Search the Community

Phished Healthcare Provider Takes Legal Action Against Amazon An American healthcare provider whose data was allegedly exfiltrated to an Amazon storage account by a cyber-attacker has taken legal action against Amazon. As many as 85,688 patient and employee records were compromised last week when a threat actor seemingly based in Ukraine struck SalusCare, the largest provider of behavioral healthcare services in Southwest Florida. The attacker is believed to have gained access to SalusCare's Microsoft 365 environment after an employee clicked a malicious link in a phishing email. The action allegedly triggered malware to exfiltrate SalusCare's entire database to two Amazon S3 storage buckets linked to the same Amazon AWS storage account. After being notified of the alleged illegal activity, Amazon froze access to the two S3 buckets believed to have been used in the attack. SalusCare requested access to the audit logs of the buckets as part of its investigation to determine precisely what data had been breached by the threat actor. However, Amazon refused to supply an audit log or a copy of the data stored in the S3 buckets as they do not belong to SalusCare. The healthcare provider responded to Amazon's refusal by filing a lawsuit in federal court on Wednesday seeking for Amazon to be compelled to provide SalusCare with the audit logs and a copy of the contents of the two S3 buckets. In the lawsuit, SalusCare also sought for Amazon to be ordered to permanently suspend the alleged attacker's access to the two S3 buckets allegedly containing the healthcare provider's swiped data. In its petition to the US District Court in Fort Myers, SalusCare argued that the sensitive data believed to have been stolen in the attack and stored in the buckets could be sold on the dark net and used to commit identity theft. “The files contain extremely personal and sensitive records of patients’ psychiatric and addiction counseling and treatment,” explained SalusCare. “The files also contain sensitive financial information such as social security numbers and credit card numbers of SalusCare patients and employees.” News-Press reports that a judge granted both of SalusCare's requests on Thursday. Source: Phished Healthcare Provider Takes Legal Action Against Amazon

A federal judge on Friday approved a $650 million settlement of a privacy lawsuit against Facebook for allegedly using photo face-tagging and other biometric data without the permission of its users. U.S. District Judge James Donato approved the deal in a class-action lawsuit that was filed in Illinois in 2015. Nearly 1.6 million Facebook users in Illinois who submitted claims will be affected. Donato called it one of the largest settlements ever for a privacy violation. “It will put at least $345 into the hands of every class member interested in being compensated,” he wrote, calling it “a major win for consumers in the hotly contested area of digital privacy.” Jay Edelson, a Chicago attorney who filed the lawsuit, told the Chicago Tribune that the checks could be in the mail within two months unless the ruling is appealed. “We are pleased to have reached a settlement so we can move past this matter, which is in the best interest of our community and our shareholders,” Facebook, which is headquartered in the San Francisco Bay Area, said in a statement. The lawsuit accused the social media giant of violating an Illinois privacy law by failing to get consent before using facial-recognition technology to scan photos uploaded by users to create and store faces digitally. The state's Biometric Information Privacy Act allowed consumers to sue companies that didn't get permission before harvesting data such as faces and fingerprints. The case eventually wound up as a class-action lawsuit in California. Facebook has since changed its photo-tagging system. SOURCE

In a few weeks movie studio Warner Bros. will have to defend itself against DMCA fraud and abuse allegations from file-hosting service Hotfile. The two parties are currently preparing for this clash, and in recent filings Warner asks the court to exclude Hotfile’s “perjury” accusation. The movie studio admits that mistakes were made but insists that they’ve committed no crime. In response to a copyright infringement lawsuit launched by the MPAA, Hotfile counter sued Warner Bros. two years ago for abuse of its DMCA takedown process on numerous occasions. The file-hoster alleged that after giving Warner access to its systems the studio wrongfully took down hundreds of files including demos and Open Source software without holding the copyrights to them. The takedowns continued even after the movie studio was repeatedly notified about the false claims. While Warner later admitted the accusations, the movie studio argue that they are not to blame because the mistakes were made by a computer, not a person. As a result, the false takedown request were not “deliberate lies.” However, not all false takedowns were unintentional. Warner admitted that one of their employees deleted Open Source software from Hotfile on purpose. Their rationale for this was that the software in question could have speeded up infringing downloads. Warner nonetheless asked the court for summary judgment in its favor, but in September Florida District Court Judge Kathleen Williams decided to let the issue be heard before a jury later this year. She stated that there is enough evidence showing that “Warner intentionally targeted files it knew it had no right to remove.” Through several new filings Warner is hoping to limit the potential damage, by asking the court to exclude two issues from being discussed during the upcoming trial. The first issue deals with Hotfile’s claim that Warner committed perjury, and the other relates to an audit of the movie studio’s anti-piracy system. The perjury motion relates to Hotfile’s Special Rightsholder Account (SRA) which Warner used to remove links from the site. This tool required the movie studio to check a box confirming “under penalty of perjury that I am owner or an authorized legal representative of the owner of the copyrights in this material.” Since Warner admitted that they submitted false takedown requests and Hotfile specified the above requirements in its terms of service, the file-hoster argued that the studio committed a crime. However, Warner disagrees with this line of reasoning. “That is not how perjury works, not how the DMCA works, is irrelevant to the claims the jury must decide, and would unfairly prejudice the jury against Warner by suggesting that Warner’s errors amounted to criminal acts,” Warner writes. Warner adds that the DMCA only requires the penalty of perjury statement to confirm that the sender represents the copyright holder, not that the allegedly infringing links point to their copyrighted material, they say. “The DMCA ‘penalty of perjury’ language is thus narrower than the SRA language that Hotfile employed. The DMCA’s language applies only to impersonating a copyright owner or sending notices on their behalf without authorization; mere misidentification of the files being taken down or the works represented therein are at most incorrect ‘statements’.” However, Warner also removed copies of JDownloader, which they were certainly not authorized to do. But this was also not a crime either according to the the studio, since it never claimed to be representing JDownloader’s developer Appwerk GmbH. “To fall under the ‘penalty of perjury’ language in [the DMCA section], however, Warner would have needed not to misidentify instances of JDownloader as infringing Warner works (which is what happened), but instead to correctly identify the taken-down files as JDownloader and then misrepresent itself as acting under authority from Appwerk GmbH, JDownloader’s developer.” Interestingly, the above reasoning confirms that Warner deliberately used Hotfile’s DMCA tools to take down files that they are not the owner of, an issue that will certainly be brought up during trial. Warner believes that the above is reason enough to exclude the “perjury” issue from trial. Hotfile can’t just make up crimes by extending the scope of the DMCA, and should not be allowed to present an argument which could mislead the jury, they claim. In a separate motion Warner wants the court to exclude evidence Hotfile has gathered on an audit of the movie studio’s anti-piracy system, and changes that were made as a result. Warner argues that the audit is irrelevant, since it was performed after the false takedown notices were sent. If Hotfile would use the audit to argue that the movie studio was aware of the errors in their system, this could potentially confuse the jury. “There is a substantial risk that the jury will see evidence of Warner’s efforts to investigate the claims in Hotfile’s lawsuit and correct any sources of errors as evidence that Warner ‘knew’ about potential inaccuracies in its system at the relevant times, and improperly attribute such knowledge to Warner months earlier.” “Because Hotfile has selectively cherry-picked the instances in which Warner located and corrected errors as part of its August 2011 audit, there is further risk that the jury will misread the evidence as ‘proving’ that Warner’s system was error-prone and seek to punish Warner for it,” Warner adds. The above suggests that Warner is not totally confident that the trial will end well for them. It is now up to the judge to decide whether or not the issues above can be raised during trial. The judge is also still considering a motion from Hotfile to exclude terms such as “piracy,” “theft” and “stealing” from their trial against the MPAA. To be continued. Source: TorrentFreak

A New York man has been landed with a huge lawsuit worth more than $32.2m after he was found to be uploading UFC content to The Pirate Bay and KickassTorrents. Known online as Secludedly, the man uploaded at least 124 events. As a result UFC parent Zuffa is hitting him with everything from copyright infringement, to fraud, to breach of contract. http://thepiratebay.se,” the lawsuit reads. For these “willful violations”, Zuffa is claiming up to the maximum of $110,000 for each of the alleged 124 offenses, potentially another $13.64m in damages. In a third count, Zuffa seeks up to $60,000 after Secludedly “willfully and unlawfully accessed, received and subsequently re-transmitted the Broadcasts over a cableTV or internet system.” Not content with the millions already on offer, Zuffa throw in an additional claim for breach of contact after Secludedly legally purchased PPV events but went on to step over the terms and conditions. “Upon information and belief, Defendants purchased the Broadcasts through Plaintiff’s authorized websites or via Pay-Per-View purchase for private, residential viewing…[but then]…willfully and unlawfully copied, uploaded and distributed the Broadcasts..” Zuffa further alleges a “civil conspiracy” in which “members” of Secludedly supposedly worked together to infringe the company’s rights and went on to violate the Computer Fraud and Abuse Act. “[Defendants], without authorization or by exceeding such authorization as was granted, accessed a protected computer containing Plaintiff’s live internet streams of the Broadcasts knowingly and with intent to defraud, and unlawfully copied, distributed and publicly displayed said Broadcasts,” the lawsuit reads. It seems that Zuffa has left no stone unturned in its attempts to make life as difficult as possible for Secludedly. The company is seeking statutory damages of $18.6m for copyright infringement, up to $13.64m plus $60,000 for breaches of the Federal Communications Act, plus sundry damages on the remaining counts. That all adds up to at least $32.2m and it could get much worse, but there’s not a chance in the world that Zuffa will see that kind of money from a 27-year-old reportedly living with parents. The company will settle for big anti-piracy headlines instead, in the hope of deterring others. Source: TorrentFreak

