Data Breach Victims Can Sue Yahoo in the United States, Federal Judge Rules ( 13

Yahoo has been ordered by a federal judge to face much of a lawsuit in the United States claiming that the personal information of all 3 billion users was compromised in a series of data breaches. From a report: In a decision on Friday night, U.S. District Judge Lucy Koh in San Jose, California rejected a bid by Verizon Communications, which bought Yahoo's Internet business last June, to dismiss many claims, including for negligence and breach of contract. Koh dismissed some other claims. She had previously denied Yahoo's bid to dismiss some unfair competition claims.

[...] The plaintiffs amended their complaint after Yahoo last October revealed that the 2013 breach affected all 3 billion users, tripling its earlier estimate. Koh said the amended complaint highlighted the importance of security in the plaintiffs' decision to use Yahoo. 'Plaintiffs' allegations are sufficient to show that they would have behaved differently had defendants disclosed the security weaknesses of the Yahoo Mail System," Koh wrote. She also said the plaintiffs could try to show that liability limits in Yahoo's terms of service were "unconscionable," given the allegations that Yahoo knew its security was deficient but did little.


Feds Bust CEO Allegedly Selling Custom BlackBerry Phones To Sinaloa Drug Cartel ( 115

An anonymous reader shares a Motherboard report: For years, a slew of shadowy companies have sold so-called encrypted phones, custom BlackBerry or Android devices that sometimes have the camera and microphone removed and only send secure messages through private networks. Several of those firms allegedly cater primarily for criminal organizations.Now, the FBI has arrested the owner of one of the most established companies, Phantom Secure, as part of a complex law enforcement operation, according to court records and sources familiar with the matter. "FBI are flexing their muscle," one source familiar with the secure phone industry, and who gave Motherboard specific and accurate details about the operation before it was public knowledge, said. Motherboard granted the sources in this story anonymity to talk about sensitive developments in the secure phone trade. The source said the Phantom operation was carried out in partnership with Canadian and Australian authorities.
Open Source

Linux Developer McHardy Drops GPLv2 'Shake Down' Case ( 53

Former Linux developer Patrick McHardy dropped his Gnu General Public License version 2 (GPLv2) violation case against Geniatech in a German court this week. ZDNet explains why some consider this a big "win": People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2. Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he'd requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions...

In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."

Had McHardy continued on his way, companies would have been more reluctant to use Linux code in their products for fear that a single, unprincipled developer could sue them and demand payment for his copyrighted contributions... McHardy now has to bear all legal costs for both sides of the case. In other words, when McHardy was faced with serious and costly opposition for the first time, he waved a white flag rather than face near certain defeat in the courts.


Lawmakers Continue Fighting For Net Neutrality in the US Senate, Courts, and States ( 57

Here's the latest developments in the ongoing fight over net neutrality rules:
  • CNET reports that Democrats in the Senate "have been pushing to use the Congressional Review Act to roll back the FCC's repeal of net neutrality rules. They've gotten the support of 50 senators for the measure, including one Republican, Susan Collins of Maine. Sen. John Kennedy from Louisiana , who's been undecided in his support of the CRA bill, was being courted by Democrats as the tie-breaking vote to pass the measure in the Senate...

    "On Wednesday, Kennedy introduced a piece of legislation that would ban companies like AT&T and Comcast from slowing down or blocking access to websites or internet services. But the bill wouldn't prevent these broadband and wireless companies from offering paid prioritization, which many critics fear could lead to so-called internet 'fast lanes.'"
  • The Associated Press reports that on Monday, Washington became the first state to set up its own net-neutrality requirements. But they add that governors in five states -- Hawaii, New Jersey, New York, Montana and Vermont -- "have signed executive orders related to net-neutrality issues, according to the National Conference of State Legislatures. Montana's order, for instance, bars telecommunications companies from receiving state contracts if they interfere with internet traffic or favor higher-paying sites or apps."


