Shared posts

15 Jun 22:54

A DNA-based storage system with files and metadata

by John Timmer
Fluorescent tagged DNA is the key to a new storage system.

Enlarge / Fluorescent tagged DNA is the key to a new storage system. (credit: Gerald Barber, Virginia Tech)

DNA-based data storage appears to offer solutions to some of the problems created by humanity's ever-growing capacity to create data we want to hang on to. Compared to most other media, DNA offers phenomenal data densities. If stored in the right conditions, DNA doesn't require any energy to maintain the data for centuries. And due to DNA's centrality to biology, we're always likely to maintain the ability to read it.

But DNA is not without its downsides. Right now, there's no standard method of encoding bits in the pattern of bases of a DNA strand. Synthesizing specific sequences remains expensive. And accessing the data using current methods is slow and depletes the DNA being used for storage. Try to access the data too many times and you have to restore it in some way—a process that risks introducing errors.

A team from MIT and the Broad Institute has decided to tackle some of these issues. In the process, the researchers have created a DNA-based image-storage system that is somewhere between a file system and a metadata-based database.

Read 18 remaining paragraphs | Comments

15 Jun 18:14

What Do Amazon’s Updated Work From Home Guidelines Mean for Businesses Close to HQ2?

by Shriya Bhattacharya
Last Thursday, Amazon announced that it will no longer require all its employees to work in the office full time starting this fall. Instead, an all-staff memo explained how the company will balance the request for flexibility with in-person work culture: Workers will spend at least three days a week in the office and have […]
15 Jun 11:46

Five new bills aim to break up Big Tech platforms, force them to play nice

by Tim De Chant
The dome of the United State Capitol Building against a deep blue sky in Washington, DC.

Enlarge / The dome of the United States Capitol Building in Washington, DC. (credit: Getty Images | Phil Roeder)

Legislators in the US House of Representatives introduced five new bills Friday afternoon that promise the biggest overhaul of antitrust law since the trust-busting era of the early 1900s. 

The bills take aim at the many platforms that Big Tech companies have rolled out over the last decade or so, including Apple’s iOS, Google’s search and ad platforms, Amazon’s marketplace, and Facebook’s social media and messaging networks. The proposed legislation would usher in sweeping changes both in the way monopoly regulations are enforced and in how companies run their platforms. They would require divestments in some cases while mandating interoperability and portability in others. 

“Right now, unregulated tech monopolies have too much power over our economy,” said Rep. David Cicilline (D-R.I.), who introduced one of the bills. “They are in a unique position to pick winners and losers, destroy small businesses, raise prices on consumers, and put folks out of work. Our agenda will level the playing field and ensure the wealthiest, most powerful tech monopolies play by the same rules as the rest of us.”

Read 11 remaining paragraphs | Comments

15 Jun 11:46

We have another highly effective COVID vaccine, based on different tech

by John Timmer
Image of a man receiving an injection.

Enlarge / A participant gets his second dose of the Novavax vaccine during the clinical trial. (credit: Karen Ducey / Getty Images)

Today, a company called Novavax announced that it had completed a large efficacy trial of its COVID-19 vaccine, and the news was good. The vaccine is highly effective, it blocked severe disease entirely, and it appeared to work against some of the more recently evolved virus variants. The company says it can produce 150 million doses per month by the end of the year, and the vaccine is stable when stored with normal refrigeration, so it could play a big part in the effort to administer vaccines outside of industrialized nations.

Different tech

So far, US citizens have had the choice of RNA-based vaccines, like the offerings from Moderna and Pfizer/BioNTech, or a vaccine based on a harmless virus engineered to carry the coronavirus spike protein, as used in the Johnson & Johnson vaccine. (The AstraZeneca and Sputnik vaccines are similar to J&J's.) Outside the US, many countries have used vaccines based on an inactivated coronavirus, although these have turned out not to be very effective.

The Novavax vaccine uses an entirely different technology. Vaccine production starts by identifying a key gene from the pathogen of interest—the SARS-CoV-2 spike protein, in this case—and inserting it into a virus that infects insect cells. Insect cells can easily be grown in culture, and they process any proteins they make in the same way that human cells do. (This processing can involve chemically linking sugars or cleaving off superfluous parts of the protein.) The activity ensures that the purified protein will be chemically identical to the spike protein found on the surface of the SARS-CoV-2 virus itself.

Read 11 remaining paragraphs | Comments

15 Jun 11:46

What the Novavax vaccine means for the global fight against Covid-19

by Umair Irfan
Signage outside the Novavax Inc. headquarters in Gaithersburg, Maryland, on March 12, 2021.
Novavax announced that its Covid-19 vaccine yielded more than 90 percent efficacy in preventing disease. | Al Drago/Bloomberg via Getty Images

The biotech firm said its Covid-19 vaccine showed 90 percent efficacy in clinical trials. Thank moths.

Another Covid-19 vaccine, this one from the biotech firm Novavax, has posted superb results in a phase 3 clinical trial, the company announced on Monday. But with more than half of US adults now vaccinated against Covid-19, the biggest impact of these results may be in other countries.

The Novavax vaccine stands out from other Covid-19 vaccines because it uses a technology that has not been deployed to date. It can also be stored at ordinary refrigerator temperatures, unlike some other vaccines that have strict freezer requirements that complicate distribution.

Novavax said its vaccine candidate was 90 percent effective overall against Covid-19 cases that produce symptoms, and 100 percent effective against moderate and severe disease. The results, from nearly 30,000 participants across the US and Mexico, could make it the fourth Covid-19 vaccine to begin distribution in the US, following vaccines developed by Pfizer/BioNTech, Moderna, and Johnson & Johnson.

But the first approvals of the vaccine will likely come in other countries, Stanley Erck, CEO of the Maryland-based company, told the New York Times. Novavax may not even seek emergency authorization for its vaccine in the US until September. At that point, it may not make much of a difference to the US vaccination effort.

As part of the US government’s Operation Warp Speed, last July Novavax was awarded $1.6 billion for vaccine development and production of 100 million doses. At the time, the 20-year-old company faced skepticism for never having brought a vaccine to market.

Novavax now aims to scale up production, with a goal of 150 million doses per month by the end of the year with factories in the US, South Korea, and India. Its two-dose vaccine comes at an expected cost of $16 per injection. That’s more expensive than the adenovirus-based vaccines developed by Johnson & Johnson and AstraZeneca, but around the same price or cheaper than the mRNA vaccines made by Pfizer/BioNTech and Moderna.

The Novavax vaccine did exhibit lower efficacy against variants of Covid-19, but the company is studying reformulated versions to target them. With Covid-19 continuing to spread in many parts of the world, having another option to counter the disease will bolster the effort to contain the pandemic.

What makes Novavax’s approach different from other Covid-19 vaccines

Vaccines are like target practice for the immune system: They encourage our bodies to build up defenses against a particular threat, without making us sick. When the real pathogen arrives, immune cells are ready to act, preventing infection altogether or dampening the worse effects of the disease.

Traditional vaccines contain weakened or inactivated versions of viruses or bacteria, or fragments of them. But new approaches have been brought to bear on Covid-19. Moderna and Pfizer/BioNTech vaccines use a snippet of genetic material, mRNA, encased in a nanoparticle. Human cells can read those genetic instructions and manufacture a fragment of SARS-CoV-2, the virus that causes Covid-19, which spurs the immune system to prepare for the virus.

The Covid-19 vaccines developed by AstraZeneca and Johnson & Johnson also shuttle genetic instructions to human cells, encouraging them to make a fragment of SARS-CoV-2, but they use a different virus — an adenovirus — that carries a snippet of DNA.

Novavax’s approach blends old and new techniques. To make the vaccine, the company combines another kind of virus — a baculovirus — with the genetic information needed to make a spike protein, a key fragment of SARS-CoV-2. When moth cells are infected with this virus, they manufacture the spike protein. Scientists then harvest and fuse those proteins with a nanoparticle. These nanoparticles combined with spike proteins are what is injected in the Novavax vaccine.

Diagram illustrating how Novavax produces its Covid-19 vaccine Novavax
Novavax’s Covid-19 vaccine is developed using an approach different from other vaccines authorized for emergency use.

According to Novavax, this approach yields a strong immune response with minimal side effects. The main complaints from vaccine recipients were fatigue, headache, and muscle pain lasting less than two days.

How Novavax fits into the vaccination campaign

While new infections, hospitalizations, and deaths are trending downward in the United States, the Covid-19 pandemic continues to rage in other countries. India, currently an epicenter of the pandemic, recently set a new world record of more than 6,000 daily Covid-19 deaths. Part of the toll stems from the Delta/B.1.617 variant of the virus, which appears to be more transmissible. Health officials warn that other countries with limited resources and low vaccination rates remain vulnerable to their own outbreaks. And as long as the virus continues to spread, it risks mutating in dangerous ways that can reverberate to places like the US.

Leaders at the G7 summit last week committed to sharing 1 billion doses of Covid-19 vaccines with other countries, with half coming from the US. For its part, Novavax is partnering with manufacturers in other countries like India and South Korea to scale up its production. The company had pledged at least 1.1. billion doses of its vaccine through Gavi, an international vaccination consortium.

Novavax may still have a future role in the US. The company is investigating how its vaccine could work as a booster, bolstering protection from other vaccines as immunity wanes over time. A study last month showed that even mixing shots of different vaccine platforms led to robust immune protection. But it’s not clear yet how long the shielding provided by other Covid-19 vaccines will last.

At the same time, the virus itself is continuing to change. Novavax’s results on Monday showed that its vaccine had 86.3 percent efficacy at preventing disease caused by the Alpha/B.1.1.7 variant of the virus, which first appeared in the United Kingdom. It shows that protection was high, but not as high as immunity to earlier strains of the virus.

Early phase 2b results from South Africa, however, showed the vaccine yielded 48.6 percent efficacy against the Beta/B.1.351 variant in HIV-negative participants. The company is now investigating a retooled version of its vaccine aimed specifically at the Beta variant.

The ongoing evolution and spread of Covid-19 shows that the pandemic is not over, and it’s too early to become complacent. A new way to immunize against Covid-19 is a welcome development — particularly if it can reach the most vulnerable, and quickly.

15 Jun 11:45

Pai’s legacy lives on for now as Biden fails to nominate Democrat to FCC

by Jon Brodkin
President Biden sitting at a table and speaking while gesturing with his hand.

Enlarge / President Joe Biden joins a CEO Summit on Semiconductor and Supply Chain Resilience via video conference from the Roosevelt Room at the White House on April 12, 2021, in Washington, DC. (credit: Getty Images | Pool)

President Joe Biden's failure to break the Federal Communications Commission's 2-2 partisan deadlock is reaching a "critical point," 57 advocacy groups wrote in a letter to Biden and Vice President Kamala Harris Friday.