Hollywood's major movie studios have filed a lawsuit against Megaupload and several of its former employees, demanding millions of dollars in damages. In their complaint the studios describe the file-hosting service as a business that was set up to encourage piracy, which a nonsense claim according to Megaupload's legal team. A few months ago the U.S. Department of Justice released a summary of its evidence against Megaupload, to assist civil parties who would want to start their own cases against the defunct file-hosting service. Previously there have been some rumors that the MPAA was working on a lawsuit and this has now been confirmed. Twentieth Century Fox, Disney, Paramount Pictures, Universal, Columbia Pictures and Warner Bros. have teamed up and filed a complaint in a Virginia District Court. The lawsuit is filed against Megaupload, Kim Dotcom and the former employees Mathias Ortmann and Bram Van Der Kolk. The same defendants are also part of the ongoing criminal proceedings by the U.S. Government, and the complaint itself raises many of the same allegations that were put forward in the indictment. The movie studios describe Megaupload as a business that was designed to facilitate copyright infringement and are looking for millions of dollars in damages. One of the problems they describe is that, after a DMCA notice was received by Megaupload, it would only remove the URL while the actual file and other URLs pointing to that file would remain intact. The movie studios claim that this was done to ensure that the most popular infringing files remained available. However, they fail to mention that removing the actual files would be overbroad and wrong in some instances. For example, if an artist stores his files on Hotfile but wants to take unauthorized copies offline, he or she would not want Megaupload to delete the original as well. Megaupload’s reward program is also cited as a piracy promoting tool by the studios. According to the complaint it was set up to reward people who shared popular content, which would often be pirated movies. The rewards therefore served as an incentive to share links to Megaupload in public and advertise these through other sites. This point is also raised by MPAA’s Steven Fabrizio, who notes that Megaupload wasn’t a cloud storage service but an “unlawful hub for mass distribution.” “Megaupload was built on an incentive system that rewarded users for uploading the most popular content to the site, which was almost always stolen movies, TV shows and other commercial entertainment content. It paid users based on how many times the content was downloaded by others – and didn’t pay at all until that infringing content was downloaded 10,000 times,” Fabrizio explains. TorrentFreak spoke to Megaupload lawyer Ira Rothken who believes that this new case might show that Hollywood and the U.S. Government have little faith in the criminal proceedings. “Megaupload believes that the suit lacks merit and we will vigorously defend against the claims,” Rothken tells TF. “The MPAA is apparently concocting a civil claim out of desperation two years after the indictment because it is likely that they and Department of Justice believe the pending criminal allegations lack merit, as there is no such thing as secondary criminal copyright infringement” Rothken stresses that Megaupload was predominantly used for backup, and not for file-sharing as the complaint suggests. The movie studios paint a distorted picture of Megaupload according to the lawyer, who notes that the money paid out to uploaders was minimal, and that terminating the rewards program didn’t affect the number of visitors. “The amount of money paid out in the rewards programs was tiny and a rounding error compared to revenue. The rewards program was halted about six months before the indictment with no resulting drop in traffic – it was copyright neutral,” Rothken explains to TF. The case promises to be a vital one for the future of cloud hosting services in the United States, and a backup plan for when the criminal case fails. The MPAA previously settled its lawsuit against Hotfile, and hopes for another win against Dotcom and his colleagues. Megaupload, however, believes it is protected by the DMCA safe harbor and is determined to show that the movie studio’s allegations are meritless. In addition to the lawsuit filed this week, Megaupload has also been sued by Microhits in 2012. This case has been frozen pending the outcome of the criminal proceedings. Source: TorrentFreak

In a surprise move Quentin Tarantino has withdrawn his lawsuit against online media company Gawker. The sides had been in dispute over the leak of his potential movie script 'The Hateful Eight', with Tarantino accusing Gawker of both contributory and direct infringement. The lawsuit can be refiled, however, so a sequel might be just around the corner... Just when it seemed that Tarantino and his legal team were in for the long haul against Gawker, things have taken a turn for the unusual. After his initial lawsuit over the leak of his script ‘The Hateful Eight’ was kicked out by a judge due to a lack of evidence, just last week Tarantino filed an amended complaint. But now, and without even waiting for Gawker to respond to his revised allegations, Tarantino has withdrawn the lawsuit attacking Gawker’s conduct as it reported the leak, or as the writer/director previously claimed, actually encouraged its distribution. “This dismissal is made without prejudice, whereby Plaintiff may later advance an action and refile a complaint after further investigations to ascertain and plead the identities of additional infringers resulting from Gawker Media’s contributory copyright infringement, by its promotion, aiding and abetting and materially contributing to the dissemination to third-parties of unauthorized copies of Plaintiff’s copyrighted work,” the dismissal motion reads. The details were covered in our earlier article, but this means that Tarantino may later decide to refile his complaint if he can come up with a way to identify third parties that infringed his copyrights after being encouraged to do so by Gawker. No easy feat. It’s also possible this is a convenient way to back out of a battle that’s looked less solid after each step. Tarantino loves making films, and it’s doubtful he likes legal battles to the same degree. After spending a considerable sum on lawyers already, swapping one for the other may have been too great a temptation. Source: TorrentFreak

Lionsgate has filed a lawsuit against six file-sharing sites that allegedly distributed leaked copies of The Expendables 3 film. The movie studio claims that the sites in question failed to respond to takedown requests. Lionsgate demands a permanent injunction to stop further distribution of the film, as well as seizure of the sites' domain names and bank accounts. Last week saw the leak online of the brand new Expendables movie. Scheduled for an August 15 U.S. release, Expendables 3 leaked in near DVD quality a full two weeks ahead. The timing and quality combined to make the leak one of the most prominent in recent years. The movie studios behind the film have been rather quiet, but behind the scenes they have been trying hard to limit the damage. Lionsgate in particular sent takedown requests to numerous file-sharing sites. While most sites complied by taking down infringing links or copies, some failed to respond. In response to this apparent lack of cooperation, Lionsgate has now sued the operators of six file-sharing sites – Limetorrents.com, Billionuploads.com, Hulkfile.eu, Played.to, Swankshare.com and Dotsemper.com. The complaint (copy below) filed at a federal court in California accuses the sites’ owners of direct, contributory and vicarious copyright infringement. Limetorrents is the only torrent site in the lawsuit, and Lionsgate notes that the Expendables leak was still prominently available on the site when the complaint was drafted. “To date, the operator(s) of the site have not responded to Lions Gate’s demands. Rather, as of the date of this filing links to the torrents allow users to access ‘swarms’ where the Stolen Film is being shared remain on the site, including in the fifth-ranked position for ‘Movie torrents’ on the site’s home page,” the lawyers write. In the complaint, first reported by THR, the movie studio demands a wide range of measures. Lionsgate asks the court for a temporary restraining order, a preliminary injunction and a permanent injunction to stop the sites from further distributing the film. This includes a request to suspend the sites’ domain names, or transfer them to Lionsgate. In addition, the movie studio also wants all financial institutions who do business with the sites to freeze their assets. If granted, Lionsgate could severely damage the sites in question even if the operators remain silent. Finally, the movie company demands actual or statutory damages for the financial loss it has suffered. Since there is only one film at stake, the statutory damages are limited to $150,000 per site. At this point it is unknown whether Lionsgate is also investigating the source of the leak, which isn’t related to any of the sites listed in the complaint. A third option would be to go after individual filesharers, which Nu Image did when they sued 23,322 alleged pirates who shared the first Expendables movies. Thus far well over two million copies of The Expendables 3 have been shared via BitTorrent, so there are plenty of targets for sure. The complaint http://www.scribd.com/doc/235645606/Lionsgate-complaint-via-Torrentfreak-com Source: TorrentFreak