Project Gutenberg Blocks German Users After Outrageous Court Ruling ( 265

Slashdot reader David Rothman writes: The oldest public domain publisher in the world, Project Gutenberg, has blocked German users after an outrageous legal ruling saying this American nonprofit must obey German copyright law... Imagine the technical issues for fragile, cash-strapped public domain organizations -- worrying not only about updated databases covering all the world's countries, but also applying the results to distribution. TeleRead carries two views on the German case involving a Holtzbrinck subsidiary...

Significantly, older books provide just a tiny fraction of the revenue of megaconglomerates like Holtzbrinck but are essential to students of literature and indeed to students in general. What's more, as illustrated by the Sonny Bono Copyright Term Extension Act in the U.S., copyright law in most countries tends to reflect the wishes and power of lobbyists more than it does the commonweal. Ideally the travails of Project Gutenberg will encourage tech companies, students, teachers, librarians and others to step up their efforts against oppressive copyright laws. While writers and publishers deserve fair compensation, let's focus more on the needs of living creators and less on the estates of authors dead for many decades. The three authors involved in the German case are Heinrich Mann (died in 1950), Thomas Mann (1955) and Alfred Döblin (1957).

One solution in the U.S. and elsewhere for modern creators would be national library endowments... Meanwhile, it would be very fitting for Google and other deep-pocketed corporations with an interest in a global Internet and more balanced copyright to help Gutenberg finance its battle. Law schools, other academics, educators and librarians should also offer assistance.


FBI Paid Geek Squad Repair Staff As Informants ( 205

According to newly released documents by the Electronic Frontier Foundation, federal agents would pay Geek Squad employees to flag illegal materials on devices sent in by customers for repairs. "The relationship goes back at least ten years, according to documents released as a result of the lawsuit [filed last year]," reports ZDNet. "The agency's Louisville division aim was to maintain a 'close liaison' with Geek Squad management to 'glean case initiations and to support the division's Computer Intrusion and Cyber Crime programs.'" From the report: According to the EFF's analysis of the documents, FBI agents would "show up, review the images or video and determine whether they believe they are illegal content" and seize the device so an additional analysis could be carried out at a local FBI field office. That's when, in some cases, agents would try to obtain a search warrant to justify the access. The EFF's lawsuit was filed in response to a report that a Geek Squad employee was used as an informant by the FBI in the prosecution of child pornography case. The documents show that the FBI would regularly use Geek Squad employees as confidential human sources -- the agency's term for informants -- by taking calls from employees when they found something suspect.

BlackBerry Files Patent Infringement Lawsuit Against Facebook, WhatsApp and Instagram ( 87

BlackBerry on Tuesday filed patent infringement lawsuit against Facebook, Whatsapp and Instagram in Los Angeles Federal court. In a statement, BlackBerry said: We have a lot of respect for Facebook and the value they've placed on messaging capabilities, some of which were invented by BlackBerry. As a cybersecurity and embedded software leader, BlackBerry's view is that Facebook, Instagram, and WhatsApp could make great partners in our drive toward a securely connected future, and we continue to hold this door open to them. However, we have a strong claim that Facebook has infringed on our intellectual property, and after several years of dialogue, we also have an obligation to our shareholders to pursue appropriate legal remedies.

Six Tech Companies Filing Net Neutrality Lawsuit ( 31

An anonymous reader quotes a report from The Hill: Six technology companies, including Kickstarter, Foursquare and Etsy, have launched a lawsuit against the Federal Communications Commission (FCC) in an effort to preserve net neutrality rules. The companies, which also include Shutterstock, Expa and Automattic, on Monday filed their petition with the U.S. Court of Appeals for the District of Columbia Circuit. The companies join Vimeo and Mozilla, as well as several state attorneys general who have also filed lawsuits against the FCC in support of the net neutrality rules. Like the other lawsuits, their new case hinges on the Administrative Procedure Act, which they argue prevents the FCC from "arbitrary and capricious" redactions to already existing policy. "Already, over 30,000 Etsy sellers participated in the FCC's public comment process, and tens of thousands more reached out to Congress in support of net neutrality. Now we're bringing their stories and experiences to the courts," said Althea Erickson, head of advocacy and impact at Etsy.
The Courts

