Lachlan Murdoch Is Big Mad That Crikey Called Him Out On His Bullshit; So Now He’s Suing To Shut Them Up

Defamation

from the australia-is-the-upside-down dept

Earlier this week, the popular Australian news publication Crikey, published what it is referring to as “The Lachlan Murdoch letters.” Lachlan Murdoch, as you likely know, is one of Rupert Murdoch’s sons, and who has increasingly been taking over the worst aspects of Murdoch’s approach to dividing society and profiting off of the carnage: namely Fox News.

It began with an article that Crikey published on June 29th with the provocative title: Trump is a confirmed unhinged traitor. And Murdoch is his unindicted co-conspirator. The piece takes the evidence coming out of the January 6th Committee regarding Trump. It actually barely even mentions any of the Murdochs. It focuses on much of the evidence about how Trump was literally encouraging the overthrowing of American democracy, but concludes with this:

The Murdochs and their slew of poisonous Fox News commentators are the unindicted co-conspirators of this continuing crisis.

I mean, that’s pure commentary and opinion. It barely names the Murdochs, and doesn’t even call out Lachlan specifically.

Lahclan Murdoch loses his shit over this throwaway line:

Crikey says they pulled down the article a day after it was originally published, after receiving a legal threat letter from Lachlan Murdoch.

They published a copy of the initial threat letter that Murdoch sent them which lays out the basic claims — which are absolutely ridiculous (though I will note that Crikey has made it difficult to download that threat letter, which is a pain). Out of that one single line in the original Crikey article — really a throwaway line at the end — little melty snowflake Lachlan Murdoch claims there are FOURTEEN “defamatory imputations.”

1. Mr Murdoch illegally conspired with Donald Trump to overturn the 2020 presidential election result;
2. Mr Murdoch illegally conspired with Donald Trump to incite an armed mob to march on the Capitol to physically prevent confirmation of the outcome of the 2020 presidential election;
3. Mr Murdoch illegally conspired with Donald Trump to incite a mob with murderous intent to march on the Capitol;
4. Mr Murdoch illegally conspired with Donald Trump to break the laws of the United States of America in relation to the 2020 presidential election result;
5. Mr Murdoch knowingly entered into a criminal conspiracy with Donald Trump to overturn the 2020 presidential election result;
6. Mr Murdoch knowingly entered into a criminal conspiracy with Donald Trump and a large number of Fox News commentators to overturn the 2020 election result;
7. Mr Murdoch engaged in treachery and violent intent together with Donald Trump to overturn the 2020 presidential election result;
8. Mr Murdoch was aware of how heavily armed many of the attendees of the planned rally and march on the Capitol building were on January 6 before it occurred;
9. Mr Murdoch was a co-conspirator in a plot with Donald Trump to overturn the 2020 election result which cost people their lives;
10. Mr Murdoch has conspired with Donald Trump to commit the offence of treason against the United States of America to overturn the 2020 election outcome;
11. Mr Murdoch has conspired with Donald Trump to commit the offence of being a traitor to the United States of America to overturn the 2020 election outcome;
12. Mr Murdoch should be indicted with conspiracy to commit the offence of being a traitor to the United States of America to overturn the 2020 election outcome;
13. Mr Murdoch should be indicted with the offence of being a traitor to the United States of America to overturn the 2020 election outcome
14. Mr Murdoch conspired with Donald Trump to lead an armed mob on Congress to overturn the 2020 election outcome.

Nah, dude. It was one throwaway sentence at the end of a long article. No one without a very, very guilty conscience would think any of that. Most normal people read the original article and recognized that it called out real evidence of actual criminal behavior on the part of the former President and was simply calling out your shit channel, Fox News, for misleading the public about all of it, and egging on the anger of a portion of the gullible electorate — and then cashing in on it all. But, I mean, Lachlan, if you get the other 14 things above out of that article, that kinda speaks a lot to your own demons.

Australian defamation law is ridiculous and censorial, but may be changing…

And, at this point, it’s important to make a brief aside to discuss Australian defamation law. It’s sometimes difficult to understand just how upside down Australia is regarding regulation of speech. Australian defamation law is some of the most extreme and absurd that we’ve seen. At the very least, it heavily favors the plaintiff, allows for very broad claims of opinion to be considered defamatory (for example by saying that the mere “imputation” of negative ideas about a person could be defamatory).

That said, just last year most of Australia started using new “Model Defamation Amendment provisions” that sought to raise the barriers to censorial SLAPP-style suits that had become common in Australia, and to require plaintiffs to show “serious harm” from the commentary, and FINALLY offering up a “public interest” defense.

Crikey strikes back:

Anyway, it appears that Crikey was stewing on this legal bullying by Lachlan to suppress pretty mild criticism, looking at the changes to Australian defamation law, and then decided “fuck it.” They republished the article along with a series of other articles starting with an open letter to Lachlan Murdoch, which is pretty short and to the point:

Dear Lachlan,

As you know, nearly two months ago Crikey published a piece of commentary about the sorry state of US politics, and the January 6 insurrection, that mentioned the Murdoch family name twice.

You responded through your lawyer with a series of letters in which you accused us of defaming you personally in that story.

Crikey is an independent Australian news website, launched in 2000, covering politics, media and public issues. We at Crikey strongly support freedom of opinion and public interest journalism. We are concerned that Australia’s defamation laws are too restrictive.

Today in Crikey, we are publishing all the legal demands and accusations from your lawyer, and the replies from our lawyers, in full, so people can judge your allegations for themselves.

We want to defend those allegations in court. You have made it clear in your lawyer’s letters you intend to take court action to resolve this alleged defamation.

We await your writ so that we can test this important issue of freedom of public interest journalism in a courtroom.

Yours sincerely,

It kicks off with a much more direct and stronger condemnation of Murdoch’s role in the January 6th insurrection. Remember, the original just kind of had a throwaway “unindicted coconspirator” line at the very end. The new one tackles Lachlan’s role head on. Here’s just a snippet:

It’s no exaggeration to say that Fox News is an existential threat to US democracy. Its entire business model has been to stoke, amplify and feed a perverse sense of victimhood among its target audience of older white Americans — the most privileged people on the planet — and convince them they and the values they hold dear are under threat.

The source of that threat? “Liberals”, people of colour, migrants, feminists, LGBTIQA+ people, the “woke”, Democrats, climate scientists, and moderate Republicans, among others. The mechanism of the threat? An amorphous plot by these “elites” to destroy the American way of life and freedom.

Fox News was present at the creation of the Tea Party movement. It was a vehicle for its bastard offspring, the birther movement. Then it went all in for Trump. Inevitably, it became a vehicle for pandemic and vaccine denialism. This pandering to grievance and promotion of division meant it commanded the biggest cable TV audiences in the US and made billions for the Murdochs.

It goes on from there and gets pretty damning:

The Murdochs, their staffers in the propaganda outlets they own, and their supporters will all insist they merely support free speech. As we’ve seen demonstrated over and over in Australia, the News Corp idea of free speech is free speech for them and their allies and for the views they endorse. But should anyone use free speech to express a viewpoint News Corp disagrees with, or to attack News Corp’s allies, then they risk becoming the target of a torrent of vicious public attacks. Yassmin Abdel-Magied. Roz Ward. Gillian Triggs. Robert Manne. Paul Barry. Julian Disney. Just to name a few.

At News Corp, free speech is for punching down, never for punching up. It’s for speaking power to truth, not truth to power.

There’s much more in the larger collection of stories, including calling for more scrutiny on Murdoch’s role in inciting January 6th, as well as his impact on Australia.

In commentary to the media, Crikey’s execs have made it clear they went all out, in part, to test these new Australian speech protections in court.

