The non-profit Creative Commons (founded by Lawrence Lessig) opposes a new anti-piracy bill that "proposes to have the US Copyright Office mandate that all websites accepting user-uploaded material implement technologies to automatically filter that content." We've long believed that these kinds of mandates are overbroad, speech-limiting, and bad for both creators and reusers. (We're joined in this view by others such as Techdirt, Public Knowledge, and EFF, who have already stated their opposition.)

But one part of this attempt stands out to us: the list of "myths" Sen. Tillis released to accompany the bill. In particular, Tillis lists the concern that it is a "filtering mandate that will chill free speech and harm users" as a myth instead of a true danger to free expression-and he cites the existence of CC's metadata as support for his position.

Creative Commons is strongly opposed to mandatory content filtering measures. And we particularly object to having our work and our name used to imply support for a measure that undermines free expression which CC seeks to protect....

Limitations and exceptions are a crucial feature of a copyright system that truly serves the public, and filter mandates fail to respect them. Because of this, licensing metadata should not be used as a mandatory upload filter-and especially not CC license data. We do not support or endorse the measures in this bill, and we object to having our name used to imply otherwise.

The U.S. placed internet-security provider AO Kaspersky Lab on a list of companies deemed a threat to national security, for the first time adding a Russian entity to a list dominated by Chinese telecommunications firms. Bloomberg reports: The Federal Communications Commission on Friday also added China Telecom (Americas) Corp, and China Mobile International USA Inc. to the list. Once a company is on the list, federal subsidies can't be used to purchase its equipment or services. The action is part of the FCC's efforts to "strengthen America's communications networks against national security threats," Jessica Rosenworcel, the agency's chairwoman, said in a news release.

Kaspersky is a well known provider of anti-virus software, and has conducted investigations into a range of nation-state hacking incidents. It calls itself the world's largest privately-owned cybersecurity company on its website. It says it protects over 400 million users and 240,000 companies. [...] For Friday's update of the list, the FCC said it relied on findings by the Department of Homeland Security and an executive branch interagency body called the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector.

An anonymous reader writes: The operator of YouTube rippers FLVTO.biz and 2conv.com has announced that he will appeal the piracy verdict, where the RIAA won $83 million in damages. According to his attorneys, the legal process has gone off the rails, as the music companies didn't have to prove a single instance of copyright infringement. More context on the verdict, from TorrentFreak: Last October, the RIAA secured a major victory in its piracy lawsuit against YouTube-rippers FLVTO.biz and 2conv.com and their Russian operator Tofig Kurbanov. A Virginia federal court issued a default judgment in favor of several prominent music companies after the defendant walked away from the lawsuit. According to the order, there is a clear need to deter the behavior of Kurbanov who failed to hand over evidence including server logs. "A less drastic sanction is unlikely to salvage this case," the judge wrote.

Following this win, the RIAA asked for an injunction to stop the sites' worldwide stream-ripping activities. In addition, the music group demanded nearly $83 million in damages. Both of these requests were taken up in a report and recommendation issued by Magistrate Judge Buchanan last December. "Defendant's Websites caused the Plaintiffs to lose profits and streaming revenue because of the enormous internet traffic to and use of the Websites' stream-ripping functions," Judge Buchanan wrote. Mr. Kurbanov's legal team opposed this recommendation, arguing that the music companies failed to provide evidence that any infringing activity actually took place in the United States. Also, if the court believes that damages are appropriate, they should be substantially lower. The RIAA predictably disagreed and asked the court to stay the course and take over the recommendation. After weighing the positions from both sides, that's exactly what happened.

Former Microsoft Senior Director Yasser Elabd is working with whistleblowing agency Lioness to share information about kickbacks and bribery in the Middle East and North Africa. From a report: In June 2019, former Microsoft Senior Director Yasser Elabd traveled to Washington, D.C., to meet with members of the Securities and Exchange Commission, the Federal Bureau of Investigation and the U.S. Attorney General's office to discuss his allegations that Microsoft was ignoring bribery at subsidiaries in the Middle East and Africa. The meetings lasted nearly the entire day. Federal agents asked Elabd questions for hours. Elabd's attorney told him that it was one of the first times they had witnessed the AG's office send a representative to a whistleblower meeting like his.

