Daily Deal: The A to Z Cyber Security & IT Certification Training Bundle

Deals

from the good-deals-on-cool-stuff dept

The A to Z Cyber Security & IT Certification Training Bundle has 12 courses focusing on foundational IT skills. Courses cover penetration testing, beginner cybersecurity techniques, ethical hacking, and more. The bundle is on sale for $46.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

Authors Guild, Jealous Of Other Terrible Author Lawsuits Against AI, Decides To Join In The Party

Copyright

from the high-school-english-infringes? dept

It’s been eight years since the Authors Guild was thoroughly and totally embarrassed by losing its big lawsuit against Google over the Google Books scanning project. I guess they’re missing the feeling of embarrassment, as they’ve filed what is effectively the same damn suit against OpenAI over that company’s book scanning.

Now, I know, some folks are going to insist that this is somehow different, that AI makes things different, but if anything, I’d argue that the case against OpenAI is significantly weaker than the one against Google. In the case of Google, the company was actually showing snippets of the works. With OpenAI, its book scanning is only for the sake of training the AI. The AI systems are doing the equivalent of reading the books, but never displaying them, just learning from them.

The process is indistinguishable from how humans learn: they read books, and retain some details, and if asked to produce a summary of the work, or to create a work “in the style of” an author, they do so by taking what they’ve learned and producing an entirely new work. That’s all that OpenAI does as well. And unless we’re going to say that reading a book and producing a book report is infringing, then this case seems particularly pointless.

Now, this isn’t the first lawsuit by authors against OpenAI. We covered another one back in July, but rather than just a random list of authors and a desire to turn it into a class action, this new lawsuit is by the Authors Guild itself, and has a ton of big names, including John Grisham, Mary Bly, George Saunders, Scott Turow, Jonathan Franzen, and George R.R. Martin.

It’s not surprising that some of these authors are angry. Scott Turow (who had been a lawyer) used to run the Authors Guild, and was the architect of its failed attack on Google’s book scanning effort. He should have learned his lesson, but if we’ve learned anything over it’s the last decade it’s that Scott Turow’s hatred for the internet knows no bounds.

Some of the other authors you wish would be a bit more circumspect before going down this path.

Of course, with copyright law, the end result is always somewhat up in the air. Judges all too often fall under the sway of big names whining about their “lost money,” and are willing to ignore the text and limitations of copyright law for a chance to make the richest of the rich authors even wealthier.

But, this is a terrible lawsuit and should lose, and the Authors Guild should be embarrassed again. Everything about the complaint is dumb. The Authors Guild is somewhat famous for only looking out for the interests of its biggest name authors (and, bizarrely, publishers), and screwing over smaller authors. And you can see that in the complaint, which literally claims that without the authors suing here, OpenAI would have no product at all (which is just nonsense):

Unfairly, and perversely, without Plaintiffs’ copyrighted works on which to “train” their LLMs, Defendants would have no commercial product with which to damage—if not usurp—the market for these professional authors’ works. Defendants’ willful copying thus makes Plaintiffs’ works into engines of their own destruction.

No offense, but if OpenAI could “usurp” the market for these writers, then these writers suck and deserve to have their market usurped. Do these writers not actually believe they can write better stories than a computer?

How embarrassing for them to admit that. Also, as much as I’ve enjoyed some of their works in the past, this lawsuit tells me that these authors are cooked. They are admitting that they’re so uncreative a computer can outwrite them. Fair enough warning: no need to ever read any of their books any more.

Somewhat hilariously, the Authors Guild uses the fact that ChatGPT says that some of its training model may have come from in-copyright works as proof that they did:

ChatGPT itself admits as much. In response to a query submitted to it in January 2023, the chatbot responded: “It is possible that some of the books used to train me were under copyright. However, my training data was sourced from various publicly available sources on the internet, and it is likely that some of the books included in my training dataset were not authorized to be used. … If any copyrighted material was included in my training data, it would have been used without the knowledge or consent of the copyright holder.”

