Media Law Roundup: December 5th

Welcome to the December 5, 2014  Media Law Roundup — a survey of the week’s developing media news.

Google Unveils New reCAPTCHA

On December 3, 2014, Google announced that it would begin rolling out its new CAPTCHA software, dubbed the “NoCAPTCHA reCAPTCHA.” CAPTCHAs are used to identify users as humans (and not robots) before they engage in secure transactions such as making purchases or setting up new online accounts. The old CAPTCHA required users to decipher a sequence of distorted letters or numbers in order to prove their humanity. Google used CAPTCHA to assist with book scanning and, later, with deciphering house numbers captured on Street View. The process was both cumbersome for mobile users and ineffective in general. Google discovered that they could train a robot to successfully pass a CAPTCHA and determined that bots could successfully pass a CAPTCHA with 99.8% accuracy. The new reCAPTCHA consists of a single checkbox next to the phrase, “I’m not a robot.” Product manager Vinay Shet said, “For years we’ve prompted users to confirm they aren’t robots by asking them to read distorted text and type it into a box. But, we figured it would be easier just to directly ask our users whether or not they are robots.” Upon clicking the box, Google uses its risk analysis engine to perform a series of checks on user engagement before, during, and after the click to decide if a user is human. If a user fails the reCAPTCHA, he will be either a traditional or an image-matching CAPTCHA.

 

Sony Corporation Hacked by #GOP

Over the final weekend in November, the Sony Corporation suffered a widespread cyber attack by a group that identified itself as #GOP, or “Guardians of Peace.” The first consequences of the cyber attack were the pirated leaks of several Sony films, including Fury (which is currently in theaters) and Annie (which has yet to be released). Later, more significant consequences came in the form of leaks that revealed employee Social Security Numbers and compensation information. Suspicion for the attack has fallen largely on North Korea–Sony is behind the imminent release of The Interview, a comedy film about two talk show hosts who are tasked with assassinating North Korean leader Kim Jong-Un. North Korea has previously stated that the release of the film would be considered a “war action.” On December 2, 2014, the BBC reported that a North Korean spokesman, when asked about North Korea’s potential involvement in the attack, responded saying, “I kindly advise you to just wait and see.” On December 4, 2014, however, Voice of America interviewed a North Korean diplomat, who preferred to remain anonymous, who denied his country’s involvement. “Linking the [Democratic People’s Republic of Korea] to the Sony hacking is another fabrication targeting the country.”

 

EU Wants Global Right To Be Forgotten

The European Union ruled in May 2014 that search engines–including Google, Bing, and Yahoo–must allow users the opportunity to have personal information removed from search results (under certain conditions). Users who filled out Google’s online form with a list of URLs they wanted removed, explanations for removal, and a form of ID to prove their identities had the chance to see those links disappear from search results, but only on Google’s EU sites. Now, the EU wants the “right to be forgotten” to be extended globally. In a press release, the EU Court of Justice stated: “Limiting de-listing to EU domains on the grounds that users tend to access search engines via their national domains cannot be considered a sufficient means to satisfactorily guarantee the rights of data subjects according to the ruling. In practice, this means that any case de-listing should also be effective on all relevant .com domains.” TechDirt simplified the press release message down to a single statement: “EU regulations apply around the globe online,” calling the new guidelines “troubling” and noting that these changes could open the door to other global censorship efforts from countries such as Russia and China.

 

Apple Caught Deleting Non-iTunes Music

Apple is battling a United States antitrust lawsuit for deleting music downloaded from competing sites. The deletions took place between 2007 and 2009, and users were not informed that they were losing music obtained from other music services. A user whose iPod contained music from a rival service would be shown an error message when he attempted to sync his device with their iTunes library. He would then be prompted to restore his iPod to its factory default settings, after which the competing music would be removed. Attorney Patrick Coughlin said that Apple deliberately programmed the system “not to tell users the problem.” Apple’s security director Augustin Farrugia said that the company took these steps in order to protect iTunes from hacking, adding, “We don’t need to give users too much information…We don’t want to confuse users.” The plaintiffs in this class action lawsuit are seeking $350 million dollars in damages for unfairly price iPods as a result of competition stifling done by Apple.

 

Twitter Announces New Abuse-Reporting Policy

On December 2, 2014, Twitter announced its revamped abuse-reporting policy. The new abuse-reporting form is easier to submit via mobile devices and also allows for third-party reporting. Not only does Twitter’s new policy allow for the quicker reporting of abuse, it also created more convenient blocking tools. Previously, Twitter users were unable to see, via their pages, exactly who they were blocking. Now, Twitter users can view directly from the new blocked accounts page which users have been blocked. Furthermore, blocked users will no longer be able to view the pages of users they have been blocked from messaging. Twitter’s Director of User Safety, Shreyas Doshi, assured users that Twitter is “nowhere near being done making changes in this area.”

 

Chinese Nationals Arrested in Kenya for Internet Hacking

On November 30, 2014, reports of a fire led police to the upscale home that Kenyan law enforcement believe operated as the headquarters of a Chinese cybercrime ring. “Preliminary findings show the fire was caused by one of the servers they were illegally operating,” said Ndegwa Muhoro, the director of Kenya’s Criminal Investigations Department. Thirty-seven people were arrested on November 30, with forty more taken into custody on December 3. The group appeared to be manufacturing counterfeit ATM cards and was also in possession of equipment that Kenya’s Daily Nation claimed was “capable of hacking into government servers.” Muhoro said that the seventy-seven suspects would be interrogated as to their reasons for entering the country, stating that it seemed they had come “specifically for a mission which we are investigating.” Chinese officials expressed surprise upon hearing of the arrests and have promised the Kenyan government their support and cooperation.

Leave a Reply