Security

Anthem To Pay $115 Million In The Largest Data Breach Settlement Ever (cnet.com) 35

An anonymous reader quotes CNET: Anthem, the largest health insurance company in the U.S., has agreed to settle a class action lawsuit over a 2015 data breach for a record $115 million, according to lawyers for the plaintiffs. The settlement still has to be approved by US District Court Judge Lucy Koh, who is scheduled to hear the case on August 17 in San Jose, California. And Anthem, which didn't immediately respond to a request for confirmation and comment, isn't admitting any admitting any wrongdoing, according to a statement it made to CyberScoop acknowledging the settlement.

But if approved, it would be the largest data breach settlement in history, according to the plaintiffs' lawyers, who announced the agreement Friday. The funds would be used to provide victims of the data breach at least two years of credit monitoring and to reimburse customers for breach-related expenses. The settlement would also guarantee a certain level of funding for "information security to implement or maintain numerous specific changes to its data security systems, including encryption of certain information and archiving sensitive data with strict access controls," the plaintiff attorneys said.

The breach compromised data for 80 million people, including their social security numbers, birthdays, street addresses (and email addresses) as well as income data. The $115 million settlement averages out to $1.43 for every person who was affected.
United States

Does US Have Right To Data On Overseas Servers? We're About To Find Out (arstechnica.com) 236

Long-time Slashdot reader quotes Ars Technica: The Justice Department on Friday petitioned the US Supreme Court to step into an international legal thicket, one that asks whether US search warrants extend to data stored on foreign servers. The US government says it has the legal right, with a valid court warrant, to reach into the world's servers with the assistance of the tech sector, no matter where the data is stored.

The request for Supreme Court intervention concerns a 4-year-old legal battle between Microsoft and the US government over data stored on Dublin, Ireland servers. The US government has a valid warrant for the e-mail as part of a drug investigation. Microsoft balked at the warrant, and convinced a federal appeals court that US law does not apply to foreign data.

According to the article, the U.S. government told the court that national security was at risk.
Piracy

Sci-Hub Ordered To Pay $15 Million In Piracy Damages (torrentfreak.com) 164

An anonymous reader quotes a report from TorrentFreak: Two years ago, academic publisher Elsevier filed a complaint (PDF) against Sci-Hub and several related "pirate" sites. It accused the websites of making academic papers widely available to the public, without permission. While Sci-Hub is nothing like the average pirate site, it is just as illegal according to Elsevier's legal team, who obtained a preliminary injunction from a New York District Court last fall. The injunction ordered Sci-Hub's founder Alexandra Elbakyan to quit offering access to any Elsevier content. However, this didn't happen. Instead of taking Sci-Hub down, the lawsuit achieved the opposite. Sci-Hub grew bigger and bigger up to a point where its users were downloading hundreds of thousands of papers per day. Although Elbakyan sent a letter to the court earlier, she opted not engage in the U.S. lawsuit any further. The same is true for her fellow defendants, associated with Libgen. As a result, Elsevier asked the court for a default judgment and a permanent injunction which were issued this week. Following a hearing on Wednesday, the Court awarded Elsevier $15,000,000 in damages, the maximum statutory amount for the 100 copyrighted works that were listed in the complaint. In addition, the injunction, through which Sci-Hub and LibGen lost several domain names, was made permanent.
Cellphones

Texting While Driving Now Legal In Colorado -- In Some Cases (kdvr.com) 92

Fines for texting and driving in Colorado have jumped to $300, but according to the fine print, the increased fine only applies to drivers who are texting in "a careless or imprudent manner." Therefore, drivers who are texting in any other manner are still within the law. FOX31 Denver reports: Before the new legislation, any texting while driving was illegal. Tim Lane of the Colorado District Attorney's Office confirmed the softening crackdown on all texting and driving. "The simple fact is that if you are texting while driving but not being careless, it's no longer illegal," he said. What constitutes "careless" driving is up to the discretion of each individual law enforcement officer. Cellphone use of any kind is still banned for drivers younger than 18. Teens caught with a phone in hand while driving will be slapped with a $50 fine.
Advertising

