Technology giants spent millions on lobbying in 2018

A serious man in a suit speaks into a microphone.

American technology giants spent record sums on lobbying in 2018, according to disclosures the companies filed with the Federal Elections Commission on Tuesday.

Google led the pack, spending $21 million—up from $18 million in 2017. The company lobbied on a wide range of issues, including copyright and patent reform, privacy issues, cybersecurity, education, trade, health IT, immigration, workplace diversity, spectrum policy, network neutrality, autonomous vehicles, and tax reform.

Amazon spent $14 million lobbying on many of the same issues, while Facebook spent almost $13 million. Microsoft spent $9.5 million, while Apple spent $6 million.

Read 3 remaining paragraphs | Comments

UK clothing company: Oops, our trademark doesn’t cover collusion.so

One of the custom paintings in a stairwell of the Electronic Frontier Foundation offices, Sep 19, 2013 in San Francisco, CA, USA.

For the second time in a month, lawyers have told the Electronic Frontier Foundation that their legal claims were sent in error.

On Wednesday, lawyers representing the British fashion company ASOS sent a short email to Daniel Nazer, an EFF attorney, apologizing for a recent cease-and-desist letter over a claimed trademark infringement.

“Clearly the C&D letter should never have been sent,” the letter states. “We are taking the matter very seriously and are investigating how this happened. Of course, ASOS would like to assure you that we will not be taking any further action and will ensure appropriate correspondence is sent as soon as possible to confirm this.”

Read 3 remaining paragraphs | Comments

US appeals court says California can set its own Low Carbon Fuel Standard

Ethanol Plant, Milton, Wisconsin.

Late last week, the US Court of Appeals for the 9th Circuit published an opinion (PDF) stating that California’s regulation of fuel sales based on a lifecycle analysis of carbon emissions did not violate federal commerce rules.

Since 2011, California has had a Low Carbon Fuel Standard (LCFS) program, which requires fuel sellers to reduce their fuel’s carbon intensity by certain deadlines. If oil, ethanol, or other fuel sellers can’t meet those deadlines, they can buy credits from companies that have complied with the standard.

California measures “fuel intensity” over the lifecycle of the fuel, so oil extracted from tar sands (which might require a lot of processing) would be penalized more than lighter oil that requires minimal processing. Ethanol made with coal would struggle to meet its carbon intensity goals more than ethanol made from gas.

Read 9 remaining paragraphs | Comments

UK fashion label says it owns trademark on “collusion,” EFF says no way

Meet the COLLUSION Unisex puffer jacket in red.

On Tuesday, the Electronic Frontier Foundation issued yet another formal response to an overzealous legal demand, this time over the use of the domain name “collusion.so.”

This story begins with President Donald Trump’s most public attorney, Rudy Giuliani, who despite being the president’s cybersecurity adviser, doesn’t seem to understand how Twitter or URLs work.

In December 2018, Giuliani amazingly blamed Twitter itself for turning a phrase he wrote in a tweet (“G-20.in”) into a valid URL. An enterprising Twitter user noticed, bought the domain, and turned it into an anti-Trump site.

Read 12 remaining paragraphs | Comments

Pay for Trump’s border wall with $20 online porn fee, Ariz. lawmaker says

A computer mouse with a cable forming the letters,

An Arizona state lawmaker has proposed a $20 fee on people who want to view online pornography in order to raise money for building a border wall between Arizona and Mexico.

Arizona House Bill 2444, proposed last week by State Rep. Gail Griffin (R-Hereford), would require makers and distributors of Internet-connected devices to ship such devices with blocking software “that renders a website that displays obscene material inaccessible by default.” Under the bill, any Internet user who wants to deactivate the blocking software would have to pay “a onetime deactivation fee of at least $20 to the Arizona Commerce Authority.”

The money would be used to establish what the bill calls the “John McCain Human Trafficking and Child Exploitation Prevention Fund.” That fund would “provide grants to government agencies and private entities that work to uphold community standards of decency for the purpose of strengthening families and developing, expanding or strengthening programs for victims of sex offenses.”

Read 15 remaining paragraphs | Comments

Researchers discover state actor’s mobile malware efforts because of YOLO OPSEC

A nation-state's hacking operations were exposed by WhatsApp and other communications uploaded from their own phones during malware testing, Lookout researchers revealed on January 19 at the Shmoocon security confernce in Washington, DC.

WASHINGTON, DC —At the Shmoocon security conference here on January 19, two researchers from the mobile security provider Lookout revealed the first details of a mobile surveillance effort run by a yet-to-be named state intelligence agency that they had discovered by exploring the command-and-control infrastructure behind a novel piece of mobile malware. In the process of exploring the malware’s infrastructure, Lookout researchers found iOS, Android, and Windows versions of the malware, as well as data uploaded from a targeted phone’s WhatsApp data. That phone turned out to be one that belonged to one of the state-backed surveillance effort—and the WhatsApp messages and other data found on the server provided a nearly full contact list for the actors and details of their interactions with commercial hacking companies and eventual decision to build their own malware.

Lookout has not revealed the country behind the malware, as the highly targeted collection campaign is still active and exposing it would burn the company’s ability to block the malware and continue to collect intelligence about the organization. Lookout’s Andrew Bliach and Michael Flossman, who presented the findings at Shmoocon, have provided some of the details they have obtained in a blog post, however—and they provide a fascinating look at how a reasonably well-funded state-sponsored intelligence-gathering operation works.

The communications data was left in the open on the infrastructure discovered by Bliach and Flossman; apparently, operational security was not a major concern for the malware operations team behind the effort. As a result, the researchers were able to view communications between members of that team and representatives of a number of zero-day and hacking-services providers as they explored purchasing the tools needed to gain access to their targets. “These messages were uncovered during an in-depth investigation and reverse-engineering effort into the infrastructure and malware tooling that this group built themselves.” Flossman and Bliach wrote in their follow-up blog. “These message also revealed many potential 0-days that a buyer could purchase along with their cost, effectiveness, and seller guarantee for both mobile and desktop operating systems.”

Read 5 remaining paragraphs | Comments

Bird, Lime sued by disability rights activists who claim obstructed sidewalks

BIRD Scooters are now available throughout Southern California and have become increasingly popular in San Diego.

A disability rights group has sued the City of San Diego and three companies—including e-scooter startups Bird and Lime—over alleged violations of the landmark Americans with Disabilities Act and other related state laws.

The new proposed class-action lawsuit, Montoya et al v. City of San Diego et al, claims that the city has been derelict in its duty to keep city sidewalks, ramps, crosswalks, and curbs free of errant scooters, which in many cases can be significant hazards to people with physical disabilities.

Similarly, the lawsuit claims that these companies are creating these hazards in the first place by creating geo-fencing within the services and have chosen not to attempt to solve this problem.

Read 8 remaining paragraphs | Comments

Russia tries to force Facebook and Twitter to relocate servers to Russia

A woman holds a smartphone with icons for social networking apps Facebook, Instagram, Twitter and others. The app icons are in a folder whose title is the Russian word for

The Russian government agency responsible for censorship on the Internet has accused Facebook and Twitter of failing to comply with a law requiring all servers that store personal data to be located in Russia.

Roskomnadzor, the Russian censorship agency, “said the social-media networks hadn’t submitted any formal and specific plans or submitted an acceptable explanation of when they would meet the country’s requirements that all servers used to store Russians’ personal data be located in Russia,” The Wall Street Journal reported today.

Roskomnadzor said it sent letters to Facebook and Twitter on December 17, giving them 30 days to provide “a legally valid response.”

Read 11 remaining paragraphs | Comments