The ruling said:

Those statements were allegedly false because the cars lacked the combination of sensors, including lidar, needed to achieve SAE Level 4 (“High Automation”) and Level 5 (“Full Automation”), i.e., full autonomy. According to the SAC [Second Amended Complaint], Tesla’s cars have thus stalled at SAE Level 2 (“Partial Driving Automation”), which requires “the human driver’s constant supervision, responsibility, and control.”

If Tesla meant to convey that its hardware was sufficient to reach high or full automation, the SAC plainly alleges sufficient falsity. Even if Tesla meant to convey that its hardware could reach Level 2 only, the SAC still sufficiently alleges that those representations reasonably misled LoSavio.

The complaint also “sufficiently alleges that Musk falsely represented the vehicle’s future ability to self-drive cross-country and that LoSavio relied upon these representations pre-purchase,” Lin concluded. Musk claimed at an October 2016 news conference that a Tesla car would be able to drive from Los Angeles to New York City “by the end of next year without the need for a single touch.”

Tesla must face fraud suit for claiming its cars could fully drive themselves Read More »

Bumble apologizes for ads shaming women into sex

advertising, bumble, bumble billboards, celibacy, dating app, Policy, Social Media, tiktok, Twitter, X / Mike M. / May 16, 2024

For the past decade, the dating app Bumble has claimed to be all about empowering women. But under a new CEO, Lidiane Jones, Bumble is now apologizing for a tone-deaf ad campaign that many users said seemed to channel incel ideology by telling women to stop denying sex.

“You know full well a vow of celibacy is not the answer,” one Bumble billboard seen in Los Angeles read. “Thou shalt not give up on dating and become a nun,” read another.

Bumble HQ

“We don’t have enough women on the app.”

“They’d rather be alone than deal with men.”

“Should we teach men to be better?”

“No, we should shame women so they come back to the app.”

“Yes! Let’s make them feel bad for choosing celibacy. Great idea!” pic.twitter.com/115zDdGKZo

— Arghavan Salles, MD, PhD (@arghavan_salles) May 14, 2024

Bumble intended these ads to bring “joy and humor,” the company said in an apology posted on Instagram after the backlash on social media began.

Some users threatened to delete their accounts, criticizing Bumble for ignoring religious or personal reasons for choosing celibacy. These reasons include preferring asexuality or sensibly abstaining from sex amid diminishing access to abortion nationwide.

Others accused Bumble of more shameful motives. On X (formerly Twitter), a user called UjuAnya posted that “Bumble’s main business model is selling men access to women,” since market analysts have reported that 76 percent of Bumble users are male.

“Bumble won’t alienate their primary customers (men) telling them to quit being shit,” UjuAnya posted on X. “They’ll run ads like this to make their product (women) ‘better’ and more available on their app for men.”

That account quote-tweeted an even more popular post with nearly 3 million views suggesting that Bumble needs to “fuck off and stop trying to shame women into coming back to the apps” instead of running “ads targeted at men telling them to be normal.”

One TikTok user, ItsNeetie, declared, “the Bumble reckoning is finally here.”

Bumble did not respond to Ars’ request to respond to these criticisms or verify user statistics.

In its apology, Bumble took responsibility for not living up to its “values” of “passionately” standing up for women and marginalized communities and defending “their right to fully exercise personal choice.” Admitting the ads were a “mistake” that “unintentionally” frustrated the dating community, the dating app responded to some of the user feedback:

Some of the perspectives we heard were from those who shared that celibacy is the only answer when reproductive rights are continuously restricted; from others for whom celibacy is a choice, one that we respect; and from the asexual community, for whom celibacy can have a particular meaning and importance, which should not be diminished. We are also aware that for many, celibacy may be brought on by harm or trauma.

Bumble’s pulled ads were part of a larger marketing campaign that at first seemed to resonate with its users. Created by the company’s in-house creative studio, according to AdAge, Bumble’s campaign attracted a lot of eyeballs by deleting Bumble’s entire Instagram feed and posting “cryptic messages” showing tired women in Renaissance-era paintings that alluded to the app’s rebrand.

In a press release, chief marketing officer Selby Drummond said that Bumble “wanted to take a fun, bold approach in celebrating the first chapter of our app’s evolution and remind women that our platform has been solving for their needs from the start.”