But more than a year later, the SEC still hadn't made a decision about Elabd's allegations. The agency kept promising him that the team in charge of his case would make a decision soon about whether they would bring charges against Microsoft. Finally, at the beginning of March 2022, the case agent in charge of Elabd's whistleblowing report told his lawyer that the SEC was closing the case because it didn't have the resources to conduct interviews and find documentation abroad during the coronavirus pandemic. So Elabd decided to try a different route to share what he knows. Today he published an essay on the whistleblowing website Lioness that accuses Microsoft of firing him after two decades with the company because he asked questions about what he saw as bribery within the contracting services Microsoft uses to sell software to government and public bodies in countries in the Middle East and Africa.

The European Union agreed on Thursday to one of the world's most far-reaching laws to address the power of the biggest tech companies (Warning: source may be paywalled; alternative source), potentially reshaping app stores, online advertising, e-commerce, messaging services and other everyday digital tools. The New York Times reports: The law, called the Digital Markets Act, is the most sweeping piece of digital policy since the bloc put the world's toughest rules to protect people's online data into effect in 2018. The legislation is aimed at stopping the largest tech platforms from using their interlocking services and considerable resources to box in users and squash emerging rivals, creating room for new entrants and fostering more competition. [...] The Digital Markets Act will apply to so-called gatekeeper platforms, which are defined by factors including a market value of more than 75 billion euros, or about $83 billion. The group includes Alphabet, the owner of Google and YouTube; Amazon; Apple; Microsoft; and Meta. Specifics of the law read like a wish list for rivals of the biggest companies. Apple and Google, which make the operating systems that run on nearly every smartphone, would be required to loosen their grip. Apple will have to allow alternatives to its App Store for downloading apps, a change the company has warned could harm security. The law will also let companies such as Spotify and Epic Games use payment methods other than Apple's in the App Store, which charges a 30 percent commission.

Amazon will be barred from using data collected from outside sellers on its services so that it could offer competing products, a practice that is the subject of a separate E.U. antitrust investigation. The law will result in major changes for messaging apps. WhatsApp, which is owned by Meta, could be required to offer a way for users of rival services like Signal or Telegram to send and receive messages to somebody using WhatsApp. Those rival services would have the option to make their products interoperable with WhatsApp. The largest sellers of online advertising, Meta and Google, will see new limits for offering targeted ads without consent. Such ads -- based on data collected from people as they move between YouTube and Google Search, or Instagram and Facebook -- are immensely lucrative for both companies.

[...] With these actions, Europe is cementing its leadership as the most assertive regulator of tech companies such as Apple, Google, Amazon, Meta and Microsoft. European standards are often adopted worldwide, and the latest legislation further raises the bar by potentially bringing the companies under new era of oversight -- just like health care, transportation and banking industries. "Faced with big online platforms behaving like they were 'too big to care,' Europe has put its foot down," said Thierry Breton, one of the top digital officials in the European Commission. "We are putting an end to the so-called Wild West dominating our information space. A new framework that can become a reference for democracies worldwide." On Thursday, representatives from the European Parliament and European Council hammered out the last specifics of the law in Brussels. The agreement followed about 16 months of talks -- a speedy pace for the E.U. bureaucracy -- and sets the stage for a final vote in Parliament and among representatives from the 27 countries in the union. That approval is viewed as a formality.

An anonymous reader quotes a report from TechCrunch: Police in the United Kingdom have arrested seven people over suspected connections to the Lapsus$ hacking group, which has in recent weeks targeted tech giants including Samsung, Nvidia, Microsoft and Okta. In a statement given to TechCrunch, Detective Inspector Michael O'Sullivan from the City of London Police said: "The City of London Police has been conducting an investigation with its partners into members of a hacking group. Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation. Our enquiries remain ongoing."

News of the arrests comes just hours after a Bloomberg report revealed a teenager based in Oxford, U.K. is suspected of being the mastermind of the now-prolific Lapsus$ hacking group. Four researchers investigating the gang's recent hacks said they believed the 16-year-old, who uses the online moniker "White" or "Breachbase," was a leading figure in Lapsus$, and Bloomberg was able to track down the suspected hacker after his personal information was leaked online by rival hackers. TechCrunch has seen a copy of the the suspected hacker's leaked personal information, which we are not sharing -- but it matches Bloomberg's reporting. City of London Police, which primarily focuses on financial crimes, did not say if the 16-year-old was among those arrested.