Lachlan Murdoch can’t handle a little minor criticism:

Anyway, as if to prove that he’s very much only for his own free speech — and very much against the free speech of those he disagrees with — Murdoch has now followed through on his threat and has filed a defamation lawsuit against the publication and some of its editors. You can also read the laughable complaint that he filed.

In the US, this complaint wouldn’t just be laughed out of court, there’s a decent chance that Murdoch would be paying Crikey’s legal fees.

There’s so much that’s bizarre in the complaint, but which only serves to highlight how utterly backwards Australian defamation law is. The complaint talks up what an important person Murdoch is. In the US, that would make it clear that he’s a public figure, subject to an even higher standard, since criticism of public figures is kind of a core component of the 1st Amendment. The complaint complains that Crikey staffers told another publication about his threat letter! Seriously, it goes on at length about how they talked to the Sydney Morning Herald about the threat letter.

Apparently, Lachlan Murdoch believes that when he sends legal goons to threaten you to shut up, you also are supposed to shut up about his threats.

The complaint whines that Crikey made the article “FREE TO READ” rather than put it behind a paywall.

It also complains about every social media posting Crikey made, claiming this is “republication.” This goes on for pages and pages and pages. The complaint doesn’t even mention what Murdoch found defamatory (again, that one throw away line) until almost halfway through the complaint.

The Streisand Effect Down Under

Somewhat incredibly, the complaint more or less reveals that the original article didn’t get much attention at all. According to the complaint, the article received 71 comments when it was initially published. Crikey’s first tweet about it got seven replies, 62 retweets, and 108 likes. Its second tweet about it got one comment, six retweets, and 23 likes. That’s… not exactly a story that’s gone viral.

Of course, now, thanks entirely to Lachlan Murdoch’s threat letter and follow up lawsuit, tons of people are reading about it.

Congrats to Lachlan Murdoch for making a story that made a rather mild criticism of you and what you’ve done into a massive story — inspiring a deeper look at what a shitbag you and your organization are.

A true attack on free speech

At some point, did anyone bother to remind Lachlan Murdoch that he, too, is in the news business and subject to defamation law? Remember, Fox News is already having some trouble dealing with defamation cases in the US (where defamation law is much more defendant friendly) over Dominion Voting’s claims against the company (notably, on an issue related to what Crikey is talking about).

You’d think at some point, it would get through Lachlan’s apparently thick skull, that maybe having stronger defamation laws protects him and his employees from lawsuits as well. But apparently that small hit on his ego was too much to bear and he had to sue… to drive much more attention to that original criticism, and kick off that much more scrutiny about Murdoch’s Fox News.

All while his propagandists at Fox News prattle on about how Fox News stands for free speech.

I do wonder, Lachlan, will Fox News cover how you’re currently being a censorial thug and legally attacking a small publication in Australia over mild criticism? Will Tucker Carlson have on Crikey’s publisher to talk about how Lachlan Murdoch is trying to “cancel” their publication? Will brave Sean Hannity talk up the importance of free speech while condemning Lachlan Murdoch for trying to stifle speech? Or, will they prattle on about how some hypothetical “libs” are trying to silence real Americans?

I think we all know the answer.

Filed Under: australia, defamation, free speech, imputations, lachlan murdoch, rupert murdoch, streisand effect, unindicted co-conspirator
Companies: crikey, fox news

FCC, State Action Nets An Amazing 80% Reduction In Auto Warranty Scam Robocalls

Scams

from the can-not-be-completed-as-dialed dept

We’ve frequently noted how stupid it is that we’ve ceded a major communications platform to robocalling scammers and scumbags. We’ve noted for just as long that many regulatory “solutions” to the robocall problem have been dumb and half-hearted. Every six months the FCC will announce some new plan they promise will demolish robocalls, and every single time the result is muted at best.

Until recently, when the Biden FCC began coordinating enforcement action against scam robocalls in cooperation with law enforcement in 43 states. This joint action recently took specific aim at 22 defendants responsible for billions of illegal auto warranty robocalls, ranging from the robocallers themselves, to the dodgy VoIP companies that turn a blind eye to the practices.

After an Ohio lawsuit targeted two men responsible for most of the calls, auto warranty scam robocalls immediately dropped 80 percent in the U.S. according to analysis by YouMail, a robocall blocking and analysis company. In visual form, the improvement is remarkable:

Brian Fung at CNN had an excellent breakdown of the progress made thanks to this new joint action:

“The warranty calls from Cox/Jones — the ones the AGs and others went after — are down to near zero,” Alex Quilici, YouMail’s CEO, told CNN in an email. “There are other warranty calls out there — probably in the 500k-1m range — but they are from other folks. So the biggest culprits have been effectively shut down, and now it’s on to the smaller fry.”

Working more closely with the states, cracking down harder on lazy phone and VoIP providers that turn a blind eye to scammers, and pushing industry to implement new SHAKEN/STIR anti-spoofing tech is clearly paying dividends. But there’s still work to be done, given that Americans alone still receive an estimated 5.1 million robocalls every single hour.

One, as we’ve noted a few times, is that most robocalls aren’t coming from “scammers”:

Groups like the National Consumer Law Center (NCLC) have repeatedly issued studies showing how “legitimate” companies and debt collectors use all the same tools and tricks as scammers, often harassing people they know can’t pay (or don’t want their services) sometimes hundreds of times a day. And they do so with the blessing of federal and state policy and lawmakers, who’ve been lobbied into apathy.

Lobbyists for marketing companies have worked tirelessly to erode regulatory authority over “legit” telemarketing companies, while simultaneously ensuring rules include vast loopholes for “legitimate” behavior. They also shape a press and policy discourse that fixates exclusively on outright scammers, and not on the ordinary, giant, everyday companies that utilize many of the same tactics to annoy users.

Given its limited resources, regulators like the FCC like to go after smaller robocall scammers and telecom industry enablers they can easily defeat in court, though they’re less likely to consistently go after bigger, “above board” fish that harass U.S. consumers (notice the huge ratio of telecom giants in the list above, often busy trying to upsell American consumers to products and services they don’t want).

At the same time, the fines levied are usually a small fraction of the money that’s been gleaned over decades, and the vast, vast majority of FTC and FCC fines on this subject are never collected at all.

So while the attack on car warranty robocalls specifically is a great and laudable thing, there’s a lot more work that needs doing. Especially as it pertains to giving consumers greater ability to avoid harassment by velour track suit wearing scumbags and “respectable businesses” alike.

Filed Under: auto warranty scams, consumer protection, fcc, robocalls, scammers, spoofing

Fucking TTAB Says FUCT Owner Can’t Trademark ‘Fuck’ Because That Word Fucking Belongs To All Of Us

Trademark

from the fucking-right? dept

I love this story so much I want it to find other similar vulgar stories so that those stories can have little baby vulgar stories for me to read. You may recall the saga of Erik Brunetti, founder of FUCT, a fashion brand with a name supposedly standing for Friends U Can’t Trust. We wrote about FUCT at first being denied a trademark on the brand over vulgarity concerns, a decision overturned on appeal on First Amendment grounds. It was a good ruling on the merits, as the government shouldn’t be in the business of saving our ears from naughty words based on its judgement of naughtiness.

Well, Brunetti is back at it again. He applied for a trademark on the word “fuck” for a bunch of fashion categories, such as bags, jewelery, cell phone cases, and the like. That application too was denied. Brunetti again went to the Trademark Trial and Appeals Board, which upheld the denial of the application, but not over concerns for vulgarity. No, in a magical moment, instead the TTAB essentially suggested that “fuck” is a word that belongs to all of us.