Home Improvement Chains Accused of False Advertising Over Lumber Dimensions (consumerist.com) 537

per unit analyzer writes: According to Consumerist, an attorney has filed a class-action lawsuit charging Home Depot (PDF) and Menards (PDF) with deceptive advertising practices by selling "lumber products that were falsely advertised and labeled as having product dimensions that were not the actual dimensions of the products sold." Now granted, this may be news to the novice DIYer, but overall most folks who are purchasing lumber at home improvement stores know that the so-called trade sizes don't match the actual dimensions of the lumber. Do retailers need to educate naive consumers about every aspect of the items they sell? (Especially industry quirks such as this...) Furthermore, as the article notes, it's hard to see how the plaintiffs have been damaged when these building materials are compatible with the construction of the purchaser's existing buildings. i.e., An "actual" 2x4 would not fit in a wall previously built with standard 2x4s -- selling the something as advertised would actually cause the purchaser more trouble in many cases.
Government

FCC Proposes $120 Million Fine On Florida Robocall Scammer (reuters.com) 80

The FCC on Thursday proposed a $120 million fine on a Florida resident alleged to have made almost 100 million spoofed robocalls to trick consumers with "exclusive" vacation deals from well-known travel and hospitality companies. Reuters reports: The man, identified as Adrian Abramovich, allegedly made 96 million robocalls during a three-month period by falsifying caller identification information that matched the local area code and the first three digits of recipient's phone number, the FCC said. The calls, which were in violation of the U.S. telecommunications laws, offered vacation deals from companies such as Marriott International Inc, Expedia Inc, Hilton Inc and TripAdvisor Inc. Consumers who answered the calls were transferred to foreign call centers that tried to sell vacation packages, often involving timeshares. These call centers were not related to the companies, the FCC said.
Google

Alphabet Says Uber Knew About Stolen Self-Driving Car Files (cnet.com) 25

In a Wednesday filing with a California court, Alphabet said a former self-driving executive Anthony Levandowski hatched a plan with Uber to steal more than 14,000 proprietary documents, including designs for the sensors that help the car see its surroundings. CNET reports: Alphabet says Uber's former CEO, Travis Kalanick, knew about the files but told Levandowski to destroy them. Uber has argued that it did not encourage or condone Levandowski taking any files from Waymo or bringing them to Uber, and has noted that his employment agreement affirmed he wouldn't do that. The litigation between Alphabet and Uber has been reported as a primary reason Kalanick was forced to resign as Uber's CEO Tuesday.
Network

Lawsuit Accuses Comcast of Cutting Competitor's Wires To Put It Out of Business (arstechnica.com) 142

An anonymous reader quotes a report from Ars Technica: A tiny Internet service provider has sued Comcast, alleging that the cable giant and its hired contractors cut the smaller company's wires in order to take over its customer base. Telecom Cable LLC had "229 satisfied customers" in Weston Lakes and Corrigan, Texas when Comcast and its contractors sabotaged its network, the lawsuit filed last week in Harris County District Court said. Comcast had tried to buy Telecom Cable's Weston Lakes operations in 2013 "but refused to pay what they were worth," the complaint says. Starting in June 2015, Comcast and two contractors it hired "systematically destroyed Telecom's business by cutting its lines and running off its customers," the lawsuit says. Comcast destroyed or damaged the lines serving all Telecom Cable customers in Weston Lakes and never repaired them, the lawsuit claims. Telecom Cable owner Anthony Luna estimated the value of his business at about $1.8 million, which he is seeking to recover. He is also seeking other damages from Comcast and its contractors, including exemplary damages that under state statute could "amount to a maximum of twice the amount of economic damages, plus up to $750,000 of non-economic damages," the complaint says. CourtHouse News Service has a story about the lawsuit, and it posted a copy of the complaint.
The Courts