At least one member of Lapsus$ was also apparently involved with a recent data breach at Electronic Arts, according to [security reporter Brian Krebs], and another is suspected to be a teenager residing in Brazil. The latter is said to be so capable of hacking that researchers first believed that the activity they were witnessing was automated. Researchers' ability to track the suspected Lapsus$ members may be because the group, which now has more than 45,000 subscribers to its Telegram channel where it frequently recruits insiders and leaks victims' data, does little to cover its tracks. In a blog post this week, Microsoft said the group uses brazen tactics to gain initial access to a target organization, which has included publicly recruiting company insiders. As reported by Bloomberg this week, the group has even gone as far as to join the Zoom calls of companies they've breached and taunted employees trying to clean up their hack.

Come July, the EPA plans to retire the archive containing old news releases, policy changes, regulatory actions, and more. The Verge reports: The archive was never built to be a permanent repository of content, and maintaining the outdated site was no longer "cost effective," the EPA said to The Verge in an emailed statement. The EPA announced the retirement early this year, after finishing an overhaul of its main website in 2021, but says that the decision was years in the making. The agency maintains that it's abiding by federal rules for records management and that not all webpages qualify as official records that need to be preserved.

The EPA says it plans to migrate much of the information to other places. Old news releases will go to the current EPA website's page for press releases. When it comes to the rest of the content, the EPA has a process for making case-by-case decisions on what content can be deleted -- and what is relevant enough to move to the modern website. Some content might be deemed important enough to join the National Archives. The public will be able to request that content through the Freedom of Information Act.

The archive is the only comprehensive way that public information about agency policies, like fact sheets breaking down the impact of environmental legislation, and actions, like how the agency implements those laws, have been preserved, [says Gretchen Gehrke, one of the cofounders of a group called Environmental Data and Governance Initiative (EDGI) that's fighting for public access to resources like the EPA's online archives]. That makes the archive vital for understanding how regulation and enforcement have changed over the years. It also shows how the agency's understanding of an issue, like climate change, has evolved. And when the Trump administration deleted information about climate change on the EPA's website, much of it could still be found on the archive. Besides that, Gehrke says the content should just be available on principle because it's public information, paid for by taxpayer dollars.

"A bipartisan proposal in both the House and Senate would sharply limit the ability to seize emails without notice to the owner," writes longtime Slashdot reader hawk. "It places a six-month limit on the length of gag orders in warrants." The Hill reports: The Government Surveillance Transparency Act, sponsored by a bipartisan group of lawmakers from both chambers, puts limitations on gag orders that seek to block tech companies from altering users whose data has been seized. It targets a practice brought into the spotlight after journalists from CNN, The New York Times and The Washington Post all had their records seized by the Department of Justice (DOJ). The bill requires law enforcement agencies to notify surveillance subjects that their email, location and web browsing data has been seized, aligning with current practices for phone records and bank data.

"When the government obtains someone's emails or other digital information, users have a right to know," Sen. Ron Wyden (D-Ore.) said in a release. "Our bill ensures that no investigation will be compromised, but makes sure the government can't hide surveillance forever by misusing sealing and gag orders to prevent the American people from understanding the enormous scale of government surveillance, as well as ensuring that the targets eventually learn their personal information has been searched."

An anonymous reader quotes a report from Bloomberg: Cybersecurity researchers investigating a string of hacks against technology companies, including Microsoft and Nvidia, have traced the attacks to a 16-year-old living at his mother's house near Oxford, England. Four researchers investigating the hacking group Lapsus$, on behalf of companies that were attacked, said they believe the teenager is the mastermind.

The teen is suspected by the researchers of being behind some of the major hacks carried out by Lapsus$, but they haven't been able to conclusively tie him to every hack Lapsus$ has claimed. The cyber researchers have used forensic evidence from the hacks as well as publicly available information to tie the teen to the hacking group. Bloomberg News isn't naming the alleged hacker, who goes by the online alias "White" and "breachbase," who is a minor and hasn't been publicly accused by law enforcement of any wrongdoing. Another member of Lapsus$ is suspected to be a teenager residing in Brazil, according to the investigators. One person investigating the group said security researchers have identified seven unique accounts associated with the hacking group, indicating that there are likely others involved in the group's operations. The teen is so skilled at hacking — and so fast-- that researchers initially thought the activity they were observing was automated, another person involved in the research said. [...]