But… ChatGPT doesn’t actually know that. ChatGPT makes up its answers based on probabilistic scores, which is why it’s prone to “hallucinate” false things as true. While, it would only make sense that OpenAI was trained on such things because doing so would be fair use (given multiple court rulings regarding the computer scanning of copyright covered materials, including both search engines and book scanning), the fact that the Authors Guild thinks ChatGPT saying this is some sort of admission shows just how little (i.e., basically nothing) the Authors Guild and its lawyers understand any of this.

The lawsuit, bizarrely, highlights that some Authors Guild members are so bad at writing that they’d already lost jobs to ChatGPT:

An Authors Guild member who writes marketing and web content reported losing 75 percent of their work as a result of clients switching to AI.

Another content writer (unrelated to the Plaintiffs here) told the Washington Post that half of his annual income (generated by ten client contracts) was erased when the clients elected to use ChatGPT instead.

Why would you admit that? Incredibly, in the very next paragraph in the suit, the Authors Guild admits that AI-generated content is terrible. Right after admitting that its own members write worse. Incredible.

Recently, the owner of popular online publications such as Gizmodo, Deadspin, The Root, Jezebel and The Onion came under fire for publishing an error-riddled, AI-generated piece, leading the Writers Guild of America to demand “an immediate end of AI-generated articles” on the company’s properties.

The Authors Guild notes that it holds several copyrights itself, that it’s using in this lawsuit, including for Mignon Eberhart’s books, such as “The Patient in Room 18,” which was published in 1929 and will go into the public domain in less than a year and a half. Also there’s “While the Patient Slept.” That’s a book that was… published in 1930 and will go into the public domain in less than three years. Is the Authors Guild really claiming there’s some giant market for licensing books that are about to go into the public domain? Really?

And, again, like earlier suits, their big complaint is that these AI tools can do the same thing a 7th grade student can:

When prompted, ChatGPT generated an accurate summary of the final chapter of While the Patient Slept, one of the Authors Guild Infringed Works.

Generating a summary is not infringing, guys.

For another author, the complaint is that it generated a made up outline for the next book in a series of books, which is (again) often a task assigned in high school English classes (I remember having to draft an outline for a sequel to 1984, was I infringing too?)

Again, this complaint is pure hubris and greed from authors. The complaint cites a survey saying that authors believe they should be paid for having their works training AI systems, and who isn’t going to say they should get free money for doing nothing? That’s not how you determine if it’s actually infringing, though.

As mentioned above, copyright law is difficult to predict, because judges often go wacky, but this is a horrifically stupid lawsuit, following on some other similar lawsuits. The Authors Guild lost every bit of the Google Books scanning lawsuit, which was found to be transformative and fair use, and the same should be the case here as well.

Filed Under: ai, book reports, chatgpt, christina baker kline, copyright, david baldacci, douglas preston, elin hilderbrand, fair use, generative ai, george r.r. martin, george saunders, jodi picoult, john grisham, jonathan franzen, mary bly, maya shanbhag lang, michael connelly, rachel vail, roxana robinson, scott turow, summarization, sylvia day, transformative, victor lavalle
Companies: authors guild, openai

It’s Beyond Stupid That Robocallers And Lobbyists Have Made Our Voice Networks Almost Unusable

(Mis)Uses of Technology

from the fifty-forth-time's-the-charm dept

It can’t be said often enough: it’s stunning that we’ve let scammers and scumbags hijack the nation’s top voice communications platform. And that we’ve let marketing and telecom industry lobbyists slowly degrade the authority of the one U.S. regulator capable of actually doing something about it.