Nearly five months after his inauguration, Biden has not yet nominated a Democratic FCC commissioner to fill the empty fifth slot. Democrat Jessica Rosenworcel has been leading the commission as acting chairwoman, but she lacks the majority needed to do anything opposed by the FCC's two Republicans, such as reinstating net neutrality rules and reversing former Chairman Ajit Pai's deregulation of the broadband industry. Even a step like raising the FCC's broadband-speed standard—which hasn't changed in over six years—will likely require a party-line vote because Republicans prefer a low speed standard for the FCC's annual report on how many Americans lack modern broadband access.

In early April, over 100,000 people signed a petition urging Biden to quickly break the FCC deadlock. Advocacy groups are frustrated that they are still waiting. Why Biden is taking so long is unclear.

Read 9 remaining paragraphs | Comments

15 Jun 11:45

Google’s unified Gmail interface (and Google Chat) launches for everyone

by Ron Amadeo
  • The new, unified Gmail rolling out to consumers today. In the sidebar, you get buttons for Gmail Inbox, Google Chat chats, Google Chat rooms, and Google Meet. You can also open this split-screen Google Docs view. [credit: Ron Amadeo ]

Google is moving two big features from Google Workspace (Google's paid tier of business Google accounts, formerly called "G Suite") to free, consumer Google accounts. Google Chat, the company's latest messaging app, is now open to everyone. And Gmail's big merger with Google Chat, Google Docs, and Google Meet (Google's Zoom competitor) is also coming to consumer accounts.

Almost a year ago, Google announced a significant change for Gmail that would turn it from a simple email app into a "single, integrated experience" where you could send email, chat, work on a Google Doc, and make video calls, all from one browser-based super-app. In August, this change started rolling out to paid Google Workspace accounts, and it has experimentally appeared on some consumer accounts. Today, though, Google is officially making the feature available to all Google users.

The "unified" Gmail UI mostly takes the form of a segmented sidebar design with all sorts of Google apps in it. Gmail has long featured a segmented sidebar that includes a chat program—first Google Talk (from 2005), then Google Hangouts (2013), and currently Google Chat (2018). With today's change, there are new sections with a spot for Google Chat "rooms" (or group chats, which are now separate from regular contacts) and a section for Google Meet (so you can make video calls).

Read 13 remaining paragraphs | Comments

15 Jun 11:37

Clear Your Sinuses in 20 Seconds by Pushing on Your Face

by Adam Dachis and Joel Cunningham

Blocked sinuses are no fun—especially during a pandemic, when every single seasonal sniffle or sinus headache results in a new round of “is it allergies, or COVID?” Methods of dealing with sinus congestion will frequently require you to take a pill (or several), some of them with side effects that can act as a pretty…


14 Jun 17:42


by Reza
14 Jun 11:33

One possible cause of the 2020 murder increase: More guns

by Rob Arthur
A person at a protest holds up a sign that reads, “End gun violence.”
People participate in a demonstration and news conference against illegal guns in front of the Jacob Javits Federal Building on August 12, 2019, in New York. | Spencer Platt/Getty Images

Police are pointing fingers at protests to explain the murder increase. The data suggests the story is more complicated.

The year 2020 saw the largest recorded increase in homicides in United States history — an increase likely propelled by a complex mix of factors, from more guns to stresses of the pandemic to fewer police officers on the streets to a crisis in relations between police and citizens.

But one persistent theory is that a change in policing last summer primarily drove increased gun violence. This is an especially popular explanation among law enforcement figures. Former Baltimore Police Department Deputy Commissioner Jason Johnson recently argued that the real driver of last year’s murder rise was a severe decline in police activity, especially after protests erupted last summer in the wake of George Floyd’s murder.

St. Louis Police Commissioner John Hayden suggested that the police resources devoted to protests prevented officers from engaging in neighborhood policing. Former NYPD Commissioner Ray Kelly said police were “stretched to the limit” by the protests and coronavirus restrictions. Summarizing widespread reductions in stops and arrests, Johnson wrote that “when the Thin Blue Line retreats, violence charges in.”

But data from numerous large American cities complicates that narrative, suggesting that the change in policing alone is not sufficient to explain last year’s large increase in murder and that a growing number of firearms on the streets likely played a significant role.

It’s true that police activity, as measured by stops and arrests, declined significantly in 2020. Still, despite that drop, and weeks before Floyd’s murder and the ensuing protests, police began finding firearms more often than in previous years.

This pattern does not support the idea that overwhelmed police forces weren’t able to take guns off the streets, leading to a surge in violence. Instead, the spike in firearms as a percentage of stops and arrests provides evidence that there were simply more guns on the streets throughout 2020 than in the past, which may have intensified other sources of violence and contributed to the historic rise in murders.

While there is no standardized, national open data on stops, information on police activity in 10 cities that we compiled points toward the same pattern.

First, stops and arrests fell rapidly in each city in March and April 2020, driven by pandemic restrictions on police contact or due to fewer people being outside (and thus available to be stopped by police).

Chart: Policy activity dropped in March 2020 Data analysis by Jeff Asher and Rob Arthur

If less policing alone led to increased violence, we would have expected to see an uptick in March and April after this clear change. But there was no observable increase in gun violence in these cities at that time.

Police activity dropped again after Derek Chauvin murdered George Floyd in late May 2020, this time with an accompanying surge in shootings in many cities. Cities generally saw stops and arrests increase over the last few months of 2020 — though still below pre-pandemic levels — with the elevated level of violence remaining.

While the volume of stops and arrests fell dramatically in March and April in all 10 cities, police in every city were more likely to find a firearm when they made stops and arrests. In Chicago, for example, police stops decreased nearly 70 percent between January and May 2020, but officers actually found 83 percent more firearms in May than in January.

Jens Ludwig, director of the University of Chicago Crime Lab, analyzed stops in Chicago and concluded that “unless the police have become dramatically better at figuring out who is illegally carrying a gun (and so have become better at figuring out who to stop), the implication is that lots more people are carrying guns illegally in Chicago.”

The same pattern was seen across numerous cities with available data. There were 34 percent fewer arrest charges in Los Angeles in April and May 2020 compared to April and May 2019, but charges for weapons possession were up. The problem was not confined just to big cities, either. In Tucson, Arizona, for example, there were 39 percent fewer arrests in April and May 2020 compared to a year earlier but 29 percent more arrests for weapons or firearms possession.

Chart: The share of arrests finding weapons jumped as the pandemic began Data analysis by Jeff Asher and Rob Arthur

The share of stops or arrests that resulted in a firearm being found increased in every city. In Washington, DC, the share of all arrests that were weapons violations went from 5 percent in January to March 2020, to 7 percent in April and 9 percent in May. The share of arrests for weapons possession went from 1 percent between January and March 2020 in Charleston, South Carolina, to 4 percent between April and December.

Almost every city followed the same pattern: a dramatic jump in the share of arrests or stops with a firearm in April and May, a decline in June, and a return to the earlier elevated levels for the remainder of the year.

The legitimacy crisis in law enforcement

The implication of this trend is that — assuming police did not suddenly become substantially better at identifying who has an illegal gun — firearm carrying increased at the beginning of the pandemic, well before the protests, and persisted at that level for the remainder of the year.

It is possible that in the midst of the pandemic, police started engaging in better-targeted stops that were more likely to yield arrests. But finding other kinds of contraband, like drugs, did not become more frequent, only guns.

Data on investigatory stopsdefined as stops “based upon reasonable suspicion that the person has committed, is committing, or is about to commit a crime” — in Chicago is instructive and suggests more firearms were found because more were being carried, rather than a change in policing strategy.

The share of searches in investigative stops that found drugs just before Covid-19 lockdowns was virtually unchanged after Covid-19, going from 20.9 percent between October 2019 and March 2020 to 20.7 percent between April and September 2020. The demographics of searches did not change much, either, with Black people making up 74.3 percent of people searched in stops from October 2019 to March 2020 and 76.1 percent from April through December. But CPD officers found firearms in 11.5 percent of searches from April to September, compared to 3.7 percent of searches in the six months prior.

Since all cities with data had an increase in the share of stops or arrests with a gun at around the same time, no one change in departmental or prosecutorial policy can explain why.

Investigative stops and arrests show an increase in firearm carrying beginning in March or April, shortly after background checks surged to unprecedented levels nationally. More firearms could have contributed to the historic rise in murders in 2020 by turning less dangerous crimes into potentially lethal encounters.

Police finding more firearms in stops and arrests does not fit with the idea that a decrease in proactive police activity targeting firearms was the major driver for 2020’s historic murder totals, though it certainly cannot be ruled out as a contributing factor.

Johnson put the blame on progressive prosecutors, writing that “making arrests for drug and weapons crimes that will go unprosecuted exposes officers to the risk of disciplinary action, lawsuits and criminal prosecution. To mitigate that risk, police take a more passive approach.” But firearm arrests increased 42 percent in Philadelphia — home of progressive prosecutor Larry Krasner — between April and December 2020, compared to the same time frame in 2019.

The data all points to substantially more complex causes behind the rise in murder than the simple narrative of a change in policing as the sole or even main driver. It is plausible, though, that the summer’s drops in stops and arrests, protests against police violence, and increases in gun violence are all symptoms of the same disease: what criminologists David Pyrooz, Justin Nix, and Scott Wolfe recently called a “legitimacy crisis in the criminal justice system,” the result of intensifying distrust in “the law and its gatekeepers” as a result of injustice.

Writing in the Denver Post, they said that a “legitimacy crisis is consequential for three reasons. The first is depolicing, where officers pull back from proactive policing in response to public criticism. Second, depleted trust in the law means citizens will think twice about calling the police to report crimes or suspicious behaviors. Lastly, delegitimacy of the law emboldens criminal offending populations, as the moral obligation to follow the law is weakened.”

The trend toward more firearms sales and more guns on the street seems to have continued into 2021. Background checks accelerated even beyond last year’s peak in the first three months of this year. And the latest data from these cities’ stops shows that police are finding as many guns as they did in the second half of 2020.

Early figures from many cities show murders have increased from last year’s baseline as well. If the greater availability of firearms contributed to last year’s violence, the latest arrest data suggests it may contribute even more deaths to 2021’s murder total.

Rob Arthur is an independent journalist and data scientist based in Chicago. He’s on Twitter at @No_Little_Plans. Jeff Asher is a crime analyst based in New Orleans and co-founder of AH Datalytics. You can find him on Twitter at @Crimealytics.