The company behind the war drama film The Outpost has filed a mass copyright infringement lawsuit in Canada. The statement of claim targets 841 'Doe' defendants who allegedly downloaded and shared the movie, demanding an injunction plus damages under the Copyright Act. The claim states that all defendants ignored two warnings to cease and desist. Mass lawsuits targeting Internet subscribers who allegedly downloaded and/or shared copyrighted material have been a common tactic for content companies over more than 15 years. The targets are nearly always BitTorrent users since without using a decent VPN, they are easy prey for anti-piracy companies. The practice is widespread in the United States and in many countries across Europe but Canada is also popular with mass litigants, who are often labeled ‘copyright trolls’ due to their tactics. Statement of Claim Filed in Federal Court of Toronto Filed on September 23 by Outpost Productions, Inc., the action targets 841 IP addresses allocated to the same number of ‘Doe’ defendants, none of whom are currently known by name to the plaintiffs. It’s alleged that each person downloaded and/or uploaded the 2020 war drama movie ‘The Outpost’ in breach of copyright law. According to the claim, the defendants shouldn’t be surprised that they are being targeted. After their infringement was detected on BitTorrent networks, they were each sent a notice via their ISPs informing them that they had been observed online sharing the movie. If they stopped at that point, no further action would be taken, they were told. No Defendants Responded or Took the Advice to Stop After the first notices were sent out, an anti-piracy company working on behalf of Outpost Productions continued to monitor BitTorrent swarms sharing the movie. During this period, it was possible to determine that the 841 IP addresses listed in the claim were still downloading and/or sharing the content days and in some cases weeks later. As a result, they were sent a second notice, again via their ISP. “As a result of each Defendant’s failure to respond to the First Notice and his or her continuation of the Unlawful Acts, a second notice..was sent to the Defendant by Counsel for the Plaintiff after the forensic software detected that the same IP address was offering for upload the same work,” the plaintiffs write. “This Second Notice indicated that the work had not been removed and that legal action may be taken as against such Defendant. The Defendant failed or refused to respond to the Second Notice and continued his or her Unlawful Acts.” The claim notes that it is illegal under the Copyright Act to make content available for download, advertise a work for download, and illegal not to take “reasonable, or any, steps” to ensure that the person downloading the work is authorized to do so by law. ISPs Log IP Addresses By Time and Date At this stage the true identities of the Does are not known by the plaintiffs but the claim notes that their respective ISPs carry time and date logs that allow them to correlate an IP address to the identity of a specific customer. “The ‘customer’ may be the infringer of copyright, in particular if the assigned IP address is only used by a single device,” the claim adds, cautiously. However, even if the IP address is shared with multiple devices, the customer “should have, and ought to have, the knowledge of who was using the customer’s internet account at the specifically identified date and time.” While the plaintiffs believe that it will be possible to trace an IP address to an ISP customer, they further note that “further examination of the customer” may be necessary. Identifying Who Actually Infringed is More Difficult Households with an ISP connection often have several users, each doing their own thing on their own devices. This can cause problems when trying to pin a specific act on an individual using the same IP address as everyone else. This eventuality is tackled in the claim by holding the person who pays the bill responsible for the actions of everyone else. “(s)ome of the Defendants may not be the direct infringer, but through negligence or wilful blindness has authorized others to do the foregoing acts, including the Unlawful Acts. In this regard, the Plaintiff pleads that each Defendant possessed sufficient control over the use of his or her internet account and associated computers and internet devices such that he or she authorized, sanctioned, approved or countenanced the infringements…,” the claim adds. There are 841 IP addresses listed in the lawsuit and while we haven’t researched every single one, a random sample of around 100 reveals that the addresses are registered to well known Canadian ISPs including Bell, Eastlink, Rogers, SaskTel, TekSavvy, and Telus Communications. Claim for Injunction and Damages The main goal in this and all similar claims is for the plaintiffs to receive financial compensation for the alleged actions of the infringers while preventing any infringement from continuing. In respect of the former, that can only be achieved once alleged infringers have been identified by their ISPs. That is usually achieved via a so-called Norwich Order, which allows plaintiffs to bring an action against an innocent third-party (in this case ISPs) tied up in some wrongdoing to compel them to participate in a discovery process, i.e matching IP addresses to names and addresses, before handing those lists to the plaintiff. Historically, TekSavvy is the most obvious ISP when it comes to the possibility of protecting its customers from being identified but whether it will put up a fight in this matter is currently unknown. While the plaintiffs urge the court to prevent the defendants from continuing to infringe, the Doe defendants are being sent a copy of the case by the court, advising them that if they do want to put up a defense, they must do so within 30 days of receiving the claim. This and Earlier Cases Linked to Millenium Media As reported in February, more than 3,300 defendants are being targeted in similar actions brought by companies behind the movies Angel Has Fallen and Rambo: Last Blood. In common with The Outpost, all entities are directly connected to Millenium Media, whose affiliates sued and then reached a settlement with torrent site YTS. Part of that settlement involved YTS handing over user data to the companies in question, something that is now resulting in alleged pirates being sued in the United States. There is currently no suggestion that YTS data is being used in the present action. A copy of the Statement of Claim can be found here (pdf, via Excess Copyright) Source: TorrentFreak

Several movie companies have filed a new lawsuit targeting three users of the popular torrent site YTS. The alleged pirates were identified based on data that was previously provided by the site's operator. The three were initially approached for an out-of-court settlement but, according to the rightsholders, they failed to respond. In recent years, YTS.mx has become one of the most-used torrent sites, serving millions of visitors a day. The site can be used without registering an account. However, those who sign up get some extra features, such as an option to bookmark titles. These added benefits can be handy but a few months ago we learned that having an account also comes with risks. Movie Companies Target YTS site and Users At the start of the year, a group of movie companies filed lawsuits against alleged YTS users. In doing so, they relied on information that appeared to come directly from the YTS user database, including email addresses. The timing of these lawsuits was interesting. The complaints were filed around the same time the alleged operator of YTS signed a settlement deal with the same movie companies, agreeing to pay a substantial settlement fee. We later learned that, in order to resolve the matter, YTS had shared information from its database with the movie outfits. While it was a one-time handover, there was enough information to go after a long list of users. Today we can report on the latest development in this saga. Shared User Data Triggers Settlement Demands As reported earlier, the YTS user data ended up at the makers of films such as “Hellboy” and “Rambo: Last Blood,” and “London has Fallen,” who used it to their advantage. In addition to filing lawsuits, they also approached alleged file-sharers with settlement demands directly. With the threat of potential legal action, several users are likely to pay up. However, not everyone does. A few days ago, a dozen movie companies sued three alleged YTS users who failed to respond to these out-of-court settlement demands. In a complaint filed at a federal court in Colorado, the copyright holders accuse the defendants of sharing pirated copies of titles including Hunter Killer, Rambo V: Last Blood, London Has Fallen, Hellboy, and Mechanic: Resurrection. The legal paperwork identifies the three, who are all Colorado residents, as Stephen Moody, William Nelson, and Ty Tidwell. They all signed up with YTS using email addresses linked to Microsoft, which presumably shared information with the movie companies through a subpoena. “Defendant William Nelson entered the name ‘William Nelson’ and the state ‘Colorado’ when initially registering for his email address ‘[redacted]@hotmail.com’ on September 26, 2000,” the complaint reads, adding that he registered for an account with the YTS website using that same email. The same defendant also used a VPN on several occasions. According to the copyright holders he did so “to conceal his illicit activities,” however, that offered little help. Sued YTS Users Ignored Settlement Demands With the IP-addresses, email addresses, and download records from YTS, paired with information gathered from public torrent trackers, the movie companies reached out to the three men with a settlement offer. We believe that this is similar to the letters we reported on in the past, where a settlement of around $1,000 was proposed. The three defendants didn’t respond to the offer, according to the complaint. “Defendant [name] has ignored repeated communications from Plaintiffs’ counsel requesting him to cease and desist his unlawful activity and pay a portion of Plaintiffs’ damages,” it reads. The three defendants are all accused of direct and contributory copyright infringement by sharing the various films. The movie companies request actual or statutory damages as compensation for the losses they suffered. In addition, the three men also allegedly violated the DMCA by distributing content with altered copyright management information. According to the complaint, distributing files with words like “YTS” added to the title could induce others to pirate these films. For this, the movie companies want to be compensated too. — A copy of the full complaint, filed on behalf of Plaintiffs: Fallen Productions, Hunter Killer Productions, Rambo V Productions, LHF Productions, Millennium Funding, HB Productions, Stoic Productions, Voltage Holdings, Gunfighter Productions, SF Film, Definition Delaware, and After Productions, is available here (pdf) Source: TorrentFreak

(Reuters) - Google was sued on Tuesday in a proposed class action accusing the internet search company of illegally invading the privacy of millions of users by pervasively tracking their internet use through browsers set in “private” mode. The lawsuit seeks at least $5 billion, accusing the Alphabet Inc unit of surreptitiously collecting information about what people view online and where they browse, despite their using what Google calls Incognito mode. According to the complaint filed in the federal court in San Jose, California, Google gathers data through Google Analytics, Google Ad Manager and other applications and website plug-ins, including smartphone apps, regardless of whether users click on Google-supported ads. This helps Google learn about users’ friends, hobbies, favorite foods, shopping habits, and even the “most intimate and potentially embarrassing things” they search for online, the complaint said. Google “cannot continue to engage in the covert and unauthorized data collection from virtually every American with a computer or phone,” the complaint said. Jose Castaneda, a Google spokesman, said the Mountain View, California-based company will defend itself vigorously against the claims. “As we clearly state each time you open a new incognito tab, websites might be able to collect information about your browsing activity,” he said. While users may view private browsing as a safe haven from watchful eyes, computer security researchers have long raised concern that Google and rivals might augment user profiles by tracking people’s identities across different browsing modes, combining data from private and ordinary internet surfing. The complaint said the proposed class likely includes “millions” of Google users who since June 1, 2016 browsed the internet in “private” mode. It seeks at least $5,000 of damages per user for violations of federal wiretapping and California privacy laws. Boies Schiller & Flexner represents the plaintiffs Chasom Brown, Maria Nguyen and William Byatt. The case is Brown et al v Google LLC et al, U.S. District Court, Northern District of California, No. 20-03664. Source