Now, I could pretend that reading the court document, embedded below, wasn’t an absolute joy, so rife is it with one of my favorite words in any language. But I won’t do that to you. But it’s also a good document on, again, the merits. In the document, the TTAB has no issue with the vulgarity of the word. Instead, it points out correctly that the word “fuck” simply doesn’t function as a trademark, given that it offers nothing to the public in terms of the source of the products.

The function of a trademark is to identify a single source and to distinguish that seller’s goods from others, and the Trademark Act does not allow registration unless a proposed mark serves this function. The record before us establishes that the word FUCK expresses well-recognized familiar sentiments and the relevant consumers are accustomed to seeing it in widespread use, by many different sources, on the kind of goods identified in the FUCK Applications. Consequently, we find that it does not create the commercial impression of a source indicator, and does not function as a trademark to distinguish Applicant’s goods and services in commerce and indicate their source. Team Jesus, 2020 USPQ2d 11489, at *18-19. Consequently, Applicant cannot appropriate the term exclusively to itself, denying others the ability to use it freely. “‘[I]t is the type of expression that should remain free for all to use.’” Univ. of Kentucky v. 40-0, LLC, 2021 USPQ2d 253, at *36 (quoting Eagle Crest, 96 USPQ2d at 1230).

“[FUCK] is the type of expression that should remain free for all to use…” now there is something to put on a t-shirt.

So this is where we land. It was a good thing that FUCT was able to get its trademark. That term is a source identifier. The commonly spelled version of “fuck”, however, is completely different. As the TTAB says, that’s a word that fucking belongs to all of us.

Filed Under: fuck, fuckety fuck fuck, trademark, ttab
Companies: fuct

Former UK Supreme Court Judge Calls Out Online Safety Bill As Harmful By Itself

Free Speech

from the speak-out-while-you-can dept

We have discussed at great lengths the many problems of the UK’s Online Safety Bill, in particular how it will be a disaster for the open internet. Unfortunately, it appears that important politicians seem to think that the Online Safety Bill will be a sort of magic wand that will make the “bad stuff” online disappear automatically (it won’t).

It appears that more people — and prominent ones at that — are now speaking out against the bill. Former UK Supreme Court judge, Jonathan Sumption, has published a piece in the Spectator, the old school UK political commentary magazine that is generally seen as quite conservative. Sumption warns that the Online Harms Bill will, itself, be quite harmful.

The real vice of the bill is that its provisions are not limited to material capable of being defined and identified. It creates a new category of speech which is legal but ‘harmful’. The range of material covered is almost infinite, the only limitation being that it must be liable to cause ‘harm’ to some people. Unfortunately, that is not much of a limitation. Harm is defined in the bill in circular language of stratospheric vagueness. It means any ‘physical or psychological harm’. As if that were not general enough, ‘harm’ also extends to anything that may increase the likelihood of someone acting in a way that is harmful to themselves, either because they have encountered it on the internet or because someone has told them about it.

This test is almost entirely subjective. Many things which are harmless to the overwhelming majority of users may be harmful to sufficiently sensitive, fearful or vulnerable minorities, or may be presented as such by manipulative pressure groups. At a time when even universities are warning adult students against exposure to material such as Chaucer with his rumbustious references to sex, or historical or literary material dealing with slavery or other forms of cruelty, the harmful propensity of any material whatever is a matter of opinion. It will vary from one internet user to the next.

While I don’t necessarily agree with all of his characterization, there is something fundamental in here that I wish so many other people understood: this is all relative. Some people find certain content offensive. Others find it benign. There is no objective standard for “harmful” speech, especially when (as with the UK bill), it includes stuff that the law itself admits remains “legal.”

As Sumption notes, making these kinds of calls at scale, when no one can even agree what the content is, is bound to be a disaster (and, for what it’s worth, he underplays the scale here, because while he’s showing how much happens every minute, it’s even more crazy when you realize how much content this means per hour or day, and how impossible it would be to monitor it all).

If the bill is passed in its current form, internet giants will have to identify categories of material which are potentially harmful to adults and provide them with options to cut it out or alert them to its potentially harmful nature. This is easier said than done. The internet is vast. At the last count, 300,000 status updates are uploaded to Facebook every minute, with 500,000 comments left that same minute. YouTube adds 500 hours of videos every minute. Faced with the need to find unidentifiable categories of material liable to inflict unidentifiable categories of harm on unidentifiable categories of people, and threatened with criminal sanctions and enormous regulatory fines (up to 10 per cent of global revenue). What is a media company to do?

He also has a response to those who insist this can all be handled by algorithms. It can be handled by algorithms if you’re happy to accept a huge number of errors — both false positives and false negatives.

The problem is aggravated by the inevitable use of what the bill calls ‘content moderation technology’, i.e. algorithms. They are necessarily indiscriminate because they operate by reference to trigger text or images. They are insensitive to context. They do not cater for nuance or irony. They cannot distinguish between mischief-making and serious debate. They will be programmed to err on the side of caution. The pious injunctions in the bill to protect ‘content of democratic importance’ and ‘journalistic content’ and to ‘have regard to’ the implications for privacy and freedom of expression are unlikely to make much difference.

As he notes, the entire bill is patronizing (of course, he says “patronising”) but that’s kind of the nature of politics today. Paternalistic and patronizing.

There’s more good stuff in the article, and it’s worth reading. Hopefully UK politicians are actually paying attention.

Filed Under: censorship, content moderation, jonathan sumption, online safety bill, uk

UK Court Says Dissident Can Sue Saudi Arabian Government For Hacking His Phone With NSO Malware

Legal Issues

from the better-start-prepping-for-discovery,-NSO dept

Lie down with dogs, get put in the position of producing potentially damning evidence. That’s the lesson NSO is going to learn if this lawsuit goes any further.

Israeli tech firm NSO Group has sold its malware to plenty of questionable customers and, thanks to an endless stream of revelations about misuse of its phone exploits, has been targeted by lawsuits, sanctions, and government investigations.

It’s not being sued directly but it will likely be asked to answer questions about its oversight of Saudi Arabia’s (mis)use of its malware to target the sort of people NSO claims it does not approve of targeting. As the Guardian reports, a UK asylum beneficiary has been allowed to move forward with his lawsuit against the Saudi government for hacking his phone.

A British judge has ruled that a case against the kingdom of Saudi Arabia brought by a dissident satirist who was targeted with spyware can proceed, a decision that has been hailed as precedent-setting and one that could allow other hacking victims in Britain to sue foreign governments who order such attacks.

The case against Saudi Arabia was brought by Ghanem Almasarir, a prominent satirist granted asylum in the UK, who is a frequent critic of the Saudi royal family.

At the centre of the case are allegations that Saudi Arabia ordered the hacking of Almasarir’s phone, and that he was physically assaulted by agents of the kingdom in London in 2018.

The University of Toronto’s Citizen Lab was instrumental in assisting Almasarir with building his case against the Saudi government. Its investigation of his hacked phone determined the source of the hacking to be a Saudi Arabian government entity, something it concluded with “high confidence.” The lawsuit was filed in 2019 (well before the NSO became zeitgeist material), granted permission to continue in 2020, and now has been given another UK judicial thumbs up two years later.

The decision is almost certainly going to be appealed by the Saudi government, which still believes it is entitled to sovereign immunity for the alleged acts, which include a physical assault apparently perpetrated in London.

If it appears likely the Saudi government will actually have to go to trial, it will be interesting to see how NSO Group reacts. It certainly doesn’t want any of its internal dirty laundry exposed in open court. It could try to pressure the Saudi government into settling with Almasarir. But even if it does that, it won’t stop what’s likely coming, thanks to this ruling.

The decision could have profound implications for other individuals targeted or hacked by NSO’s spyware within the UK.

They include Lady Shackleton and Princess Haya, the former wife of Dubai’s ruler Sheikh Mohammed bin Rashid al-Maktoum. Both were hacked by the sheikh using NSO spyware during lengthy court proceedings between Haya and her former husband in London.

