Legal Archive
And here we have yet another case of the EU’s consumer protection legislation working in our favour. Dutch privacy and consumer rights organisation Bits of Freedom sued Facebook over the company’s little trick of disregarding a user’s settings under a variety of circumstances, such as when a user opts for a chronological, non-profiled timeline, only to have Facebook reset itself to the profiled timeline upon a restart. The judge states that Meta is indeed acting in violation of the law. He says that “a non‑persistent choice option for a recommendation system runs counter to the purpose of the DSA, which is to give users genuine autonomy, freedom of choice, and control over how information is presented to them.” The judge also concludes that the way Meta has designed its platforms constitutes “a significant disruption of the autonomy of Facebook and Instagram users.” The judge orders Meta to adjust its apps so that the user’s choice is preserved, even when the user navigates to another section or restarts the app. ↫ Bits of Freedom press release This is good news, of course, but I really wish we would take this a step further: a complete ban on targeted advertising and timeline manipulation based on harvested user data. I just don’t believe these business models and ragebait machines offer anything of value to society, and in fact, do far more harm than good. I am convinced that our world would be a better place without these business models. We restrict of outright ban dangerous substances or activities all the time. This should be among them.
I’m not really into the niche of “virtual YouTubers” – people who post YouTube videos and/or stream using a virtual avatar – but to each their own, and if this technology enables people to remain anonymous while doing what they love on YouTube or Twitch, I’m all for it. Since these virtual avatars also do things like face-tracking, there’s a whole cottage industry of software tools to make this all work, but Adrian “asie” Siekierka decided to take a look at where the training data used to make such face-tracking work actually comes from. One day, some years ago, I decided to look at the data used to train OpenSeeFace. OpenSeeFace is the most popular open source face tracking solution for virtual YouTubers. It is supported by both open source and commercial model rendering tools; in particular, VTube Studio allows using it as an option for webcam tracking. ↫ Adrian “asie” Siekierka The results of the investigation are not exactly great. Much of the data used by OpenSeeFace comes with serious restrictions on commercial use, and many of the underlying datasets contain images that you would need consent for from the people inside the image to actually use. On top of that, a lot of these data sets seem to have just scraped the internet for images of faces without asking anyone of the people in those images for consent, which raises a whole number of troubling issues. I find this a very interesting topic of discussion, if only because you’d be hard-pressed to argue that the average cartoon-esque virtual avatars even remotely resemble real human faces, so it’s not like you’re going to suddenly run into your own face somewhere on YouTube or Twitch, but plastered into another person. On the other hand, the underlying datasets still contain a ton of people’s faces without those people’s consent, and even for those that did give consent, there’s often a commercial use restriction which earning revenue on YouTube or Twitch might violate. It’s a fascinating microcosm of a whole slew of issues we’re dealing with right now, neatly contained in a relatively small niche.
The European Commission today fined Google €2.95 billion for abusing its dominant position in the advertising technology market, despite the threat of trade retribution from U.S President Donald Trump. The American tech giant is alleged to have distorted the market for online ads by favoring its own services to the detriment of competitors, advertisers and online publishers, the EU executive said in a press release. ↫ Jacob Parry at Politico Not only does Google have to pay a pretty hefty fine – for corporate standards, as it’s still peanuts when looking at Google’s revenue, because class justice is real – the company also has to submit a plan within 60 days detailing how it’s going to end the illegal behaviour. Of course, Google is going to contest the fine, but the company is also running to daddy to cry and whine about how those damn Europeans won’t let it engage in illegal behaviour. Last night, all the big US technology CEOs gathered for a dinner with Donald Trump, each taking turns gratuitously thanking and praising the big man for his amazing achievements during these first few months of his administration. Tim Cook, Bill Gates, Mark Zuckerberg, Sam Altman, and many more were all bending the knee and kissing the ring in what can only be described as a borderline pornographic display of fealty. Among them was, of course, the CEO of Google, Sundar Pichai, one day after Google laughed its way out of the courtroom. “Well you had a very good day yesterday,” Trump said, calling on Pichai at the Thursday evening dinner. “Google had a very good day yesterday. Do you want to talk about that big day you had yesterday?” “I’m glad it’s over,” Pichai responded to Trump, causing an eruption of laughter from the other table guests. “It’s a long process,” Pichai said. “Appreciate that your administration had a constructive dialogue, and we were able to get it to some resolution.” ↫ Jennifer Elias at CNBC Mind you, several of those “other table guests” are also being investigated by a variety of arms of the US government for monopoly abuse and antritrust violations, and I’m sure their laughter was almost entirely self-serving. If Google of all monopolies can slime its way out of any serious consequences, what hope does that leave that the other tech giants will ever have to face the consequences of their abuse? At least the European Union seems to be mostly holding its head high so far, but one can’t help but wonder how long the Phoenician princess can hold off the bull. The fact of the matter is that the European and US economies are heavily intertwined, and we let ourselves become utterly dependent on the US for our defense, too, and with Trump not deterred by Pyrrhic victories, a fallout is definitely not out of the question.