Facebook is being sued by an Instagram user who claims the social media giant spied on users through their iPhone cameras. Brittany Conditi, who filed the lawsuit, said Facebook accessed Instagram users’ cameras even when they weren’t taking pictures or videos. Users first noticed a green FaceTime symbol appear on their phones when they were scrolling through their Instagram news feeds in July. Facebook has denied spying, and blamed a bug. Facebook is being sued over claims it spied on Instagram users through their iPhone cameras. The social-media giant has denied the claims, and blamed a bug that it said triggered false notifications that Instagram was accessing iPhone cameras. In July, users noticed that a green FaceTime symbol was showing up when they scrolled through their Instagram feed, per the Independent. The symbol appears on iPhones when the camera is on. The lawsuit, filed on Thursday by Instagram user Brittany Conditi, claims that Facebook's intentional access of the camera allows the app to collect "lucrative and valuable data on its users that it would not otherwise have access to," Bloomberg reported. Instagram and Facebook can collect "valuable insights and market research" by "obtaining extremely private and intimate personal data on their users, including in the privacy of their own homes," the complaint says. Conditi filed the lawsuit in a San Francisco federal court. Facebook did not immediately respond for a comment when contacted by Business Insider. The accusation follows allegations that Facebook illegally holds more than 100 million Instagram users' biometric data. The social media company offered to pay $650 million in July to settle a lawsuit that accused it of collecting data through the photo-tagging tool available on the app. In November, users accused Facebook of accessing iPhone cameras through the Facebook app. A Facebook spokesperson told CNN that the bug was "inadvertently introduced" and promised to fix the issue. Source

Alphabet Inc.'s Google faces a multibillion-dollar lawsuit in Britain over claims that YouTube routinely breaks privacy laws by tracking children online. The suit, filed on behalf of more than five million British children under 13 and their parents, is being brought by privacy campaigner Duncan McCann and being supported by Foxglove, a tech justice group. The claimants estimate that if they’re successful, there would be as much as $3.2 billion (2.5 billion pounds) in compensation, worth 100 to 500 pounds per child. The filing alleges that YouTube's methods of targeting underage audiences constitute "major breaches" of U.K. and European privacy and data rules designed to protect citizens' control over their own private information. YouTube has "systematically broken these laws by harvesting children's data without obtaining prior parental consent," it alleges. A spokesperson for YouTube declined to comment on the lawsuit Monday but added that the video streaming service isn't designed for users under the age of 13. "We launched the YouTube Kids app as a dedicated destination for kids and are always working to better protect kids and families on YouTube," the company said in an emailed statement. Privacy watchdogs have in recent months turned their attention more closely to the protection of children’s data, with regulators in Ireland looking to clarify the rights of children under the European Union’s strict data protection rules, and the U.K.'s information commissioner publishing a code of practice with specific standards for online services to follow. ByteDance Ltd.'s social media app TikTok has in recent months also come under scrutiny by several EU data watchdogs over its processing of children's data. It’s the first class-action suit in Europe brought against a tech firm on behalf of children, according to the claimants. The legal action is being backed by Vannin Capital, a global litigation funder. “The cost of YouTube’s so-called free service is kids that are addicted to online content and influenced by large tech companies that have stolen their privacy,” said Cori Crider, director of Foxglove. “Google won’t clean up its act until it’s forced to do so by the courts.” Source

Technology giant Samsung is being sued for $1.3 million by content protection company Verance. According to a lawsuit filed in the US, for two years Samsung failed to pay licensing fees for use of Cinavia, the anti-piracy technology that aims to prevent copied or downloaded content being played on Blu-ray disc players. For at least two decades, entertainment companies have been trying to prevent people from copying commercially produced DVDs and more recently Blu-ray discs. In common with most anti-piracy technologies the protections deployed were eventually circumvented, resulting in copies of every major film and TV show being copied and distributed, either on physical formats or more commonly digitally via the Internet. However, at least one system continues to irritate playback on millions of devices. Cinavia – Making Playback Difficult For (some) Pirates Under development since 1999 albeit under a different name, the anti-piracy protection now known as Cinavia hit the market in 2010. The stated aim of the watermarking technology was to embed special digital markers into audio tracks of movies that could be later detected in order to mitigate piracy. In 2012, Cinavia detection became mandatory in all Blu-ray disc players, meaning that when Cinavia code was found in a copy of a Blu-ray disc or even a movie downloaded from the Internet (Cinavia can survive when a movie is cammed in cinemas), the associated playback device was able to prevent the unauthorized copy from playing. Samsung Sued For $1.3m For Non-Payment of Cinavia Licensing Fees In common with most anti-piracy technologies, the use of Cinavia isn’t free. Companies such as Samsung, LG and Philips, for example, are not only compelled to include Cinavia protection in their hardware players, they must also pay considerable licensing fees to Verance for the privilege. In Samsung’s case, however, it’s now being alleged that the company has stopped doing that. Filed in a New York court by Verance Corporation against South Korea-based Samsung, a new lawsuit claims that in 2011, the companies reached a licensing agreement to have Cinavia technology embedded in Samsung products. Verance claims that Samsung produced over 40 million Blu-ray players containing its technology. From 2011 until 2017, Samsung used Cinavia under the terms of a ‘Preferred Partner Program’ (PPP) which required Samsung to comply with “enhanced technical requirements”. In 2017, however, Verance says that Samsung could no longer comply with these technical conditions so it terminated Samsung’s participation in the PPP and stop waiving certain fees associated with it. After the parties failed to reach an agreement, in April 2017 Verance gave Samsung 90 days notice of its intent not to renew two licensing agreements but said it would continue Samsung’s overall license coverage. Verance also said it would update its license agreements “to address issues” that had arisen since the Cinavia license program had begun several years earlier. According to the lawsuit, however, Samsung never signed those agreements and didn’t pay any licensing fees for the seven million products it shipped containing Cinavia between July 2017 and September 2019. In response, Verance invoiced Samsung for the outstanding fees but Samsung refused to settle the bill. Samsung Owes Verance $1 Million in Licensing Fees The amount on the invoice is significant. Alleging breach of contract, Verance claims that Samsung owes $1,010,737.65 in licensing fees for the use of Cinavia in its products. On top, the company claims that it is entitled to collect late fees of 1.5% per month, totaling $299,267 as of June 30, 2020. “Verance has been damaged by Samsung’s refusal to pay the licensing fees and the late fees. In addition to its damages, Verance also is entitled to recover its reasonable attorney’s fees and other costs incurred in connection with this action,” the complaint reads. A second count of ‘unjust enrichment’ has Verance claiming that by failing to pay the appropriate licensing fees for its mandatory DRM product, Samsung was enriched at the content protection company’s expense. “It is against equity and good conscience to permit Samsung to retain the amounts Verance is seeking to recover,” the company writes. The Slow Death of Blu-ray, The Rise of Streaming In February 2019, it was reported that Samsung was beginning a withdrawal from the Blu-ray player market. “Samsung will no longer introduce new Blu-ray or 4K Blu-ray player models in the US market,” a Samsung spokesperson told CNET. In March this year, the MPA’s THEME Report, an analysis of the theatrical and home/mobile entertainment market environment, revealed that physical products (DVD/Blu-ray) accounted for just 10% of the market in 2019 at $10.1 billion, down 22% from 2018’s $12.4 billion total. Meanwhile, streaming service subscriptions increased 28%, reaching 863 million subscribers worldwide. With the Demise of Blu-Ray Players Comes a Lack of Control With millions of consumers now moving away from hardware players, Cinavia is arguably less relevant than it once was. While it is mandatory in Blu-ray players, that is not the direction the market is heading. Furthermore, software video players tend not to detect Cinavia so for most pirates the technology doesn’t affect their consumption habits. However, Cinavia still exists in Blu-ray players including those in consoles, something that causes a steady stream of complaints from those trying to play pirated copies. The big question, however, is when the Blu-ray player will be completely discarded as another technological relic – and Cinavia with it. A copy of the lawsuit filed by Verance against Samsung can be found here (pdf) Source: TorrentFreak