If this case shows local courts might be viable options for targets of NSO spyware, more lawsuits are sure to follow. And every new lawsuit presents an opportunity for the public to more closely examine NSO’s sales, internal policies, handling of suspected misuse, and perhaps even the capabilities of exploits that have yet to be discovered by security researchers or malware targets.

This could prove to be a reckoning with snowball potential. Whatever moves NSO may be making now to (perhaps) exit the malware business won’t help it avoid scrutiny of its past actions.

Filed Under: ghanem almasarir, malware, saudi arabia, spyware, surveillance, uk
Companies: nso group

Dear California Law Makers: How The Hell Can I Comply With Your New Age-Appropriate Design Code?

Policy

from the stop-the-nonsense dept

I really don’t have time for this kind of thing, but I wanted to pass along that it appears that the California legislature is very, very close to passing AB 2273, “The California Age-Appropriate Design Code Act.” As far as I can tell, it has strong support in the legislature and very little opposition. And that’s incredibly dangerous, because the bill is not just extremely problematic, but at the same time it’s also impossible to comply with. I hope Governor Newsom will veto it, but it seems unlikely.

Earlier this year, Professor Eric Goldman provided a long and detailed analysis of the many, many problems with the bill. As far as I can tell, since then, the California legislature has made a few adjustments to the bill, none of which fix any of Professor Goldman’s concerns (one pretends to), and some of which make them worse — and also create serious 1st Amendment problems for this bill. Oh, yeah, and they also carved out the one set of businesses with the longest record of actually abusing consumer privacy: telcos and broadband providers. Hilarious. It is astounding to me that the legislature appears to have just wholly ignored all of Goldman’s clearly laid out and explained problems with the bill.

This is a bill that, as is all too typical from politicians these days, insists that there’s a problem — without the evidence to back it up — and then demands an impossible solution that wouldn’t actually fix the problem if it were a problem. It’s the ultimate in moral panic lawmaking.

The bill is a “for the children” bill in that it has lots of language in there claiming that this is about protecting children from nefarious online services that create “harm.” But, as Goldman makes clear, the bill targets everyone, not just children, because it has ridiculously broad definitions.

We already have a federal law that seeks to protect children’s data online, the Children’s Online Privacy Protection Act (COPPA). It has serious problems, but this bill doesn’t fix any of those problems, it treats those problems as features and expands on them massively. COPPA — sensibly — applies to sites that are targeted towards those under 13. This has had some problematic side effects, including that every major site restricts the age of their users to over 13. And that’s even though many of those sites are useful for people under the age of 13 — and the way everyone deals with this is by signing up their children for these services and lying about their age. Literally a huge impact of COPPA is teaching children to lie. Great stuff.

But 2273 doesn’t limit its impact to sites targeting those under 13. It targets any business with an online service “likely to be accessed by children” who are defined by “a consumer or consumers who are under 18 years of age.” I’m curious if that means someone who is not buying (i.e., “consuming”) anything doesn’t count? Most likely it will mean consuming as in “accessing / using the service.” And that’s… ridiculous.

Because EVERY service is likely to have at least someone under the age of 18 visit it.

After Goldman’s complaints, the California legislature did add in some clarifying language which awkwardly implies a single person under the age of 18 won’t trigger it, but that’s not at all clear, and the vagueness means everyone is at risk, and every site could be in trouble. The added language says that “likely to be accessed by children” means that “it is reasonable to expect, based on the following indicators, that the online service, product or feature would be accessed by children.” It then lists out a bunch of “indicators” that basically describe sites targeting children. But if they mean it to only apply to such sites, they should have said so explicitly, a la COPPA. Instead, the language that remains in the bill is still that “it is reasonable to expect… that the online service, product, or feature would be accessed by children.”

Let’s use Techdirt as an example. We’re not targeting kids, but I’m going to assume that some of you who visit the site are under the age of 18. Over the years, I’ve had quite a few high school students reach out to me about what I’ve written — usually based on their interest in internet rights. And that should be a good thing. I think it’s great when high schoolers take an active interest in civil liberties and the impacts of innovation — but now that’s a liability for me. We’re not targeting kids, but some may read the site. My kids might read the site because they’re interested in what their father does. Also, hell, the idea that all kids under 18 are the same and need the same level of protection is ludicrous. High schoolers should be able to read my site without difficulty, but I really don’t think elementary school kids are checking in on the latest tech policy fights or legal disputes.

Given that, it seems that, technically, Techdirt is under the auspices of this law and is now required to take all sorts of ridiculous steps to “protect” the children (though, not to actually protect anyone). After all, it is “reasonable” for me to expect that the site would be accessed by some people under the age of 18.

According to the law, I need to “estimate the age of child users with a reasonable level of certainty.” How? Am I really going to have to start age verifying every visitor to the site? It seems like I risk serious liability in not doing so. And then what? Now California has just created a fucking privacy nightmare for me. I don’t want to find out how old all of you are and then track that data. We try to collect as little data about all of you as possible, but under the law that puts me at risk.

Yes, incredibly, a bill that claims to be about protecting data, effectively demands that I collect way more personal data than I ever want to collect. And what if my age verification process is wrong? I can’t afford anything fancy. Does that violate the law? Dunno. Won’t be much fun to find out, though.

I apparently need to rewrite all of our terms, privacy policy, and community standards in “clear language suited for children.” Why? Do I need to hire a lawyer to rewrite our terms to then… run them by my children to see if they understand them? Really? Who does that help exactly (beyond the lawyers)?

But then there’s the main part of the law — the “Data Protection Impact Assessment.” This applies to every new feature. Before we can launch it, because it might be accessed by children, we need to create such a “DPIA” for every feature on the site. Our comment system? DPIA. Our comment voting? DPIA. Our comment promotion? DPIA. The ability to listen to our podcast? DPIA. The ability to share our posts? DPIA. The ability to join our insider chat? DPIA. The ability to buy a t-shirt? DPIA. The ability to post our stories to Reddit, Twitter, Facebook, or LinkedIn? DPIA (for each of those, or can we combine them? I dunno). Our feature that recommends similar articles? DPIA. Search? DPIA. Subscribe to RSS? DPIA. DPIA. DPIA DPIA. Also, every two years we have to review all DPIAs.

Fuck it. No more Techdirt posts. I’m going to be spending all my time writing DPIAs.

We’re also working on a bunch of cool new features at this moment to make the site more useful for the community. Apparently we’ll need to do a data protection impact assessment of all those too. And that’s going to make us that much less likely to want to create these new features or to improve the site.

The DPIAs are not just useless busy work, they are overly broad and introduce massive liability. The Attorney General can demand them and we have three business days to turn over all of our DPIAs.

Many of the DPIAs are crazy intrusive and raise 1st Amendment issues. The DPIA has to analyze if a child was exposed to the feature would it expose them “to harmful, or potentially harmful, content on the online product, service, or feature.” Um. I dunno. Some of our comment discussions get pretty rowdy. Is that harmful? For a child? I mean, the bill doesn’t even define “harmful” so basically… the answer is I have no fucking clue.

We also have to cover whether or not a child could witness harmful conduct. We’ve written about police brutality many times. Some of those stories have videos or images. So, um, yeah? I guess a kid could potentially witness something “harmful.”

So, now basically EVERY company with a website is going to have to have a written document where they say “yes, our service might, in some random way, enable a child to witness harmful content.” And that’s kind of ridiculous. If you don’t say that, then the state can argue you did not comply with the law and failed to do an accurate DPIA. Yet, if you do say that, how much do you want to bet that will be used against companies as a weapon? There is some language in the bill about keeping the DPIAs confidential, but especially from the big companies they’re going to leak.