The teenage hacker in England has had his personal information, including his address and information about his parents, posted online by rival hackers. At an address listed in the leaked materials as the teen's home near Oxford, a woman who identified herself as the boy's mother talked with a Bloomberg reporter for about 10 minutes through a doorbell intercom system. The home is a modest terraced house on a quiet side street about five miles from Oxford University. The woman said she was unaware of the allegations against her son or the leaked materials. She said she was disturbed that videos and pictures of her home and the teen's father's home were included. The mother said the teenager lives at that address and had been harassed by others, but many of the other leaked details couldn't be confirmed. She declined to discuss her son in any way or make him available for an interview, and said the issue was a matter for law enforcement and that she was contacting the police.

The US Department of Justice and 14 state attorneys general yesterday asked a federal judge to sanction Google for misusing attorney-client privilege to hide emails from litigation. From a report: "In a program called 'Communicate with Care,' Google trains and directs employees to add an attorney, a privilege label, and a generic 'request' for counsel's advice to shield sensitive business communications, regardless of whether any legal advice is actually needed or sought.

Often, knowing the game, the in-house counsel included in these Communicate-with-Care emails does not respond at all," the DOJ told the court. The fact that attorneys often don't reply to the emails "underscor[es] that these communications are not genuine requests for legal advice but rather an effort to hide potential evidence," the DOJ said. The DOJ made its argument in a motion to sanction Google "and compel disclosure of documents unjustifiably claimed by Google as attorney-client privileged" and in a memorandum in support of the motion. "The Communicate-with-Care program had no purpose except to mislead anyone who might seek the documents in an investigation, discovery, or ensuing dispute," the DOJ alleged.

Google's Messages and Dialer apps for Android devices have been collecting and sending data to Google without specific notice and consent, and without offering the opportunity to opt-out, potentially in violation of Europe's data protection law. From a report: According to a research paper, "What Data Do The Google Dialer and Messages Apps On Android Send to Google?" [PDF], by Trinity College Dublin computer science professor Douglas Leith, Google Messages (for text messaging) and Google Dialer (for phone calls) have been sending data about user communications to the Google Play Services Clearcut logger service and to Google's Firebase Analytics service.

"The data sent by Google Messages includes a hash of the message text, allowing linking of sender and receiver in a message exchange," the paper says. "The data sent by Google Dialer includes the call time and duration, again allowing linking of the two handsets engaged in a phone call. Phone numbers are also sent to Google." The timing and duration of other user interactions with these apps has also been transmitted to Google. And Google offers no way to opt-out of this data collection. [...] Both pre-installed versions of these apps, the paper observes, lack app-specific privacy policies that explain what data gets collected -- something Google requires from third-party developers. And when a request was made through Google Takeout for the Google Account data associated with the apps used for testing, the data Google provided did not include the telemetry data observed.

An anonymous reader quotes a report from The Verge: District of Columbia Attorney General Karl Racine is suing Grubhub for deceptive business practices, saying its food delivery app covertly inflates prices for diners who order through it. The suit demands an end to a laundry list of allegedly illegal practices as well as financial restitution and civil penalties. The newly filed lawsuit (PDF) argues that Grubhub's promises of "free" online orders -- and "unlimited free delivery" for Grubhub Plus -- are misleading. While customers can make pickup orders for free, the company charges delivery and service fees for standard orders and service fees for Grubhub Plus orders, displaying the service fee until recently as part of a single line with sales taxes. "Grubhub misled District residents and took advantage of local restaurants to boost its own profits, even as District consumers and small businesses struggled during the COVID-19 pandemic," said Racine in a statement. "Grubhub charged hidden fees and used bait-and-switch advertising tactics -- which are illegal."

The complaint says Grubhub orders often cost more than ordering the same item at a restaurant and argues that the company fails to reasonably disclose this to consumers. "Because Grubhub already charges consumers several different types of fees for its services ... consumers expect that the menu prices listed on Grubhub are the same prices offered at the restaurant or on the restaurant's website," it says. Grubhub has also listed many restaurants without their permission to expand its service, routing orders through its services and taking a commission. The complaint says it listed "over a thousand" restaurants in DC that had no connection with the company, asserting that the unapproved listings often contained menu errors and resulted in orders that would "take longer to fill, would be filled incorrectly, would be delivered cold, or would eventually be cancelled altogether."