Playboy Drops Its Copyright Case Against Boing Boing ( 18

An anonymous reader quotes the EFF: Playboy Entertainment has given up on its lawsuit against Happy Mutants, LLC, the company behind Boing Boing. Earlier this month, a federal court dismissed Playboy's claims but gave Playboy permission to try again with a new complaint, if it could dig up some new facts. The deadline for filing that new complaint passed this week, and today Playboy released a statement suggesting that it is standing down...

It's hard to understand why Playboy brought this case in the first place, turning its legal firepower on a small news and commentary website that hadn't uploaded or hosted any infringing content. We're also a little perplexed as to why Playboy seems so unhappy that the Boing Boing post is still up when the links they complain about have been dead for almost two years.


Google Releases Info On 2.4 Million 'Right To Be Forgotten' Requests ( 69

According to Google's latest transparency report, the company has received 2.4 million "right to be forgotten" requests since 2014, most of which came from private individuals. Engadget reports: Europe's biggest court passed the right to be forgotten law in 2014, compelling the tech titan to remove personal info from its search engine upon request. In the report, Google has revealed that it complied with 43.3 percent of all the requests it's gotten and has also detailed the nature of those takedown pleas. France, Germany and the UK apparently generated 51 percent of all the URL delisting appeals. Overall, 89 percent of the takedown pleas came from private individuals: Non-government figures such as celebrities submitted 41,213 of the URLs in Google's pile, while politicians and government officials submitted 33,937. As Gizmodo noted, though, there's a small group of law firms and reputation management services submitting numerous pleas, suggesting the rise of reputation-fixing business in the region.

Out of those 2.4 million requests, 19.1 percent are directory URLs, while news websites and social networks only make up 17.6 and 11.6 percent of them. Majority of the URLs submitted for removal are random online destinations that don't fall under any of the previous categories. As for the takedown's reasons, it looks 18.1 percent of the submissions want their professional info scrubbed, 7.7 percent want info they previously posted online themselves to be removed and 6.1 percent want their crimes hidden from search.


Supreme Court Wrestles With Microsoft Data Privacy Fight ( 163

Supreme Court justices on Tuesday wrestled with Microsoft's dispute with the U.S. Justice Department over whether prosecutors can force technology companies to hand over data stored overseas, with some signaling support for the government and others urging Congress to pass a law to resolve the issue. From a report: Chief Justice John Roberts and Justice Samuel Alito, both conservatives, hinted during an hour-long argument in the case at support for the Justice Department's stance that because Microsoft is based in the United States it was obligated to turn over data sought by prosecutors in a U.S. warrant. As the nine justices grappled with the technological complexities of email data storage, liberals Ruth Bader Ginsburg and Sonia Sotomayor questioned whether the court needed to act in the data privacy case in light of Congress now considering bipartisan legislation that would resolve the legal issue. A ruling is due by the end of June.

German Cities Can Ban Diesel Cars, Court Rules ( 119

A German court has ruled that cities in Germany are allowed to enact bans on diesel vehicles, Reuters reports. It's unlikely that bans will magically appear across the country overnight, but not everyone in the country is happy about this decision. From a report: Environmentalists might be happy about the possibility of banning some of the road's dirtiest cars, but owners and right-leaning groups are not. Reuters reports that some politicians believe this decision could disenfranchise a large swath of car owners across the country, many of whom likely can't afford to immediately replace a vehicle.