Every six months or so the FCC comes out with a new plan it insists will finally fix the scourge that is robocalls. Yet the solutions are never quite enough to actually combat robocallers, who now annoy Americans roughly 5.1 billion times every month. We’ve noted repeatedly why robocalls are a problem that somehow never gets truly fixed:

• Lobbying by a coalition of industries has routinely led to Supreme Court rulings that have curtailed the FCC’s authority to pursue “scammers” and legitimate companies alike.
• Lobbying has resulted in a paradigm where the discourse fixates on “scammers,” when it’s “legitimate” industries that are routinely the biggest culprits, often using the same exact tactics as scammers to do things like harass heavily-indebted people they know can’t pay.
• The FCC has long lacked the backbone to stand up to telecom giants that for 20 years turned a blind eye on robocalling because they profited from it (and in many cases still do).
• The current system allows the FCC to fine robocallers, but doesn’t give the FCC the authority to actually collect those fines. That falls to the DOJ, which often doesn’t bother. The FCC has repeatedly asked for the authority to collect fines itself, but a corrupt Congress ignores the request, thanks to a prevailing “wisdom,” seeded by industry, that competent regulatory oversight is somehow bad.

Still, the FCC really loves putting on a show to suggest that a fix for the problem is just around the next corner. Like last week, when the FCC finally (after years of pressure) closed a loophole pertaining to voice over IP (VOIP) providers that gave robocallers easy access to U.S. phone numbers. Which scammers then use to spoof their numbers and hide their identities:

“…under rules adopted by the FCC yesterday, VoIP providers will face some extra hurdles. They will have to “make robocall-related certifications to help ensure compliance with the Commission’s rules targeting illegal robocalls,” and “disclose and keep current information about their ownership, including foreign ownership, to mitigate the risk of providing bad actors abroad with access to US numbering resources,” the FCC said.”

To be clear: this is good; it’s just not enough.

Every time you see the FCC do something about robocalls, you can be fairly certain that it’s (1) something people had been pressing them to do for the better part of a decade, (2) probably contains ample loopholes as not to offend the “legitimate” companies that utilize the exact same tactics as scammers, and (3) probably won’t actually stop more agile robocallers from annoying the shit out of you at dinner.

Groups like the National Consumer Law Center (NCLC) have repeatedly issued reports detailing that we can’t fix robocalls until the FCC and Congress find the backbone (you might be waiting a while) to stand up to both scammers and legitimate corporations alike:

“Even when these providers are told—sometimes repeatedly—that they
are transmitting fraudulent calls, they keep doing it, because they are
making money from these calls. And even when they are caught and told
to stop, they are not criminally prosecuted, and the fines that are levied
are rarely collected.”

The robocall problem is usually framed in the press as a story about robocall scammers deftly outmaneuvering bumbling regulators. But that’s only part of the story. The reality is legitimate companies have actively constrained the FCC’s authority to do its job, blocked real reformers from being seated at the agency, and actively purchased the hollow performance that is modern regulatory oversight.

As a result, you often can’t use the fucking phone. Another byproduct of corruption and unchecked lobbying power we’ve somehow normalized over decades of dysfunction.

Filed Under: fcc, phone, regulatory oversight, robocalls, scammers, scams, spam, telecom, voip

Court Shoots Down Cop’s Attempt To Instruct Jury That He’s Innocent Just Because He Wasn’t The FIRST Violator Of Rights

Legal Issues

from the facts-don't-care-about-your-desire-not-to-be-sued dept

Are you familiar with “felony murder?” Let’s talk about it. It’s a handy way to send more people to prison for more years just because they participated in a crime that contained a murder. While I can (sort of) understand the deterrent effect of laws like these, the simple fact is felony murder laws hold all crime participants liable for a murder if anyone involved in the initial criminal act kills somebody during the commission of the crime.

It’s “bystander liability,” but for criminals. Any crime is everyone’s crime, even if your only real participation in the crime was sitting in the car or acting as a lookout or assisting in the criminal conspiracy. “Don’t do the crime if you can’t do the time,” as the adage goes. But this law expects people to do the time for crimes they didn’t actually commit.

Then there’s bystander liability. If someone witnesses a criminal act, it might be proved that they had an obligation to prevent it from happening or, at the very least, to not participate in the actual criminal act.

Somehow, cops feel felony murder and bystander liability are legal concepts that should never apply to their acts. (They do, though.) That’s how we arrive at the point a cop being sued for constitutional violations attempted to instruct the jury it would be impossible to find him guilty of anything.