Grubhub -- which also operates Seamless and several other food delivery apps -- has made more elaborate attempts to insert itself into restaurant transactions as well. The lawsuit notes its launch of unsanctioned microsites that appear to be official restaurant sites, as well as custom phone numbers that let it charge fees when customers call restaurants, even when the calls didn't result in orders. The company also offered a "Supper for Support" promotion that required restaurants to foot the bill for a special discount; it offered restaurants $250 in compensation after a backlash. "During the past year, we've sought to engage in a constructive dialogue with the DC attorney general's office to help them understand our business and to see if there were any areas for improvement," said Katie Norris, director of corporate communications, in a statement. "We are disappointed they have moved forward with this lawsuit because our practices have always complied with DC law, and in any event, many of the practices at issue have been discontinued. We will aggressively defend our business in court and look forward to continuing to serve DC restaurants and diners."

According to The Verge, Grubhub "says the app no longer lists restaurants that haven't agreed to work with it, and it's retired its microsites and the Supper for Support program." It will also make it more clear to users that prices might be lower when ordering directly from the restaurant, "and it will specify in marketing that only pickup orders are free," adds The Verge. The company maintains that it "has not misrepresented its fees," however.

A judge on Brazil's Supreme Court has reversed a ban on Telegram, two days after blocking the messaging app for ignoring orders. Engadget reports: Telegram CEO Pavel Durov said the company missed the court's emails. "We complied with an earlier court decision in late February and responded with a suggestion to send future takedown requests to a dedicated email address," Durov wrote on Telegram on Friday. "Unfortunately, our response must have been lost, because the Court used the old general-purpose email address in further attempts to reach us. As a result, we missed its decision in early March that contained a follow-up takedown request. Luckily, we have now found and processed it, delivering another report to the Court today."

Durov added that Telegram will appoint a representative in Brazil and set up a framework so it can address requests more promptly. According to The New York Times, Telegram complied with the court's demands by taking down classified information posted on President Jair Bolsonaro's channel and deleting the accounts of a Bolsonaro supporter who was allegedly spreading misinformation. The court then reversed the ban. Telegram reacted so swiftly that the ban (which was imposed by a judge who is running multiple investigations into Bolsonaro and his allies for spreading misinformation) was never actually in effect. The court order gave Apple, Google, ISPs and phone providers five days to block the app. Telegram will also "start promoting verified information and labeling posts containing falsehoods," adds Engadget. "It will also monitor the 100 most popular channels in the country," which account for 95 percent of views of public posts.

An anonymous reader quotes a report from TorrentFreak: U.S. Senators Thom Tillis and Patrick Leahy have introduced the SMART Copyright Act of 2022. The bill requires online hosting services to implement standard technical protection measures, designated by the Copyright Office. The general idea is to grant the Copyright Office the power to designate standard technical protection measures to be implemented by online hosting platforms. These STMs can be tailored to specific niches such as audio and video, which offers much more flexibility than the current regime under the DMCA.

In short, the bill will give the government more tools to facilitate and encourage the implementation of anti-piracy mechanisms, while allowing online services to keep their safe harbors. The full text of the bill provides more details on how the approval process of a proposed protection measure works. In addition to hearing stakeholders, experts, and the public, the designated protection measures have to be weighed on factors such as cost and availability. They shouldn't create any major burdens for online services. Similarly, the rights of the public are taken into account as well. This includes the impact a technical measure may have on privacy and data protection, as well as on free speech issues such as criticism and news.

Finally, it is worth noting that online services will be able to appeal officially designated protection measures in court. In addition, they can also choose not to implement them. However, that opens the door to lawsuits from copyright holders. The statutory damages amounts for services that fail to implement the designated technical protection measures are capped at $150,000 for a single violation, but that number can shoot up for repeat offenders. [...] Rightsholders see the proposal as a great step forward to protect creators, while opponents classify it as a filtering tool that will censor free speech.

"A former Apple employee has been charged with defrauding the tech giant out of more than $10 million," reports NBC News, "by taking kickbacks, stealing equipment and laundering money, federal prosecutors said." Dhirendra Prasad, 52, worked for 10 years as a buyer in Apple's Global Service Supply Chain department. A federal criminal case unsealed Friday alleges that he exploited his position to defraud the company in several schemes, including stealing parts and causing the company to pay for items and services it never received.

A court has allowed the federal government to seize five real estate properties and financial accounts worth about $5 million from Prasad, and the government is seeking to keep those assets as proceeds of crime, the U.S. Attorney's office in San Jose said in a news release...