Welcome, friends, to my grubby little corner of the internet. A corner so strewn with obscenity that the UK government has decided you must prove you’re a grown-up before you can access certain parts of it. The UK’s new Online Safety Act has come into force, so UK people might have noticed a bunch of websites suddenly demanding you take a selfie, share your credit card details, or jump through another hoop to prove that you’re over 18. Quite a few of my friends have been discussing this in the pub, because for understandable reasons people who aren’t embedded in the world of online pornography or internet law are suddenly curious about why the internet is now so very broken. They’re also often convinced that the government will change its mind and therefore no one really needs to worry. I’ve had this conversation so many times now that I reckon I’ve got the basis for a fairly solid layperson’s guide to age verification: what it is, how it affects you, and why we absolutely, genuinely do need to worry. ↫ Girl on the Net Girl on the Net basically published the definitive guide on why age verification online, as currently implemented in the United Kingdom, and explored by the United States and the European Union, is such a terrible idea. It’s a privacy disaster, a clear onramp for Christian extremists to go after LGBTQ+ content, it doesn’t “protect the children”, it’s easily circumvented, breaks accessibility, casts such a wide net that it even hits sites like Wikipedia, and so, so much more. Whenever anyone online tries to sell you on age verification as a means to “think of the children”, you can just point them to the linked article. If, after reading it, they still believe this is the way to protect children from seeing naked people (while leaving the door to the most brutal forms of violent content wide open, of course, as is tradition), they will have either ulterior motives, or are some form of extremist you can’t argue with anyway. The demonization of sexual content and the sex workers that produce it as a means to introduce strict authoritarian control over the internet is something that will never go away. “Think of the children” is an incredibly powerful rallying cry for authoritarians to scare sheltered boomers into accepting pretty much any draconian measure, regardless of efficacy, and I doubt we will ever definitely win this fight. But we won’t have to sit down and accept it.
The European Union is in the process of testing an age-verification application, which people can use to verify their age in a privacy-preserving manner (in theory, of course). There’s countless important discussions to be had about whether or not age verification, privacy-preserving or not, is even something we should want, but that’s a topic for another time and for people smarter than I. For now, several member states are currently testing the application on a voluntary basis, and the application itself is open source, with the code hosted on GitHub. Aside from the obvious concerns about just how private such an application can even be, and concerns about whether or not we should even want something like this, there’s another major problem: the application intends to make use of and require application and device verification by using the proprietary tools for such functionality from Google and Apple, built into Android and iOS, respectively. Listed as future “features”: App and device verification based on Google Play Integrity API and Apple App Attestation ↫ The application’s GitHub page This is a massive problem. For reasons that should be obvious to anyone with at least six functioning neurons, the European Union, as well as countless other countries, are trying to reduce their dependency on US technology companies. As such, it’s indefensible to then require anyone who needs to use age verification in the European Union to use an application that will only work on Google-approved Android devices and even then, only when installed from the Google Play Store, with the only alternative being, of all things, Apple’s iOS. This means that the EU will require anyone who needs age verification to have either a Google or an Apple account, and can only use Google-approved Android or iOS. This application would not work on, say, GrapheneOS or any other non-Google-approved Android ROM – in fact, even if you were to compile the application yourself, you wouldn’t be able to actually use it because it wouldn’t be installed from the Google Play Store. Of course, any mobile operating other than Android or iOS need not apply either. The danger of tying age verification to Google and Apple did not go by unnoticed, and a GitHub issue raised the issue a few weeks ago. I would like to strongly urge to abandon this plan. Requiring a dependency on American tech giants for age verification further deepens the EU’s dependency on America and the USA’s control over the internet. Especially in the current political climate I hope I do not have to explain how undesirable and dangerous that is. ↫ TheLastProject in the GitHub issue The comment thread attached to the issue is long, but during the two weeks since the issue was raised, nobody from the application’s team has answered or even acknowledged people’s concerns, which doesn’t exactly inspire confidence in this being taken seriously. I just hope that with this entire project being in the early testing phases, at least someone manages to realise tying this to Google and Apple is one of the dumbest ideas in a long, long time.