I can already predict the NY Times, WSJ, Washington Post headlines screaming about how “Big Tech Company X Secretly Knew It’s Product Was Harmful!” That will be misleading as anything, because the only way to fill out a DPIA is to say “um, yes, maybe a child could possibly witness “harmful” (again, undefined in the bill!!) content on this service.” Because that’s just kind of a fact of life. A child might witness harmful content walking down the street too, but we figure out ways to deal with it.

And, you have to imagine that DPIA’s will be open for discovery and subpoenas in lawsuits, which will then be turned around on companies to insist that they had “knowledge” of the harms that could happen, and therefore they’re liable, even if the actual harm was not connected to the actual workings of the site, but the underlying content.

Part of the DPIA then is that once we’ve identified the potential harm, we have to “create a timed plan to mitigate or eliminate the risk before the online service, product, or feature is accessed by children.”

So, um, how do we mitigate the “harm” we might provide? We can’t report on police brutality any more? We can’t have comments any more? Because some undefined “child” (including high school students) out there might access it and witness “harmful” content? How is that possible?

I literally don’t know how to comply with any of this. And, doesn’t that violate the 1st Amendment? Having the government demand I document and mitigate (undefined) “harm” from my site or the content on my site seems like it’s a content moderation bill in disguise, requiring me to “mitigate” the harms (i.e., take down or ban content). And, well, that’s a 1st Amendment problem.

The enforcement of the bill is in the hands of the Attorney General. I doubt the AG is going to go after Techdirt… but, I mean, what if I write something mean about them? Now they have a tool to harass any company, demanding they hand over all their DPIAs and potentially fining them “a civil penalty of not more than two thousand five hundred dollars ($2,500) per affected child for each negligent violation or not more than seven thousand five hundred dollars ($7,500) per affected child for each intentional violation.”

So… if a class of 20 high schoolers decide to visit Techdirt to learn about their civil liberties under attack in California… the AG could then effectively fine me $150,000 for not having mitigated the “harm” they may have endured (the AG would likely have to give me 90 days to “cure” the violation, but as discussed above, there is no cure).

At the very least, this bill would make me extremely nervous about ever criticizing California’s Attorney General (especially if they seem like the vindictive type — and there are plenty of vindictive AGs in other states), because they now have an astounding weapon in their toolbox to harass any company that has a website. As such, this bill — just by existing — suppresses my speech in that it leads to us being less willing to criticize the Attorney General.

Eric Goldman keeps posting about how this blows up the internet. My guess is that it’s actually going to be almost entirely ignored… until it’s used to bash a company for some other issue. It’s impossible to comply with. It creates a massive amount of busy work for almost all companies with a website, almost all of which will ignore it. The biggest companies will send off their legal teams to write up a bunch of useless DPIAs (that only will create legal liability for them). More mid-sized companies may do the same, though they may also significantly decrease the kinds of features they’ll add to their websites. But every smaller company is going to just totally ignore it.

And then, any time there’s some other issue that politicians are mad about, the AG will have this stupid thing in their back pocket to slam them with. It’s performative lawmaking at its absolute worst.

And no one can explain how any of this will actually help children.

Here’s the thing that’s particularly stupid about all of this. The underlying premise of the bill is completely disconnected from reality. It’s premised on the idea that most websites don’t have any incentive to be careful with children. Are there some egregious websites out there? Sure. So write a fucking bill that targets them. Not one that wraps in everyone and demands impossible-to-comply with busy work. Or, JUST USE THE AUTHORITIES THAT ALREADY EXIST. COPPA exists. The California AG already has broad powers to protect California consumers. Use them!

If there are credible sites that are nefariously harming kids, why not use those powers, rather than forcing impossible-to-comply with busy work on absolutely everyone just in case a bunch of teenagers like the site?

The whole thing is the worst of the worst in today’s tech policymaking. It misunderstands the problem. Has no clue about what its own law will do, and just creates a massive mess. Again, I think the end result of any such law is that it is mostly ignored. And we shouldn’t be passing a law if the end result is that it’s going to be ignored and basically have everyone violate it. And that just creates a massive liability risk, because eventually, the AG is going to go after companies for this while everyone is ignoring it, and then there will be a flurry of concern.

Honestly, seeing my home state pass a law like this makes me think that California no longer wants internet businesses to be opening up here. Why would you?

But, California politicians need headlines about how they’re “taking on big tech” and “protecting the children” and so we get this utterly disconnected from reality nonsense. No one can possibly comply with it, so now the California Attorney General can target any business with a website.

That just doesn’t seem wise at all.

Filed Under: ab 2273, age appropriate design, coppa, data protection impact assessment, for the children, privacy

Spending Too Long Pooping At School? There’s A (Government) App For That

(Mis)Uses of Technology

from the early-adopters-should-be-forced-to-form-a-human-centipede dept

There’s a vast difference between what the government thinks it should know vs. what it’s actually entitled to know. And when the government decides more surveillance is needed, the most frequent targets are non-citizens (even if they’re legal residents) and children.

Children are vulnerable. In the name of protecting children, the government often exploits the innate vulnerability of children who are not afforded the full constitutional protection adults are given. Lower the right to privacy and you can get away with about anything.

To wit:

• The Glendale (CA) school district declared it would retain a third-party service to do “round the clock” monitoring of student’s (obviously) off-campus social media activities.
• With some students still utilizing distance learning as a result of a global pandemic, schools feel they’re entitled to access everything pertaining to distanced students, including psychiatric records and (yes, again) their social media activities.
• The trade-off for not being in school is being treated like a cheater. Eye tracking, key logging, mouse click examination, how fast you do or don’t scroll… all grounds for suspicion of cheating according to test proctoring software/apps/extensions.
• Schools hoping to head off shootings are investing in tech (using your tax dollars) that mistake coughing and slammed locker doors as gunshots.
• Legislators in several states are forcing educators to somehow “verify” a student’s sexual identity before allowing them to participate in sports programs.

This is on top of strip search after strip search after 850 aggressive fondlings of high school students (including breasts and genitals) performed by school administrators or their favorite proxies, “school resource officers.”

Students appear to be little more than prisoners school administrators graciously allow to return to their homes between classes. There’s apparently nothing we won’t subject minors to in the name of education, as Joseph Cox reports for Motherboard.

e-HallPass, a digital system that students have to use to request to leave their classroom and which takes note of how long they’ve been away, including to visit the bathroom, has spread into at least a thousand schools around the United States.

The system has some resemblance to the sort of worker monitoring carried out by Amazon, which tracks how long its staff go to the toilet for, and is used to penalize workers for “time off task.” It also highlights how automated tools have led to increased surveillance of students in schools, and employees in places of work.

Ah, the dystopian industrial complex, but now for kids. It takes the post-fascist ideals of Amazon’s brand of capitalism (i.e., “Work will set you free”) and applies it to children, tracking every moment spent “off task” to determine whether using the restroom “too often” (whatever the fuck that means) to apply discipline.

Feels bad, man. But if you think those helping the system be The System have any qualms about their contribution to the treatment of students as objects, you’re in for a bit of a shock. The company marketing this questionable “service” seems to think it’s schools that are falling behind by not purchasing third-party restroom tracking.

Brian Tvenstrup, president of Eduspire, told the outlet that the company’s biggest obstacle to selling the product “is when a school isn’t culturally ready to make these kinds of changes yet.”

I’m sure being greeted with questions like “what the actual fuck” and “how did you get in my office” must be disheartening to Eduspire and its salespersons. It also must be tough to explain how the word “inspire” got folded into this unfortunate corporate name, considering all the company provides is ways to destroy trust between students and educators.