A class-action lawsuit, filed against YouTube by Grammy award-winning musician Maria Schneider and Pirate Monitor Ltd, has taken an unexpected turn. According to YouTube, Pirate Monitor first used bogus accounts to upload its own videos. It then filed DMCA notices to have the same content removed in a ploy to gain fraudulent access to Content ID management tools. Early July, Grammy award-winning musician Maria Schneider teamed up with Virgin Islands-based Pirate Monitor Ltd in a class action lawsuit targeting YouTube. Filed in a California court, the complaint centered on YouTube’s alleged copyright failures, including the company’s refusal to allow “ordinary creators” to have access to its copyright management tools known as Content ID. “Denied Any Meaningful Opportunity” to Prevent Infringement Painting YouTube as a platform designed from the ground up to attract and monetize piracy, the action contained a barrage of additional accusations, including that the mere existence of Content ID, through which creators can be compensated for otherwise infringing uploads, means that most infringement is shielded from YouTube’s repeat infringer policy. Schneider informed the court that a number of her songs had been posted to YouTube without her permission, noting that she had twice been refused access to Content ID and the “automatic and preemptive blocking” mechanisms that are available to larger rightsholders. For its part, Pirate Monitor Ltd claimed that its content, including the movie Immigrants – Jóska menni Amerika, was illegally uploaded to YouTube hundreds of times. The company said that while YouTube responded to takedown notices, they often took too long to process. Access to YouTube’s Content ID system was denied, Pirate Monitor added. YouTube Responds to Complaint, Files Counterclaims Much like the beginning of the complaint itself, YouTube and owner Google’s response begins in familiar fashion. The company denies that it encourages infringement, instead noting that it goes “far above and beyond” its legal obligations when assisting copyright holders to protect their rights, including by investing more than $100m in Content ID. Of course, this complaint largely revolves around YouTube denying the plaintiffs’ access to Content ID but to that allegation, the company has a set of simple and apparently devastating response points. Firstly, Pirate Monitor Ltd cannot be trusted since it has already engaged in fraudulent behavior in respect of Content ID. As for Schneider, not only is she suing YouTube over copyrighted music that she and her agents have already granted YouTube a license to use, her own agent has also used Content ID to generate revenue from those works on her behalf. Pirate Monitor Uploaded its Own Content Using Bogus Accounts While the claim that Schneider licensed her content to YouTube and made money through Content ID is surprising, that pales into insignificance when compared to the allegations against Pirate Monitor Ltd. During the fall of 2019, YouTube says that Pirate Monitor through its authorized agents created a series of accounts on YouTube using bogus account registration information to hide the relationship between the account creators and Pirate Monitor. These accounts were subsequently used to upload “hundreds of videos” to YouTube. These included clips from exactly the same works that Pirate Monitor accuses YouTube of infringing in its complaint – the films Csak szex és más semi and Zimmer Feri. “Each time these videos were uploaded, Pirate Monitor was representing and warranting that the video did not infringe anyone’s copyrights, and it expressly granted YouTube a license to display, reproduce, and otherwise use the videos in connection with the service. Pirate Monitor also represented that it owned or had the rights to upload and license the material contained in the videos,” YouTube’s answer reads. Shortly after, YouTube notes, Pirate Monitor followed up by sending “hundreds” of DMCA takedown notices targeting many of the videos it had uploaded through the disguised accounts. “In those notices, Pirate Monitor represented that the videos that were the subject of the notices — videos that it had uploaded — infringed its copyrights or the copyrights of a party whom Pirate Monitor was authorized to represent. YouTube processed the substantial volume of DMCA takedown requests and removed the videos,” YouTube adds. YouTube Backs Pirate Monitor Into a Corner As noted in YouTube’s answer, Pirate Monitor’s representations over the status of these videos cannot be correct in both instances. At the point of upload the company told YouTube that it had the right to upload the videos since they infringed nobody’s rights. If those declarations were untrue, the company breached the ToS agreement and “perpetrated a fraud on YouTube” by uploading infringing content. On the other hand, if it did have permission to upload the content, then Pirate Monitor knowingly made false statements to YouTube when it submitted DMCA takedown notices clearly stating that the uploads were infringing. The big question, then, is why Pirate Monitor engaged in this alleged conduct at all. YouTube: Pirate Monitor Wanted Access to Content ID According to YouTube, Pirate Monitor had previously applied for access to the Content ID program. However, the company was denied on the basis that it was required to demonstrate a valid need and have a “track record” of properly using the DMCA takedown process. YouTube believes that since Pirate Monitor was lacking these qualities, it cooked up a scheme to convince the video platform that it fulfilled the criteria. “Pirate Monitor believed that it could demonstrate both the need for access, and a track record of valid DMCA takedown requests, by surreptitiously uploading a substantial volume of content through accounts seemingly unconnected to it, and then sending DMCA takedown requests for that same content,” YouTube says. “Instead of showing that it could properly use YouTube’s tools, Pirate Monitor’s deceptive and unlawful tactics established that it could not be trusted, and that YouTube was right in rejecting its request for access.” YouTube’s Counterclaims As a result of Pirate Monitor’s actions, YouTube says that there has been a breach of contract. The company and its agents failed to provide accurate information during the account creation process and seems to have uploaded videos to YouTube that infringed third-party copyrights. All of this cost YouTube time and money, including investigating and processing Pirate Monitor’s claims that the content was infringing. Furthermore, YouTube notes that in its agreement with Pirate Monitor, the company is obliged to “indemnify YouTube for claims rising out of or relating to its use of the YouTube service. “In seeking defense costs and any potential liability in this action as damages for Pirate Monitor’s contract breaches, YouTube expressly preserves its separate entitlement to contractual indemnity and will amend its counterclaims to add a claim for that indemnity if Pirate Monitor refuses to honor its indemnity obligation,” the video platform writes. YouTube further alleges fraud in respect of more than a dozen accounts Pirate Monitor created for the purposes of uploading around 2,000 videos. Taking the statements in the subsequent DMCA takedown notices sent by the company as accurate, YouTube says that Pirate Monitor agreed not to upload infringing content but did anyway, each time declaring that it had the necessary rights to the content being uploaded. As an alternative, YouTube offers similar counterclaims in the event that Pirate Monitor actually had permission to upload the videos but abused the DMCA by issuing fraudulent takedown notices instead. Request for Injunction and Damages In addition to requesting damages to compensate for the harm caused by Pirate Monitor’s actions, YouTube demands a punitive damages award to compensate for its “fraudulent conduct”. The video platform also seeks an injunction barring Pirate Monitor and its agents from submitting any further DMCA notices that wrongfully claim that material on the YouTube service infringes copyrights held (or are claimed to be held) by Pirate Monitor or anyone it claims to represent. YouTube and Google’s Answer and Counterclaims can be found here (pdf) Source: TorrentFreak

Plex has failed in its initial legal action to prevent new streaming service Zee Plex from using the word 'Plex' in its branding. The High Court in Bombay found that low domestic sales for Plex, a fundamental difference in services offered by the parties, plus no evidence of "passing off" or anticipated injuries all went against Plex. Early September, Indian media company Zee Entertainment Enterprises revealed it would soon launch a brand new streaming service with the aim of premiering blockbuster movies directly to people’s homes, partly to combat piracy. Initially reported as the ‘Zee Plex’ service, the product was set for launch last Friday, October 2, 2020. However, the news didn’t sit well with US-based Plex, Inc., the operator of the famous Plex media server software. According to Plex, Inc., Zee Plex operator Zee Entertainment Enterprises’ choice of name meant that its new service would be illegally trading off the hard-earned goodwill of the Plex trademark. Describing Zee Plex as a “competing service”, Plex Inc. took legal action to urgently obtain an injunction to prevent the service launching with the infringing mark. Ad-Interim Application for Injunction Zee Plex launched as planned October 2, 2020, but not before the matter was heard by the High Court in Bombay via video conferencing just a day earlier. The Court heard that Zee Entertainment is a large multi-media conglomerate providing entertainment across a broad range of platforms including the Internet, OTT, satellite and cable. It was acknowledged that Plex Inc. had adopted the Plex trademark in May 2008 in the United States for a software/hardware service that allows a user to take content “wherever he goes”. Plex told the Court that it signed up its first Indian user back in July 2008 and now has 550,000 users and “very high sales” in the country. The Court questioned that, noting that evidence pointed to sales of between US$24,000 to US$30,000. This is important because the volume of domestic business can be used as a factor when considering the value of existing goodwill and reputation. Court Failed to See Similarities Between Plex and Zee Plex In the decision handed down on October 1, 2020, the Court found that on first view, the Plex media server and Zee Plex were “fundamentally different”. Noting that Zee Plex is a “cinema-to-home pay-per-view movie service” and that Plex carries some of its own “curated content”, the Zee Plex service does not have any of the “take your own content with you” services offered by Plex. At this point it’s worth highlighting that Zee says that its service is actually called ZEEPLEX, i.e one word instead of two. According to the Court, this doesn’t amount to much since Plex objects to the word ‘Plex’ being used in any way but from here things didn’t get any better for Plex. No Prima Facie Case of ‘Passing Off’ The Court notes that Plex’s case is based on allegations of deceit by Zee Entertainment, in that it used the Plex name to dupe or mislead consumers into thinking it had somehow tied up with Plex in business. To show such a case, Plex must demonstrate strong reputation and brand recognition in India among consumers but the Court found that, on the surface, the balance tips away from the US-based company. “I do not yet see sufficient material from Plex to be able to establish its reputation at least within India, whatever may be its reputation, registrations and sales in other jurisdictions. In contract, there is the much greater reputation and standing of Zee amongst subscribers across the length and the breadth of the country with a large number of channels in various languages,” the judge’s order reads. Equally, arguments by Plex that it should receive the same kinds of protection enjoyed by companies such as Sony, Disney or Hotstar, were also dismissed by the Court. “Merely pointing to other established and reputed players in the field is not enough, and it is hardly a credible argument to say that ‘if Sony provides content and has a reputation, since I, too, provide content, I must be presumed to have an equivalent reputation. So if Sony could maintain such an action and get an order, so must I.’ “There is no one-size-fits-all approach in these matters. Every claimant in a passing off action stands or falls on his own merits and case,” the order adds. Issues With Plex Trademark in India The Court notes that while Plex has registered trademarks in several jurisdictions, those locations do not include India. The Court adds that when the ZEEPLEX service was announced in September, Plex had applied for but not obtained a trademark registration. However, after the announcement, Plex reportedly went to the registry to make an amendment that indicated that it was proposed to be used back in 2008. “In other words, until it moved the amendment application, its own case in the registry was that at least in India, its mark was not in use, but only had a proposed or anticipated user,” the order notes. Judge Apparently Irritated By Last Minute Injunction Demands While the Court heard the matter in advance of the ZEEPLEX service’s launch, the judge appears to be irritated by companies in intellectual property disputes expecting courts to deal with their cases quickly and at the expense of other matters. “[I] have said this before — that parties in IPR matters cannot expect Courts to push aside all other cases. This happens repeatedly, whether it is movie releases or otherwise. It must stop,” the judge writes in his order. “It is unfair to courts and it is unfair to other litigants waiting their turn. Where a plaintiff has had enough notice and yet chooses to move at the eleventh hour — and makes no allowance at all for any adjustment that may be required — the plaintiff must be prepared to face the consequences.” Plex Injunction Application Fails At This Stage In considering whether to grant an early injunction, the Court weighed several factors but ultimately sided with Zee Entertainment. According to the judge, Plex has no prima facie case, cannot show anticipated injury, and its userbase in India is too small to show that Zee tried to pass off its new channel as being in association with Plex. “The grant of the injunction Plex seeks would, on the other, cause immense and immediate financial loss and harm to Zee. Consequently, I find no reason to grant an ad interim injunction in this passing off action,” the order concludes. While Plex didn’t immediately get the result it had hoped for, the matter isn’t completely over yet. Plex has been granted leave to amend and will be hoping for a different result. The order handed down by the High Court of Bombay can be found here (pdf) Source: TorrentFreak