The dating app is increasingly investing in ads, AdAge reported, tripling investments from $8 million in 2022 to $24 million in 2023. These ads are seemingly meant to help Bumble recover after posting “a $1.9 million net loss last year,” CNN reported, following a dismal drop in its share price by 86 percent since its initial public offering in February 2021.

Bumble’s new CEO Jones told NBC News that younger users are dating less and that Bumble’s plan was to listen to users to find new ways to grow.

Bumble apologizes for ads shaming women into sex Read More »

Concerns over addicted kids spur probe into Meta and its use of dark patterns

DSA, EU, facebook, Instagram, Meta, Policy, syndication / Mike M. / May 16, 2024

Protecting the vulnerable —

EU is concerned Meta isn’t doing enough to protect children using its apps.

Javier Espinoza, Financial Times – May 16, 2024 1: 25 pm UTC

An iPhone screen displays the app icons for WhatsApp, Messenger, Instagram, and Facebook in a folder titled — Getty Images | Chesnot

Brussels has opened an in-depth probe into Meta over concerns it is failing to do enough to protect children from becoming addicted to social media platforms such as Instagram.

The European Commission, the EU’s executive arm, announced on Thursday it would look into whether the Silicon Valley giant’s apps were reinforcing “rabbit hole” effects, where users get drawn ever deeper into online feeds and topics.

EU investigators will also look into whether Meta, which owns Facebook and Instagram, is complying with legal obligations to provide appropriate age-verification tools to prevent children from accessing inappropriate content.

The probe is the second into the company under the EU’s Digital Services Act. The landmark legislation is designed to police content online, with sweeping new rules on the protection of minors.

It also has mechanisms to force Internet platforms to reveal how they are tackling misinformation and propaganda.

The DSA, which was approved last year, imposes new obligations on very large online platforms with more than 45 million users in the EU. If Meta is found to have broken the law, Brussels can impose fines of up to 6 percent of a company’s global annual turnover.

Repeat offenders can even face bans in the single market as an extreme measure to enforce the rules.

Thierry Breton, commissioner for internal market, said the EU was “not convinced” that Meta “has done enough to comply with the DSA obligations to mitigate the risks of negative effects to the physical and mental health of young Europeans on its platforms Facebook and Instagram.”

“We are sparing no effort to protect our children,” Breton added.

Meta said: “We want young people to have safe, age-appropriate experiences online and have spent a decade developing more than 50 tools and policies designed to protect them. This is a challenge the whole industry is facing, and we look forward to sharing details of our work with the European Commission.”

In the investigation, the commission said it would focus on whether Meta’s platforms were putting in place “appropriate and proportionate measures to ensure a high level of privacy, safety, and security for minors.” It added that it was placing special emphasis on default privacy settings for children.

Last month, the EU opened the first probe into Meta under the DSA over worries the social media giant is not properly curbing disinformation from Russia and other countries.

Brussels is especially concerned whether the social media company’s platforms are properly moderating content from Russian sources that may try to destabilize upcoming elections across Europe.

Meta defended its moderating practices and said it had appropriate systems in place to stop the spread of disinformation on its platforms.

Concerns over addicted kids spur probe into Meta and its use of dark patterns Read More »

DOJ says Boeing faces criminal charge for violating deal over 737 Max crashes

Boeing, Policy / Rejus Almole / May 15, 2024

Criminal prosecution —

DOJ determined that Boeing violated 2021 agreement spurred by two fatal crashes.

Jon Brodkin – May 15, 2024 5: 04 pm UTC

Enlarge / Relatives hold a poster with faces of the victims of Ethiopia flight 302 outside a courthouse in Fort Worth, Texas, on January 26, 2023.

Getty Images | Shelby Tauber

The US Department of Justice yesterday said it has determined that Boeing violated a 2021 agreement spurred by two fatal crashes and is now facing a potential criminal prosecution.

Boeing violated the agreement “by failing to design, implement, and enforce a compliance and ethics program to prevent and detect violations of the US fraud laws throughout its operations,” the DOJ said in a filing in US District Court for the Northern District of Texas. Because of this, “Boeing is subject to prosecution by the United States for any federal criminal violation of which the United States has knowledge,” the DOJ said.