On top of tracking bathroom visits, the software also provides school administration with ways to prevent students from interacting with each other or otherwise limit use of hall passes. And that’s all on top of the restroom monitoring I can’t seem to recall any educators (note: not school administrators) expressing an interest in obtaining.

The “service” provided here simply duplicates what teachers already know: which students seem to obtain hall passes more often than others. If this created problems, it’s nothing that could not be addressed by educators or students’ parents.

All the purchase of third-party spyware does is allow administrators to plausibly deny responsibility. After all, a computer thing told them to do it. They certainly wouldn’t have done it on their own. And, as the Excel spreadsheet (or whatever output options Eduspire provides) clearly shows (using specifically-tailored output), your child is a bathroom outlier. And since their restroom visits fall outside the mean, things must be done, Mr./Mrs. Parent of Said Student. I’m sorry but our hands are tied.

Hey, clever people out there: stop making bullshit like this. Maybe create a BTFSTTG app that gives students ways to generate junk data for intrusive collections like these that will overwhelm administrators with false positives until they finally decide it’s not worth spending (other people’s) money for. That would definitely be preferable to acting as virtual hall monitors while lowering students’ resistance to always-on surveillance of their activities.

Filed Under: children, dystopia, e-hallpass, for the children, monitoring, students, surveillance, tracking
Companies: e-hallpass, eduspire

Daily Deal: The 2022 FullStack Web Developer Bundle

Deals

from the good-deals-on-cool-stuff dept

The 2022 FullStack Web Developer Bundle has 11 courses to help you step up your game as a developer. You’ll learn frontend and backend web technologies like HTML, CSS, JavaScript, MySQL, and PHP. You’ll also learn how to use Git and GitHub, Vuex, Docker, Ramda, and more. The bundle is on sale for $30.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

Twitter Whistleblowing Report Actually Seems To Confirm Twitter’s Legal Argument, While Pretending To Support Musk’s

Overhype

from the this-is-weird dept

We already wrote a long story looking at many of the eye-opening claims from Peiter “Mudge” Zatko in his whistleblower report regarding Twitter’s security operations, and the possibility that the company both has shit security practices and violated its FTC consent decree regarding those security practices. As I noted, the report is a mixed bag of things that sure sound pretty serious, and a few that are greatly lacking in context. Some of them might be really bad, but might not be quite so bad if we knew the full context.

This post just focuses on the first claims in Mudge’s report, which (honestly) seem to have been written more to jump on the current news cycle than to address an actual issue at Twitter. It’s entirely unrelated to the other claims in the report, but instead is focused on the question of Twitter and spam/bot reporting. And… it’s weird. It is framed as though it supports Musk’s claims that Twitter is lying about spam. But, the details actually show the opposite.

The media is, unfortunately, falling for the spin. The media is covering it as if the claims about spam and bots help Musk.

But that’s just reporters buying into the framing, and apparently not really understanding the details.

The lawsuit is not about spam:

So, let’s dive into those details. The first and most important thing to remember is that, even as Musk insists otherwise, the Twitter lawsuit is not about spam. It just is not. I’m not going to repeat everything in that earlier story explaining why not, so if you haven’t read that yet, please do. But the core of it is that Musk needed an escape hatch from the deal he didn’t want to consummate and the best his lawyers could come up with was to claim that Twitter was being misleading in its SEC reporting regarding spam. (As an aside, there is very strong evidence that Musk didn’t care at all about the SEC filings until he suddenly needed an escape hatch, and certainly didn’t rely on them).

But — and this is kind of important — many of Musk’s claims were based on either misunderstanding or deliberately misreading Twitter’s SEC filings. As I’ve explained multiple times now, what Twitter reports to the SEC is how much spam is likely included in their “monetizable daily average user” (mDAU) accounting. This is not, and has never been, about “how much spam is on the platform.” The company came up with this other metric — mDAU — that is a segment of the total Twitter population. As Mudge’s report notes, an mDAU is defined as a “valid user account that might click through ads and actually buy a product.”

That’s not every account. There are accounts that are inactive. There are accounts that are automated (but useful — such as those tweeting out the weather or earthquakes or whatnot). There are lots of accounts that may exist on the platform, but may not be counted in mDAU. And that includes some spam/bot accounts. That has always been clear for anyone who reads the details.

Spam in the mDAU is not the same as spam on Twitter:

Next, Twitter’s filings with the SEC are only about how much spam is in their mDAU number. This takes place after Twitter has made use of other processes to try to eliminate spam accounts from the mDAU, and then they do a daily spot check of 100 accounts. That creates a sample size of 9000 over the course of a quarter (the time period between Twitter reports), and is statistically significant for declaring that less than 5% of the mDAU is spam.

Again, this has never meant that less than 5% of all accounts, or all tweets, or all activity is spam or bots. It just means that less than 5% of what is counted in their mDAU number is.

On top of this, Twitter caveats its SEC filings around this admitting that this process is highly subjective and could be inaccurate. It does this at great length:

While these numbers are based on what we believe to be reasonable estimates for the applicable period of measurement, there are inherent challenges in measuring usage and engagement across our large number of total accounts around the world. Furthermore, our metrics may be impacted by our information quality efforts, which are our overall efforts to reduce malicious activity on the service, inclusive of spam, malicious automation, and fake accounts. For example, there are a number of false or spam accounts in existence on our platform. We have performed an internal review of a sample of accounts and estimate that the average of false or spam accounts during the fourth quarter of 2021 represented fewer than 5% of our mDAU during the quarter. The false or spam accounts for a period represents the average of false or spam accounts in the samples during each monthly analysis period during the quarter. In making this determination, we applied significant judgment, so our estimation of false or spam accounts may not accurately represent the actual number of such accounts, and the actual number of false or spam accounts could be higher than we have estimated. We are continually seeking to improve our ability to estimate the total number of spam accounts and eliminate them from the calculation of our mDAU, and have made improvements in our spam detection capabilities that have resulted in the suspension of a large number of spam, malicious automation, and fake accounts. We intend to continue to make such improvements. After we determine an account is spam, malicious automation, or fake, we stop counting it in our mDAU, or other related metrics. We also treat multiple accounts held by a single person or organization as multiple mDAU because we permit people and organizations to have more than one account. Additionally, some accounts used by organizations are used by many people within the organization. As such, the calculations of our mDAU may not accurately reflect the actual number of people or organizations using our platform.

Musk’s entire complaint is that he relied on the SEC mDAU filings, and that THOSE are wrong

As we’ve described, this is a weak sauce argument that is meaningless. Musk claims publicly (and sort of gets at it in some of the legal filings) that he believes “spam on the platform” is more than 5%. But the (already weak and irrelevant) legal argument he is making is that Twitter lied to the SEC in saying that the spam in the mDAU is less than 5%, and that this lie will create a “material adverse event” (MAE) that allows him to scuttle the deal (again, the spam issue is not an excuse to violate the deal — only an MAE).

As we’ve discussed, all of this is nonsense. Musk seems to be — either deliberately as an excuse to get out of the deal or because he doesn’t understand some fairly basic things — conflating “spam on the entire platform” with “spam remaining in the mDAU.”

He has done this multiple times in public, and it has influenced at least the court of public opinion — many of whom actually believe that Twitter only reports that less than 5% of the platform is spam (something it has not reported at all).

Mudge’s whistleblowing report actually confirms Twitter’s position, while pretending otherwise:

And here we get into the specifics of Mudge’s report. He first trashes the entire mDAU concept, noting that it’s a scam in and of itself, in that it basically allows Twitter to fudge the numbers.