Coinbase: We Will Send Data On 13,000 Users To IRS ( 133

Coinbase has formally notified its customers that it will be complying with a court order and handing over the user data for about 13,000 of its customers to the Internal Revenue Service. Ars Technica reports: The case began back in November 2016 when the IRS went to a federal judge in San Francisco to enforce an initial order that would have required the company to hand over the data of all users who transacted on the site between 2013 and 2015 as part of a tax evasion investigation. Coinbase resisted the IRS' request in court. But by November 2017, after a hearing, U.S. Magistrate Judge Jacqueline Scott Corley narrowed the request to only cover 13,000 particular individuals. The San Francisco-based startup is now required to provide "taxpayer ID, name, birth date, address, and historical transaction records for certain higher-transacting customers during the 2013-2015 period." Coinbase reminded its users that it is "unable to provide legal or tax advice." The company also noted, "If you have concerns about this, we encourage you to seek legal advice from an attorney promptly. Coinbase expects to produce the information covered by the court's order within 21 days."
The Courts

Volkswagen Settles Diesel Emissions Lawsuit Right Before Trial Set To Begin ( 74

Volkswagen settled a major diesel emissions class action lawsuit brought by hundreds of vehicle owners right before the case was set to go to trial. "The German auto giant's U.S. division settled the lawsuit brought by a North Carolina man and over 300 other owners of diesel cars who allege fraud and unfair trade practices," reports The Verge. From the report: The trial could have featured testimony from current and former VW executives and would likely have caused a spate of bad press for the automaker regarding the Dieselgate scandal. Since it first broke in 2015, the controversy has led to the resignation of VW's CEO, seen a handful of executives sentenced to jail, and resulted in billions of dollars in fines and settlements. VW is being sued by some consumers after it admitted to using software to cheat on diesel emissions tests, sparking the biggest scandal to hit the auto industry in decades. David Doar, the North Carolina man along with more than 300 other U.S. VW diesel owners, rejected settlement offers from a 2016 class action that would have reimbursed them for the value of their vehicles. Nearly all U.S. owners of affected VW vehicles agreed to take part in a $25 billion settlement in 2016, which included buyback offers and additional compensation for about 500,000 owners. But according to Reuters, some 2,000 owners have opted out, and most are pursuing separate claims seeking additional compensation.

'Satoshi' Craig Wright Is Being Sued For $10 Billion For Stealing His Partner's Bitcoin ( 92

Craig Wright, the nChain chief scientist who previously claimed to be the pseudonymous bitcoin creator Satoshi Nakamoto, is being sued for a whopping $10 billion for stealing $5 billion in bitcoin from a former business partner. CoinDesk reports: The lawsuit is being brought by Ira Kleiman on behalf of the estate of his brother, Dave, who has been linked to the earliest days of bitcoin. Kleiman, a forensic computer investigator and author, passed away in 2013 following a battle with MRSA. At the heart of the new lawsuit, according to a complaint filed in the U.S. District Court for the Southern District of Florida on Feb. 14, is an alleged hoard of more than 1.1 million bitcoins, which Ira Kleiman's lawyers say is worth in excess of $10 billion. He is being represented by Boies Schiller Flexner LLP.

Wright, court records show, has been accused of allegedly conducting "a scheme against Dave's estate to seize Dave's bitcoins and his rights to certain intellectual property associated with the Bitcoin technology." "As part of this plan, Craig forged a series of contracts that purported to transfer Dave's assets to Craig and/or companies controlled by him. Craig backdated these contracts and forged Dave's signature on them," attorneys for the plaintiff wrote. Included alongside the complaint are a number of additional filings, including the business registration for a firm called W&K Info Defense Research LLC, in which Kleiman and Wright were business partners. In addition to the roughly 1.1 million bitcoins, Ira Kleiman is also seeking compensation for the intellectual property his lawyers claim arose from the partnership between his deceased brother and Wright.