The US government is still determining whether to initiate a prosecution and said it will make a decision by July 7. Under terms of the 2021 agreement, Boeing has 30 days to respond to the government’s notice.

The DOJ court filing did not list any specific incidents. But the notice came after a January 2024 incident in which a 737 Max 9 used by Alaska Airlines had to make an emergency landing because a door plug blew off the aircraft in mid-flight. Boeing also recently said that some workers skipped required tests on the 787 Dreamliner planes but falsely recorded the work as having been completed.

Boeing itself referred to the Alaska Airlines flight in a statement the company provided to Ars today. Boeing confirmed that it received a communication “from the Justice Department, stating that the Department has made a determination that we have not met our obligations under our 2021 deferred prosecution agreement, and requesting the company’s response.”

“We believe that we have honored the terms of that agreement and look forward to the opportunity to respond to the Department on this issue,” Boeing said. “As we do so, we will engage with the Department with the utmost transparency, as we have throughout the entire term of the agreement, including in response to their questions following the Alaska Airlines 1282 accident.”

Deal struck after crash deaths of 346 passengers

Yesterday’s DOJ court filing said that Boeing could be prosecuted for the charge listed in the one-count criminal information that was filed at the same time as the deferred prosecution agreement in 2021. That document alleged that Boeing defrauded the Federal Aviation Administration in connection with the agency’s evaluation of the Boeing 737 Max. The DOJ filing yesterday said Boeing could also be prosecuted for other offenses.

In January 2021, the DOJ announced that Boeing signed the deferred prosecution agreement “to resolve a criminal charge related to a conspiracy to defraud the Federal Aviation Administration’s Aircraft Evaluation Group (FAA AEG) in connection with the FAA AEG’s evaluation of Boeing’s 737 Max airplane.”

This occurred after 346 passengers died in two Boeing 737 Max crashes in 2018 and 2019 in Indonesia and Ethiopia. Boeing agreed to pay $2.5 billion, including $1.77 billion in compensation for airline customers and $500 million for the heirs, relatives, and legal beneficiaries of the crash victims.

“The tragic crashes of Lion Air Flight 610 and Ethiopian Airlines Flight 302 exposed fraudulent and deceptive conduct by employees of one of the world’s leading commercial airplane manufacturers,” Acting Assistant Attorney General David Burns said when the 2021 deal was struck. “Boeing’s employees chose the path of profit over candor by concealing material information from the FAA concerning the operation of its 737 Max airplane and engaging in an effort to cover up their deception.”

US Attorney Erin Nealy Cox said then that “misleading statements, half-truths, and omissions communicated by Boeing employees to the FAA impeded the government’s ability to ensure the safety of the flying public.”

The nonprofit Foundation for Aviation Safety, which is led by former Boeing employee Ed Pierson, recently accused Boeing of violating the deferred prosecution agreement. Pierson alleged in a December 2023 court filing that “Boeing has deliberately provided false, incomplete, and misleading information to the FAA, the flying public, airline customers, regulators, and investors.”

Meeting with victims’ families

The DOJ court filing yesterday said the department is continuing to confer with the airlines and family members of the crash victims.

“To that end, the Government separately notified the victims and the airline customers today of the breach determination,” the DOJ wrote. “The Government also has already scheduled a conferral session for May 31, 2024, with the victims. The Government last conferred with the victims on April 24, 2024, to discuss the issue of whether Boeing breached the [deferred prosecution agreement].”

Paul Cassell, an attorney for victims’ families, said the DOJ filing “is a positive first step, and for the families, a long time coming. But we need to see further action from DOJ to hold Boeing accountable and plan to use our meeting on May 31 to explain in more detail what we believe would be a satisfactory remedy to Boeing’s ongoing criminal conduct.”

DOJ says Boeing faces criminal charge for violating deal over 737 Max crashes Read More »

Report: Microsoft to face antitrust case over Teams

antitrust, EU, microsoft, Policy, syndication, Teams / Rejus Almole / May 13, 2024

VS. —

Unbundling Teams from Office has apparently failed to impress EU regulators.

Javier Espinoza, Financial Times – May 13, 2024 2: 03 pm UTC

Brussels is set to issue new antitrust charges against Microsoft over concerns that the software giant is undermining rivals to its videoconferencing app Teams.