12 Jun 13:12

The ACCESS ACT Takes a Step Towards a More Interoperable Future

by Katharine Trendacosta

When it comes to online services, there are a few very large companies whose gravitational effects can alter the entire tech universe. Their size, power, and diverse levers of control mean that there is no single solution that will put right that which they’ve thrown out of balance. One thing is clear—having such large companies with control over so much of our data is not working for users, not working for privacy or freedom of expression, and it’s blocking the normal flow of competition. These giants need to be prevented from using their tremendous power to just buy up competitors, so that they have to actually compete, and so that new competitors are not incentivized to just be be acquired. Above all, these giants need to be pushed to make it easy for users to leave, or to use other tools to interact with their data without leaving entirely.

In recognition of this reality, the House Judiciary Committee has released a number of proposed laws which would reign in the largest players in the tech space in order to make a healthier, more competitive internet ecosystem. We’ll have more in-depth analysis of all of them in the coming weeks, but our initial thoughts focus on the proposal which would make using a service on your own terms, or moving between services, much easier: the ACCESS Act.

The “Augmenting Compatibility and Competition by Enabling Service Switching Act”—or ACCESS Act—helps accomplish a goal we’ve long promoted as central to breaking the hold large tech companies have on our data and our business: interoperability.

Today too many tech companies are “roach motels” where our data enters but can never leave, or be back under our control. They run services where we only get the features that serve their shareholders’ interests, not our needs. This stymies other innovators, especially those who could move beyond today's surveillance business models. The ACCESS Act creates a solid framework for change.

Privacy and Agency: Making Interoperability Work for Users

These services have vast troves of information about our lives. The ACCESS Act checks abuse of that data by enforcing transparency and consent. The bill mandates that platforms of a certain size and type make it possible for a user to leave that service and go to a new one, taking some or even all their data with them, while still maintaining the ability to socialize with the friends, customers, colleagues and communities who are still using the service. Under the bill, a user can request the data for themselves or, with affirmative consent, have it moved for them.

Interoperability means more data sharing, which can create new risks: we don't want more companies competing to exploit our data. But as we’ve written, careful safeguards on new data flows can ensure that users have the first and final word on what happens to their information. The guiding principle should be knowing and clear consent.

First, sensitive data should only be moved at the direction of the users it pertains to, and companies shouldn’t be able to use interoperability to expand their nonconsensual surveillance. That’s why the bill includes a requirement for affirmative consent before a user’s data can be ported. It also forbids any secondary use or sharing of the data that does get shared—a crucial corollary that will ensure data can’t be collected for one purpose, then sold or used for something else.

Furthermore, the bill requires covered platforms to not make changes to their interoperability interfaces without approval from the Federal Trade Commission (FTC), except in emergencies. That’s designed to prevent Facebook or other large platforms from making sudden changes that pull the rug out from under competitors. But there are times that the FTC cannot act quickly enough to approve changes. In the event of a security vulnerability or similar privacy or security emergency, the ACCESS act would allow platforms to address the problem without prior FTC approval.

We Need Multiple Possible Consequences for Platforms, Not Just Those Levied by the FTC

The bill is not perfect. It lacks some clarity about how much control users will have over ongoing data flows between platforms and their competitors, and it should make it 100% clear that “interoperability” can’t be construed to mean “surveillance advertising.” It also depends on an FTC that has enough staff to promote, rather than stymie, innovation in interoperable interfaces. To make sure the bill’s text turns into action, it should also have a private right of action. Private rights of action allow users themselves to sue a company that fails to abide by the law. This means that users themselves can hold companies accountable in the courts, instead of relying on the often overstretched, under-resourced FTC. It’s not that the FTC should not have oversight power, but that the bill would be strengthened by adding another form of oversight.

Put simply: the ACCESS Act needs a private right of action so that those of us stuck inside dominant platforms, or pounding on the door to innovate alongside or in competition with them, are empowered to protect ourselves.

The bill introduced today is a huge step in bringing much-needed competition to online services. While we believe there are things missing, we are glad to see so many problems being addressed.

12 Jun 12:37

What the new IG report about the gassing of protesters around Lafayette Square actually says

by Aaron Rupar
Trump poses with a Bible outside St. John’s Church on June 1, 2020. | Shawn Thew/EPA/Bloomberg via Getty Images

Trump supporters are touting it as a total exoneration of the former president. That’s not at all what it really says.

A new inspector general report about the chain of events that led to protesters being teargassed near the White House last June is generating headlines like “Police did not clear Lafayette Square so Trump could hold ‘Bible’ photo op: Watchdog” and “Yet Another Media Tale — Trump Tear-Gassed Protesters For a Church Photo Op — Collapses.”

But a close reading of the report in question reveals there are still some unanswered questions.

Last summer, large Black Lives Matter protests were occurring throughout cities across the country in response to the May 25, 2020, murder of George Floyd by police officer Derek Chauvin in Minneapolis. Initially, many of these protests in Washington, DC, were held near the White House, including in Lafayette Square, a park that sits in front of the building.

On June 1, 2020, as the Black Lives Matter protests were escalating, President Donald Trump, in an effort to project power and restore a sense of “law and order,” decided to walk across the street from the White House and hold aloft a Bible outside St. John’s Church, which had been damaged during a protest the night before.

He was able to do so because the crowd of protesters in Lafayette Square, which abuts the church, had been forcibly cleared by law enforcement in what some outlets referred to as an “attack” — officers from various law enforcement groups used horses, riot shields, batons, pepper spray, and tear gas to clear the area.

Reporters and onlookers understandably linked Trump’s desire to hold a photo op with the operation to forcibly clear protesters. But the new IG report has prompted a reevaluation of that linkage with its conclusion that “the evidence we obtained did not support a finding that the USPP (United States Park Police) cleared the park to allow the President to survey the damage and walk to St. John’s Church.”

“Instead, the evidence we reviewed showed that the USPP cleared the park to allow the contractor to safely install the antiscale fencing in response to destruction of property and injury to officers occurring on May 30 and 31,” it says.

But the report does not clarify everything about what happened on June 1. For example, it does not offer perspective on whether the injury to officers actually necessitated clearing the park — a question raised immediately after protesters were removed. Nor does it definitively state that Trump had nothing to with how the clearing was carried out.

In fact, the report also suggests that other law enforcement agencies that were on the scene that day, such as the Secret Service, may have had reasons for taking aggressive action to clear protesters that went beyond the desire to install new fencing.

But because the IG report is limited to the actions of the USPP and did not include interviews with the Secret Service or the attorney general at the time of the incident, Bill Barr — who spoke with law enforcement before the operation began — important questions about the chain of events that led to protesters being forcibly cleared from the area on that day remain unanswered.

The report has led the media to reexamine its coverage — and to Trump supporters saying it exonerates Trump

The display of force against protesters in and around Lafayette Square marked a turning point of sorts for Trump’s presidency. In the days that followed, former Defense Secretary James Mattis offered a remarkable rebuke of a president he recently served, saying Trump’s handling of the situation — and the involvement of military officials — made him “angry and appalled.”

“When I joined the military, some 50 years ago, I swore an oath to support and defend the Constitution,” Mattis added. “Never did I dream that troops taking that same oath would be ordered under any circumstance to violate the Constitutional rights of their fellow citizens—much less to provide a bizarre photo op for the elected commander-in-chief, with military leadership standing alongside.”

Days later, Gen. Mark A. Milley, chairman of the Joints Chiefs of Staff, who took part in the photo op, apologized, saying, “I should not have been there. My presence in that moment and in that environment created a perception of the military involved in domestic politics.”

Mattis and Milley made these comments amid a drumbeat of media reports that directly linked Trump’s Bible photo op with the effort just before it to clear the area of protesters — chaotic scenes captured in this video shot by journalist Hunter Walker.

CNN, for instance, framed its coverage of the conflict in Lafayette Square with a chyron that read, “Peaceful Protesters Near White House Tear-Gassed, Shot With Rubber Bullets So Trump Can Have Church Photo Op.” Along similar lines, the New York Times wrote that “Police officers used flash grenades to disperse a crowd so the president could visit for a photo opportunity.”

The new IG report is being used by some Trump supporters and anti-anti-Trumpers to revisit coverage of that sort and argue that it unfairly assigned blame to Trump. While some mainstream outlets have misleadingly suggested the new IG report proves Trump didn’t order protesters to be cleared out, Trump supporters have gone even further and have used it to try to discredit the media in general.

Donald Trump Jr., for instance, suggested it serves as the latest evidence that the media was wrong not just about what happened in Lafayette Square but also in much of its reporting about his father.

It’s not surprising that Trump Jr. would spin things in service of his father, of course. But a close reading of the report indicates that outlets weren’t necessarily getting ahead of the facts in linking the brutalizing of protesters with Trump’s desire for a media event that made him look strong and in control of the situation.

What the IG report actually says

The key takeaway from the IG report is that the law enforcement agency with jurisdiction over Lafayette Square (the United States Park Police, or USPP) wasn’t directly following an order from Trump last June 1 when it forcibly removed protesters from the area, and had actually decided to move to clear the park of protesters well before Trump hatched the idea of the Bible photo op. Here’s the central passage:

The evidence we obtained did not support a finding that the USPP cleared the park to allow the President to survey the damage and walk to St. John’s Church. Instead, the evidence we reviewed showed that the USPP cleared the park to allow the contractor to safely install the antiscale fencing in response to destruction of property and injury to officers occurring on May 30 and 31. Further, the evidence showed that the USPP did not know about the President’s potential movement until mid- to late afternoon on June 1—hours after it had begun developing its operational plan and the fencing contractor had arrived in the park.

However, the operation to clear Lafayette Square involved numerous other law enforcement agencies, including Washington, DC’s Metropolitan Police Department (MPD), the Secret Service, and the Bureau of Prisons (BOP). And the report makes clear that the various agencies involved in the chaos that unfolded outside the White House that day were not always in radio communication with one another — and overall were certainly not on the same page.

Notably, as lawyer Luppe Luppen highlighted on Twitter, the IG report indicates that Secret Service officers on the scene — who were aware of USPP’s operational plan — escalated the situation by using pepper spray against protesters, and by doing so before USPP officers had a chance to give demonstrators any warnings to disperse. The report says a Secret Service official later apologized to USPP officials for the incident, but didn’t explain why it happened.

A few redactions raise similar questions: One, on page 10 of the report, seems to suggest an unnamed official requested USPP change its timeline; another later in the document seems to support that a redacted official or department did in fact ask that the clearing be done earlier. A third redaction conceals parties or an individual who submitted at least two additional requests to clear the area near the White House again. Why someone wanted the area cleared earlier is not yet completely clear, nor is who wanted to see the area cleared a second time — or why.