Google's 'Bro Culture' Led To Harassment, Argues New Lawsuit By Software Engineer ( 290

An anonymous reader quotes the Mercury News: As a young, female software engineer at male-dominated Google, Loretta Lee was slapped, groped and even had a co-worker pop up from beneath her desk one night and tell her she'd never know what he'd been doing under there, according to a lawsuit filed against the Mountain View tech giant... Lee's lawsuit -- filed in Santa Clara County Superior Court -- alleges the company failed to to protect her, saying, "Google's bro-culture contributed to (Lee's) suffering frequent sexual harassment and gender discrimination, for which Google failed to take corrective action."

She was fired in February 2016 for poor performance, according to the suit... Lee started at the company in 2008 in Los Angeles and later switched to the firm's Mountain View campus, according to the suit, which asserts that she "was considered a talented and rising star" who received consistently "excellent" performance reviews. Lee claims that the "severe and pervasive" sexual harassment she experienced included daily abuse and egregious incidents. In addition to making lewd comments to her and ogling her "constantly," Lee's male co-workers spiked her drinks with whiskey and laughed about it; and shot Nerf balls and darts at her "almost every day," the suit alleges. One male colleague sent her a text message asking if she wanted a "horizontal hug," while another showed up at her apartment with a bottle of liquor, offering to help her fix a problem with one of her devices, refusing to leave when she asked him to, she alleges. At a holiday party, Lee "was slapped in the face by an intoxicated male co-worker for no apparent reason," according to the suit.

Lee resisted reporting an employee who had grabbed her lanyard and grazed her breasts -- and was then written up for being uncooperative. But after filing a report, "HR found her claims 'unsubstantiated,' according to the suit. 'This emboldened her colleagues to continue their inappropriate behavior,' the suit says.

"Her fear of being ostracized was realized, she claims, with co-workers refusing to approve her code in spite of her diligent work on it. Not getting her code approved led to her being 'labeled as a poor performer,' the suit says."
The Courts

BuzzFeed Unmasks Mastermind Who Urged Peter Thiel To Destroy Gawker ( 156

One day in 2011 a 26-year-old approached Peter Thiel and said "Look, I think if we datamined Gawker's history, we could find weak points that we could exploit in the court of law," according to the author of a new book. An anonymous reader quotes BuzzFeed News: Peter Thiel's campaign to ruin Gawker Media was conceived and orchestrated by a previously unknown associate who served as a middleman, allowing the billionaire to conceal his involvement in the bankrolling of lawsuits that eventually drove the New York media outlet into bankruptcy. BuzzFeed News has confirmed the identity of that mystery conspirator, known in Thiel's inner circle as "Mr. A," with multiple sources who said that he provided the venture capitalist and Facebook board member with a blueprint to covertly attack Gawker in court. That man, an Oxford-educated Australian citizen named Aron D'Souza, has few known connections to Thiel, but approached him in 2011 with an elaborate proposal to use a legal strategy to wipe out the media organization. That plot ultimately succeeded... D'Souza was aware of Thiel's public comments likening Valleywag to al-Qaeda, and presented a brazen idea: Pay someone or create a company to hire lawyers to go after Gawker.
TechCrunch reported earlier this month that Gawker's old posts "will be captured and saved by the non-profit Freedom of the Press Foundation," which was co-founded in 2012 by the late John Perry Barlow. But in addition, the Gawker estate "continues to threaten possible legal action against Thiel, and hopes to begin discovery to examine the billionaire's motivations for secretly funding his legal war," the article concludes. If a New York bankruptcy court approves, and if the process "unearths anything of meaning, the estate may have grounds to sue Thiel on the grounds of tortious interference, the use of legal means to purposely disrupt a business.