According to three people with knowledge of the move, the European Commission is pressing ahead with a formal charge sheet against the world’s most valuable listed tech company over concerns it is restricting competition in the sector.

Microsoft last month offered concessions as it sought to avoid regulatory action, including extending a plan to unbundle Teams from other software such as Office, not just in Europe but across the world.

However, people familiar with their thinking said EU officials were still concerned that the company did not go far enough to facilitate fairness in the market.

Rivals are concerned that Microsoft will make Teams run more compatibly than rival apps with its own software. Another concern is the lack of data portability, which makes it difficult for existing Teams users to switch to alternatives.

The commission’s move would represent an escalation of a case that dates back to 2020 after Slack, now owned by Salesforce, submitted a formal complaint over Microsoft’s Teams.

It also would end a decade-long truce between EU regulators and the US tech company, after a series of competition probes that ended in 2013. The EU then issued a 561 million euro fine against Microsoft for failure to comply with a decision over the bundling of the Internet Explorer browser with its Windows operating system.

Charges could come in the next few weeks, said the people familiar with the commission’s thinking. Rivals of Microsoft and the commission are meeting this week to discuss the case, in an indication that the charges are being prepared, the people said.

However, they warned that Microsoft could still offer last-minute concessions that would derail the EU’s case, or the commission might decide to delay or scrap the charges against the company.

Microsoft risks fines of up to 10 percent of its global annual turnover if found to have breached the EU competition law.

The company declined to comment but referred to an earlier statement that said it would “continue to engage with the commission, listen to concerns in the marketplace, and remain open to exploring pragmatic solutions that benefit both customers and developers in Europe.”

The commission declined to comment.

The move against Microsoft comes at a time of heightened scrutiny of its activities. The EU is also investigating whether the tech group’s $13 billion alliance with ChatGPT maker OpenAI breaks competition law.

Microsoft is also part of a handful of tech companies, including Google and Meta, caught as “gatekeepers” under the new Digital Markets Act, meaning it has special responsibilities when trading in Europe.

The tech company has also faced complaints from European cloud computing providers that are concerned that Microsoft is abusing its dominant position in the sector to force users to buy its products and squashing competition from smaller start-ups in Europe.

Report: Microsoft to face antitrust case over Teams Read More »

Studio: Takedown notice for 15-year-old fan-made Hunt for Gollum was a mistake

Policy, youtube / Rejus Almole / May 12, 2024

The precious will be ours —

The Hunt for Gollum fan film racked up more than 13 million views on YouTube.

Ashley Belanger – May 10, 2024 5: 42 pm UTC

Enlarge / WETA “Gollum” figure at Arclight at the opening of “The Lord of the Rings: The Return of the King.”

A day after announcing that the tentatively titled Lord of the Rings: The Hunt for Gollum was scheduled for a 2026 release, Warner Bros. immediately moved to block a beloved 2009 unauthorized fan film with the exact same name on YouTube.

Less than 12 hours later, though, the studio appeared to back down from this copyright fight, reinstating the fan film on YouTube amid fan backlash protesting the copyright strike on Reddit as a “dick move.”

In 2009, director Chris Bouchard—who most recently directed Netflix’s The Little Mermaid—released The Hunt for Gollum through Independent Online Cinema after he claimed to have “reached an understanding” with the rightsholder of The Lord of the Rings books, then called Tolkien Enterprises (now called Middle-earth Enterprises).

Bouchard’s film was developed on a shoestring budget of $5,000, with a 39-minute story based on appendixes that Tolkien wrote for The Lord of the Rings books, The Washington Post reported. Upon its release, the fan film quickly racked up millions of views online, reaching more than 13 million on YouTube before it was suddenly blocked this week.

“Video unavailable,” the video hosted on Independent Online Cinema’s YouTube channel temporarily said. “This video contains content from Warner Bros. Entertainment, who has blocked it on copyright grounds.”

“That’s so lame,” one Reddit user wrote, dissing Warner Bros. as “greedy fks” that “can’t help but hoard every penny, like Smaug. The video already had 13 million views and was peacefully existing for all these years.”