While the report does make clear that the president and other administration officials didn’t directly order the USPP to clear the park, it suggests Attorney General Barr indicated to USPP officials earlier in the day that he wanted protesters cleared ahead of Trump’s trip to the church:

The USPP operations commander said the Attorney General asked him, “Are these people still going to be here when POTUS [President of the United States] comes out?” The USPP operations commander told us he had not known until then that the President would be coming out of the White House and into Lafayette Park. He said he replied to the Attorney General, “Are you freaking kidding me?” and then hung his head and walked away.

On June 2, 2020, the Washington Post reported that Barr “personally ordered law enforcement officials to clear the streets around Lafayette Square just before President Trump spoke Monday, a Justice Department official said, a directive that prompted a show of aggression against a crowd of largely peaceful protesters, drawing widespread condemnation.” Trump at that time cheered on the show of force, tweeting the next morning, “D.C. had no problems last night. Many arrests. Great job done by all. Overwhelming force. Domination.”

So while the new IG report established that Trump didn’t order Park Police to forcibly clear protesters from outside the White House for his photo op, it doesn’t foreclose that administration officials may have had the ear of one of the many other law enforcement agencies that took part in the chaotic scenes that day.

A more thorough investigation is needed

There are still some key questions remaining about what happened last June 1.

Journalist Dave Levitan, for instance, points out that even if it’s not the case that protesters were cleared out of Lafayette Square because Trump wanted a photo there, that doesn’t mean that Trump didn’t capitalize on them being cleared out for his trip to the church.

Also unclear is what role Barr played in clearing the park. The report states that it was local police rather than federal forces that deployed tear gas against the protesters, and stresses that USPP leaders made clear no tear gas was to be used; why it was used anyway is not clear. Nor is the role played by groups other than the USPP — including the Secret Service, which was too hasty in using force against the demonstrators.

An investigation that went beyond the USPP and included other parties like the Secret Service would help shine more light on these unresolved ambiguities. Unfortunately, the DHS inspector general — who, like the Interior Department inspector general, is a Trump appointee — has already blocked an investigation that would have looked into the Secret Service’s role in the decision to clear protesters.

12 Jun 11:26

Amazon, eBay fight legislation that would unmask third-party sellers

by Tim De Chant
Boxes move along a conveyor belt at the Inc. fulfillment center in Robbinsville, New Jersey.

Enlarge / Boxes move along a conveyor belt at the Inc. fulfillment center in Robbinsville, New Jersey. (credit: Michael Nagle/Bloomberg)

Amazon and a who’s who of online-only retailers are trying to kill proposed federal and state legislation that would make the companies disclose contact information for third-party sellers.

The bills would force Amazon and others to verify the identities of third-party sellers and provide consumers with ways to contact the stores. The proposed legislation is pitting brick-and-mortar retailers—including Home Depot, Walgreens, and JC Penney, which support the bills—against online retailers like Amazon, Etsy, eBay, Poshmark, and others, which argue that the legislation would harm small sellers. 

The bills come as brick-and-mortar retailers lost ground to online retailers throughout the pandemic—in 2020, 20 percent of consumer retail purchases were made online, compared with about 14 percent in 2019. But the legislation is also being proposed in response to a slew of counterfeit, stolen, and dangerous items that have appeared on marketplace sites. 

Read 9 remaining paragraphs | Comments

12 Jun 11:18

NY can’t force ISPs to offer $15 low-income broadband plans, judge rules

by Jon Brodkin
Man's hand holding stack of US currency with some bills flying away.

Enlarge (credit: Getty Images | PM Images)

On Friday, the broadband industry won a court order that prohibits New York from enforcing a state law that would require ISPs to sell $15-per-month broadband plans to low-income households.

Lobby groups for ISPs sued New York to block the law that was scheduled to take effect on June 15 and received a preliminary injunction today from US District Court for the Eastern District of New York. The state law is preempted by federal law, US District Judge Denis Hurley wrote in the order. While the case will continue, Hurley found that the industry is likely to succeed in its lawsuit.

The Affordable Broadband Act (ABA) would require ISPs to offer "all qualifying low-income households at least two Internet access plans: (i) download speeds of at least 25 megabits-per-second at no more than $15-per-month, or (ii) download speeds of at least 200 megabits-per-second at no more than $20-per-month," the ruling noted. The low-income qualifications specified by the law cover about 7 million New Yorkers in 2.7 million households, over one-third of all households in the state. The law allows exceptions to the minimum-speed requirement "where such download speed is not reasonably practicable."

Read 10 remaining paragraphs | Comments

11 Jun 19:06

Google Chrome ends its war on address bar URLs—for now, at least

by Ron Amadeo
  • The new experiment: after loading a page, Chrome shows only the domain name. [credit: Ron Amadeo ]

Chrome is ending its war on address bar URLs—at least for now. About a year ago, Chrome started experimenting with stripping down the URL shown in the address bar to only the domain name, so instead of something like "," the address bar would show only "," and you would have no idea where you are in the site directory.

Android Police spotted a post on the Chromium bug tracker announcing that Google is killing the idea. Back in June 2020 when the experiment was kicking off, Google engineer Emily Stark explained that the company was experimenting with a simplified URL display "to understand if it helps users identify malicious websites more accurately." It's a year later, and now Stark writes that the "simplified domain experiment" will be deleted from the codebase, saying, "This experiment didn't move relevant security metrics, so we're not going to launch it. :("

Apple's Safari browser also hides URLs like this.

Read 2 remaining paragraphs | Comments

11 Jun 19:03

Music Publishers Sue Roblox In Full Frontal Assault On The DMCA

by Mike Masnick

A huge and potentially important copyright lawsuit was filed this week by basically all of the big music publishers against the immensely popular kids' gaming platform Roblox. Although the publishers trade association, the NMPA, put out a press release claiming the lawsuit, it doesn't appear that NMPA is actually a party. The lawsuit is, in many ways, yet another full frontal assault on the DMCA's safe harbors by the legacy music industry. There's a lot in this lawsuit and no single article is going to cover it all, but we'll hit on a few high points.

First, this may seem like a minor point, but I do wonder if it will become important: buried in the massive filing, the publishers mention that Roblox did not have a registered DMCA agent. That seems absolutely shocking, and potentially an astoundingly stupid oversight by Roblox. And there's at least some evidence that it's true. Looking now, Roblox does have a registration, but it looks like it was made on... June 9, the day the lawsuit was filed.

Wow. Now, that may seem embarrassing, but it might actually be more embarrassing for the Copyright Office and raise a significant and important legal question. Because it appears that Roblox did at one time have a DMCA agent registration but, as you may recall, back in 2016, the Copyright Office unilaterally decided to throw out all of those registrations and force everyone to renew (and then to renew again every three years through a convoluted and broken process).

There's an argument to be made that the Copyright Office can't actually do this. The law itself just says you need to provide the Copyright Office with the information, not that it needs to be renewed. The Copyright Office just made up that part. Perhaps we finally have a test case on our hands to see whether or not the Copyright Office fucked up in dumping everyone's registration.

Still, that's a minor point in the larger lawsuit. The publishers throw a lot of theories against the wall, hoping some will stick. It seems like most should be rejected under the DMCA's safe harbors, because it truly is user generated content, even if the lawsuit tries a variety of approaches to get around that. Part of the lawsuit argues contributory and vicarious copyright infringement, more or less pulling the "inducement" theory from the Grokster ruling, which basically says that if you as a company encourage your users to infringe, you could still be liable (this is, notably, nowhere in the actual law -- it's just what the Supreme Court decided).

But to get there, the lawyers for the music publishers seem to want to take a Roblox executive's comments completely out of context, in a somewhat astounding manner. The "proof" that Roblox is encouraging people to infringe is here:

Roblox is well aware that its platform is built and thrives on the availability of copyrighted music. As Jon Vlassopulos, Roblox’s global head of music, publicly stated just last year: “We want developers to have great music to build games. We want the music to be, not production music, but really great [commercial] music.” (Alteration in original). To that end, Roblox actively encourages its users to upload audio files containing copyrighted music and incorporate them into game content on the Roblox platform. Roblox advertises the importance of music in games and makes it easy for users to upload, share, and stream full-length songs.

But... if you read the article that they're using for that Vlassopulos quote, it's not directed at developers and users of their platform. It's targeted at musicians and the music industry. The whole point of the quote is to let musicians and the industry know that Roblox is open to licensing deals. It's pretty obnoxious to try to spin that as encouraging people to infringe when, in context, it sure looks like the exact opposite. I mean, literally the next sentence (which doesn't make it into the lawsuit) is about how they're "testing the waters" by making a deal with a small indie label to make all of its music available on Roblox.

So it seems to be Roblox saying the exact opposite of what the publishers are claiming. That's... kinda fucked up.

The lawsuit also tries to spin the impossible task of trying to moderate as proof that any failures in moderation are deliberate.

There is no question that Roblox has the right and ability to stop or limit the infringement on its platform. But Roblox refuses to do so, so that it can continue to reap huge profits from the availability of unlicensed music. While Roblox touts itself as a platform for “user-generated” content, in reality, it is Roblox—not users—that consciously selects what content appears on its platform. Roblox is highly selective about what content it publishes, employing over a thousand human moderators to extensively pre-screen and review each and every audio file uploaded. Roblox’s intimate review process includes review of every piece of copyrighted music, generally identified by title and artist—to ensure that it meets Roblox’s stringent and detailed content guidelines and community rules. This process ensures that Roblox plays an integral role in monitoring and regulating the online behavior of its young users.

Roblox thus unquestionably exercises substantial influence over its users and the content on its platform, ostensibly in the name of “safety.” Yet Roblox allows a prodigious level of infringing material through its gates, purposely turning a blind eye for the sake of profits. Rather than take responsibility, Roblox absurdly attempts to pass the obligation to its users—many of whom are young children—to represent to Roblox that they own the copyrights to the works they have uploaded.

Coincidentally, just last week we published our content moderation case study on Roblox, focused on how it tries to stop "adult" content on the platform. We noted that the company is very aggressive and hands-on with its moderation efforts but (importantly) it still makes mistakes, because every content moderation system at scale will make mistakes.

So just because Roblox is aggressive in its moderation, and even if it says it reviews everything, that doesn't mean that it "refuses" to stop infringement. It just means it doesn't catch it all. Indeed, the company has said in the past that it uses an automated third party monitoring tool to try to catch unauthorized songs (though, notably, this lawsuit is about the publishing rights, not the recording rights, so arguably a monitoring tool might catch some sound recordings while missing other songs that implicate songwriters/publishers -- but that's getting super deep in the weeds).