Last year the European Union introduced legislation to greatly improve the transparency around political advertising, specifically on social media and websites. The law mandates a few very basic requirements that tend to already apply to many other forms of political advertising, like clearly labeling who paid for the ad and how much was spent, which election or referendum they’re about, and which targeting techniques were used. In addition, data used for targeting may only be collected from the person being targeted, and the person targeted has to give explicit permission specifically for political advertising. Furthermore, a whole slew of data types are not allowed to be used, such as data that may reveal ethnic or racial origin or political opinions. Lastly, an obvious one: starting three months before an election of referendum, third country sponsors are banned from advertising. It seems these rather basic, elementary requirements are too much for Facebook, as the company today announced it’s going to stop offering political advertising in the European Union altogether in October of this year. The company cries on its blog: Despite extensive engagement with policymakers to share these concerns, we have been left with an impossible choice: alter our services to offer an advertising product which doesn’t work for advertisers or users, without guarantee that our solution would be viewed as compliant, or stop allowing political, electoral and social issue ads in the EU. We’re not the only company to have been forced into this position. Once again, we’re seeing regulatory obligations effectively remove popular products and services from the market, reducing choice and competition. ↫ Sad Facebook As the link in Facebook’s above lament points out, Google has also decided to stop offering political advertising in the European Union, for the exact same reasons. Facebook and Google are clearly trying to frame this as “bad”, but the only people the removal of hyper-targeted political advertising is bad for are threat actors trying to unduly and illegally influence elections, and of course, for the bottom line of Facebook and Google. Neither of these are of any relevance to the proper execution of fair and free elections, and people all across the European Union will be better off without these two advertising giants providing an easy avenue for shady organisations and foreign entities to unduly influence our elections. Basically, cry me a river Zuck. Nobody likes you.
James Heppell, representing Open Web Advocacy, published an article detailing his experience attending DMA compliance workshop in Brussels, in which members of the public can ask questions of companies who have products designated as gatekeepers under the DMA. After attending the Apple one, he concludes: As a final thought, I called this article “Apple Vs The Law” primarily in reference to the rule of law, about how it should be applied equally and fairly against all, no matter the size and influence of your company. I think some of these gatekeepers – above all Apple, do a lot to undermine this process, in some places genuinely damaging trust in democracy. Going out of their way to paint the DMA law and the EU as overstepping and extreme hurts its reputation, as does the invented rhetoric about it being the “great risk to privacy ever imposed to government” (China?), or that they’re “acting without experts in the field”. Similarly for the number of covertly funded and supported lobbying groups that they bring to regulators all around the world. And the constant pressure from the US administration to not enforce the DMA – helped in no small part by these gatekeepers. These money-driven practices – which in many ways mirror the propaganda typically produced by authoritarian regimes like Russia, seriously hurt all democracies that they come in to touch with, and is a kind of behaviour that should make Apple, and any other group involved, ashamed of themselves. ↫ James Heppell Sometimes I wonder if us Europeans wouldn’t simply be better off without these lying, scheming, law-breaking American technology companies. Yes, there’s be a bit of a shock and a chaotic scrambling as newcomers fill the void, but I think I’d prefer that over the illegal behaviours that are clearly endemic in US technology companies. As a EU citizen, I’m not even afforded 0.01% of the kind of silk glove, patient, and cooing treatment these corporations get when they break the law, and it highlights once more just how tiered justice really is. I think the EU would, in the long term, be better off without the likes of Apple, Google, Microsoft, Amazon, and Facebook routinely and repeatedly breaking our laws. Rip that festering, rotting band-aid off and endure the chaos for a few years while European newcomers fill the void in a beautiful explosion of competition and innovation. Do we really want to be tied to these corporations that clearly despise us?