By mid-day Friday, however, Independent Online Cinema announced that the video was reinstated, confirming that “we’re back, thanks to WB for being so understanding to us as fans and artists.” In an email, Bouchard told Ars that it’s still unclear what triggered the block, but “we’re just all very happy our small film still is out there, as it was made for love.”

Bourchard’s film was never intended to garner any profits, opening with a disclaimer that openly noted that the fan film was not affiliated with Tolkien, The Lord of the Rings movie director Peter Jackson, or any studio. Produced solely for private use, the movie was made “solely for the personal, uncompensated enjoyment of ourselves and other Tolkien fans,” the disclaimer said.

Bouchard confirmed to Ars that the fan film never made money on YouTube, noting that “there have been no ads or revenue” and “the film is a fan film, non-commercial project, made just for the creative endeavor.”

While the movie was blocked, fans and media outlets speculated that Warner Bros. may have wielded the copyright claim because the major motion picture might tell a similar story as Bouchard’s film or possibly just to ensure that there’s no confusion when movie-goers attempt to search for details about the new movie online. The Hollywood Reporter speculated that the fan film may have even helped inspire the release of the Warner Bros. film.

Some fans agreed that Warner Bros. was acting logically to protect its intellectual property (IP), however, saying that it “makes sense” and “any other company would have done the same.”

Others moved to help fans download the film before it was potentially removed everywhere online, offering to share their own downloads if necessary and pointing out that the film could still be found on at least one unofficial YouTube channel not seemingly associated with Independent Online Cinema.

Bouchard was touched by all the fan outcry, telling Ars that it has “been incredible that plenty of folks out there seemed to remember our project.”

It’s possible the backlash pushed Warner Bros. to reverse the block. In 2019, the Harvard Business Review noted that “until recently, companies have largely tolerated individuals who seek to bring their fictional worlds to life, on the theory that going after one’s fans is not good for business.”

“Overreaching by companies can threaten creativity, competition, fan goodwill, and, more fundamentally, the freedom to play and ‘geek out’ about the stories we love,” HBR warned.

At least one Redditor agreed with this viewpoint, posting, “I will never understand moves like this. Literally no one will pass on watching the movie because some fan film exists. Same with gaming companies that take down every fan project (Nintendo obviously). I‘ve read before, that it is to protect the IP, but other companies encourage that stuff and don’t lose the IP.”

Warner Bros. already faces “heavy skepticism” that a full-length feature seemingly centered on Gollum will be any good—even one directed by and starring original Gollum actor Andy Serkis, The Hollywood Reporter reported. Some Redditors declared that they might boycott the new movie if Bouchard’s film wasn’t reinstated on YouTube.

“This makes me more likely to pass on WB’s movie honestly,” one Reddit user wrote, while another declared, “I already hate their new film now.”

But it’s also just as possible that Warner Bros. did not actively seek to remove the fan film online, instead submitting video files to YouTube that potentially triggered an automated removal. Bouchard told Ars that’s his suspicion.

Ars could not immediately reach Warner Bros. or YouTube for comment.

While some Lord of the Rings fans aren’t sure that the new movie will be as good as the widely acclaimed Jackson trilogy, Bouchard said that his team can’t wait to see Warner Bros.’ version of The Hunt for Gollum.

“We are excited as fans about the new movie” and seeing “how the story will be visualized!” Bouchard told Ars. His film centers Gandalf and Aragorn as they hunt for Gollum, but there’s no telling yet if Warner Bros.’ movie will avoid featuring Gollum as the main character.

On YouTube, the Independent Online Cinema account posted under the video that they’re “glad” that any fans eager to see the Warner Bros. film can, in the “meantime,” enjoy “our low-budget effort at the story.”

Studio: Takedown notice for 15-year-old fan-made Hunt for Gollum was a mistake Read More »

Elon Musk’s X can’t invent its own copyright law, judge says

bright data, copyright act, copyright law, data scraping, elon musk, Policy, Twitter, X, x corp / Mike M. / May 11, 2024

Who owns X data? Everyone but X —

Judge rules copyright law governs public data scraping, not X’s terms.

Ashley Belanger – May 10, 2024 9: 20 pm UTC

A US district judge William Alsup has dismissed Elon Musk’s X Corp’s lawsuit against Bright Data, a data-scraping company accused of improperly accessing X (formerly Twitter) systems and violating both X terms and state laws when scraping and selling data.