US-broadcaster DISH Network is suing a former reseller of IPTV services SET TV and Simply-TV in a Florida court. It's alleged that the defendant continued to sell pirate IPTV subscriptions under various brands, even after DISH obtained damages awards of $120m and an order to prevent ongoing violations. Back in 2018, broadcaster DISH Network sued pirate IPTV service SET TV for offering numerous TV channels that had been illegally obtained from DISH’s satellite service. In November 2018 that particular lawsuit came to end when SET TV’s operators were ordered by a Florida court to pay $90 million in statutory damages. However, DISH wasn’t convinced its work was done when it came to similar if not identical services still in operation. DISH Targets Pirate IPTV Service Simply-TV In March 2019, DISH and NagraStar filed another lawsuit in Florida, targeting several individuals and companies collectively doing business as Simply-TV, a $20 per month service which several users described as having many similarities to SET TV. DISH complained that Simply-TV worked with SET TV-related entities that capture DISH content without permission, with Simply-TV also re-selling the service to others under their own brands and pricing structures. The Florida court quickly handed down a temporary restraining order and later in April, converted that to a comprehensive preliminary injunction. In August 2019, DISH was awarded $30 million in statutory damages and an order that permanently enjoined the Simply-TV defendants “and anyone acting in active concert or participation” with them from “retransmitting or copying, or assisting others in retransmitting or copying, any of DISH’s satellite or over-the-top Internet transmissions of television programming or any content contained therein.” DISH Sues Former SET TV and Simply-TV Reseller Lisa Crawford According to yet another IPTV lawsuit filed in Florida, DISH is now continuing its battle against an individual it claims was not only a reseller of the SET TV service but also of Simply-TV. DISH claims that an individual called Lisa Crawford along with business entities including LC One LLC, LC Pryme Enterprises LLC, LC Pryme Holdings LLC, LC Pryme One Enterprises LLC, and several others, ignored the orders of the Court in the previous cases by continuing to breach the broadcaster’s rights. Noting that Crawford initially acted as a reseller for SET TV, when that was shut down she began reselling Simply-TV packages. When that service was ended she moved on again by allegedly selling and supporting new pirate IPTV services including Prime Tyme TV, Lazer TV Streams, Griff TV, and Flix Streams. “Just like the SET TV and Simply-TV pirate streaming services, the new Pirate IPTV Services being facilitated by Crawford and the Pirate IPTV Entities are, and have been retransmitting DISH programming received from DISH’s satellite television service without authorization from DISH,” the complaint reads. DISH Demands Damages & Injunction Under the FCA DISH’s claims against Crawford, the LLCs, and the various IPTV brands are being actioned under the Federal Communications Act, specifically 47 U.S.C. § 605(a) and 47 U.S.C. § 605(e)(4) which relate to illegal reception/retransmission and selling devices that facilitate access to DISH’s satellite programming. In common with the lawsuits against SET TV and Simply-TV, DISH also demands a permanent injunction preventing Crawford and the various entities from illegally obtaining and distributing its television content, and manufacturing or selling configured devices and/or subscriptions. DISH also seeks an order that will remove advertising and social media pages promoting Prime Tyme TV, Lazer TV Streams, Griff TV, and Flix Streams, and an order that will allow it to take control of any and all websites used to offer the services. DISH also wants access to all records relating to IPTV devices and subscription sales, including the details of those who purchased them. In respect of damages, DISH demands up to $100,000 for each violation of 47 U.S.C. § 605(a) and up to $100,000 for each violation of 47 U.S.C. § 605(e)(4). As the earlier cases show, potential awards can easily reach tens of millions of dollars. The full complaint can be found here (pdf) Source: TorrentFreak

Internet provider Bright House Networks has countersued several major record labels, alleging that they sent false and deceptive piracy notices to its subscribers. This week, the company asked the court for permission to add the RIAA and its anti-piracy partner MarkMonitor to the suit, as they are central to the wrongful conduct. Last year, a group of major music companies sued Internet provider Bright House Networks, a subsidiary of Charter Communications. The lawsuit claimed that the ISPs failed to terminate repeat infringers. By keeping pirates as customers it violated the DMCA, the music companies alleged. Such claims are not new. The same music companies have sued several ISPs in the past and booked a major victory when a jury ordered Cox to pay a billion dollars in damages for turning a blind eye to piracy on its network. Charter is determined to avoid ending up in a similar position. In March, it denied the copyright infringement allegations in court while striking back with some accusations against the record labels. According to Charter, the companies abused the DMCA by sending “false” and “deceptive” piracy notices. These counterclaims were filed against the same music companies that sued Bright House. However, in a new filing this week, the ISP informs the Florida Federal Court that it would like to add two new defendants to the suit. RIAA and MarkMonitor Played a Central Role Bright House explains that the music industry group RIAA and its anti-piracy partner MarkMonitor are also to blame. The RIAA was responsible for sending the piracy notices that were sent by and based on evidence provided by MarkMonitor. “The RIAA and MarkMonitor are central to Plaintiffs’ wrongful conduct,” Bright House informs the court. “Bright House received copyright infringement notices containing material misrepresentations from the RIAA, purporting to assert the rights of Plaintiffs but sent by MarkMonitor.” Normally, it wouldn’t be a problem for Bright House to add new defendants to its counterclaim. However, in this case, the officially scheduled deadline to do so has passed. This is why the company is requesting explicit permission to add the new parties. This delayed request is justified, the ISP argues, because the originally scheduled deadline passed before it had the chance to add the new parties. A copy of the proposed amended complaint, filed yesterday, shows that Bright House accuses the RIAA and MarkMonitor of committing the same offenses as the record labels that were sued. Violating the DMCA First, Bright House accuses all companies of violating the DMCA by knowingly sending inaccurate piracy notices. This includes sending notices for musical works that they allegedly don’t own or have the rights to. In addition, the notices themselves are sometimes based on unconfirmed evidence. “Upon information and belief, Plaintiffs, the RIAA, and MarkMonitor, routinely fail to confirm that the files identified by MarkMonitor as allegedly infringing are in fact copies of the works asserted before notices are sent to ISPs, like Bright House,” the complaint reads. Among other things, the ISP cites an academic study from Jennifer Urban and colleagues, which found that MarkMonitor occasionally makes mistakes. While that study was focused on web takedowns, not P2P infringements, the conclusions are not in favor of the RIAA’s anti-piracy partner. For example, MarkMonitor was found to send takedown notices to Google which flagged sites that had been dead for over a year. In addition, not all identified URLs matched with the allegedly pirated material. “The Urban Study also discussed specific instances in which notices sent by MarkMonitor were ‘clear mismatches’ between the allegedly infringed work and the online content that was allegedly infringing,” the complaint adds. Deceptive and Unfair Trade Practices The second claim against the companies accuses them of violating Florida’s Deceptive and Unfair Trade Practices Act. Specifically, Bright House accuses them of “knowingly or recklessly sending, and causing to be sent, false, deceptive, and misleading copyright infringement notices” for works they didn’t own or have the rights to. Before the court reviews any of these claims against the RIAA and MarkMonitor, it first has to decide whether the counterclaim can be amended to include the new defendants. If it’s accepted, the RIAA and MarkMonitor will get the opportunity to have their say as well. — A copy of the proposed amended counterclaims to the amended complaint is available here (pdf) Source: TorrentFreak