Here’s what happened following the court’s rejection of Officer Maze’s proposed jury instructions, courtesy of the Associated Press:

A federal court jury in Oxford on Thursday ruled that Southaven officers Zachary Durden and Samuel Maze had not violated the civil rights of Ismael Lopez when Durden shot him to death in 2017. The verdict came after a four-day trial in a lawsuit by Claudia Linares, the widow of Lopez, who sought $20 million in compensation.

“The verdict was that the jurors did not believe that the use of force used by Officers Durden and Maze was excessive in light of all the facts that they considered,” attorney Murray Wells told WREG-TV.

Those facts are borne out by the docket, which shows the jury found both officers not guilty of rights violations. And maybe that’s the correct decision. At least it was considered by a jury, rather than short-circuited by generous applications of qualified immunity.

This is what led to this lawsuit. Officers arrived at the home of Ismael Lopez and Claudia Linares late one night in 2017. The officers were serving a domestic violence warrant but had the wrong address. They knocked on the door without identifying themselves (wtaf?!). The door opened and a dog ran out. Officer Maze shot the dog and then (less than a couple of seconds later, according to Maze’s testimony), Officer Durden fired multiple shots at Ismael Lopez, who was still inside the home.

Lopez was struck in the back of the skull and died. This incident was initially given this description by the employer of these two officers, the Southaven (KY) police department:

The report says Durden shot Lopez, and Maze shot the family’s dog. Durden has since resigned.

The nine-page report says Lopez died from a gunshot wound to the back of his head. District Attorney John Champion has said Lopez refused commands to put a rifle down.

A third officer at the scene “corroborated” this official narrative, claiming Lopez had ignored several shouted instructions to “drop” the rifle. No recording of this incident survives. (Most likely, no recording was ever created.) Odds are, this narrative was generated after the fact as cover for the inexplicable killing of Lopez.

Lawyers for Lopez, who died before he could be taken to a hospital, have disputed that he pointed the gun at officers. They noted his fingerprints and DNA were not found on the rifle, which was recovered more than six feet away from his body. They suggested that Durden shot Lopez because the officer was reacting to Maze shooting the dog.

This suggestion is supported by the findings of shooting investigation, in which it was noted Lopez was found lying dead in the prone position, handcuffed, and several feet away from the rifle laying on the couch.

Lopez’s widow sued the two officers. The cops’ lawyers argued (among other things) that Lopez had no constitutional rights because he was not a legal resident of the United States.

Fortunately, all of this went before a jury, despite the government’s best efforts to prevent this from going to trial. Officer Samuel Maze, however, felt the only way he could survive a jury’s judgment was to instruct it that it could not possibly find him liable in this case.

According to Maze, he could not be found liable for his contribution to this tragedy because he didn’t actually shoot Lopez himself. His proposed jury instructions misstated the law, misinforming juries that an officer can’t be sued for excessive force if he did not actually engage in a “seizure” of the victim of the excessive force.

Wrong, says the judge. The order [PDF] rewriting the jury instructions (and rejecting Maze’s motion for reconsideration) spells out — in detail — how wrong the officer’s proposed jury instructions are.

Under Maze’s understanding of the law, in a situation where multiple officers are pointing their weapons at an armed suspect in a standoff, any of the officers is entirely free to be the first to fire his weapon, so long as he takes care to miss the suspect. An officer is even free to do so with malicious intent, hoping that his shot will cause his fellow officers to follow suit and kill the suspect. He may, under defendant’s understanding of the law, do so completely secure in the knowledge that any legal liability resulting from the shooting will be faced by others, and not himself. Under defendant’s theory of the law, the fact that the malicious officer took care not to strike, or “seize,” the suspect is the beginning, middle and end of the Fourth Amendment analysis, and a court may look no further. This court regards this as an unconscionable result and it will not accept that the law requires such a result…

The court goes on to criticize Officer Maze’s “myopic” view of Fourth Amendment law — one that ignores Fifth Circuit precedent. According to Maze’s proposed jury instructions, “bystander liability” simply ceases to exist. The court points out it definitely does exist. Not only that, this legal doctrine is supported by years of Fifth Circuit Fourth Amendment rulings.