X sued Bright Data to stop the company from scraping and selling X data to academic institutes and businesses, including Fortune 500 companies.

According to Alsup, X failed to state a claim while arguing that companies like Bright Data should have to pay X to access public data posted by X users.

“To the extent the claims are based on access to systems, they fail because X Corp. has alleged no more than threadbare recitals,” parroting laws and findings in other cases without providing any supporting evidence, Alsup wrote. “To the extent the claims are based on scraping and selling of data, they fail because they are preempted by federal law,” specifically standing as an “obstacle to the accomplishment and execution of” the Copyright Act.

The judge found that X Corp’s argument exposed a tension between the platform’s desire to control user data while also enjoying the safe harbor of Section 230 of the Communications Decency Act, which allows X to avoid liability for third-party content. If X owned the data, it could perhaps argue it has exclusive rights to control the data, but then it wouldn’t have safe harbor.

“X Corp. wants it both ways: to keep its safe harbors yet exercise a copyright owner’s right to exclude, wresting fees from those who wish to extract and copy X users’ content,” Alsup wrote.

If X got its way, Alsup warned, “X Corp. would entrench its own private copyright system that rivals, even conflicts with, the actual copyright system enacted by Congress” and “yank into its private domain and hold for sale information open to all, exercising a copyright owner’s right to exclude where it has no such right.”

That “would upend the careful balance Congress struck between what copyright owners own and do not own,” Alsup wrote, potentially shrinking the public domain.

“Applying general principles, this order concludes that the extent to which public data may be freely copied from social media platforms, even under the banner of scraping, should generally be governed by the Copyright Act, not by conflicting, ubiquitous terms,” Alsup wrote.

Bright Data CEO Or Lenchner said in a statement provided to Ars that Alsup’s decision had “profound implications in business, research, training of AI models, and beyond.”

“Bright Data has proven that ethical and transparent scraping practices for legitimate business use and social good initiatives are legally sound,” Lenchner said. “Companies that try to control user data intended for public consumption will not win this legal battle.”

Alsup pointed out that X’s lawsuit was “not looking to protect X users’ privacy” but rather to block Bright Data from interfering with its “own sale of its data through a tiered subscription service.”

“X Corp. is happy to allow the extraction and copying of X users’ content so long as it gets paid,” Alsup wrote.

In a sea of vague claims that scraping is “unfair,” perhaps most deficient in X’s complaint, Alsup suggested, was X’s failure to allege that Bright Data’s scraping impaired its services or that X suffered any damages.

“There are no allegations of servers harmed or identities misrepresented,” Alsup wrote. “Additionally, there are no allegations of any damage resulting from automated or unauthorized access.”

X will be allowed to amend its complaint and appeal. The case may be strengthened if X can show evidence of damages or prove that the scraping overburdened X or otherwise deprived X users of their use of the platform in a way that could damage X’s reputation.

But as it currently stands, X’s arguments in many ways appear rather “bare,” Alsup wrote, while its terms of service make crystal clear to users that “[w]hat’s yours is yours—you own your Content.”

By attempting to exclude Bright Data from accessing public X posts owned by X users, X also nearly “obliterated” the “fair use” provision of the Copyright Act, “flouting” Congress’ intent in passing the law, Alsup wrote.

“Only by receiving permission and paying X Corp. could Bright Data, its customers, and other X users freely reproduce, adapt, distribute, and display what might (or might not) be available for taking and selling as fair use,” Alsup wrote. “Thus, Bright Data, its customers, and other X users who wanted to make fair use of copyrighted content would not be able to do so.”

A win for X could have had dire consequences for the Internet, Alsup suggested. In dismissing the complaint, Alsup cited an appeals court ruling “that giving social media companies “free rein to decide, on any basis, who can collect and use data—data that the companies do not own, that they otherwise make publicly available to viewers, and that the companies themselves collect and use—risks the possible creation of information monopolies that would disserve the public interest.”

Because that outcome was averted, Lenchner is celebrating Bright Data’s win.

“Bright Data’s victory over X makes it clear to the world that public information on the web belongs to all of us, and any attempt to deny the public access will fail,” Lenchner said.