'Coal King' Is Suing John Oliver, Time Warner, and HBO (washingtonpost.com) 374

Reader Daetrin writes: Robert E. Murray, CEO of one of the largest coal mining companies in the US, is suing John Oliver, HBO, and Time Warner for defamation (alternative source) over a comedic report on the status of the coal industry in John Oliver's "Last Week Tonight". The report began with the decline of the coal mining industry, Trump's promises to revive it, and the plight of the workers involved, but was also highly critical of the business practices and safety record of Murray Energy Corporation and Robert Murray's leadership of the company. When the company was contacted about the piece before airing they responded with a cease and desist letter and threatened to sue. John Oliver continued with the segment anyway, saying "I didn't really plan for so much of this piece to be about you, but you kinda forced my hand on that one."
Social Networks

Supreme Court Rules Sex Offenders Can't Be Barred From Social Media (gizmodo.com) 114

An anonymous reader quotes a report from Gizmodo: In a unanimous decision today, the Supreme Court struck down a North Carolina law that prevents sex offenders from posting on social media where children might be present, saying it "impermissibly restricts lawful speech." In doing so, the Supreme Court asserted what we all know to be true: Posting is essential to the survival of the republic. The court ruled that to "foreclose access to social media altogether is to prevent the user from engaging in the legitimate exercise of First Amendment rights." The court correctly noted that "one of the most important places to exchange views is cyberspace." The North Carolina law was ruled to be overly broad, barring "access to what for many are the principal sources for knowing current events, checking ads for employment, speaking and listening in the modern public square, and otherwise exploring the vast realms of human thought and knowledge."
The Courts

Offensive Trademarks Must Be Allowed, Rules Supreme Court (arstechnica.com) 252

In a ruling that could have broad impact on how the First Amendment is applied in other trademark cases in future, the U.S. Supreme Court on Monday threw out a federal prohibition on disparaging trademarks as a constitutional violation in a ruling involving a band called The Slants. From a report: The opinion in Matal v. Tam means that Simon Tam, lead singer of an Asian-American rock band called "The Slants," will be able to trademark the name of his band. It's also relevant for a high-profile case involving the Washington Redskins, who were involved in litigation and at risk of being stripped of their trademark. The court unanimously held that a law on the books holding that a trademark can't "disparage... or bring... into contemp[t] or disrepute" any "persons, living or dead," violates the First Amendment. Tam headed to federal court years ago after he was unable to obtain a trademark. In 2015, the US Court of Appeals for the Federal Circuit ruled in Tam's favor, finding that the so-called "disparagement clause" of trademark law was unconstitutional.
Security

What Happens When Software Companies Are Liable For Security Vulnerabilities? (techbeacon.com) 221

mikeatTB shares an article from TechRepublic: Software engineers have largely failed at security. Even with the move toward more agile development and DevOps, vulnerabilities continue to take off... Things have been this way for decades, but the status quo might soon be rocked as software takes an increasingly starring role in an expanding range of products whose failure could result in bodily harm and even death. Anything less than such a threat might not be able to budge software engineers into taking greater security precautions. While agile and DevOps are belatedly taking on the problems of creating secure software, the original Agile Manifesto did not acknowledge the threat of vulnerabilities as a problem, but focused on "working software [as] the primary measure of progress..."

"People are doing exactly what they are being incentivized to do," says Joshua Corman, director of the Cyber Statecraft Initiative for the Atlantic Council and a founder of the Rugged Manifesto, a riff on the original Agile Manifesto with a skew toward security. "There is no software liability and there is no standard of care or 'building code' for software, so as a result, there are security holes in your [products] that are allowing attackers to compromise you over and over." Instead, almost every software program comes with a disclaimer to dodge liability for issues caused by the software. End-User License Agreements (EULAs) have been the primary way that software makers have escaped liability for vulnerabilities for the past three decades. Experts see that changing, however.

The article suggests incentives for security should be built into the development process -- with one security professional warning that in the future, "legal precedent will likely result in companies absorbing the risk of open source code."
Movies

Studio-Defying VidAngel Launches New Video-Filtering Platform (yahoo.com) 201

Last December VidAngel fought three Hollywood studios in court for the right to stream filtered versions of movies. Now fogez reports that "they have come up with a new tactic in their attempts to bring filtering choice into the streaming media equation. Instead of leveraging the legal loophole that landed them in court, VidAngel is now going to insert themselves as a filtering proxy for services like Netflix and Amazon." From the Hollywood Reporter: Its new $7.99 per month service piggybacks on users' streaming accounts. Customers log into the VidAngel app, link it to their other accounts and then filter out the language, nudity and violence in that content to their heart's desire... "Out of the gate we'll be supporting Netflix and Amazon and HBO through Amazon channels," says Harmon, adding that Hulu, iTunes and Vudu will follow... Harmon says it remains to be seen if the studios will fight VidAngel's new platform, but his biggest concern is how Amazon and Netflix will respond. He says his company has reached out to the streamers, and he hopes they'll raise any concerns through conversation instead of litigation... "VidAngel's philosophy is very libertarian," he says. "Let directors create what they want, and let viewers watch how they want in their own home. That kind of philosophy respects the views of both parties."
The original submission describes the conflict as a "freedom of choice versus Hollywood."
Piracy

Alleged KickassTorrents Owner Considers 'Voluntary Surrender' To the US (torrentfreak.com) 59

An anonymous reader quotes a report from TorrentFreak: Earlier this year a Polish court ruled that Artem Vaulin, the alleged owner of the defunct torrent site KickassTorrents, can be extradited to the United States. The decision came as a disappointment to the defense team, which quickly announced an appeal. Vaulin has since been released on bail and currently resides in a Warsaw apartment. His release has made it easier to communicate with his attorneys in the United States, who have started negotiations with the U.S. Government. While the extradition appeal is still ongoing, it now appears that under the right conditions Vaulin might consider traveling to the United States voluntarily, so he can "resolve" the pending charges. This is what the defense team states in a motion for a status conference (pdf), which was submitted earlier this week.
Google

EU Poised To Fine Google More Than $1 Billion in Antitrust Case (marketwatch.com) 102

Google is braced for a fine of potentially more than 1bn euro ($1.18 billion) as Brussels prepares to make the first of three antitrust decisions on the search group's practices, the first sanction by a leading competition regulator on the way it operates. From a report: The penalty, expected to be announced in the coming weeks, could exceed the record 1.1 billion euro bill slapped on Intel, in 2009 for anti-competitive behavior in the computer-chip market, the two people told The Times. The European Commission's antitrust body declined to comment to MarketWatch on the FT report, but referred to the latest steps taken in the case against Google. In July last year, the commission reiterated its conclusion that the search giant had "abused its dominant position by systematically favoring its comparison shopping service in its search result pages." Google and its parent company Alphabet were then given 10 weeks to respond to the findings. Reuters reported last month that Google had attempted to settle the dispute with the EU three times in the last six years, but the sides had failed to reach a compromise.
Software

GTA V Flooded With Negative Reviews On Steam After OpenIV Modding Tool Shuts Down (kotaku.com) 127

OpenIV, a popular modding tool used by tons of GTA V fans, is shutting down. After nearly 10 years of operation, the creators claim they have received a cease and desist from Take-Two Interactive -- the publisher of Grand Theft Auto. The news has shocked the PC Grand Theft Auto community, who use OpenIV to add thousands of mods into GTA V. Many upset modders have retaliated by flooding GTA V with negative reviews on Steam. Kotaku reports: According to a post on the official OpenIV website, the alleged cease and desist came on June 5th 2017. The supposed problem, OpenIV's creators say, is that the program allows "third parties to defeat security features of its software and modify that software in violation Take-Two's rights." After discussing their options, the team behind the tool says they decided it was not worth their time to fight back. "Yes, we can go to court and yet again prove that modding is fair use and our actions are legal," creator GooD-NTS wrote. "Yes, we could. But we decided not to. Going to court will take at least few months of our time and huge amount of efforts, and, at best, we'll get absolutely nothing. Spending time just to restore status quo is really unproductive, and all the money in the world can't compensate the loss of time. So, we decided to agree with their claims and we're stopping distribution of OpenIV."
EU

Pirate Bay Is Infringing Copyright, European Court of Justice Rules (theguardian.com) 108

The European court of justice (ECJ) has ruled that BitTorrent site The Pirate Bay is directly infringing copyright, in a move that could lead to ISPs and governments blocking access to other torrent sites across Europe. From a report: The ruling comes after a seven-year legal battle, which has seen the site, founded in Sweden in 2003, blocked and seized, its offices raided, and its three founders fined and jailed. At the heart of the case is the Pirate Bay's argument that, unlike the previous generation piracy sites like Napster, it doesn't host infringing files, nor link to them. Instead, it hosts "trackers," files which tell users of individual BitTorrent apps which other BitTorrent users to link to in order to download large files -- in the Pirate Bay's case, usually, but not exclusively, copyrighted material.
Privacy

US Internet Company Refused To Participate In NSA Surveillance, Documents Reveal (zdnet.com) 95

Zack Whittaker reports via ZDNet: A U.S. company refused to comply with a top-secret order that compelled it to facilitate government surveillance, according to newly declassified documents. According to the document, the unnamed company's refusal to participate in the surveillance program was tied to an apparent expansion of the foreign surveillance law, details of which were redacted by the government prior to its release, as it likely remains classified. It's thought to be only the second instance of an American company refusing to comply with a government surveillance order. The first was Yahoo in 2008. It was threatened with hefty daily fines if it didn't hand over customer data to the National Security Agency. The law is widely known in national security circles as forming the legal basis authorizing the so-called PRISM surveillance program, which reportedly taps data from nine tech titans including Apple, Facebook, Google, Microsoft, and others. It also permits "upstream" collection from the internet fiber backbones of the internet. Any guesses as to which company it may be? The company was not named in the 2014-dated document, but it's thought to be an internet provider or a tech company.
Japan

Konami Reportedly Blacklisting Ex-Employees Across Japanese Video Game Industry (arstechnica.com) 120

The Nikkei Asian Review newspaper is reporting that the Japanese entertainment company Konami is blacklisting former employees in the Japanese video game industry. "The company is particularly targeting those who work for Kojima Productions, which was founded in 2016 by Hideo Kojima, who used to be a top designer at Konami," reports Ars Technica. From the report: Furthermore, according to the article, Konami is pressuring other companies not to hire its former employees. As the Nikkei Asian Review wrote: "One ex-Kon described his surprise at learning that Konami had instructed an employee at a television company not to deal with its former employees. In another case, a former Konami executive was forced to close his business due to pressure from the gaming giant. Ex-Kons are not allowed to put their Konami experience on their public resumes. 'If you leave the company, you cannot rely on Konami's name to land a job,' explained a former employee. If an ex-Kon is interviewed by the media, the company will send that person a letter through a legal representative, in some cases indicating that Konami is willing to take them to court."
The Almighty Buck

Kim Dotcom Loses Latest Battle To Recover Seized Assets (cnet.com) 58

The Justice Department wants to keep Kim Dotcom's millions of dollars worth of seized assets, citing the Megaupload founder's fugitive status. The department filed a brief on Friday, which cited his fugitive status as well as a lack of evidence supporting claims that poor health was preventing him from entering the U.S. CNET reports: Dotcom has been in the news since 2012, when the FBI and the US Department of Justice shut down file-sharing site Megaupload and charged the site's operators with the piracy-related offenses. The U.S. government also seized $42 million in assets. Dotcom, alongside Mathias Ortmann, Bram van der Kolk and Finn Batato, are wanted for trial in the U.S. on 13 counts, including copyright infringement, conspiracy to commit racketeering, money laundering and wire fraud. In February, the New Zealand High Court found that Dotcom, a New Zealand resident, and his co-accused were eligible for extradition to the United States.

Slashdot Top Deals