While not all of it may be exactly on point, accepting Officer Maze’s interpretation of the law would be, as the court says, ridiculous.

This court believes that the fact that both Gates and the bystander liability case law provide for liability of each officer in this context is not some extraordinary leap of logic applicable only to supervisors or bystanders, but, rather, a common-sensical application of joint causation principles which is applicable whenever two officers commit two objectively unreasonable acts or omissions which combine to cause a seizure in violation of the Fourth Amendment. Under these circumstances, what possible rationale would permit dismissal of one of the officers, who — again — committed an objectively unreasonable act which was a proximate cause of a Fourth Amendment violation, simply because another officer was the only one to physically seize the suspect? None that makes any sense to this court.

The court rejects the officer’s proposed jury instructions, adding to it instructions of its own. Those instructions note Officer Maze did not fire the fatal shot that killed Lopez, but instructs the jury to consider whether Maze’s (missed) shot at the dog was itself an unreasonable use of force and whether his possibly unreasonable shot may have prompted Officer Durden to open fire (the next set of possibly unreasonable actions). Basically, the court is saying these events were not separate. They did not occur in a vacuum. And it won’t allow Officer Maze to instruct the jury to pretend they did.

In the end (as noted above), the officers were cleared of wrongdoing. And that makes the sign-off by this court a bit more bittersweet.

The above approach makes complete sense to this court, and it believes that refusing to apply this common-sensical approach to joint causation issues simply because Maze is neither a supervisor or a bystander would be an absurd result. Of course, the “clearly established” prong is known for producing absurd results, at it at least seems possible this case will eventually be mounted above its fireplace as another example of that fact. But this court will not be the one to put it there.

All too true. The court knows it. The sentence about the “clearly established prong” producing “absurd results” has a footnote appended that quotes from Fifth Circuit Appeals Court Judge Don Willett’s scathing take on qualified immunity, specifically this paragraph of his blistering dissent in a case involving a warrantless search of private medical records:

Section 1983 meets Catch-22. Plaintiffs must produce precedent even as fewer courts are producing precedent. Important constitutional questions go unanswered precisely because those questions are yet unanswered. Courts then rely on that judicial silence to conclude there’s no equivalent case on the books. No precedent = no clearly established law = no liability. An Escherian Stairwell. Heads defendants win, tails plaintiffs lose.

At least this court isn’t willing to join the long list of participants in the HOUSE ALWAYS WIN scheme the Fifth Circuit presides over while often directly encouraging this sort of absurdity. Sure, the cops walk on this one, but at least one court did what it could to prevent them from obtaining an entirely unearned win.

Filed Under: bystander liability, claudia linares, crime, felony murder, ismael lopez, oxford, samuel maze, zachary durden

Co-Sponsor Of Unconstitutional AADC Law Completely Misrepresents Court’s Ruling, Showing His Lack Of Attention To Detail

Say That Again

from the running-your-mouth dept

Last week, we wrote about a federal district judge in California, Beth Labson Freeman, tossing out California’s Age Appropriate Design Code (AB 2273) as unconstitutional under the 1st Amendment. The ruling was careful and thorough, which did not surprise me, having sat through the oral arguments on the matter, where it seemed that the judge was asking all the right questions.

I fully expect California Attorney General Rob Bonta to appeal this ruling, but the state and legislators who supported the bill have been mostly quiet on the matter. However, late in the week, the Republican co-sponsor of the bill, Jordan Cunningham (who has since left the California Assembly), who introduced the bill with Democrat Buffy Wicks, gave some quotes to a newspaper that show he didn’t even read the decision, while insisting that he thinks it’ll win on appeal. He believes the appeal is strong mainly because he says the Court applied the strictest level of scrutiny (the highest bar):

When asked about the injunction, Cunningham told the Washington Examiner that he felt “profound disappointment” but believes the decision to be “quite vulnerable to appeal.” He said that the decision “overreached and applied the strictest level of scrutiny possible.