Until 2019, Twitter reported total monthly users, but stopped because the number was subject to negative swings for a variety of reasons, including situations such as the removal of large numbers of inappropriate accounts and botnets. Instead, Twitter announced a new, proprietary, opaque metric they called “mDAU” or “Monetizable Daily Active Users,” defined as valid user accounts that might click through ads and actually buy a product. From Twitter’s perspective “mDAU” was an improvement because it could internally define the mDAU formula, and thereby report numbers that would reassure shareholders and advertisers. Executives’ bonuses (which can exceed $10 million) are tied to growing mDAU.

Okay, there’s a bit of editorializing here, and I can see there are reasons to be skeptical of mDAU in general. But there are also reasons to think that (as Mudge admits) not including “large numbers of inappropriate accounts and botnets” is actually… good for shareholders and advertisers in not confusing them that those accounts might actually be monetizable. Yet there are definitely questions about how Twitter might be able to goose the mDAU numbers to its own advantage and maybe “smooth out” bumps in the road or whatnot. Not saying that’s definitely the case, but it’s a risk when you get to define stuff.

That said, Mudge also admits that Twitter is incentivized to not count spam in mDAU:

Executives are incentivized to avoid counting spam bots as mDAU, because mDAU is reported to advertisers, and advertisers use it to calculate the effectiveness of ads. If mDAU includes spam bots that do not click through ads to buy products, then advertisers conclude the ads are less effective, and might shift their ad spending away from Twitter to other platforms with higher perceived effectiveness.

So, as a start, that contradicts the claims of Musk and his fans that Twitter has incentive to look the other way when reporting spam in the mDAU because it benefits the numbers. As Mudge notes, Twitter has incentives not to count spam in the mDAU.

And then he puts forth his argument for why he thinks Musk is correct — even though it’s actually confirming that Twitter is correct:

However there are many millions of active accounts that are not considered “mDAU,” either because they are spam spam bots, or because Twitter does not believe it can monetize them. These millions of non-mDAU accounts are part of the median user’s experience on the platform. And for this vast set of non-mDAU active accounts, Musk is correct: Twitter executives have little or no personal incentive to accurately “detect” or measure the prevalence of spam bots.

So… I’m really confused by this section, and the claims that “Musk is correct.” Because in court they’re not arguing about how much spam is on the overall platform. They’re arguing about how much is in the mDAU. So, rather than supporting Musk, this paragraph simply confirms exactly what Twitter has been saying in SEC filings and in court. What it reports to the SEC is an estimate of how many spam accounts slip through other processes, and are inadvertently counted in the mDAU.

That is all Twitter has ever claimed in a legally binding way.

And here, Mudge is confirming that Twitter is not just exactly correct, but also that it is incentivized to behave exactly this way, and not at all how Musk has described.

The fact that Mudge is saying that there are spam accounts outside the mDAU… is the very point that Twitter has been making and that Musk keeps misrepresenting. mDAU does not include all accounts on the platform. And the only way in which the spam counting could even be remotely relevant to the case (and, again, it’s not) is if Twitter made a material misstatement to the SEC.

And Mudge doesn’t claim that at all. Rather he backs up Twitter’s claims that mDAU is not all user accounts and that Twitter has incentives to keep spam out of mDAU to keep advertisers happy. That supports Twitter’s legal argument and kicks the legs out from under Musk’s.

I simply don’t understand why anyone — including Mudge — thinks all this supports Musk.

I also question the claim that Twitter has no incentive to remove the spam accounts that are outside the mDAU. It seems fairly obvious why they still have incentive to try to tackle that problem as well: because if the platform is overrun with spam and bots then that will drive users away. Those users are in the mDAU and so having too much spam on the platform (even outside the mDAU) drives down the mDAU. That’s just kinda common sense.

Mudge then tries to justify how this supports Musk, but it… just gets worse and again seems to support Twitter. Mudge is a great security researcher, but when it comes to spam stuff, it’s not clear he has a firm grasp on how some of this works.

In fact, Mudge learned deliberate ignorance was the norm amongst the executive leadership team. In early 2021, as a new executive, Mudge asked the Head of Site Integrity (responsible for addressing platform manipulation including spam and botnets), what the underlying spam bot numbers were. Their response was “we don’t really know.” The company could not even provide an accurate upper bound on the total number of spam bots on the platform. The site integrity team gave three reasons for this failure: (1) they did not know how to measure; (2) they were buried under constant firefighting and could not keep up with reacting to bots and other platform abuse; and, most troubling (3) senior management had no appetite to properly measure the prevalence of bot accounts–because as Mudge later learned from a different sensitive source, they were concerned that if accurate measurements ever became public, it would harm the image and valuation of the company.

This also seems really odd. First of all, points one and two are basically life for every site integrity team in every company ever. It’s the nature of the role that it’s mostly all firefighting, and little time for larger perspective. But, more importantly the first point is key. If Twitter knew how to count all the spam on the platform, it would know how to eliminate all the spam on the platform. The company has a bunch of methods that try to limit spam, and as we’ve discussed it kills hundreds of thousands of accounts every day.

Clearly, some make it through, but “not knowing” how much spam is on the overall platform is not the smoking gun people seem to think it is. I have no idea how much spam makes it through into the Techdirt comments. It’s not as easy to count as some people think. If I did know, the answer would be zero, because I’d delete it all.

As for the claim that senior management has no appetite to measure it because it would harm the valuation, that could be, but still seems kind sketchy. First, without details on the “sensitive source,” it’s difficult to judge the credibility of the claim. Second, given that the company has spent years focusing on mDAU for exactly this reason, it’s not at all clear how revealing how much spam was on the actual platform would… impact anything? After all, the company is already focused on reporting the numbers of the users that matter for revenue purposes.

Even the Board of Directors understood the counterproductive incentives in place: In or about the Q3 2021 Board Risk Committee meeting, a Director asked why more progress has not been made around bots and related harmful content on the platform. Our client remembers an executive of the company admitting to Board members that the company had “intentionally and knowingly deprioritized” platform health to focus on growing mDAU. Afterwards, a different Twitter leader who had witness the exchange commented to Mudge, in reference to this admission, “it is very strange what this company does not share with board members, and then some of the statements that they do.”

Again, I’m confused as to what this is supposed to reveal. Wall Street — mainly Elliott Management, had literally forced Twitter to change its plans to increase its mDAU growth numbers. And that included Elliott Management’s seat on the Board. If the Board is forcing the company to grow its users, then of course the company is going to focus on growing the userbase over issues that seem secondary like “platform health.” We can argue if that was the right decision — and whether it makes sense in the long term — but the fact is that the Board and the company’s largest investors were ordering management to focus on user growth, not things like dealing with spam.

I mean, literally, the agreement with Elliott was that Twitter promised “to grow its average number of daily users who see ads by 20%.” That’s mDAU. The Board told Twitter’s top execs “grow mDAU or you’re out,” so Twitter prioritized growing mDAU. That’s… not a scandal. That’s not a bombshell. That’s not revealing anything the Board wouldn’t have already known.

There’s a bit more like this, and then Mudge claims that Agrawal’s somewhat infamous tweets responding to Musk were designed to mislead him. He’s got it almost entirely backwards.

The rest of Agrawal’s May 16 tweets aren’t out-and-out lies but they rely on wordplay to distract and mislead Mr. Musk, and everyone else. Musk appears to be asking a valid and intuitive question, what percent of accounts encountered by the media user are actually bots?

Except it’s Musk here who is using clever wordplay to distract and mislead everyone. As we’ve described over and over again, the 5% number that Musk repeats in these screenshots is about mDAU. The 5% number is what Twitter reports is the amount of spam they believe incorrectly gets counted in mDAU. It’s Musk who keeps pretending the 5% number implies spam across the entire platform, which Twitter has never said it does. As we’ve explained multiple times now, Musk is trying to distract by pretending that the 5% claim is about spam on the entire platform. It never has been. It has always been an estimate of the amount that makes it through and is still counted in the mDAU.