Two owners of vendor companies that did business with Apple have admitted to conspiring with Prasad to commit fraud and launder money, prosecutors said.

An anonymous reader quotes a report from The Register: Last year, the Graph Foundation had to rethink how it develops and distributes its Open Native Graph Database (ONgDB) after it settled a trademark and copyright claim by database biz Neo4j. The Graph Foundation agreed [PDF] it would no longer claim specific versions of ONgDB, its Neo4j Enterprise Edition fork, are a "100 percent free and open source version" of Neo4J EE. And last month, two other companies challenged by Neo4j -- PureThink and iGov -- were also required by a court ruling to make similar concessions.

ONgDB is forked from Neo4j EE, which in May 2018 dropped the GNU Affero General Public License (AGPL) and adopted a new license that incorporates the AGPLv3 alongside additional limitations spelled out in the Commons Clause license. This new Neo4j EE license forbade non-paying users of the software from reselling the code or offering some support services, and thus is not open source as defined by the Open Source Initiative. The Graph Foundation, PureThink, and iGov offered ONgDB as a "free and open source" version of Neo4j in the hope of winning customers who preferred an open-source license. That made it more challenging for Neo4j to compete.

So in 2018 and 2019 Neo4j and its Swedish subsidiary pursued legal claims against the respective firms and their principals for trademark and copyright infringement, among other things. The Graph Foundation settled [PDF] in February 2021 as the company explained in a blog post. The organization discontinued support for ONgDB versions 3.4, 3.5 and 3.6. And it released ONgDB 1.0 in their place as a fork of AGPLv3 licensed Neo4j EE version 3.4.0.rc02. Last May, the judge hearing the claims against PureThink, and iGov granted Neo4j's motion for partial summary judgment [PDF] and forbade the defendants from infringing on the company's Neo4j trademark and from advertising ONgDB "as a free and open source drop-in replacement of Neo4j Enterprise Edition" The defendants appealed, and in February the US Court of Appeals for the Ninth Circuit affirmed a lower court decision that the company's "statements regarding ONgDB as 'free and open source' versions of Neo4j EE are false." "Stop saying Open Source when it's not," said the Open Source Initiative in a blog post. "The US Court of Appeals for the Ninth Circuit recently affirmed a lower court decision concluding what we've always known: that it's false advertising to claim that software is 'open source' when it's not licensed under an open source license."

An anonymous reader quotes a report from ZDNet: Proposed UK laws could see top managers at tech companies be jailed if they fail to meet the demands of regulators. The laws, coming in the form of an Online Safety Bill, were introduced to Parliament on Thursday after almost a year of consultation. The UK government commenced work on the proposed laws in May last year to push a duty of care onto social media platforms so that tech companies are forced to protect users from dangerous content, such as disinformation and online abuse.

Under the proposed legislation, executives of tech companies could face prosecution or jail time if they fail to cooperate with information notices issued by Ofcom, UK's communications regulator. Through the Bill, Ofcom would gain the power to issue information notices for the purpose of determining whether tech companies are performing their online safety functions. A raft of new offenses have also been added to the Bill, including making in-scope companies' senior managers criminally liable if they destroy evidence, fail to attend or provide false information in interviews with Ofcom, or obstruct the regulator when it enters company offices.

The Bill also looks to require social media platforms, search engines, and other apps and websites that allow people to post their own content to implement various measures to protect children, tackle illegal activity and uphold their stated terms and conditions. Among these measures are mandatory age checks for sites that host pornography, criminalizing cyberflashing, and a requirement for large social media platforms to give adults the ability to automatically block people who have not verified their identity on the platforms. The proposed laws, if passed, would also force social media platforms to up their moderation efforts, with the Bill calling for platforms to remove paid-for scam ads swiftly once they are alerted of their existence. A requirement for social media platforms to moderate "legal but harmful" content is also contained in the Bill, which will make large social media platforms have a duty to carry risk assessments on these types of content. Platforms will also have to set out clearly in terms of service how they will deal with such content and enforce these terms consistently.

An anonymous reader quotes a report from CoinDesk: U.S. Sen. Elizabeth Warren (D-Mass.) announced Thursday a new bill to block cryptocurrency companies from conducting business with sanctioned companies. The Digital Assets Sanctions Compliance Enhancement Act, introduced with Sens. Jack Reed (D-R.I.), Mark Warner (D-Va.), Jon Tester (D-Mont.) and others, would allow the U.S. president to add non-U.S.-based crypto companies to sanctions list if they support sanctions evasion.