“We spent hundreds of hours of work on this bill shaping it, getting it through the legislature,” he said. “I mean, it passed the state assembly for 74 to zero.”

Cunningham said that the injunction blocks the AADC under the legal standard of First Amendment-related “strict scrutiny.” The standard requires the government to prove that the law is the “least restrictive means” to advance a “compelling” government interest related to speech. But the AADC doesn’t affect speech, Cunningham argued.

This is interesting for many reasons, not least of which is that the District Court did not apply strict scrutiny. Which anyone who read the case would know, because the judge literally said:

the Court will assume for the purposes of the present motion that only the lesser standard of intermediate scrutiny for commercial speech applies because, as shown below, the outcome of the analysis here is not affected by the Act’s evaluation under the lower standard of commercial speech scrutiny.

Literally, the key part of the ruling was that the court chose not to even figure out if intermediate or strict scrutiny should apply, because if the law couldn’t even pass intermediate scrutiny (and it could not!) it didn’t even matter whether or not strict scrutiny applied.

I don’t know about you, but I think if you’re the guy who co-sponsored the unconstitutional bill that just got thrown out as unconstitutional, and a reporter asks you about it, it would sorta make sense to (1) read the ruling, and (2) not make stuff about it. But, I guess that’s why I’m not in the California Assembly. I prefer to actually read the homework.

Either way, it’s bizarre and blatantly obviously wrong, but honestly par for the course for Cunningham to say that the bill was only found unconstitutional because the court used “the strictest level of scrutiny possible.”

Of course, it’s this level of attention to detail that got us into this mess in the first place. Even though plenty of people explained the constitutional infirmities in the law to many legislators, including directly to Cunningham himself, they all brushed it off and ignored the concerns, sure of their own correctness.

Cunningham is no longer in the Assembly, and this sort of mistake really doesn’t matter, but it really does show the extreme arrogance, combined with ignorance, that has the California legislature constantly doing this sort of thing. They just put their fingers in their ears and pretend that reality is whatever they want it to be.

Filed Under: 1st amendment, aadc, ab 2273, intermediate scrutiny, jordan cunningham, strict scrutiny

After Passing Online Safety Bill, UK Government Gets Back To Harassing Meta About Its End-To-End Encryption

Overhype

from the yeah-well-we-still-want-the-thing-we-always-wanted dept

Last week, it appeared ever so briefly, the UK government might be finally giving up on its desires to legislate at least one end of messaging services’ end-to-end encryption. Having faced resistance from nearly every encrypted service (all of which threatened to exit the UK if anti-encryption mandates were put in place) as well as internal reports strongly suggesting undermining encryption would be a truly terrible idea, it seemed those pushing the Online Safety Bill were finally willing to accept the uncomfortable fact that breaking encryption only results in broken encryption. What it doesn’t do is end the online harms the UK government felt this bill addressed.

But the concession wasn’t much of a concession. Nothing changed in the wording of the bill. All that really happened is a couple of proponents suggested the UK government wouldn’t pull the trigger on encryption-breaking demands immediately. This concession was surrounded by statements suggesting government officials truly thought the only thing standing between it and “safely” broken encryption was recalcitrant techies working for services like WhatsApp and Signal.

Parkinson said that Ofcom, the tech regulator, would only require companies to scan their networks when a technology was developed that was capable of doing so.

[…]

“As has always been the case, as a last resort, on a case-by-case basis and only when stringent privacy safeguards have been met, [the legislation] will enable Ofcom to direct companies to either use, or make best efforts to develop or source, technology to identify and remove illegal child sexual abuse content — which we know can be developed,” the government said.

The Online Safety Bill has now been passed by the UK Parliament. And, as Glyn Moody recently pointed out, all the anti-encryption language remains intact.

[UK] Technology Secretary Michelle Donelan insisted that nothing had changed in the long-awaited legislation, after privacy campaigners earlier this month claimed a victory following widespread reports of a shift in the Government stance on encryption.