You may not have heard of the “Transparency & Consent Framework”, but you’ve most likely interacted with it, probably on a daily basis. The TCF is used by 80% of the internet to obtain “consent” from users to collect their data and share it among advertisers – you know, the cookie popups. In a landmark EU ruling yesterday, the TCF has been declared to violate the GDPR, making it illegal. For seven years, the tracking industry has used the TCF as a legal cover for Real-Time Bidding (RTB), the vast advertising auction system that operates behind the scenes on websites and apps. RTB tracks what Internet users look at and where they go in the real world. It then continuously broadcasts this data to a host of companies, enabling them to keep dossiers on every Internet user. Because there is no security in the RTB system it is impossible to know what then happens to the data. As a result, it is also impossible to provide the necessary information that must accompany a consent request. ↫ Irish Council for Civil Liberties It’s no secret that cookie consent popups do not actually comply with the GDPR, and that they are not even necessary if you simply don’t do any cross-site sharing of personal information. It seems that this ruling confirms this in a legal sense, forcing the advertising industry to come up with a new, better system. On top of that, every individual company that participated in this scheme is now liable for fines and damages. Complaints coordinated by Johnny Ryan, Director of Enforce at the Irish Council for Civil Liberties, prompted the ruling. He said: Today’s court’s decision shows that the consent system used by Google, Amazon, X, Microsoft, deceives hundreds of millions of Europeans. The tech industry has sought to hide its vast data breach behind sham consent popups. Tech companies turned the GDPR into a daily nuisance rather than a shield for people. ↫ Irish Council for Civil Liberties The problem here is not so much the clarity of applicable laws and regulations, but the cost and effectiveness of enforcement. If it takes years of expensive and complex legal proceedings to bring a company that violates the GDPR to heel, is it really an effective legal framework? Especially when you take into account just how many companies, big and small, there are that violate the GDPR? OSNews uses a cookie popup and displays advertising, something we have to do to gain a little bit of extra income – but I’m not happy about it. Our ads don’t provide us with much income, perhaps about €150-200, but that’s still a decent enough chunk of our income pie that we need it. I would greatly prefer we turn off these ads altogether, but in order to be able to afford that, we’d need to up our Patreon income. OSNews Patreons get an ad-free version of OSNews. That’s a long and slow process, especially with the current economic uncertainty making people reconsider their expenses. Disabling our ads altogether for everyone once we’re fully reader-funded is still my end goal, but until the world around us settles down a bit, that’s a little while off. If you want to speed this process up – you can become an OSNews Patreon and enjoy an ad-free OSNews today.
I don’t know anything about hiring processes in Silicon Valley, or about hiring processes in general since I’ve always worked for myself (and still do, running OSNews, relying on your generous Patreon and Ko-Fi support), so when I ran into this horror story of applying for a position at a Silicon Valley startup, I was horrified. Apparently it’s not unheard of – it might even be common? – to ask applicants for a coding position to develop a complex application, for free, without much guidance beyond some vague, generic instructions? In this case, the applicant, Jose Vargas, was applying for a position at Kagi, the search startup with the, shall we say, somewhat evangelical fanbase. After applying, he was asked to develop a complete e-mail client, either as a TUI/CLI or a web application that can view and send emails, using a fake or a real backend, which can display at least plaintext e-mails. None of this was going to be paid labour, of course. Vargas started out by sending in a detailed proposal of what he was planning to create, ending with the obvious question what kind of response he’d get if he actually implemented the detailed proposal. He got a generic response in return, without an answer to that question, but he set out to work regardless. In the end, it took him about a week to complete the project and send it in. He eventually received a canned rejection notice in response, and after asking for clarification the hiring manager told him they wanted something “simpler and stronger”, so he didn’t make the cut. I’m not interested in debating whether or not Vargas was suited for the position, or if the unpaid work he sent in was any good. What I do want to talk about, though, is the insane amount of unpaid labour applicants are apparently asked to do in Silicon Valley, the utter lack of clear and detailed instructions, and how the hiring manager didn’t answer the question Vargas sent in alongside his detailed proposal. After all, the hiring manager could’ve saved everyone a ton of time by letting Vargas know upfront the proposal wasn’t what Kagi was looking for. Everything about this feels completely asinine to me. As a (former) translator, I’m no stranger to having to do some work to give a potential client an idea of what my work looks like, but more than half a page of text to translate was incredibly rare. Only on a few rare occasions did a prospective client want me to translate more than that, and in those cases it was always as paid labour, at the normal, regular rate. For context, half a page of text is less than half an hour of work – a far cry from a week’s worth of unpaid labour. I’ve read a ton of online discourse about this particular story, and there’s no clear consensus on whether or not Vargas’ feelings are justified. Personally, I find the instructions given by Kagi overly broad and vague, the task of creating an email client to be overly demanding, and the canned (“AI”?) responses by the hiring manager insulting – after sending in such a detailed proposal, it should’ve been easy for a halfway decent hiring manager to realise Vargas might not be a good fit for the role, and tell him so before he started doing any work. Kagi is fully within its right to determine who is and is not a good fit for the company, and who they hire is entirely up to them. If such stringent, demanding hiring practices are par for the course in Silicon Valley, I also can’t really fault them for toeing the industry line. The hiring manager’s behaviour seems problematic, but everyone makes mistakes and nobody’s perfect. In short, I’m not even really mad at Kagi specifically here. However, if such hiring practices are indeed the norm, can I, as an outsider, just state the obvious? What on earth are you people doing to each other over there in Silicon Valley? Is this really how you want to treat potential applicants, and how you, yourself, want to be treated? Imagine if a someone applies to be a retail clerk at a local supermarket, and the supermarket’s hiring manager asks the applicant to work an entire week in the store, stocking shelves and helping shoppers, without paying the person any wages, only to deny their application after the week of free labour is over? You all realise how insane that sounds, right? Why not look at a person’s previous work, hosted on GitHub or any of its alternatives? Why not contact their previous employers and ask about their performance there, as happens in so many other industries? Why, instead of asking someone to craft an entire email client, don’t you just give them a few interesting bugs to look at that won’t take an entire week of work? Why not, you know, pay for their labour if you demand a week’s worth of work? I’m so utterly baffled by all of this. Y’all developers need a union.