Indeed, the impossibility of catching everything -- while still encouraging websites to try -- is why we want things like Section 512 of the DMCA or Section 230 of the CDA. If you suddenly make websites liable for any mistakes they let through, then you create a huge problem. And claiming that their aggressive moderation implicates them even more only encourages sites to do less moderation in the long run.

But, the publishers don't care about that. Their end goal is clear: as in the EU, they want to force every website to have to buy a blanket license for music. They basically want to do away with the DMCA altogether, then just sit back and collect payments. They want to change the internet almost entirely from a tool for end users to a cash register for music publishers.

There are some other oddities in the lawsuit. It repeatedly tries to claim that Roblox is liable for direct infringement itself, but that theory seems like a stretch. Even the filings admit that the music is all uploaded by users:

Despite Roblox’s written policies, users regularly upload files containing copyrighted music. The act of “uploading” a file to Roblox involves the user making a copy of the file and distributing it to Roblox, where it is then hosted on Roblox’s servers.

To upload an audio file, a user simply opens the Roblox Studio and clicks on a tab marked “Audio,” which then prompts the user to choose a file on their local hard drive, in either .mp3 or .ogg format to be copied and distributed to Roblox’s servers.

It tries to build out the inducement theory by saying that because Roblox encourages developers to use music in their games, and this is the same as encouraging infringement, but that's nonsense. Nothing in what Roblox says encourages infringement. They're just saying that sound and music can enhance a game. Which is clearly true.

Roblox makes the process of uploading infringing music extremely easy for users. Roblox even published an article designed to encourage developers to add music to their games, which explains: “While building a game, it’s easy to overlook the importance of sounds and music.” (Emphasis added).4 That page gives users step-by-step instructions on how to copy and distribute their music files to the Roblox platform.

So what? That's not telling users to infringe. If anything, it's saying "find some music you're able to add to this legally." You'd think that publishers would be happy about that, as it opens up a new line of business where they could license their music, which is what the Roblox exec was talking about at the beginning. But leave it to the greedy publishers to not want to do the hard work here, and instead try to force a big company into a big payment.

Roblox has already put out a statement saying (not surprisingly) that it's "surprised and disappointed" by the lawsuit. It seems likely that it will mount an aggressive defense, and it could be yet another important case in seeing whether or not the legacy music industry is able to chip away at another important aspect of the DMCA, and to force all websites that host third party content to buy blanket licenses.

“As a platform powered by a community of creators, we are passionate about protecting intellectual property rights – from independent artists and songwriters, to music labels and publishers – and require all Roblox community members to abide by our Community Rules,” said the statement.

“We do not tolerate copyright infringement, which is why we use industry-leading, advanced filtering technology to detect and prohibit unauthorised recordings. We expeditiously respond to any valid Digital Millennium Copyright Act (DMCA) request by removing any infringing content and, in accordance with our stringent repeat infringer policy, taking action against anyone violating our rules.”

“We are surprised and disappointed by this lawsuit which represents a fundamental misunderstanding of how the Roblox platform operates, and will defend Roblox vigorously as we work to achieve a fair resolution,” continued Roblox’s statement.

Of course, this is par for the course for the legacy industry -- especially the publishers as lead by the NMPA's David Israelite. They wait for various internet services to get popular, and then rather than figuring out how that helps them, they sue. It's how they constantly kill the golden goose. They've done it with various internet music services, music games, and more. They're currently trying to do it with Twitch and now Roblox as well. They overvalue the music component, and choke off the long term business prospects for these platforms, many of which have music as an ancillary add-on.

It's silly, short-sighted, and anti-culture. In other words, it's the legacy music industry's usual playbook.

11 Jun 19:00

Big Data Profits If We Deregulate HIPAA

by Lee Tien

This blog post was written by Kenny Gutierrez, EFF Bridge Fellow.

Recently proposed modifications to the federal Health Insurance Portability and Accountability Act (HIPAA) would invade your most personal and intimate health data. The Office of Civil Rights (OCR), which is part of the U.S. Department of Health and Human Services (HHS), proposes loosening our health privacy protections to address misunderstandings by health professionals about currently permissible disclosures.

EFF recently filed objections to the proposed modifications. The most troubling change would expand the sharing of your health data without your permission, by enlarging the definition of “health care operations” to include “case management” and “care coordination,” which is particularly troubling since these broad terms are not defined. Additionally, the modifications seek to lower the standard of disclosure for emergencies. They also will require covered entities to disclose personal health information (PHI) to uncovered health mobile applications upon patient request. Individually, the changes are troublesome enough. When combined, the impact on the release of PHI, with and without consent, is a threat to patient health and privacy.

Trust in Healthcare Is Crucial

The proposed modifications would undermine the requisite trust by patients for health professionals to disclose their sensitive and intimate medical information. If patients no longer feel their doctors will protect their PHI, they will not disclose it or even seek treatment. For example, since there is pervasive prejudice and stigma surrounding addiction, an opiate- dependent patient will probably be less likely to seek treatment, or fully disclose the severity of their condition, if they fear their diagnosis could be shared without their consent. Consequently, the HHS proposal will hinder care coordination and case management. That would increase the cost of healthcare, because of decreased preventative care in the short-term, and increased treatment in the long-term, which is significantly more expensive. Untreated mental illness costs the nation more than $100 billion annually. Currently, only 2.5 million of the 21.2 million people suffering from mental illness seek treatment.

The current HIPAA privacy rule is flexible enough, counter to the misguided assertions of some health care professionals. It protects patient privacy while allowing disclosure, without patient consent, in critical instances such as for treatment, in an emergency, and when a patient is a threat to themselves or public safety.

So, why does HHS seek to modify an already flexible rule? Two congressional hearings, in 2013 and 2015, revealed that there is significant misunderstanding of HIPAA and permissive disclosures amongst medical professionals. As a result, HIPAA is misperceived as rigidly anti-disclosure, and mistakenly framed it as a “regulatory barrier” or “burden.” Many of the proposed modifications double down on this misunderstanding with privacy deregulation, rather than directly addressing some professionals’ confusion with improved training, education, and guidance.

The HHS Proposals Would Reduce Our Health Privacy

Modifications to HIPAA will cause more problems than solutions. Here is a brief overview of the most troubling modifications:

  1. The proposed rule would massively expand a covered entity’s (CE) use and disclosure of personal health information (PHI) without patient consent. Specifically, it allows unconsented use and disclosure for “care coordination” and “case management,” without adequately defining these vague and overbroad terms. This expanded exception would swallow the consent requirement for many uses and disclosure decisions. Consequently, Big Data (such as corporate data brokers) would obtain and sell this PHI. That could lead to discrimination in insurance policies, housing, employment, and other critical areas because of pre-existing medical conditions, such as substance abuse, mental health illness, or severe disabilities that carry a stigma.
  2. HHS seeks to lower the standard of unconsented disclosure from “professional judgment” to “good faith belief.” This would undermine patient trust. Currently, a covered entity may disclose some PHI based on their “professional judgment” that it is in the individual’s best interest. The modification would lower this standard to a “good faith belief,” and apparently shift the burden to the injured individual to prove their doctor’s lack of good faith. Professional judgment is properly narrower: it is objective and grounded in expert standards. “Good faith” is both broader and subjective.
  3. Currently, to disclose PHI in an emergency, the standard for disclosure is “imminent” harm, which invokes a level of certainty that harm is surely impending. HHS proposes instead just “reasonably foreseeable” harm, which is too broad and permissive. This could lead to a doctor disclosing your PHI because you have a sugar-filled diet, you’re a smoker, or you have unprotected sex. Harm in such cases would not be “imminent,” but it could be “reasonably foreseeable.”

Weaker HIPAA Rules for Phone Health Apps Would Hand Our Data to Brokers

The proposed modifications will likely result in more intimate, sensitive, and highly valuable information being sent to entities not covered by HIPAA, including data brokers.

Most Americans have personal health application on their phones for health goals, such as weight management, stress management, and smoking cessation. However, these apps are not covered by HIPAA privacy protections.

A 2014 Federal Trade Commission study revealed that 12 personal health apps and devices transmitted information to 76 different third parties, and some of the data could be linked back to specific users. In addition, 18 third parties received device-specific identifiers, and 22 received other key health information.

If the proposed HIPAA modifications are adopted, a covered provider would be required to share a patient’s PHI with their health app’s developer upon the patient’s request. This places too much burden on patients. They are often ill-equipped to understand privacy policies, terms of use, and permissions. They may also not realize all of the consequences of such sharing of personal health information. In many ways, the deck is stacked against them. App and device policies, practices, and permissions are often confusing and unclear.

Worse, depending on where the PHI is stored, other apps may grant themselves access to your PHI through their own separate permissions. Such permissions have serious consequences because many apps can access data on one’s device that is unrelated to what the app is supposed to do. In a study of 99 apps, researchers found that free apps included more unnecessary permissions than paid apps.

Next Steps

During the pandemic, we have learned once again the importance of trust in the health care system. Ignoring CDC guidelines, many people have not worn masks or practiced social distancing, which has fueled the spread of the virus. These are symptoms of public distrust of health care professionals. Trust is critical in prevention, diagnosis, and treatment.

The proposed HHS changes to HIPAA’s health privacy rules would undoubtedly lead to increased disclosures of PHI without patient consent, undermining the necessary trust the health care system requires. That’s why EFF opposes these changes and will keep fighting for your health privacy.

10 Jun 23:38

Keystone XL pipeline canceled after Biden scraps US permit

by Financial Times
Opponents of the Keystone XL and Dakota Access pipelines hold a rally as they protest US President Donald Trump's executive orders advancing their construction, at Columbus Circle in New York on January 24, 2017.

Enlarge / Opponents of the Keystone XL and Dakota Access pipelines hold a rally as they protest US President Donald Trump's executive orders advancing their construction, at Columbus Circle in New York on January 24, 2017. (credit: AFP | Getty)

Construction of the controversial Keystone XL pipeline was officially terminated on Wednesday, handing a big victory to environmentalists who fought the project for more than a decade as they intensified their battles against other fossil fuel development.

The decision by TC Energy and the government of Alberta to pull the plug on the $8 billion pipeline had been widely expected after Joe Biden scrapped the permit to build its US leg in one of his first acts as president.

“We remain disappointed and frustrated with the circumstances surrounding the Keystone XL project, including the cancellation of the presidential permit for the pipeline’s border crossing,” said Jason Kenney, Alberta premier.

Read 11 remaining paragraphs | Comments

10 Jun 23:38

Facebook is a hub of sex trafficking recruitment in the US, report says

by Tim De Chant
Facebook is a hub of sex trafficking recruitment in the US, report says

Enlarge (credit: Serhii Ivashchuk/Getty Images)

Facebook is the most commonly used social media platform for human sex trafficking recruitment in the US, according to a new report published by the Human Trafficking Institute.