"To head that off, Thiel bid for the remaining Gawker assets -- including the flapship domain, its archive, and outstanding legal claims, like those against himself -- though Holden has made it known that he may block any sale to Thiel, no matter how much the venture capitalist is willing to bid."
Star Wars Prequels

How a Fight Over Star Wars Download Codes Could Reshape Copyright Law ( 96

An anonymous reader quotes a report from Ars Technica: A federal judge in California has rejected Disney's effort to stop Redbox from reselling download codes of popular Disney titles like Frozen, Beauty and the Beast, and the latest Star Wars movies. Judge Dean Pregerson's Tuesday ruling invoked the little-used doctrine of copyright misuse, which holds that a copyright holder loses the right to enforce a copyright if the copyright is being abused. Pregerson faulted Disney for tying digital download codes to physical ownership of discs, a practice that he argued ran afoul of copyright's first sale doctrine, which guarantees customers the right to resell used DVDs.

If the ruling were upheld on appeal, it would have sweeping implications. It could potentially force Hollywood studios to stop bundling digital download codes with physical DVDs and force video game companies to rethink their own practices. But James Grimmelmann, a copyright scholar at Cornell Law School, is skeptical that the ruling will survive an inevitable appeal from Disney. "I don't see this one sticking," Grimmelmann told Ars. Copyright misuse has such sweeping legal implications that an appeals court will be reluctant to apply it to a common movie industry practice.

The Courts

Manafort Left an Incriminating Paper Trail Because He Couldn't Figure Out How to Convert PDFs to Word Files ( 189

There are two types of people in this world: those who know how to convert PDFs into Word documents and those who are indicted for money laundering. Former Trump campaign chairman Paul Manafort is the second kind of person , Slate reports. From the report: Back in October, a grand jury indictment charged Manafort and his business associate Rick Gates with a variety of crimes, including conspiring "to defraud the United States." On Thursday, special counsel Robert Mueller filed a new indictment against the pair, substantially expanding the charges. As one former federal prosecutor told the Washington Post, Manafort and Gates' methods appear to have been "extensive and bold and greedy with a capital 'G,' but ... not all that sophisticated." One new detail from the indictment, however, points to just how unsophisticated Manafort seems to have been. Here's the relevant passage from the indictment. I've bolded the most important bits:

Manafort and Gates made numerous false and fraudulent representations to secure the loans. For example, Manafort provided the bank with doctored [profit and loss statements] for [Davis Manafort Inc.] for both 2015 and 2016, overstating its income by millions of dollars. The doctored 2015 DMI P&L submitted to Lender D was the same false statement previously submitted to Lender C, which overstated DMI's income by more than $4 million. The doctored 2016 DMI P&L was inflated by Manafort by more than $3.5 million. To create the false 2016 P&L, on or about October 21, 2016, Manafort emailed Gates a .pdf version of the real 2016 DMI P&L, which showed a loss of more than $600,000. Gates converted that .pdf into a "Word" document so that it could be edited, which Gates sent back to Manafort. Manafort altered that "Word" document by adding more than $3.5 million in income. He then sent this falsified P&L to Gates and asked that the "Word" document be converted back to a .pdf, which Gates did and returned to Manafort. Manafort then sent the falsified 2016 DMI P&L .pdf to Lender D.
So here's the essence of what went wrong for Manafort and Gates, according to Mueller's investigation: Manafort allegedly wanted to falsify his company's income, but he couldn't figure out how to edit the PDF.

Supreme Court Declines To Broaden Whistleblower Protections ( 61

The U.S. Supreme Court this week refused to broaden protections for corporate insiders who call out misconduct, ruling they must take claims of wrongdoing to the Securities and Exchange Commission in order to be shielded against retaliation. From a report: The justices ruled 9-0 in favor of Digital Realty Trust, throwing out a lawsuit brought against the California-based real estate trust by a fired former employee who had reported alleged wrongdoing only internally and not to the SEC. The 2010 Wall Street reform law known as the Dodd-Frank Act is unambiguous in offering no protection from retaliation such as firing or demotion to employees who report claims of securities law violations only in-house, the court ruled.

Slashdot Top Deals