Now that the bill has passed with the anti-encryption mandates still intact, it looks like the UK government is going back to leaning hard on uncooperative tech companies in hopes of pressuring them into abandoning encryption plans prior to the implementation of the new law. Facebook has long been the target of criticism from governments around the world that seem to feel they’re entitled to demand Meta not protect its Facebook Messenger service with end-to-end encryption.

Years of ignored requests are culminating in a last-minute push by UK legislators, as Natasha Lomas reports for TechCrunch:

In an interview on BBC Radio 4’s Today Program this morning, [Home Secretary] Suella Braverman claimed the vast majority of online child sexual abuse activity that U.K. law enforcement is currently able to detect is taking place on Facebook Messenger and Instagram. She then hit out at Meta’s proposal to expand its use of E2EE “without safety measures” to the two services — arguing the move would “disable and prohibit law enforcement agencies from accessing this criminal activity [i.e. CSAM]”.

Saying that one of the most popular messaging services is responsible for the most CSAM reports doesn’t really say anything more than the service has a lot of users. It doesn’t mean Meta somehow cares less about limiting the sharing of CSAM than other, less popular services. And I have no idea what “safety measures” Braverman thinks can be attached to E2EE services without, you know, removing at least an E or two.

Braverman doesn’t know or doesn’t care. Or both. Her further comments indicate she’d prefer Meta just maintained its less-than-secure status quo, sacrificing users’ privacy and security in favor of government gains.

First, there’s the stick:

Asked by the BBC what the government would do if Meta goes ahead with its E2EE rollout without the additional measures she wants, Braverman confirmed Ofcom has powers to fine Meta up to 10% of its global annual turnover if it fails to comply with the Online Safety Bill.

Then there’s the carrot — Bravermen says she wants to “work constructively” with Meta to create some sort of magical form of encryption Meta can break at will without compromising user security.

Then there’s the insanity:

“My job is fundamentally to protect children not paedophiles, and I want to work with Meta so that they roll out the technology that enables that objective to be realised. That protects children but also protects their commercial interests,” she said. “We know that technology exists…” 

Really? Where is it? Can you point to any examples of this encryption that remains secure despite deliberately introduced flaws? Have you tried it out? Have you performed a security audit on it? SHOW ME ON THE PUBLICLY RELEASED GOVERNMENT REPORT WHERE THIS TECHNOLOGY ALREADY EXISTS.

While it’s true tech exists to detect hashes that match known CSAM, no tech exists to perform hash-matching on E2EE communication services. The only way to do this is to perform scanning on one side of the communication. And to do that, you have to remove the encryption from one end. Some have suggested this is a solution to the problem. But the only tech company that considered moving forward with voluntary client-side scanning abandoned that plan shortly after hearing from everyone (anti-encryption legislators excepted, of course) what a bad idea that would be.

So, in a sense, the tech does exist. But it’s not something anyone truly concerned about safety, security, or privacy would consider to be a real solution to the CSAM problem. But that’s what the UK government wants: insecure services that allow it to take a look at anyone’s communications. And that should never be considered an acceptable outcome.

Filed Under: encryption, end to end encryption, ofcom, online safety bill, suella braverman, uk
Companies: facebook, meta

With Basically Zero Press Coverage At All, California Assembly Passes Its Own Version Of FOSTA

Policy

from the fucking-hell dept

It is quite incredible to me how, over the last five years or so, the California legislature has pushed over a dozen absolutely horrific, dangerous (and often unconstitutional) laws to completely undermine the very principles of an open internet… and it gets basically no attention at all.

Last year, it felt like we at Techdirt were the only news site covering a slate of absolutely horrific bills. And, of the two that got through, AB 2273 (the “age appropriate design code”) and AB 587 (the social media “transparency” bill) are both facing constitutional challenges, with 2273 already being declared obviously unconstitutional under the 1st Amendment.

The California legislature could have saved itself a lot of nonsense and trouble if it had just listened to us last year when we highlighted the problems with both bills.

I’m not sure the media anywhere covered either of those bills in detail, whereas on Techdirt, we had many, many, many articles highlighting all of the problems with both bills.