The makers of the films 'Ava' and 'Rambo V: Last Blood' have filed a lawsuit targeting 16 alleged movie pirates. The complaint suggests that the defendants are registered users of the popular torrent site RARBG, but provides no proof for this allegation. The film companies do have evidence that the IP-addresses were caught sharing torrent files. Lawsuits against alleged movie pirates are nothing new. We have reported on many dozens over the years. More recently, Hawaii-based attorney Kerry Culpepper added a new element to these cases when he singled out YTS users. The lawyer was able to do this because YTS handed over database information as part of a private settlement. A rather concerning development, which caused quite a stir among torrent users and site owners. This tactic is interesting from a few perspectives. For one, the database information is additional evidence and provides valuable information such as email addresses. In addition, calling a torrent site by name may deter some people from using it in the future. It’s a win-win. Lawsuit Against Alleged RARBG Users That last argument may be why a new lawsuit, filed on behalf of the makers of the films Rambo V: Last Blood and Ava, singles out the torrent site RARBG. In a complaint filed at a federal court in Hawaii, the movie companies accuse 16 “John Doe” defendants who are only known by their IP-addresses. These people were tracked by the company Maverickeye, which provides evidence for many related cases. In this case, the IP-addresses are linked to torrents for the movies ‘Ava’ and ‘Rambo V,’ which are shared on many pirate sites. However, the movie companies specifically call out RARBG. “Upon information and belief, each of the Defendants registered for an account on the movie piracy website ‘RARBG’ using an email address or installed a BitTorrent Client application on their device that retrieved torrent files from the movie piracy website ‘RARBG’,” they write. What Evidence is There? The RARBG mention is unusual because there’s no evidence to back up the claim that the defendants actually used this site. RARBG didn’t share any user data, as opposed to YTS. The only link to RARBG we can spot is that the torrents “Ava.2020.WEBDL.x264-FGT” and “Rambo.Last.Blood.2019.1080p.KORSUB.HDRip.x264.AAC2.0-STUTTERSHIT” are shared on the popular torrent site. That said, the same files, linking to the same swarms, are available elsewhere too. Nonetheless, RARBG is prominently mentioned throughout the complaint. The “notorious” pirate site “promotes and distributes” pirated content, the companies say. “As shown in the screenshot below, the movie piracy website ‘RARBG’ promotes and distributes the infringing torrent file ‘Ava.2020.WEBDL.x264-FGT’ which Defendants downloaded and used to display, reproduce and distribute the Work Ava.” Whether the defendants used RARBG or another site doesn’t change the copyright infringement allegations. These are totally independent of the site from which the torrents were downloaded. TorrentFreak reached out to the plaintiffs’ attorney who refused to comment on the issue. One possibility we could think of is that the site is mentioned to signal to users that they are vulnerable. But that would equally apply to other sites. Copyright Infringements and DMCA Violation Looking at the actual allegations, a familiar theme appears. All 16 ‘Does’ are accused of direct and contributory copyright infringement for allegedly sharing copies of the movie Ava, and one defendant also shared the Rambo film. In addition, the defendants are further accused of violating the DMCA by altering copyright management information (CMI). In this case, that means distributing the movies with an edited title, which references pirate groups such as “FGT” and “STUTTERSHIT”. “Defendants knew that neither ‘FGT’ nor ‘STUTTERSH*T’ were the authors of Plaintiffs’ Works,” the complaint reads. As is common in these types of cases, the movie companies requested a subpoena to compel the ISP, Verizon Wireless, to hand over the personal details of the associated subscribers. If granted, the accused will likely be offered a settlement of a few hundred dollars or more. Update: RARBG issued the following statement to us: “We are in no way shape or form involved in this lawsuit. We do not log ip addresses on downloads or any registered user IP addresses. It is our strong belief that these ip addresses were collected by p2p monitoring on torrent swarms.” — A copy of the complaint filed on behalf of Eve Nevada, LLC and Rambo V Productions, Inc, is available here (pdf) Source: TorrentFreak

The makers of the film 'Angel Has Fallen' have filed a lawsuit against seventeen alleged pirates. According to the complaint, several defendants used the VPN service 'Private Internet Access,' which can expect to be subpoenaed. That effort will likely be fruitless as the VPN doesn't keep any logs. However, with help from information shared by torrent site YTS, users are still at risk. Millions of Internet users around the world use a VPN to protect their privacy online. Another key benefit is that VPNs hide users’ true IP-address, making them more anonymous. This prevents third-party monitoring outfits from carrying out unwanted snooping. This is one of the reasons why many torrent users have a VPN installed. Instead of displaying their own IP-address in torrent swarms, the VPN IP-address will show up. And when the provider doesn’t keep any logs, that address can’t be traced back to a single user. Lawsuit Targets Pirating VPN Users Such a setup seems secure, but it hasn’t prevented the makers of the action movie ‘Angel Has Fallen’ from suing several anonymous VPN users. In a recent lawsuit filed at a federal court in Colorado, the company lists fourteen alleged pirates that used an IP-address of the VPN service Private Internet Access, also . “Upon information and belief, Defendants DOES 3-5, 7-10 and 12-17 registered for paid accounts for Virtual Private Network (‘VPN’) service with the Colorado Internet Service Provider Private Internet Access,” the complaint reads. The lawsuit in question lists the defendants as Does, which means that their true identities are unknown. However, attorney Kerry Culpepper, who represents Fallen Productions in this matter, hopes to find out more through third-party subpoenas. Info From YTS User Database The case relies in part on information from the YTS user database that was shared by the operator of the site earlier this year, as part of a settlement. This includes download details of several users, as well as their IP-addresses and email addresses. The attorney has requested subpoenas to compel email providers, Internet providers, and Private Internet Access for more personal information. In the past, we have seen that Microsoft and ISPs such as Comcast will hand over what they have, but with a VPN this isn’t as straightforward. PIA’s Confirmed No-Log Policy PIA has a so-called ‘no logs’ policy which means that it can’t link a VPN IP-address and a timestamp to a unique user. This policy has been repeatedly tested and confirmed in courts. Culpepper informs TorrentFreak that he will request a subpoena regardless. He argues that the use of a VPN shows that people were aware of their illegal activity. “It is relevant because it shows they tried to hide their activities. It shows consciousness of the illegal activities,” Culpepper says, while pointing out where PIA warned YTS users that they were at risk. PIA’s Jurisdiction Angle In addition, by signing the terms of service, PIA users also subject themselves to the jurisdiction of Courts in Colorado. This is relevant in this case because not all defendants are from the western U.S. state. “Most importantly, if they signed up for an account with PIA they agreed to jurisdiction in Colorado no matter where they are. Most of the PIA users were not in Colorado,” Culpepper notes. All defendants are accused of downloading a torrent titled “Angel Has Fallen (2019) [BluRay] [720p] [YTS.LT],” as well as other copyright-infringing content that isn’t specified. Defendants Still at Risk According to the complaint all defendants have received at least one DMCA notice. Fifteen of them were also contacted repeatedly on their known email address with cease and desist notices and settlement offers, but these were ignored. With this lawsuit Fallen Productions hopes to uncover the identities of the people behind these IP- and email addresses. TorrentFreak contacted PIA for a comment on the lawsuit. The company said that it hasn’t received a subpoena yet and reiterated that it can’t identify individual users. “Private Internet Access has not received a subpoena in regards to this case. Even if we do, our response will be the same as always: PIA does not log VPN user activity,” a PIA spokesperson informed us. That was also confirmed in more detail earlier this year in our annual VPN overview. “There are no logs kept for any person or entity to match an IP address and a timestamp to a current or former user of our service,” PIA said at the time. That said, defendants are still at risk, as their email addresses are known as well. That doesn’t prove anything, as YTS allowed members to sign up with a fake email, but it could lead to people being identified eventually, without PIA’s involvement. If anything, this case shows that using a VPN only offers limited anonymity. When people use a VPN irregularly and leave other information behind, such as email addresses, they may eventually be exposed anyway. — A copy of Fallen Production’s complaint, filed as the US District Court in Colorado, is available here (pdf) Source: TorrentFreak