A European Union privacy watchdog fined TikTok 530 million euros ($600 million) on Friday after a four-year investigation found that the video sharing app’s data transfers to China put users at risk of spying, in breach of strict EU data privacy rules. Ireland’s Data Protection Commission also sanctioned TikTok for not being transparent with users about where their personal data was being sent and ordered the company to comply with the rules within six months. ↫ Kelvin Chan for AP News In case you’re wondering what Ireland’s specific role in this case is, TikTok’s European headquarters are located in Ireland, which means that any EU-wide privacy violations by TikTok are handled by Ireland’s privacy watchdog. Anyway, sounds like a big fine, right? Let’s do some math. TikTok’s global revenue last year is estimated at €20 billion. This means that a €530 million fine is 2.65% of TikTok’s global yearly revenue. Now let’s make this more relatable for us normal people. The yearly median income in Sweden is €34365 (pre-taxes), which means that if the median income Swede had to pay a fine with the same impact as the TikTok fine, they’d have to pay €910. That’s how utterly bullshit this fine is. €910 isn’t nothing if you make €34000 per year, but would you call this a true punishment for TikTok? Any time you read about any of these coporate fines, you should do math like this to get an idea of what the true impact of the fine really amounts to. You’ll be surprised to learn to just how utterly toothless they are.
The European Commission has levied fines against both Apple and Facebook for violating the Digital Markets Act. Apple has to pay a €500 million fine, and Facebook a €200 million fine. Apple is breaking EU law by not allowing application developers to inform users of other offers outside the App Store. The Commission found that Apple fails to comply with this obligation. Due to a number of restrictions imposed by Apple, app developers cannot fully benefit from the advantages of alternative distribution channels outside the App Store. Similarly, consumers cannot fully benefit from alternative and cheaper offers as Apple prevents app developers from directly informing consumers of such offers. The company has failed to demonstrate that these restrictions are objectively necessary and proportionate. ↫ European Commission press release Not only is Apple ordered to pay the €500 million fine, they also have to remove any and all of the illegal restrictions they put in place. Facebook, meanwhile, was fined for not offering an equally functional services but without combining user data from different services. The company did offer a choice between paying and not paying – whereby the latter involved data collection and combination – but this model violated the DMA. The Commission found that this model is not compliant with the DMA, as it did not give users the required specific choice to opt for a service that uses less of their personal data but is otherwise equivalent to the ‘personalised ads’ service. Meta’s model also did not allow users to exercise their right to freely consent to the combination of their personal data. ↫ European Commission press release Facebook did later amend their model to make it compliant with the DMA, and so the fine only covers the few months Facebook was violating EU law. Fun additional note: the EC also mentions that the Facebook Marketplace is no longer a gatekeeper service under the DMA, since its user numbers has dropped below the threshold. Facebook seems to be having some engagement issues in Europe, and you love to hear it. Both companies are required to pay and comply within 60 days, or further periodic penalty payments will be levied.
Late last year, Google’s Play Store was ruled to be a monopoly in the US, and today the judge in that case has set out what Google must do to address this situation. Today, Judge James Donato issued his final ruling in Epic v. Google, ordering Google to effectively open up the Google Play app store to competition for three whole years. Google will have to distribute rival third-party app stores within Google Play, and it must give rival third-party app stores access to the full catalog of Google Play apps, unless developers opt out individually. ↫ Sean Hollister at The Verge On top of these rather big changes, Google also cannot mandate the use of Google’s own billing solution, nor can it prohibit developers from informing users of other ways to download and/or pay for an application. Furthermore, Google can’t make sweetheart deals with device makers to entice them to install the Play Store or to block them from installing other stores, and Google can’t pay developers to only use the Play Store or not use other stores. It’s a rather comprehensive set of remedies that will remain in force for three years. Many of these remedies are taken straight from the European Union’s Digital Markets Act, but they will be far less effective since they’re only applied to one company, and only for three years. On top of that, Google can appeal, and the company has already stated that it’s going to ask for an immediate stay on these remedies, and if they get that stay, the remedies won’t have to be implemented any time soon. This legal tussling is far from over, and does very little to protect consumer choice. A clear law that simply prohibits this kind of market abuse, like the DMA, is much fairer to everyone involved, and creates a consistent level playing field for everyone, instead of only affecting random companies based on the whims of something as unpredictable as juries. In other words, I don’t think much is going to change in the United States after this ruling, and we’ll likely be hearing more back and forths in the court room for years to come, all while US consumers are being harmed. It’s better than nothing in lieu of a working Congress actually doing, well, anything, but that’s not saying much.
California Governor Gavin Newsom has signed a law (AB 2426) to combat “disappearing” purchases of digital games, movies, music, and ebooks. The legislation will force digital storefronts to tell customers they’re just getting a license to use the digital media, rather than suggesting they actually own it. When the law comes into effect next year, it will ban digital storefronts from using terms like “buy” or “purchase,” unless they inform customers that they’re not getting unrestricted access to whatever they’re buying. Storefronts will have to tell customers they’re getting a license that can be revoked as well as provide a list of all the restrictions that come along with it. Companies that break the rule could be fined for false advertising. ↫ Emma Roth at The Verge A step in the right direction, but a lot more is definitely needed. This law in particular seems to leave a lot of wiggle room for companies to keep using the “purchase” term while hiding the disclosure somewhere in the very, very small fine print. I would much rather a law like this just straight up ban the use of the term “purchase” and similar terms when all you’re getting is a license. Why allow them to keep lying about the nature of the transaction in exchange for some fine print somewhere? The software industry in particular has been enjoying a free ride when it comes to consumer protection laws, and the kind of malpractice, lack of accountability, and laughable quality control would have any other industry shut down in weeks for severe negligence. We’re taking baby steps, but it seems we’re finally arriving at a point where basic consumer protection laws and rights are being applied to software, too. Several decades too late, but at least it’s something.
The Internet Archive has lost its appeal in a fight to lend out scanned ebooks without the approval of publishers. In a decision on Wednesday, the Second Circuit Court of Appeals ruled that permitting the Internet Archive’s digital library would “allow for widescale copying that deprives creators of compensation and diminishes the incentive to produce new works.” The decision is another blow to the nonprofit in the Hachette v. Internet Archive case. In 2020, four major publishers — Hachette, Penguin Random House, Wiley, and HarperCollins — sued the Internet Archive over claims its digital library constitutes “willful digital piracy on an industrial scale.” ↫ Emma Roth If you’re a library and scan books and offer a lending service, you’re committing “willful digital piracy on an industrial scale”. If you scan the entire goddamn internet without any regard for licensing or copyright and regurgitate chunks of it on command, you’re a visionary, a revolutionary, a genius. Make it make sense.
Kim Carver, a legislator in the US state of Louisiana, added a provision to a child safety bill forcing Apple and Google to enforce age restrictions on downloads in their application stores. In other words, it would force Apple to make sure minors could not download gambling and casino applications – i.e., 99% of mobile games – that make up the vast majority of Apple’s services revenue. It would also make application stores play a role in enforcing age restrictions on social media applications, which makes sense because Apple and Google know the age of every one of their users. Well, it turns out Apple was not happy. They sent out an absolute army of lobbyists – including a guy known for lobbying on behalf of truck-stop casinos, in case you were wondering about the type of people Apple uses for lobbying – to kill this specific provision. Carver’s provision would have breezed through the Louisiana senate, but it needed a key committee approval before being put up for a vote. And it’s this committee that Apple started heavily influencing and pressuring. Carver began hearing rumblings that Apple was making inroads with the committee—his amended bill might be in trouble. Uncertain on how to proceed, he approached the chairwoman of the committee, Sen. Beth Mizell, for advice. He declined to describe the substance of the conversation to The Wall Street Journal, but in the end, he promised not to object if she removed the app store provisions or support restoring them on the Senate floor. “I made the choice to take the win that we could get,” Carver said. ↫ Jeff Horwitz and Aaron Tilley at The Wall Street Journal This is not the first time Apple has pressured legislatures to drop bills it didn’t like. A famous case is the state if Georgia, which intended to pass a number of application store bills to open up the App Store in much the same way the European Union did with the DMA. Apple went absolutely mental in Georgia, including threatening to cancel “a $25 million investment in a historically Black college in Atlanta”. Apple won. The way these sleazebag companies get away with such blatant corruption is by using third-party lobbyists, which technically are not employed by the companies in question, so no matter how low and sleazy these lobbyists go, the companies they lobby for can wash their hands in innocence and absolve themselves from any responsibility for the various financial and legal threats levied at underfunded, understaffed local legislatures. Spending a few millions on a local development project or whatever is peanuts for Apple, but a massive boon for a small community somewhere, so Apple pulling out means nothing to Apple, but would massively affect such a community. It’s not surprising local legislatures fold. Circling back to the age restriction provision itself – telling stores what they can and cannot sell is an entirely normal thing to do, and happens all the time all over the world. It’s why in, say, The Netherlands, supermarkets are only allowed to sell “light” alcohol like beer and wine, with hard alcohol moved to separate liquor stores that have to be separate from the supermarket, so age restrictions are easier to enforce. There’s also just an infinite number of things you’re just not allowed to sell, period. As always, Silicon Valley believes it’s a very special snowflake to whom regular, normal, widely accepted rules do not apply. Why shouldn’t a store selling gambling applications and similarly addictive and damaging applications have to do the absolute bare minimum to protect minors? Imagine the massive outcry if a Costco or Walmart was found to sell massive amounts of hard liquor to children – why should Silicon Valley companies be treated any differently?
In its antitrust case against Google, the Federal Government filed a list of chats it had obtained that show Google employees explicitly asking each other to turn off a chat history feature to discuss sensitive subjects, showing repeatedly that Google workers understood they should try to avoid creating a paper trail of some of their activities. The filing came following a hearing in which judge Leonie Brinkema ripped Google for “destroyed” evidence while considering a filing from the Department of Justice asking the court to find “adverse interference” against Google, which would allow the court to assume it purposefully destroyed evidence. Previous filings, including in the Epic Games v Google lawsuit and this current antitrust case, have also shown Google employees purposefully turning history off. ↫ Seamus Hughes The fact that corporations break the law, and lie, cheat, and scam their way to the top is not something particularly shocking, nor will it surprise anyone. I can barely even get angry about it anymore – birds gotta eat, fish gotta swim, corpos gotta break the law, that sort of thing. It’s just an inevitability of reality, a law of nature. You know it, I know it, the whole world knows it. No, what really upsets me is just how easily they get away with it, and even if they do get punished, any fines or other forms of punishment are so utterly disproportionately mild compared to the crimes committed. It’s incredibly rare for anyone responsible for corporate crime to ever face any serious punishment, let alone jail time, and even in the rare cases where they do, they usually have some stock options or whatever left over from their employment contract that will ensure a lavishly wealthy lifestyle. Fines levied against corporations as a whole are usually so low they’re just a minor cost of doing business, to the point where one has to wonder why they’re even being levied at all. Compare this to us normal folks, and the differences couldn’t be more stark. Whenever we’re accidentally late on some small bill, we get fined automatically, with very little recourse. We get a speeding ticket automatically in the mail because we drove 5 km/h over the speed limit. Our tax agencies are stupidly effective and efficient at screwing you over for that small side hustle selling crap on eBay. And rarely do we have any effective, efficient recourse. And these things can quickly spiral out of control when you’re already living paycheck to paycheck – being poor is really, really expensive. And let’s not even get into how much worse any of this is if you’re part of a minority, like being black in the US, or of North-African descent in Europe. In this case, the illegal activities of Google and its executies and employees is on such clear display, and yet, few, if any, will suffer any consequences for them. If you ever wonder why so many regular people flock to political extremes, it’s exactly this kind of deep unfairness and inequality that lies at its roots. It’s dispiriting, demoralising, and disheartening, and primes the pumps for disenfranchisement with society, and thus the search for alternatives, upon which extremists pray. We either stop our continual slide into corporatism, or our societies will fall.