This year, we’ve been covering even more bills, including SB 680 (on “social media addiction,” which is just a rewrite of a different bill from last year that didn’t pass) and AB 1394, which can be described as a kind of mini-California FOSTA, in which there is a private right of action, allowing anyone to sue social media companies for any child sexual abuse material (CSAM) that shows up on their platforms. Thankfully, SB 680 didn’t move forward. But 1394 did.

As we explained a few weeks ago, this bill gets everything exactly backwards, and will make the problems of CSAM on websites inevitably worse. I won’t go through all of the arguments all over again, but I’ll just highlight the most egregious: the law puts liability on websites for “knowingly” aiding and abetting CSAM on their platforms. The 1st Amendment requires that knowingly standard, but what you’ve now done is create very strong incentives for websites to stop fighting CSAM. Because if they’re fighting it, they are admitting they know that it happens, and that puts them in liability because of this stupid, stupid bill.

It’s a dangerous bill. We’ve already seen how a similar system works in FOSTA around “sex trafficking,” which resulted in the shutting down of all sorts of vital resources for sex workers. And now, with 1394, you can expect that all sorts of vital assets to help the victims of CSAM are about to shut down as well.

So, of course, California passed the bill, and Gavin Newsom is expected to sign it any day now. Great job California: you just made it harder to fight CSAM. I hope Newsom and bill sponsors Buffy Wicks and Heath Flora are proud of this disastrous bill.

And, yet, this bill got basically no media attention at all. We wrote our article about it. John Perrino, from the Stanford Internet Observatory, wrote an article at Tech Policy Press noting that “nobody seems to be talking about” this bill, which could have huge ramifications for the internet.

We’re just one tiny media site on the internet with basically no budget. Contrary to the claims of some rather annoyingly wrong people, we’re not funded by “big tech” and we’re not “big tech lobbyists.” Indeed, I’d prefer that we returned to a world of highly competitive, decentralized “little” or even “personal” tech over “big tech” any day. But these kinds of bills are going to make that impossible.

The media critique of these bills shouldn’t fall on our overworked shoulders. And yet it does. And that makes me feel like we failed with this one. We wrote the one article about it and it seems like it wasn’t nearly enough to raise the alarm before this bill got passed. Gavin Newsom could still veto it, but everyone tells me that he’s eager to sign it, just like he was eager to sign the Age Appropriate Design Code that just got declared unconstitutional.

And that’s because when it got declared unconstitutional there’s no one in the media in Sacramento to go back to Newsom and ask him: “Hey, why did you sign that obviously unconstitutional bill that Techdirt called out as unconstitutional?” Instead, everyone forgets that Newsom not only eagerly signed the bill, but literally begged NetChoice not to sue over the bill, even though a judge has properly called out the myriad problems with the bill.

When we let politicians like Buffy Wicks and Gavin Newsom keep passing and signing unconstitutional problematic bills, and never go back and ask them why they did so — especially when the problems of those bills were not just clear, but clearly highlighted by some of us — we simply encourage more of the same nonsense, and a quicker demise to the open web.

And that only works to “big tech’s” advantage. Google and Meta have buildings full of lawyers. They really don’t care about these bills. They can handle them. These laws create larger problems for everyone else instead, and leave Google and Meta in control over the the internet, rather than letting us take back our own internet.

Filed Under: ab 1394, abetting, aiding, buffy wicks, california, csam, fosta, gavin newsom

Daily Deal: The Big Data And Analytics Master Toolkit

Deals

from the good-deals-on-cool-stuff dept

Most modern companies put a lot of stock into data when making crucial business decisions. As such, they require employees who understand how to work with mass amounts of data, and effectively analyze it to get a holistic view of the company. These skills aren’t just reserved for analysts, they’re valuable for professionals in any capacity. As such, the Big Data and Analytics Master Toolkit presents some of the major data analytics tools in use today: SPSS, Minitab, SAS, and R Studio. With over 201 hours of content, you’ll be ready to use any of those tools to help in your work. It’s on sale for $40.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal