lawsuit

Court victory legalizes 3D-printable gun blueprints

Posted by | 3d printing, defense distributed, Gadgets, Government, guns, lawsuit, Security | No Comments

A multi-year legal battle over the ability to distribute computer models of gun parts and replicate them in 3D printers has ended in defeat for government authorities who sought to prevent the practice. Cody Wilson, the gunmaker and free speech advocate behind the lawsuit, now intends to expand his operations, providing printable gun blueprints to all who desire them.

The longer story of the lawsuit is well told by Andy Greenberg over at Wired, but the decision is eloquent on its own. The fundamental question is whether making 3D models of gun components available online is covered by the free speech rights granted by the First Amendment.

This is a timely but complex conflict because it touches on two themes that happen to be, for many, ethically contradictory. Arguments for tighter restrictions on firearms are, in this case, directly opposed to arguments for the unfettered exchange of information on the internet. It’s hard to advocate for both here: restricting firearms and restricting free speech are one and the same.

That at least seems to be conclusion of the government lawyers, who settled Wilson’s lawsuit after years of court battles. In a copy of the settlement provided to me by Wilson, the U.S. government agrees to exempt “the technical data that is the subject of the Action” from legal restriction. The modified rules should appear in the Federal Register soon.

What does this mean? It means that a 3D model that can be used to print the components of a working firearm is legal to own and legal to distribute. You can likely even print it and use the product — you just can’t sell it. There are technicalities to the law here (certain parts are restricted, but can be sold in an incomplete state, etc.), but the implications as regards the files themselves seems clear.

Wilson’s original vision, which he is now pursuing free of legal obstacles, is a repository of gun models, called DEFCAD, much like any other collection of data on the web, though naturally considerably more dangerous and controversial.

“I currently have no national legal barriers to continue or expand DEFCAD,” he wrote in an email to TechCrunch. “This legal victory is the formal beginning to the era of downloadable guns. Guns are as downloadable as music. There will be streaming services for semi-automatics.”

The concepts don’t map perfectly, no doubt, but it’s hard to deny that with the success of this lawsuit, there are few legal restrictions to speak of on the digital distribution of firearms. Before it even, there were few technical restrictions: certainly just as you could download MP3s on Napster in 2002, you can download a gun file today.

Gun control advocates will no doubt argue that greater availability of lethal weaponry is the opposite of what is needed in this country. But others will point out that in a way this is a powerful example of how liberally free speech can be defined. It’s important to note that both of these things can be true.

This court victory settles one case, but marks the beginnings of many another. “I have promoted my values for years with great care and diligence,” Wilson wrote. It’s hard to disagree with that. Those whose values differ are free to pursue them in their own way; perhaps they too will be awarded victories of this scale.

Powered by WPeMatico

Apple slapped with $6.6M fine in Australia over bricked devices

Posted by | Apple, apple inc, Australia, consumer rights, Error 53, Gadgets, iOS, iPad, iPhone, lawsuit, Mobile, operating system | No Comments

Apple has been fined AUS$9M (~$6.6M) by a court in Australia following a legal challenge by a consumer rights group related to the company’s response after iOS updates bricked devices that had been repaired by third parties.

The Australian Competitor and Consumer Commission (ACCC) invested a series of complaints relating to an error (‘error 53’) which disabled some iPhones and iPads after owners downloaded an update to Apple’s iOS operating system.

The ACCC says Apple admitted that, between February 2015 and February 2016 — via the Apple US’ website, Apple Australia’s staff in-store and customer service phone calls — it had informed at least 275 Australian customers affected by error 53 that they were no longer eligible for a remedy if their device had been repaired by a third party.

Image credit: 70023venus2009 via Flickr under license CC BY-ND 2.0

The court judged Apple’s action to have breached the Australian consumer law.

“If a product is faulty, customers are legally entitled to a repair or a replacement under the Australian Consumer Law, and sometimes even a refund. Apple’s representations led customers to believe they’d be denied a remedy for their faulty device because they used a third party repairer,” said ACCC commissioner Sarah Court in a statement.

“The Court declared the mere fact that an iPhone or iPad had been repaired by someone other than Apple did not, and could not, result in the consumer guarantees ceasing to apply, or the consumer’s right to a remedy being extinguished.”

The ACCC notes that after it notified Apple about its investigation, the company implemented an outreach program to compensate individual consumers whose devices were made inoperable by error 53. It says this outreach program was extended to approximately 5,000 consumers.

It also says Apple Australia offered a court enforceable undertaking to improve staff training, audit information about warranties and Australian Consumer Law on its website, and improve its systems and procedures to ensure future compliance with the law.

The ACCC further notes that a concern addressed by the undertaking is that Apple was allegedly providing refurbished goods as replacements, after supplying a good which suffered a major failure — saying Apple has committed to provide new replacements in those circumstances if the consumer requests one.

“If people buy an iPhone or iPad from Apple and it suffers a major failure, they are entitled to a refund. If customers would prefer a replacement, they are entitled to a new device as opposed to refurbished, if one is available,” said Court.

The court also held the Apple parent company, Apple US, responsible for the conduct of its Australian subsidiary. “Global companies must ensure their returns policies are compliant with the Australian Consumer Law, or they will face ACCC action,” added Court.

We’ve reached out to Apple for comment on the court decision and will update this post with any response.

A company spokeswoman told Reuters it had had “very productive conversations with the ACCC about this” but declined to comment further on the court finding.

More recently, Apple found itself in hot water with consumer groups around the world over its use of a power management feature that throttled performance on older iPhones to avoid unexpected battery shutdowns.

The company apologized in December for not being more transparent about the feature, and later said it would add a control allowing consumers to turn it off if they did not want their device’s performance to be impacted.

Powered by WPeMatico

Facebook, Google face first GDPR complaints over ‘forced consent’

Posted by | Advertising Tech, Android, data protection, Europe, european union, Facebook, General Data Protection Regulation, Google, instagram, lawsuit, Mark Zuckerberg, Max Schrems, privacy, Social, social network, social networking, terms of service, WhatsApp | No Comments

After two years coming down the pipe at tech giants, Europe’s new privacy framework, the General Data Protection Regulation (GDPR), is now being applied — and long time Facebook privacy critic, Max Schrems, has wasted no time in filing four complaints relating to (certain) companies’ ‘take it or leave it’ stance when it comes to consent.

The complaints have been filed on behalf of (unnamed) individual users — with one filed against Facebook; one against Facebook-owned Instagram; one against Facebook-owned WhatsApp; and one against Google’s Android.

Schrems argues that the companies are using a strategy of “forced consent” to continue processing the individuals’ personal data — when in fact the law requires that users be given a free choice unless a consent is strictly necessary for provision of the service. (And, well, Facebook claims its core product is social networking — rather than farming people’s personal data for ad targeting.)

“It’s simple: Anything strictly necessary for a service does not need consent boxes anymore. For everything else users must have a real choice to say ‘yes’ or ‘no’,” Schrems writes in a statement.

“Facebook has even blocked accounts of users who have not given consent,” he adds. “In the end users only had the choice to delete the account or hit the “agree”-button — that’s not a free choice, it more reminds of a North Korean election process.”

We’ve reached out to all the companies involved for comment and will update this story with any response. Update: Facebook has now sent the following statement, attributed to its chief privacy officer, Erin Egan: “We have prepared for the past 18 months to ensure we meet the requirements of the GDPR. We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download, and delete their information. Our work to improve people’s privacy doesn’t stop on May 25th. For example, we’re building Clear History: a way for everyone to see the websites and apps that send us information when you use them, clear this information from your account, and turn off our ability to store it associated with your account going forward.”

Schrems most recently founded a not-for-profit digital rights organization to focus on strategic litigation around the bloc’s updated privacy framework, and the complaints have been filed via this crowdfunded NGO — which is called noyb (aka ‘none of your business’).

As we pointed out in our GDPR explainer, the provision in the regulation allowing for collective enforcement of individuals’ data rights is an important one, with the potential to strengthen the implementation of the law by enabling non-profit organizations such as noyb to file complaints on behalf of individuals — thereby helping to redress the power imbalance between corporate giants and consumer rights.

That said, the GDPR’s collective redress provision is a component that Member States can choose to derogate from, which helps explain why the first four complaints have been filed with data protection agencies in Austria, Belgium, France and Hamburg in Germany — regions that also have data protection agencies with a strong record of defending privacy rights.

Given that the Facebook companies involved in these complaints have their European headquarters in Ireland it’s likely the Irish data protection agency will get involved too. And it’s fair to say that, within Europe, Ireland does not have a strong reputation as a data protection rights champion.

But the GDPR allows for DPAs in different jurisdictions to work together in instances where they have joint concerns and where a service crosses borders — so noyb’s action looks intended to test this element of the new framework too.

Under the penalty structure of GDPR, major violations of the law can attract fines as large as 4% of a company’s global revenue which, in the case of Facebook or Google, implies they could be on the hook for more than a billion euros apiece — if they are deemed to have violated the law, as the complaints argue.

That said, given how freshly fixed in place the rules are, some EU regulators may well tread softly on the enforcement front — at least in the first instances, to give companies some benefit of the doubt and/or a chance to make amends to come into compliance if they are deemed to be falling short of the new standards.

However, in instances where companies themselves appear to be attempting to deform the law with a willfully self-serving interpretation of the rules, regulators may feel they need to act swiftly to nip any disingenuousness in the bud.

“We probably will not immediately have billions of penalty payments, but the corporations have intentionally violated the GDPR, so we expect a corresponding penalty under GDPR,” writes Schrems.

Only yesterday, for example, Facebook founder Mark Zuckerberg — speaking in an on stage interview at the VivaTech conference in Paris — claimed his company hasn’t had to make any radical changes to comply with GDPR, and further claimed that a “vast majority” of Facebook users are willingly opting in to targeted advertising via its new consent flow.

“We’ve been rolling out the GDPR flows for a number of weeks now in order to make sure that we were doing this in a good way and that we could take into account everyone’s feedback before the May 25 deadline. And one of the things that I’ve found interesting is that the vast majority of people choose to opt in to make it so that we can use the data from other apps and websites that they’re using to make ads better. Because the reality is if you’re willing to see ads in a service you want them to be relevant and good ads,” said Zuckerberg.

He did not mention that the dominant social network does not offer people a free choice on accepting or declining targeted advertising. The new consent flow Facebook revealed ahead of GDPR only offers the ‘choice’ of quitting Facebook entirely if a person does not want to accept targeting advertising. Which, well, isn’t much of a choice given how powerful the network is. (Additionally, it’s worth pointing out that Facebook continues tracking non-users — so even deleting a Facebook account does not guarantee that Facebook will stop processing your personal data.)

Asked about how Facebook’s business model will be affected by the new rules, Zuckerberg essentially claimed nothing significant will change — “because giving people control of how their data is used has been a core principle of Facebook since the beginning”.

“The GDPR adds some new controls and then there’s some areas that we need to comply with but overall it isn’t such a massive departure from how we’ve approached this in the past,” he claimed. “I mean I don’t want to downplay it — there are strong new rules that we’ve needed to put a bunch of work into making sure that we complied with — but as a whole the philosophy behind this is not completely different from how we’ve approached things.

“In order to be able to give people the tools to connect in all the ways they want and build community a lot of philosophy that is encoded in a regulation like GDPR is really how we’ve thought about all this stuff for a long time. So I don’t want to understate the areas where there are new rules that we’ve had to go and implement but I also don’t want to make it seem like this is a massive departure in how we’ve thought about this stuff.”

Zuckerberg faced a range of tough questions on these points from the EU parliament earlier this week. But he avoided answering them in any meaningful detail.

So EU regulators are essentially facing a first test of their mettle — i.e. whether they are willing to step up and defend the line of the law against big tech’s attempts to reshape it in their business model’s image.

Privacy laws are nothing new in Europe but robust enforcement of them would certainly be a breath of fresh air. And now at least, thanks to GDPR, there’s a penalties structure in place to provide incentives as well as teeth, and spin up a market around strategic litigation — with Schrems and noyb in the vanguard.

Schrems also makes the point that small startups and local companies are less likely to be able to use the kind of strong-arm ‘take it or leave it’ tactics on users that big tech is able to unilaterally apply and extract ‘consent’ as a consequence of the reach and power of their platforms — arguing there’s an underlying competition concern that GDPR could also help to redress.

“The fight against forced consent ensures that the corporations cannot force users to consent,” he writes. “This is especially important so that monopolies have no advantage over small businesses.”

Powered by WPeMatico

Jury finds Samsung owes Apple $539M in patent case stretching back to 2011

Posted by | Apple, Gadgets, lawsuit, Mobile, patents, Samsung | No Comments

A patent case that began back in 2011 has reached a conclusion, with Samsung ordered to pay about $539 million to Apple over infringements of the latter’s patents in devices that are now long gone. The case has dragged on for years as both sides argued about the finer points of how much was owed per device, what could be deducted and so on. It’s been eye-wateringly boring, but at least it’s over now. Maybe.

The patents in question are some things we take for granted now, UI cues like “rubber-banding” at the bottom of a list or using two fingers to zoom in and out. But they were all part of the “boy have we patented it” multi-touch gestures of which Steve Jobs was so proud. In addition there were the defining characteristics of the first iPhone, now familiar (black round rectangle with a big screen, etc.). At any rate, Apple sued the dickens out of Samsung over them.

The case was actually decided long ago — in 2012, when the court found that Samsung had clearly and willfully infringed on the patents in question and initial damages were set at a staggering $1 billion. We wrote it up then, when it was of course big news:

Since then it’s all been about the damages, and Samsung won a big victory in the Supreme court that said it only had to pay out based on the profit from the infringing component.

Unfortunately for Samsung, the “infringing component” for the design patents seems to have been considered by the jury as being the entire phone. The result is that a great deal of Samsung’s profits from selling the infringing devices ended up composing the damages. It sets a major precedent in the patent litigation world, although not necessarily a logical one. People started arguing about the validity and value of design patents a long time ago and they haven’t stopped yet.

CNET has a good rundown for anyone curious about the specifics. Notably, Samsung said in a statement that “We will consider all options to obtain an outcome that does not hinder creativity and fair competition for all companies and consumers.” Does that mean they’re going to take it as high as the Supreme Court (again) and drag the case out for another couple of years? Or will they cut their losses and just be happy to stop paying the legal fees that probably rivaled the damages assigned? Hopefully the latter.

Powered by WPeMatico

Appeals court rules that Tinder’s pricing violates age discrimination laws

Posted by | Apps, lawsuit, Mobile, Social, TC, Tinder | No Comments

 A California appeals court has sided with Allan Candelore, a man suing Tinder over the pricing for its premium service, Tinder Plus. Specifically, Candelore and his lawyers argued that by charging $9.99 per month if a user is under 30, versus $19.99 per month if you’re 30 or older, Tinder is discriminating based on age. Read More

Powered by WPeMatico

Court holds Amazon liable for years of unauthorized in-app purchases made by kids

Posted by | Amazon, children, family, FTC, Government, kids, lawsuit, Mobile, mobile applications, parents | No Comments

scaled.FireHD6-Kids-Edition In an entirely unsurprising ruling, a federal judge has sided with the FTC in the agency’s lawsuit against Amazon, which had said that the company did not do enough to safeguard customers against unauthorized in-app purchases made by children. According to the FTC’s original complaint, Amazon billed its customers millions of dollars in these charges. The problem came about… Read More

Powered by WPeMatico