That is clear to anyone who’s actually read Twitter’s filing (both in the Chancery Court and at the SEC).

From there, Mudge claims that Agrawal was misleading in response by accurately detailing how Twitter narrows down the entire platform to focus just on mDAU and to figure out how much spam is there. But, he’s not. Agrawal knows that Musk keeps referring to the 5% number, and that Musk believes that’s the relevant number that has been somehow falsified in the SEC report. Agrawal’s Twitter thread is an explanation of the mDAU process.

Indeed, Mudge more or less admits this, though again he thinks it’s Agrawal being misleading, rather than the other way around.

While pretending he is answering Musk’s question, in fact Agrawal is answering a very different one, namely, Are there fewer than 5% bots in the set of mDAU accounts, as defined in secret by Twitter? Agrawal’s reasoning might appear a bit circular since, by definition, mDAU is more or less Twitter’s best approximation of the set of accounts that aren’t bots. And Agrawal is not exactly trying to help readers understand the bait-and-switch nature of his answer:

I mean, again, those tweets directly counter Mudge’s own claims that Agrawal is not trying to help readers understand. He literally says in the first tweet shown that he’s just talking about how much gets into the mDAU. And this thread was helpful to those who read it. This thread is the key reason why I understand the shell game that Musk is playing here, by pointing to the mDAU reported number as false, but talking about the total amount of spam on the platform.

In this thread, as you can see above, Agrawal is literally clarifying that point for everyone reading — not obfuscating, as Mudge implies.

So I really don’t understand this next claim from Mudge:

Unless you’re a Twitter engineer responsible for calculating mDAU, you probably wouldn’t know what Agrawal is talking about. He is not saying that fewer than 5% of all accounts on the platform are spam. He’s saying, more or less, that Twitter starts with all the accounts on the platform, tries to automatically put all the accounts that could be convinced by advertisers to buy products (but no spam accounts) into mDAU, and then uses humans to estimate the error rate of spam accounts that nevertheless slip through into mDAU. And naturally, Twitter “can’t share” its special sauce for determining mDAU.

And, um, I’m not a Twitter engineer, and not only did I understand that (in large part due to Agrawal’s thread) I think explained it to lots more people in two separate posts, because it seemed very clear to me what he was saying — and it seemed much clearer that Musk was the one misrepresenting things to his adoring fans, pretending that the 5% number is about spam on the total platform, and that Agrawal was explaining “no, the 5% (the number Twitter reports to the SEC and the only one that might sorta, kinda have some legal issues tied to it) is not the total number on the platform, but the bit that inadvertently slips through.” I mean, that’s literally what Agrawal tweeted.

As for the final line of the paragraph, which I read as sarcasm about Twitter’s inability to share its “special sauce”, is a really weird line for a security professional to include in such a filing. As Agrawal made quite clear in his thread, part of the human determination involves looking at private information, including IP addresses and other information that Twitter cannot give out because it would be a huge privacy violation that would certainly violate the consent decree that Mudge claimed was so important elsewhere.

Reading through all of this, anyone who actually understands the details — including what’s at play in the lawsuit — should see that Mudge is actually confirming the only thing that matters for the lawsuit: that the numbers Twitter reported to the SEC for mDAU involves estimating how much spam they mistakenly include in mDAU and not how much spam is on the platform as a whole. If the actual total amount of spam on the platform is higher than that, it doesn’t help Musk, because Musk’s legal argument is predicated on the <5% reported to the SEC.

Mudge is a smart dude, so I’m confused as to how he got this as mixed up as he did.

Oddly, Mudge’s report may help Musk — but in a totally different way

Incredibly, despite all of this, Mudge’s whistleblowing may actually help out Musk in a much bigger way. Musk’s entire legal argument for getting out of the deal is that (1) Twitter refused to provide him with the relevant info to calculate spam and (in his counterclaims) that (2) Twitter is committing fraud by lying to the SEC, and that could create a material adverse event (MAE) that it hid from him, allowing him to get out of the deal.

That’s all nonsense, as discussed above and previously.

However, the new whistleblower report is kicking off an FTC review, apparently EU data protection regulators are looking into it as well, and it’s possible that others are investigating too. Those investigations, and the possibility of a consent decree violation, might… actually… be an MAE that allows him to escape the deal! In addition, Mudge is alleging fraud (though that’s mostly redacted, so no idea how credible it is). And if that’s shown to be the case as well, it might also be an MAE.

Of course, there are a lot of questions before all of that is settled, and I’m not sure it would actually help Musk out. But even as Mudge, Musk, and the media all seem to think the spam stuff helps the case, anyone who actually understands what has been said, what issues are at play in the lawsuit, and how all this works knows that… it doesn’t.

Filed Under: elon musk, mdau, mudge, parag agrawal, spam
Companies: twitter

HBO Max And Sesame Street Highlight The Stupidity Of Mindless Media Megamergers

Culture

from the merge-ALL-the-things! dept

If you recall, AT&T spent nearly $200 billion on megamergers thinking it was going to dominate the online video advertising space. But after spending a fortune on DirecTV and Time Warner, laying off 50,000 people, killing off popular properties like Mad Magazine and DC’s Vertigo imprint, it quickly became clear that AT&T executives had absolutely no idea what they were doing.

After stumbling around drunkenly for a while, AT&T returned to what it’s best at (running broadband networks and lobbying the government to crush broadband competition), and spun off Time Warner into an entirely new company, Warner Media. Warner Media immediately then turned around and announced a blockbuster merger with Discovery, creating the creatively named Warner Brothers Discovery. 

If you’re a consumer or employee at any of these brands and companies, the last few years have proven to be a befuddling mess. Remember that the AT&T acquisition of HBO and Time Warner resulted in so many different brands it even confused employees at AT&T. Despite efforts to consolidate content, it’s somehow only gotten dumber since then.

Managers at the new company have taken a hatchet to HBO’s offerings in particular, culling a wide variety of popular content to cut costs. That includes roughly 200 episodes of popular shows like Sesame Street and dozens of films and shows overall. Why? In part because the new consolidated company doesn’t want to pay residuals in a bid to make deal financials make sense:

While HBO Max already paid for the production of these shows, it’s still on the hook for residuals, including so-called back-end payments to cast, crew and writers, based on long-term viewership metrics.

By removing these films and shows, especially the ones HBO Max created rather than licensed, executives can cut expenses immediately. Warner Bros. Discovery has promised at least $3 billion in synergies stemming from the merger of WarnerMedia and Discovery, announced in May.

Ah, megamerger synergies.

There’ve been several new additional casualties thanks to this latest series of mergers, including TBS’s Full Frontal With Samantha Bee (Turner and TBS merged with Warner Brothers way back in 1996). With the merger of HBO Max and Discovery+, they’re hoping to “declutter” what’s now just a discordant parade of content, much of which executives didn’t really even want. There’s also been just a steady parade of layoffs of employees they didn’t want either.

HBO employee John Oliver went so far as to call this final form version of HBO Max little more than a “series of tax write offs”:

Again, this is just another example of the U.S.’ harmful obsession with megamergers, consolidation, purposeless (outside of stock fluffing) deal making, and growth for growth’s sake. All of these deals make perfect sense to the executives, lawyers, and accounting magicians exploiting them for tax breaks and various financial benefits, but that doesn’t make this whole saga any less preposterously pointless.

Employees and consumers certainly didn’t benefit from this idiotic parade of events that began with AT&T wasting hundreds of billions of dollars to buy companies it was too incompetent to run. And somehow the saga has only gotten dumber since then.

Filed Under: hbo, hbo max, john oliver, layoffs, media consolidation, megamergers, synergies, telecom
Companies: at&t, hbo, warner bros., warner brothers discovery