Last year, 59 percent of victims in active cases who were recruited through social media were found through Facebook, the report states, with 41 percent of all recruitment taking place online.

“The Internet has become the dominant tool that traffickers use to recruit victims, and they often recruit them on a number of very common social networking websites,” Victor Boutros, CEO of the Human Trafficking Institute, told CBS News. “Facebook overwhelmingly is used by traffickers to recruit victims in active sex trafficking cases.”

Read 7 remaining paragraphs | Comments

10 Jun 23:37

Some people can’t get FCC subsidy because “Street” isn’t the same as “St.”

by Jon Brodkin
A rubber stamp stamping the word,

Enlarge (credit: Getty Images | acilo)

Some broadband users who qualify for the government's new $50-per-month subsidies haven't been able to obtain the discounts because of technical problems in the Federal Communications Commission's rollout of the program.

The problems stem from the FCC's National Verifier and how the broadband providers' systems interact with the FCC database, as detailed in an article published by Protocol today. Small mismatches between entries in databases—such as having an address recorded as "Elm St." in an ISP's system and "Elm Street" in the FCC's—can cause people's applications to be rejected.

ISPs may be partly to blame as some collected information in the wrong format despite having received training on how to use the system from the FCC. In hindsight, though, the FCC could have allowed ISPs to use the program without requiring such strict data matching. The Emergency Broadband Benefit (EBB) was rolled out quickly relative to other government programs because of the pressing need to get subsidies to consumers, and the FCC hasn't been able to fully stamp out this problem in the month since the program began.

Read 28 remaining paragraphs | Comments

10 Jun 19:12

Not As Surprising As You May Think: Garland DOJ Says That Trump Denying Raping E. Jean Carroll Was Official Presidential Business

by Mike Masnick

Late last year, we covered the story of the DOJ stepping in to take over a defamation case for President Trump. As we noted at the time, the defamation case itself was pretty weak, though it's similar to a series of other defamation cases we've seen in recent times. E. Jean Carroll claimed that Donald Trump had sexually assaulted her many years ago. Trump later denied the claim, saying that it was "totally false" and saying (incorrectly, as it turns out) that he "never met this person in my life." Carroll then sued for defamation based on the denials. As noted, this kind of defamation case has popped up a few times, including a high profile one against Bill Cosby by one of his accusers as well.

What was perhaps somewhat different about the Carroll case, was that it was against the sitting president, and under the Westfall Act, if the Attorney General "certifies" that an action taken by federal employees that leads to a lawsuit against them was "within the scope of his office or employment," then the DOJ gets to insert itself into the case instead of the initial defendant (and, in a defamation case, then the case would be automatically dismissed, as you can't defame "the United States.")

So, the big question in this situation is whether or not Donald Trump denying sexually assaulting (or even meeting Carroll) was done as part of his official duties as president. I think it's a huge stretch to argue that it does -- and last fall, a judge agreed with me, denying the DOJ's attempt. The judge, Lewis Kaplan, noted that if Trump were talking about policy issues, it would be different, but denying a sexual assault from long before he was president doesn't appear to be official government business. I recognize that some people have argued otherwise, noting that since the accusations came up while he was president, and could potentially impact his job as president, commenting on the claims magically becomes the duty of the president, but that seems incredibly weak, and would effectively make the president immune from defamation claims in most instances.

Judge Kaplan went even further, though, in saying that he didn't think the president is even covered by the Westfall Act. This was surprising, but the argument was pretty compelling, with the key points being:

The president is a constitutional officer. He occupies the highest office in our nation, which is created by Article II of the Constitution. But that is not what Section 2671 requires. It speaks only of “officers . . . of any federal agency,” not officers of the United States within the meaning of the Constitution....


Because the president is at the apex of the executive branch, many think of him, in a colloquial sense, as the “head” of many federal departments, agencies, and organizations. At the very least, one might imagine that he leads some agency at the core of the executive branch. The government has not attempted to identify any such agency in its papers, but the two most obvious candidates are the Executive Office of the President (“EOP”) and the president’s cabinet. But neither entity fits the bill. The head of the EOP, which is a network of agencies, is the president’s chief of staff. And even if one were to call the cabinet an “executive department” or “independent establishment” – a dubious contention – the president himself is not a member of the cabinet, although the vice president is.

After Biden won the election, many assumed that the new DOJ, under Merrick Garland, would let the matter drop. After all, would a Biden administration really want to be in court trying to kill a defamation case against Donald Trump?

But, of course, that ignores how the DOJ functions, and the importance the DOJ puts on making sure it retains this power in other, future cases. So, while it surprised many, it shouldn't be at all surprising that the DOJ is appealing the decision.

The thing that seems most important to the DOJ is whether or not the Westfall Act applies to the president. For fairly obvious reasons, any presidential administration probably wants that to remain in place:

The district court held that the President is not an “employee of the government” for purposes of the FTCA and, hence, for the Westfall Act, 28 U.S.C. § 2679(b)(1). If that were correct, no action taken by the President could give rise to tort liability on the part of the United States. And the United States could never be substituted as the defendant in a tort action against a President in his or her personal capacity, even when the conduct at issue was incontrovertibly taken within the scope of employment.

Basically, the DOJ says that even if the Court technically read the law properly, no one else has ever read the law that way.

To our knowledge, the United States has never disclaimed liability for torts committed by an executive branch employee on the ground that the employee was not employed by one of the fifteen cabinet level departments identified in 28 U.S.C. § 451. To the contrary, all three branches of government have long construed the statute broadly.

And then it argues that the district court also should have allowed the DOJ to take over the case on the grounds that Trump denying the assault was, in fact, official business. The DOJ brief notes that it was discussing "reprehensible conduct," but that it could still be done within the scope of the President's duties.

Applying these established principles to this case, the statements by then- President Trump fell within the scope of his employment. The district court’s contrary conclusion was premised on an assumption that the statements were not within the scope because “President Trump’s views on [Ms. Carroll’s] sexual assault allegation” were not pertinent to his employment since “they reveal nothing about the operation of government” (SPA53) and “[n]either the media reports nor the underlying allegations have any relationship to his official duties” (SPA58). That premise was mistaken.

When members of the White House media asked then-President Trump to respond to Ms. Carroll’s serious allegations of wrongdoing, their questions were posed to him in his capacity as President. Likewise, when Mr. Trump responded to those questions with denials of wrongdoing made through the White House press office or in statements to reporters in the Oval Office and on the White House lawn, he acted within the scope of his office. Elected public officials can—and often must—address allegations regarding personal wrongdoing that inspire doubt about their suitability for office. Such wrongdoing can include not only the serious charges of criminal behavior leveled here, but a range of activities including fraud and malfeasance. Officials do not step outside the bounds of their office simply because they are addressing questions regarding allegations about their personal lives. Thus, in Ballenger, the D.C. Circuit concluded that a congressman acted within the scope of employment when he allegedly engaged in defamation during an interview to explain the reasons for his separation from his wife. 444 F.3d at 662. The district court’s contrary reasoning in this case fails to appreciate the responsibility that elected officials owe the public to respond to serious allegations that cast doubt on their fitness for office.

Once again, this is the DOJ and the administration doing what the DOJ and any administration is likely to do: protecting their own powers. It shouldn't be surprising, even if it feels weird that the Biden DOJ would continue down this path. It's likely going to be true in a number of other cases started by the Trump DOJ that the Biden DOJ might not have initiated, but doesn't want to hinder future powers.

10 Jun 18:39

The Latest Changes to DC’s Metro: Later Trains, Lower Fares

by Jane Recker
In an effort to boost ridership, Metro will soon reduce fares and increase service. While some of the changes are imminent, many won’t go into effect until Labor Day. Here’s what riders can expect: This Summer The Metro will run until midnight daily. Starting Labor Day The Metro will run until 1 AM on Friday and […]
10 Jun 11:14

Lafayette Park was not cleared for Donald Trump photo op, report saysPolice did not clear protesters...

Lafayette Park was not cleared for Donald Trump photo op, report says

Police did not clear protesters from Lafayette Park for Trump photo op, inspector general finds

10 Jun 11:13

First Time Since Early 2020

Gotten the Ferris wheel operator's attention
09 Jun 21:33

The new digital driver’s licenses from Apple sound slightly creepy

by Rebecca Heilweil
A digital driver’s license on a phone screen.

Residents of Arizona and Georgia will be the first to try out a new kind of biometric ID system.

Driver’s licenses stored on our phones are not too far down the road.

Residents of Arizona and Georgia will soon be able to use their iPhones and Apple Watches as digital driver’s licenses or ID cards. People living in Kentucky, Maryland, Oklahoma, Iowa, Utah, and Connecticut will get the feature next. Meanwhile, the Transportation Security Administration (TSA) is going to designate lanes at specific airports to start processing these new digital IDs in order to clear people to travel.

When residents add their state ID to their Wallet, Apple explained in a Wednesday press release, they’ll have to send a picture of their card and a photo of their faces, and they’ll also have to “complete a series of facial and head movements during the setup process.” It’s then up to the states to verify the ID before people can use them. In effect, this system appears to be a new form of government-supported biometric ID verification that goes beyond a regular photo in a process that potentially provides new data to state governments as well as to Apple.

At the new TSA lanes, for example, Apple users will be able to tap their iPhones or Apple Watches to an identity reader. They will then be shown the information being requested by the TSA and authorize their devices to send that data to the TSA by using Face ID or Touch ID. This, Apple says, “ensures that just the required information is shared and only the person who added the driver’s license or state ID to the device can present it.” The company added, “Users do not need to unlock, show, or hand over their device to present their ID.”

Apple is not not the only one rolling out digital driver’s licenses in the United States. New York State is working with IBM on the possibility of expanding its Excelsior Pass vaccine passport system to include driver’s licenses, according to a New York Times report. The federal government is also on board with the concept. In April, the Department of Homeland Security (DHS) said it was looking for input on upcoming rules for mobile digital driver’s licenses.

But are digital IDs a good thing? From a privacy and security perspective, it’s unclear — but they also seem to be inevitable.

The pandemic has helped some people get more comfortable with storing personal information on their phones, which might explain why states and tech companies are forging ahead with the idea of digital driver’s licenses. These efforts are flanked by an ongoing and highly polarizing debate over digital vaccine passports, which provide people with an easy way to prove they’ve been inoculated so that they can do things like board a plane or go to a concert. Several states, including Florida and Texas, have banned or restricted vaccine passports, which suggests that some Americans still are not comfortable storing certain highly personal information on their phones.

Though the technology that powers them is similar in many ways, digital driver’s licenses are not the same thing as vaccine passports, as health records aren’t necessarily involved. Many of the plans and proposals being considered — including Apple’s imminent digital driver’s license system — simply call for a secure, verifiable way to store all the information that’s currently on your physical driver’s license on your phone. Proponents of these digital state identification systems say this tech will make it more convenient to show your ID and will give people more control over their information. Privacy and civil liberties advocates warn that normalizing carrying identification cards on our phones could have very bad consequences, including endangering our digital privacy.

Despite apparent support on the state and federal level, some have sounded the alarm on potential problems with digital IDs. In May, the American Civil Liberties Union released a detailed report raising issues about a digital state ID system, including concerns about police access to users’ phones, privacy, and surveillance risks, and the possibility that people will one day be coerced into downloading government apps. The Surveillance Technology Oversight Project also obtained a contract revealing that the state of New York has bigger plans for its Excelsior Pass than it initially disclosed, which could reveal the risks of similar digital ID programs.

“It’s hard to trust the claim from officials that these apps are only going to do X or Y,” Albert Fox Cahn, an attorney at the Surveillance Technology Oversight Project, warned in June, pointing to the potential expansion of the Excelsior Pass. “We see this clear pattern of them being installed for one purpose and then expanded for another.”

Completely digital wallets are just around the corner

The arrival of digital IDs shows how tech companies increasingly want to be involved in all the things you do with your physical wallet. Both iPhone and Android users can already store credit cards, plane tickets, and event tickets in digital wallets. Now, with the impending introduction of digital driver’s licenses, Apple is getting closer to making your physical wallet completely obsolete.

“To be fully free of your physical ID, there’s one more thing we need to bring to iPhone, and that’s your ID. So we’re bringing identity cards to Apple Wallet,” said Apple Vice President Jennifer Bailey at the company’s developer conference on June 7. “It’s that easy! Your ID information is now in Wallet.”

The federal government appears to support the idea. While the DHS is establishing new standards for the technology that powers digital IDs, the TSA is already working with Apple to accept a version of an iPhone-based digital ID that can be used in airports. Several states had previously laid the groundwork and rolling out digital driver’s licenses that could work with Apple Wallet (states are generally responsible for issuing ID cards in the US). In a statement on Wednesday, Bailey said that Apple was in communication with other states and that the company was “working to offer this nationwide in the future.”

Here’s what setting up a driver’s license on Apple Wallet will look like.

Apple isn’t the first or only major tech company trying to bring digital IDs to smartphones. Google has also been working on a system for a digital driver’s license, and last fall, the company detailed new privacy and security standards for developers to handle identity documents on mobile devices. IBM has also been researching digital driver’s licenses and expressed enthusiasm for how they might rely on blockchain technology.

A French security company called Idemia has already launched digital IDs in partnership with several US states, including Arizona and Oklahoma. The company argues that digital IDs make it easier to quickly authenticate someone’s identity, while also allowing a person to share less of their personal information. With an app, for instance, users can opt to just share their age with someone verifying that someone is old enough to buy alcohol without also sharing their address, Idemia explains on its website.

The technology behind digital IDs is inevitably not dissimilar to the tech behind vaccine passports. Opponents to vaccine passports, however, have argued that requiring detailed health information to enter businesses and other public areas hurts people’s privacy and liberty. Nevertheless, some states that have banned vaccine passports are charging ahead with digital driver’s licenses.

In Florida, where Gov. Ron DeSantis has banned vaccine passports, the DMV is expected to launch its mobile state ID system soon, and in Texas, whose state legislature has restricted the use of vaccine passports, lawmakers are considering a pilot program for digital driver’s licenses. Iowa, which has also limited the use of vaccine passports, also plans to launch a mobile ID system later this year. In Nevada, where vaccine passports remain a contentious issue, Gov. Steve Sisolak in May formally signed off on digital licenses, and the DMV says they could arrive within just a few years.

In any case, it’s clear that residents of several states will soon be able to store their driver’s license on their phone. What remains unclear is whether we’re headed for a country where there are 50 different digital driver’s licenses and 50 different opportunities for issues and problems.

Update, September 1, 2021: This piece has been updated with new information about how Apple’s digital state ID would work, including which states would use the system first.

09 Jun 21:00

Ring Will Now Require Law Enforcement Requests For Camera Footage To Be Made Publicly

by Tim Cushing

Ring, Amazon's doorbell camera acquisition, has long considered itself to be an integral part of law enforcement. It has aggressively pursued partnerships with local governments, offering up cheap (or free) cameras in exchange for recommendations and installations by law enforcement agencies.

Hundreds of law enforcement agencies have decided Ring provides a welcome new stream of surveillance footage, all captured by private cameras. Although Ring suggests users only capture their immediate doorsteps (or the interiors of their houses), plenty of cameras provide users (and law enforcement) with an insight into the movements of other people as they traverse nearby sidewalks and streets.

Ring has racked up an impressive amount of negative press over the last couple of years -- mainly because it appears to consider owners of cameras as little more than footage portals for government agencies. It has provided guidance to law enforcement agencies on how to bypass warrant requirements and given them cameras to hand out with the implicit suggestion the favor will be returned whenever officers come asking for recordings.

It appears Ring has realized its aggressive courting of law enforcement isn't doing much for its reputation. Its parent company, Amazon, recently extended its moratorium on providing facial recognition tech to government agencies. Its doorbell/camera subsidiary hasn't said much lately about its facial recognition plans (and there's nothing stopping cops from running Ring footage through their own tech), but it is stepping up to make its relationship with law enforcement more transparent. (via CNBC)

Beginning next week, public safety agencies will only be able to request information or video from their communities through a new, publicly viewable post category on Neighbors called Request for Assistance. Public safety agencies can use these posts to notify residents of an incident and ask their communities for help related to an investigation. All Request for Assistance posts will be publicly viewable in the Neighbors feed, and logged on the agency’s public profile. This way, anyone interested in knowing more about how their police agency is using Request for Assistance posts can simply visit the agency’s profile and see the post history.

This is the best way to approach this. And I assume there's a little bit of public pressure in play. Neighbors might lean on other neighbors when something violent or destructive goes down in their neighborhood but some Ring owners aren't playing ball with the local PD. That may increase "engagement," but probably only slightly.

On the other hand, it will deter law enforcement agencies from engaging in fishing expeditions for footage that they feel might provide some insight or just want to use for other purposes, like keeping an eye on people engaged in First Amendment activities.

Warrants served by law enforcement agencies won't be posted to this portal. This is just for informal requests for assistance. And that's fine. Warrants need probable cause and a judge's signature, which obviously doesn't guarantee probable cause exists to demand footage, but is far more oversight than the nothing at all that accompanies direct requests to Ring owners via Ring-enabled law enforcement portals. And law enforcement can always approach Ring directly with subpoenas and warrants, bypassing Ring owners completely, so there's a built-in way to avoid interacting with the public if that's what agencies prefer to do.

This is a positive step away from the precipice by Ring. The company has long considered its customers to be little more than contributors to ever-expanding law enforcement surveillance networks. Its move towards more transparency suggests it has been listening to its critics and the concerns of its customers, which is something it really hasn't done since its emergence as a major player in the home camera market.

09 Jun 20:58

What the CDC's New Mask Rules Mean for the Immunocompromised, and What That Means for Everyone Else

by Sara Murphy

When I wrote about what it means to be immunocompromised in early March of this year, I was itching to get vaccinated. People are immunocompromised for a variety of reasons—genetics, age, metabolic diseases like diabetes, and immune-suppressing medications taken for conditions including autoimmune diseases, organ…


09 Jun 20:23

Why on earth is Biden’s DOJ backing Trump in a rape denial case?

by Ian Millhiser
E. Jean Carroll speaks to reporters outside a courthouse in New York on March 4, 2020. | Seth Wenig/AP

The Justice Department’s institutional obligations do not change because Donald Trump is a horror show.

The Biden administration just did something many of its supporters would’ve thought unthinkable: It backed the Trump administration in a court case involving a rape allegation against Donald Trump. Even the four Justice Department lawyers who filed a brief defending Trump Monday night appear painfully aware they are doing something unseemly.

“Then-President Trump’s response to Ms. Carroll’s serious allegations of sexual assault included statements that questioned her credibility in terms that were crude and disrespectful,” the brief begins. It labels Trump’s actions “unnecessary and inappropriate,” and at one point appears to concede that the allegations against Trump “cast doubt” on his “fitness for office.”

And yet, the Biden Justice Department ultimately argues that Carroll v. Trump, a case arising out of a rape allegation against the former president, should be dismissed.

E. Jean Carroll is a veteran advice columnist who is also one of many women who’ve credibly accused Trump of sexual assault. Trump denies the allegation, claiming he’s never met Carroll (a 1987 picture shows them at a party together) and that he couldn’t have raped her because she’s “not my type.”

 Carroll/St. Martin’s Press
While the angle of the photo does not show his face, this 1987 picture still clearly depicts Trump (left) with Carroll (second from left). It has been used to dispute Trump’s statement that he has never met Carroll.

The Carroll lawsuit does not directly concern the alleged rape. Rather, Carroll sued Trump for defamation after the former president denied the allegation and then made a number of derogatory claims about Carroll, including a claim that Carroll merely accused him of sexual assault because she’s “trying to sell a new book.”

DOJ, for its part, takes no position on who is telling the truth in this dispute between Carroll and Trump. Rather the Justice Department argues the federal Westfall Act immunizes Trump from Carroll’s lawsuit because Trump’s denial of Carroll’s allegations were made “within the scope of his office or employment” as president of the United States.

It’s an argument that the Justice Department first made while Trump was still in office. Now it’s decided to reaffirm that argument under President Joe Biden.

DOJ’s decision to side with Trump sparked widespread backlash, even from the White House itself. Though the White House said in a statement that it “was not consulted by DOJ on the decision to file this brief or its contents” and that it is “not going to comment on this ongoing litigation,” its statement also emphasized that “President Biden and his team have utterly different standards from their predecessors for what qualify as acceptable statements.”

And yet, as fraught as this particular case is, it is not surprising that the Justice Department is making the arguments it is making on Trump’s behalf.

One of the Justice Department’s primary functions is to defend the institutional interests of the presidency, even when those interests conflict with some of DOJ’s other obligations, such as its obligation to defend the constitutionality of federal laws. The Justice Department is also normally reluctant to change its position in a pending case, lest it give judges the impression that DOJ’s arguments are motivated more by politics than by law.

The Carroll case presents profoundly important questions about when the president can be sued by a private citizen and what sort of suits are permitted against a president. Carroll has strong legal arguments on her side, but if she ultimately prevails, her victory could fundamentally weaken the presidency as an institution — and it could do so when future presidents are sued for conduct far less odious than Trump’s.

Carroll, in other words, forced the Justice Department to choose between its institutional responsibilities and avoiding the repugnance of being associated with Trump’s behavior. It ultimately decided that its larger responsibilities must prevail.

The Justice Department’s institutional role, explained

The Department of Justice can be a frustrating institution. It’s long operated under a web of informal rules and procedural norms that can operate in counterintuitive ways, often placing DOJ at odds with the interests of the sitting president or even much of the country.

As former Solicitor General Drew Days explained in a 1996 lecture, the Justice Department has traditionally recognized “a general duty to defend congressional statutes against constitutional challenges,” even when the president or the president’s party opposes that statute.

But this duty to defend can operate in unexpected ways. In 2012, for example, former Solicitor General Paul Clement laid a brilliant trap for the Obama administration.

The Justice Department’s decision to back Trump in Carroll is consistent with longstanding DOJ practice

Clement was the lead attorney challenging the Affordable Care Act in NFIB v. Sebelius (2012), the landmark Supreme Court decision that upheld most of that law. Much of this challenge focused on the law’s since-repealed individual mandate, which required most Americans to either obtain health insurance or pay higher taxes. One of Clement’s primary arguments was that, if Congress had the authority to enact such a provision, then there would be no limits to its power.

The reason this was such a clever trap is because the Justice Department isn’t simply tasked with defending any one law. It must defend nearly all laws that are passed by Congress, including any hypothetical future laws that might be enacted someday. For this reason, Justice Department lawyers are extraordinarily reluctant to concede that any possible statute is unconstitutional. If DOJ concedes today that Congress could not pass a law requiring people to eat broccoli, that very concession could be used against DOJ years later.

So when Justice Anthony Kennedy asked a fairly obvious question of then-Solicitor General Donald Verrilli — could Verrilli “identify for us some limits” on Congress’s ability to regulate? — Verrilli gave a halting and unsatisfying response that did not answer the question.

Even when arguing the biggest case of his life, a case that was an existential threat to the Obama administration’s signature legislative accomplishment, Verrilli placed the Justice Department’s institutional norms above the interests of Obamacare, President Obama, and the millions of Americans who would benefit from that law.

Yet while the Justice Department has traditionally taken its duty to defend even hypothetical federal statutes so seriously that it’s sometimes willing to pay an extraordinary price to uphold this duty, the duty is not absolute. In his 1996 lecture, Days lists two instances when it is appropriate for the Justice Department to refuse to defend a federal law.

The first is when the law is “patently unconstitutional.” The second, which has obvious relevance to the Carroll case, is when the law steps on the institutional prerogatives of the president.

 Anna Moneymaker/Getty Images
Attorney General Merrick Garland at a White House event on May 20, 2021.

“Solicitors general have always sided with the president in disputes over the constitutionality of congressional attempts to circumscribe presidential power,” Days explains.

There’s also a third institutional norm that weighs in favor of the Justice Department continuing to defend Trump. DOJ is the ultimate repeat player in federal litigation. It litigates thousands of cases every year. If Justice Department lawyers get a reputation for changing their arguments every time a new president comes into office, judges across the country could decide that those arguments are not credible, and DOJ risks losing many, many cases.

For this reason, the Justice Department is typically very reluctant to switch positions in a pending case, even after the presidency changes hands. The George W. Bush administration did not switch its position in a single Supreme Court case that had already been briefed by the Clinton administration, and the Obama administration took the same approach to Supreme Court cases briefed by the Bush administration.

Admittedly, the Trump Justice Department did not respect many of these norms, and that places Attorney General Merrick Garland and his subordinates in a tough spot. Biden’s Justice Department has abandoned the Trump administration’s position in several pending cases, including a case where Trump’s DOJ asked the Supreme Court to strike down Obamacare.

But that does not change the fact that the DOJ risks its own credibility every time it changes its position in a pending case — including if it had switched its position in the Carroll case.

The president’s institutional prerogatives are very much at stake in Carroll

The Westfall Act protects federal employees from many lawsuits filed against them while they were “acting within the scope of [their] office or employment.” When the Westfall Act applies, the individual federal employee who was originally sued is dropped from the suit, and the United States is replaced as a defendant.

Under a doctrine known as “sovereign immunity,” the United States typically cannot be sued for money damages unless it consents to the suit, and the United States has not consented to being sued for defamation. So if the Westfall Act applies to Trump’s case, the case will most likely be dismissed in its entirety.

At this stage in the Carroll litigation, courts are trying to resolve two questions: whether a sitting president counts as an “employee of the government” under the Westfall Act and whether Trump’s statements about Carroll were made within the scope of that employment. (A federal district court ruled against Trump on both questions, but the case is now on appeal.)

The best argument that Trump did not count as an “employee of the government” relies on a federal statute that provides that the list of such employees “includes” all “officers or employees of any federal agency.” Though the president supervises most federal agencies, the White House is typically not regarded as an “agency” itself.

But this argument is not a slam-dunk. In Wilson v. Libby (2008), for example, a federal appeals court applied the Westfall Act to a high-ranking White House staffer — in that case, the vice president’s chief of staff. If such a White House staffer can benefit from the Westfall Act, it’s not at all clear why the president cannot.

Similarly, it may seem ridiculous to claim that Trump acted within the scope of his official duties when he denied a rape allegation made by a private citizen, who accused him of assaulting her long before he became president. But an appeals court’s decision in Council on American Islamic Relations (CAIR) v. Ballenger (2006) cuts in Trump’s favor.

Cass Ballenger was a member of Congress who told a reporter that he was separated from his wife because she did not enjoy life in Washington, DC. Yet, in doing so, Ballenger allegedly made defamatory comments against CAIR, a Muslim civil rights group, claiming CAIR was the “fund-raising arm for Hezbollah.”

After CAIR sued Ballenger for defamation, the appeals court dismissed the case under the Westfall Act, reasoning that Ballenger’s statement was made during the course of his official duties. “A Member’s ability to do his job as a legislator effectively is tied, as in this case, to the Member’s relationship with the public and in particular his constituents and colleagues in the Congress,” the Court reasoned. Thus, “there was a clear nexus between the congressman answering a reporter’s question about the congressman’s personal life and the congressman’s ability to carry out his representative responsibilities effectively.”

Both Wilson and Ballenger were decided by the United States Court of Appeals for the District of Columbia Circuit, and the Carroll case is being heard by the Second Circuit. So the Second Circuit’s judges are not bound by these two previous decisions. Nevertheless, the fact that the DC Circuit reached the conclusions that it did in these two cases suggests that, at the very least, Trump has plausible legal arguments on his side.

Moreover, if the courts were to conclude that the Westfall Act does not apply to the presidency or that the scope of the president’s official duties should be defined narrowly, that would have significant implications for the presidency as an institution.

Imagine, for example, if a cabal of QAnon followers decided to bombard President Biden with meritless lawsuits. If Biden cannot rely on the Westfall Act, he could need to hire private counsel and spend considerable time defending himself against these suits, potentially distracting him from his official duties.

By backing Trump in the Carroll case, in other words, DOJ can try to convince courts not to interpret the Westfall Act in a way that may damage the presidency.

Carroll is not the first case in which the DOJ has sided with a president who was accused of sexual misconduct. In Clinton v. Jones (1997), Paula Jones sued President Bill Clinton for sexual harassment. Although Clinton was represented by private counsel, the Justice Department also sided with Clinton in this case, arguing that allowing private suits against a sitting president to move forward created “serious risks for the institution of the presidency.”

 Luke Frazza/AFP via Getty Images
Paula Jones (center) sued then-President Clinton for sexual harassment. The Justice Department sided with Clinton.

As in Carroll, the Justice Department believed it had a duty to defend the presidency as an institution. And so it backed Clinton in an attempt to protect the president from lawsuits that could distract him from his official duties.

All of which is a long way of saying that the Justice Department’s decision to back Trump in Carroll is consistent with longstanding DOJ practice. The department’s move in Carroll is very similar to its actions in the Jones case.

Trump, however, may not want to take solace in this fact. Clinton lost his case in a unanimous Supreme Court decision.

09 Jun 19:07

Seem Tired

by Reza
09 Jun 14:31

FTC Gives MoviePass Execs A Wrist Slap For Changing Passwords So Users Couldn't Watch Movies

by Karl Bode

Originally, the MoviePass business model seemed like a semi-sensible idea, though we were quick to wonder if it would ever actually make a profit. Under the model, users paid $30 (eventually $10) a month in exchange for unlimited movie tickets at participating theaters, provided they signed up for a full year of service. There were, of course, caveats: you could only buy a ticket per day, and could only buy one ticket per movie. It also prohibited users from viewing 3D, IMAX, or XD films. Still, the proposal was widely heralded by some as a savior for the traditional, brick and mortar, sticky floor movie industry.

It wound up....not being that.

In 2019, a four-month investigation by Business Insider (paywalled) found that the company had been bleeding money for years, and misleading investors for much of that time. Not only was the idea never really profitable, the company couldn't even manage to acquire enough plastic to keep up with membership card demand. Showcasing the width and depth of the dodgy effort, at one point executives genuinely thought it would be a good idea to actually change user passwords so they couldn't use the service, thinking this would let them get their head above water.

Needless to say, this behavior was so extreme it finally got the attention of the under-funded and over-extended FTC, which finally announced it had struck a settlement with MoviePass. The settlement isn't much to look at: because the companies involved are bankrupt there's no financial penalty, but the executives behind the effort are barred from “misrepresenting their business and data security practices" and "must implement comprehensive information security programs." (Execs did have to shell out $400,000 in penalties to select California counties in a different agreement).

The full FTC complaint (pdf) indicated that the company's not-so-clever password changing efforts impacted roughly 75,000 subscribers in total. Those users were first blocked from using the service, then when they inquired why they couldn't login they were falsely told they were the victim of fraud:

"Under Respondents’ password disruption program, Respondents invalidated the passwords of the 75,000 subscribers who used the service most frequently while claiming that “we have detected suspicious activity or potential fraud” on the affected subscribers’ accounts."

The full complaint is worth a read, and includes details in several other bizarre efforts execs engaged in to prevent customers from actually using a service they paid for. From the FTC press release:

"MoviePass and its executives went to great lengths to deny consumers access to the service they paid for while also failing to secure their personal information,” said Daniel Kaufman, the FTC’s Acting Director of the Bureau of Consumer Protection. “The FTC will continue working to protect consumers from deception and to ensure that businesses deliver on their promises."

It's not clear that a light wrist slap for executives years after it matters genuinely "protects consumers from deception," but in a country where a regulator like the FTC is routinely under-funded, under-staffed, and demonized, you get what you ask and pay for.