"This is a bill that would authorize the president to sanction foreign cryptocurrency firms that are doing business with sanctioned Russian entities and authorize the Secretary of Treasury to act," she said. According to a draft of the bill, the presidential administration would be tasked with identifying "any foreign person" who operates a crypto exchange or otherwise facilitates digital asset transactions who has also supported sanctions evasion by Russian individuals named to the Office of Foreign Asset Control's sanctions list. Moreover, the U.S. president could sanction these exchange operators unless there was a national security interest in not doing so. The U.S. Treasury secretary could also require that crypto exchanges operating in the U.S. not conduct transactions for, or otherwise work with, crypto addresses belonging to people based in Russia if this is deemed to be in the national interest. The Treasury secretary would have to report to Congress about this decision.

The bill seems to extend beyond just Russian sanctions. Another provision would authorize the Financial Crimes Enforcement Network (FinCEN) to identify users transacting with more than $10,000 in crypto. "Not later than 120 days after the date of enactment of this Act, the Financial Crimes Enforcement Network shall require United States persons engaged in a transaction with a value greater than $10,000 in digital assets through [one] or more accounts outside of the United States to file a report," the bill said. The Treasury secretary would also be tasked with identifying exchanges that could be at "high risk for sanctions evasion" or other crimes, and reporting these entities to Congress. "Any exchange included in the report may petition the Office of Foreign Assets Control for removal, which shall be granted upon demonstrating that the exchange is taking steps sufficient to comply with applicable United States law," the bill said.

According to Reuters, Brazil's Supreme Court Justice Alexandre de Moraes ordered the suspension of Telegram, claiming it had "repeatedly refused to adhere to judicial orders or comply with the country's laws." From the report: Moraes' decision, which is likely to stoke debate about freedom of speech in politically polarized Brazil, represents the latest chapter in the crusading justice's battle with far-right President Jair Bolsonaro and his allies. The president and his supporters have increasingly come to rely on Telegram as a form of mass communication as larger tech companies like Meta, which owns messaging app WhatsApp, Google and Twitter have been forced by the Supreme Court to drop offending accounts over allegedly spreading disinformation.

Moraes has been leading a series of Supreme Court probes into the president and his supporters for disseminating fake news that have enraged many on the right and sparked questions of judicial overreach. According to Moraes' ruling, Telegram has repeatedly failed to block offending accounts and ignored the court's decisions. He gave Wilson Diniz Wellisch, the head of telecoms regulator Anatel, 24 hours to implement the suspension, which would stand until Telegram complies with outstanding judicial orders, pays a series of fines, and presents a country representative before the court. Moraes also ordered Apple and Google to help block users on their platforms from being able to use Telegram in Brazil.

An anonymous reader quotes a report from Ars Technica: Minnesota state lawmakers are trying to prohibit social media platforms from using algorithms to recommend content to anyone under age 18. The bill was approved Tuesday by the House Commerce Finance and Policy Committee in a 15-1 vote. The potential state law goes next to the House Judiciary Finance and Civil Law Committee, which has put it on the docket for a hearing on March 22. The algorithm ban applies to platforms with at least 1 million account holders and says those companies would be "prohibited from using a social media algorithm to target user-created content at an account holder under the age of 18." There are exemptions for content created by federal, state, or local governments and by public or private schools.

"This bill prohibits a social media platform like Facebook, Instagram, YouTube, WhatsApp, TikTok, and others, from using algorithms to target children with specific types of content," the bill summary says (PDF). "The bill would require anyone operating a social media platform with more than one million users to require that algorithm functions be turned off for accounts owned by anyone under the age of 18." Social media companies would be "liable for damages and a civil penalty of $1,000 for each violation." Tech-industry lobbyists say the bill would violate the First Amendment, prevent companies from recommending useful content, and require them to collect more data on the ages and locations of users. TechDirt's Mike Masnick slammed the bill in an article titled, "Minnesota pushing bill that says websites can no longer be useful for teenagers."

"I get that for computer illiterate people the word 'algorithm' is scary," Masnick wrote. "And that there's some ridiculous belief among people who don't know any better that recommendation algorithms are like mind control, but the point of an algorithm is... to recommend content. That is, to make a social media (or other kind of service) useful. Without it, you just get an undifferentiated mass of content, and that's not very useful."