In 2023, Bright Data won a similar lawsuit lobbed by Meta over scraping public Facebook and Instagram data. These lawsuits, Lenchner alleged, “are used as a monetary weapon to discourage collecting public data from sites, so conglomerates can hoard user-generated public data.”

“Courts recognize this and the risks it poses of information monopolies and ownership of the Internet,” Lenchner said.

X did not respond to Ars’ request to comment.

Elon Musk’s X can’t invent its own copyright law, judge says Read More »

Big Three carriers pay $10M to settle claims of false “unlimited” advertising

AT&T, Policy, T-Mobile, unlimited data, verizon / Mike M. / May 11, 2024

False advertising —

States obtain settlement, but it’s unclear whether consumers will get refunds.

Jon Brodkin – May 10, 2024 6: 36 pm UTC

T-Mobile, Verizon, and AT&T will pay a combined $10.2 million in a settlement with US states that alleged the carriers falsely advertised wireless plans as “unlimited” and phones as “free.” The deal was announced yesterday by New York Attorney General Letitia James.

“A multistate investigation found that the companies made false claims in advertisements in New York and across the nation, including misrepresentations about ‘unlimited’ data plans that were in fact limited and had reduced quality and speed after a certain limit was reached by the user,” the announcement said.

T-Mobile and Verizon agreed to pay $4.1 million each while AT&T agreed to pay a little over $2 million. The settlement includes AT&T subsidiary Cricket Wireless and Verizon subsidiary TracFone.

The settlement involves 49 of the 50 US states (Florida did not participate) and the District of Columbia. The states’ investigation found that the three major carriers “made several misleading claims in their advertising, including misrepresenting ‘unlimited’ data plans that were actually limited, offering ‘free’ phones that came at a cost, and making false promises about switching to different wireless carrier plans.”

“AT&T, Verizon, and T-Mobile lied to millions of consumers, making false promises of free phones and ‘unlimited’ data plans that were simply untrue,” James said. “Big companies are not excused from following the law and cannot trick consumers into paying for services they will never receive.”

States have options for using money

The carriers denied any illegal conduct despite agreeing to the settlement. In addition to payments to each state, the carriers agreed to changes in their advertising practices. It’s unclear whether consumers will get any refunds out of the settlement, however.

The settlement gives states leeway in how to use the payments from carriers. The payments can be used to cover “attorneys’ fees and other costs of investigation and litigation,” or can go toward “consumer protection law enforcement funds.”

States can use the payments for future consumer protection enforcement, consumer education, litigation, or a consumer aid fund. The money can also be used for “monitoring and potential enforcement” of the settlement terms “or consumer restitution,” the settlement says.

We asked James’ office about whether any consumer restitution is planned and will update this article if we get a response.

Advertising restrictions

The three carriers agreed that all advertisements to consumers must be “truthful, accurate and non-misleading.” They also agreed to the following changes, the NY attorney general’s office said:

“Unlimited” mobile data plans can only be marketed if there are no limits on the quantity of data allowed during a billing cycle.

Offers to pay for consumers to switch to a different wireless carrier must clearly disclose how much a consumer will be paid, how consumers will be paid, when consumers can expect payment, and any additional requirements consumers have to meet to get paid.

Offers of “free” wireless devices or services must clearly state everything a consumer must do to receive the “free” devices or services.

Offers to lease wireless devices must clearly state that the consumer will be entering into a lease agreement.

All “savings” claims must have a reasonable basis. If a wireless carrier claims that consumers will save using its services compared to another wireless carrier, the claim must be based on similar goods or services or differences must be clearly explained to the consumer.

The advertising restrictions are to be in place for five years.

T-Mobile provided a statement about the settlement to Ars today. “After nine years, we are glad to move on from this industry-wide investigation with this settlement and a continued commitment to the transparent and consumer-friendly advertising practices we’ve undertaken for years,” T-Mobile said.

AT&T and Verizon declined to comment individually and referred us to their lobby group, CTIA. “These voluntary agreements reflect no finding of improper conduct and reaffirm the wireless industry’s longstanding commitment to clarity and integrity in advertising so that consumers can make informed decisions about the products and services that best suit them,” the wireless lobby group said.

Big Three carriers pay $10M to settle claims of false “unlimited” advertising Read More »