San Francisco’s city attorney David Chiu is suing to shut down 16 of the most popular websites and apps allowing users to “nudify” or “undress” photos of mostly women and girls who have been increasingly harassed and exploited by bad actors online. These sites, Chiu’s suit claimed, are “intentionally” designed to “create fake, nude images of women and girls without their consent,” boasting that any users can upload any photo to “see anyone naked” by using tech that realistically swaps the faces of real victims onto AI-generated explicit images. ↫ Ashley Belanger at Ars Technica This is an incredibly uncomfortable topic to talk about, but with the advent of ML and AI making it so incredibly easy to do this, it’s only going to get more popular. The ease with which you can generate a fake nude image of someone is completely and utterly out of whack with the permanent damage it can do the person involved – infinitely so when it involves minors, of course – and with these technologies getting better by the day, it’s only going to get worse. So, how do you deal with this? I have no idea. I don’t think anyone has any idea. I’m pretty sure all of us would like to just have a magic ban button to remove this filth from the web, but we know such buttons don’t exist, and trying to blast this nonsense out of existence is a game of digital whack-a-mole where there are millions of moles and only one tiny hammer that explodes after one use. It’s just not going to work. The best we can hope for is to get a few of the people responsible behind bars to send a message and create some deterrent effect, but how much that would help is debatable, at best. As a side note, I don’t want to hang this up on AI and ML alone. People – men – were doing this to to other people – women – even before the current crop of AI and ML tools, using Photoshop and similar tools, but of course it takes a lot more work to do it manually. I don’t think we should focus too much on the role ML and AI plays, and focus more on finding real solutions – no matter how hard, or impossible, that’s going to be.
The European Union’s Digital Markets Act is the gift that keeps on giving. This time, it’s Facebook’s turn to be slapped on the fingers with a ruler – a metric ruler, of course – because of its malicious compliance with the DMA. Today, the Commission has informed Meta of its preliminary findings that its “pay or consent” advertising model fails to comply with the Digital Markets Act (DMA). In the Commission’s preliminary view, this binary choice forces users to consent to the combination of their personal data and fails to provide them a less personalised but equivalent version of Meta’s social networks. ↫ European Commission press release The European Commission’s preliminary conclusion takes issue with Facebook’s binary choice between “pay for zero ads” and “full-on tracking and all the ads”. According to the DMA, Facebook must offer users the option of an equivalent experience with less tracking, and the company doesn’t offer such an option to users. In addition, Facebook’s proposal does not allow users to “exercise their right to freely consent to the combination of their personal data”. It’s important to note that this is not some sort of definitive ruling of finding; it’s preliminary, and Facebook now has the opportunity to state its case and formulate its arguments. If the eventual ruling is that Facebook does not comply, the company is liable for fines up to 10% of its yearly worldwide turnover, which can rise up to 20% for repeated infractions.
To lock subscribers into recurring monthly payments, Adobe would typically pre-select by default its most popular “annual paid monthly” plan, the FTC alleged. That subscription option locked users into an annual plan despite paying month to month. If they canceled after a two-week period, they’d owe Adobe an early termination fee (ETF) that costs 50 percent of their remaining annual subscription. The “material terms” of this fee are hidden during enrollment, the FTC claimed, only appearing in “disclosures that are designed to go unnoticed and that most consumers never see.” ↫ Ashley Belanger at Ars Technica There’s a sucker for every corporation, but I highly doubt there’s anyone out there who would consider this a fair business practice. This is so obviously designed to hide costs during sign-up, and then unveil them when the user considers quitting. If this is deemed legal or allowed, you can expect everyone to jump on this bandwagon to scam users out of their money. It goes further than this, though. According to the FTC, Adobe knew this practice was shady, but continued it anyway because altering it would negatively affect the bottom line. The FTC is actually targeting two Adobe executives directly, which is always nice to hear – it’s usually management that pushes such illegal practices through, leaving the lower ranks little choice but to comply or lose their job. Stuff like this is exactly why confidence in the major technology companies is at an all-time low.
It seems that if you want to steer clear from having Facebook use your Facebook, WhatsApp, Instagram, etc. data for machine learning training, you might want to consider moving to the European Union. Meta has apparently paused plans to process mounds of user data to bring new AI experiences to Europe. The decision comes after data regulators rebuffed the tech giant’s claims that it had “legitimate interests” in processing European Union- and European Economic Area (EEA)-based Facebook and Instagram users’ data—including personal posts and pictures—to train future AI tools. ↫ Ashley Belanger These are just the opening salvos of the legal war that’s brewing here, so who knows how it’s going to turn out. For now, though, European Union Facebook users are safe from Facebook’s machine learning training.