In a new lawsuit filed in the US, Nintendo sues an Amazon seller who distributed RCM Loader, a device that the company claims has the sole purpose of allowing people to play pirated video games by circumventing the Switch console's technological protection measures. On top, Nintendo is also suing the defendant for abusing the DMCA's counter-notification system. Nintendo’s ongoing battle to prevent people from playing pirated content on Switch consoles is showing no signs of slowing down. Its main targets thus far have been distributors and sellers of products offered by the infamous Team-Xecutor but a new lawsuit filed in the United States yesterday targets a seller of another jailbreak-style device. Circumvention of Technological Protection Measures As detailed in a number of earlier and similar lawsuits, Nintendo is determined to take action against any product that undermines the security features baked into consoles such as the Switch. These features are designed to prevent unauthorized access to the console and its games with the aim of preventing people from playing pirated content. According to the latest lawsuit, a defendant identified as Le Hoang Minh, who on Amazon does business under the name ‘Winmart’, sold a device known as RCM Loader. The dongle/device, which operates via a USB-C connector, is marketed as a plug-and-play solution for injecting payload files that allow booting into custom firmware (CFW), including Team-Xecutor’s SX OS. “Once this circumvention has occurred, the unauthorized CFW modifies the authorized Nintendo Switch operating system, thereby allowing users to obtain and play virtually any pirated game made for the Nintendo Switch. All of this happens without authorization or compensation to Nintendo or to any authorized game publishers,” the company’s complaint reads. Another feature of the system criticized by Nintendo is the ability for owners of legal copies of games to copy and share those games with others who are also using unauthorized custom firmware. Nintendo says it has been working hard to reduce the availability of SX OS and similar custom firmware but due to the trafficking of devices like RCM Loader, that battle continues. Defendant Sold RCM Loader Via Amazon According to the lawsuit, Vietnam-resident Le Hoang Minh, sold RCM Loader devices on Amazon so, to counter this distribution, Nintendo filed a DMCA takedown notice on October 21, 2020, citing 17 U.S.C. § 512(c) and requesting that the listing be removed. While Amazon did take the listing down, the removal was only temporary. This short-lived takedown was due to the seller submitting a DMCA counter-notice to Amazon on November 4, 2020, under 17 U.S.C. § 512(g)(3), claiming that the listing was non-infringing and had been taken down in error. Defenses Listed in the DMCA Counter Notice Attempting to cover most available defenses, relevant or not, the counter-notice from Le Hoang Minh is comprehensive if nothing else. In addition to claiming that the devices are not copyrighted and are therefore in the public domain, the Amazon seller advised the platform that Nintendo’s claim is faulty due to the company failing to provide any copyright registration information in its takedown notice. “The complainant does not hold the copyright to the material in question, is not the designated representative of the copyright holder, and therefore lacks standing to assert that my use of the material is a violation of any of the owner’s rights,” it added. In addition to a laundry list of alleged technical failings in Nintendo’s takedown notice, Amazon was advised by the defendant that the use of “the material” was legally protected “because it falls within the ‘fair use’ provision of the copyright regulations” and if Nintendo disagrees with that assertion, it “must” work with the seller to solve the dispute. “This communication to you is a DMCA counter notification letter as defined in 17 USC 512(g)(3). I declare, under penalty of perjury, that I have a good faith belief that the complaint of copyright violation is based on mistaken information, misidentification of the material in question, or deliberate misreading of the law,” the counter-notice reads. Importantly, the declaration adds that Le Hoang Minh submits to the jurisdiction of any appropriate US district court in case of a legal dispute with Nintendo. Nintendo: Challenge Accepted The lawsuit filed yesterday is a clear indication that Nintendo believes it has the law on its side, in respect of the illegal nature of RCM Loader and the validity of the DMCA counter-notice that attempted to reinstate the listing. “Defendant manufactures, imports, offers to the public, provides, and otherwise traffics in a circumvention device and software that circumvents the technological measures on the Nintendo Switch — specifically, the RCM Loader,” the company states. “On information and belief, the only purpose of Defendant’s circumvention device is to circumvent Nintendo’s technological protection measures.” Demanding maximum statutory damages for each violation of the relevant sections of the DMCA, Nintendo also demands a permanent injunction preventing the defendant from offering to the public or otherwise trafficking in circumvention devices in the future. On top, Nintendo is demanding relief for the defendant’s alleged abuse of the DMCA counter-notification system by misrepresenting material facts to Amazon, crafted to have the listing restored on the platform, in violation of Nintendo’s rights. Finally, the gaming giant asks the court to issue an order that will allow for the seizure, impoundment and destruction of all RCM Loader devices in the defendant’s possession, including any related software. The complaint can be found here (pdf) Source: TorrentFreak

WASHINGTON (Reuters) - Alphabet Inc’s Google and the U.S. Justice Department have failed to reach agreement over a protective order for third parties like Microsoft that provided data to the government for its lawsuit against the search and advertising giant. Google is pressing for two in-house attorneys to have access to the confidential data while the Justice Department and state attorneys general involved in the lawsuit have disagreed, Google said in a court filing on Friday. Google stated it needed the information to prepare an effective defense. It offered to ensure that any confidential information would be made available solely to two in-house attorneys at the offices of Google’s outside counsel or in another secure manner, adding that it would promptly report any disclosure. The government said in a separate filing that allowing Google’s staff attorneys to review “strategic plans related to rival voice assistants, and other commercially sensitive information” was dangerous because they could misuse the information to squash potential competition. The government also said that highly confidential files in the last big technology antitrust case, which involved Microsoft Corp about 20 years ago, were only available to the company’s outside counsel. The companies whose documents are in dispute in the Google case also include Oracle Corp, AT&T Inc, Amazon.com, Comcast Corp and others. They have until next Friday to make their proposals for the terms of a protective order. Judge Amit Mehta of the U.S. District Court for the District of Columbia is hearing the Justice Department’s case against Google. The government sued Google in October, accusing the $1 trillion company of illegally using its market muscle to hobble rivals in the biggest challenge to the power and influence of Big Tech in decades. Source

The potential class action says Apple is enabling gambling. Most complaints about loot boxes (aka “surprise mechanics”) in games are levelled against the developers, but the latest is aiming at the stores offering those games. AppleInsider has learned of a potential class action lawsuit accusing Apple of profiting from the distribution of games with loot boxes, whose gambling element allegedly violates California law. The company is tacitly aware that loot boxes are gambling as it requires that creators disclose the “odds of winning,” according to the lawsuit, but it doesn’t ask for a notification that loot boxes exist. Companies are also allowed to set their own age ratings, making it possible for an app deemed kid-friendly to include gambling elements. The lawsuit cites numerous games that rely on loot boxes (if sometimes indirectly), including Mario Kart Tour, FIFA Soccer, Roblox and Brawl Stars. The lawsuit was filed by Rebecca Taylor, a parent whose child has allegedly fallen to the “predatory” tactics. The lawsuit isn’t guaranteed to get class action status. However, it steps up the pressure on Apple and other digital game sellers to clearly disclose the presence of loot boxes. There have already been efforts to regulate the games, and lawsuits like this could increase calls to regulate the stores as well. Source

Facebook sues two Chrome extension devs for scraping user data Facebook filed a lawsuit today in Portugal against browser extension maker Oink and Stuff. Image: Kon Karampelas Facebook filed a lawsuit today in Portugal against two Portuguese nationals for developing browser extensions that scraped user data from Facebook sites. "When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users' browsers unrelated to Facebook — all without their knowledge," Jessica Romero, Facebook's Director of Platform Enforcement and Litigation, said today. "If the user visited the Facebook website, the browser extensions were programmed to scrape their name, user ID, gender, relationship status, age group and other information related to their account," Romero said. All extensions were developed by a software company named "Oink and Stuff," specialized in creating Android apps and browser extensions for Chrome, Firefox, Opera, and Microsoft Edge. While the company develops a wide array of browser extension, Facebook said it found data collection-related malicious behavior inside four extensions named Web for Instagram plus DM, Blue Messenger, Emoji keyboard, and Green Messenger, which Facebook said "functioned like spyware." All four extensions are still available on the official Chrome Web Store at the time of writing, and have more than 54,000 installs, combined. Facebook is now asking a Portuguese judge to issue a permanent injunction against the Oink and Stuff team and force the company to delete all the Facebook user data they acquired through the four extensions. A request for comment has been sent to Oink and Stuff but the company has not replied before this article's publication due to timezone differences. Today's lawsuit marks Facebook's latest lawsuit against rogue app and extension developers. Since early 2019, Facebook's legal department has been filing lawsuits against several third-parties that have been abusing its platform, such as: March 2019 - Facebook sues two Ukrainian browser extension makers (Gleb Sluchevsky and Andrey Gorbachov) for allegedly scraping user data. August 2019 - Facebook sues LionMobi and JediMobi, two Android app developers on allegations of advertising click fraud. October 2019 - Facebook sues Israeli surveillance vendor NSO Group for developing and selling a WhatsApp zero-day that was used in May 2019 to attack attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials. December 2019 - Facebook sued ILikeAd and two Chinese nationals for using Facebook ads to trick users into downloading malware. February 2020 - Facebook sued OneAudience, an SDK maker that secretly collected data on Facebook users. March 2020 - Facebook sued Namecheap, one of the biggest domain name registrars on the internet, to unmask hackers who registered malicious domains through its service. April 2020 - Facebook sued LeadCloak for providing software to cloak deceptive ads related to COVID-19, pharmaceuticals, diet pills, and more. June 2020 - Facebook sued to unmask and take over 12 domains containing Facebook brands and used to scam Facebook users. June 2020 - Facebook sued MGP25 Cyberint Services, a company that operated an online website that sold Instagram likes and comments. June 2020 - Facebook sued the owner of Massroot8.com, a website that stole Facebook users' passwords. August 2020 - Facebook sued MobiBurn, the maker of an advertising SDK accused of scraping user data. August 2020 - Facebook sued the owner of Nakrutka, a website that sold Instagram likes, comments, and followers. October 2020 - Facebook sued the maker of two Chrome extensions for scraping user data. November 2020 - Facebook sued a Turkish national for operating a network of at least 20 Instagram clones. Source: Facebook sues two Chrome extension devs for scraping user data

This week the possibility emerged that the ongoing government shutdown could delay net neutrality’s day in court — but the court was not sympathetic to the FCC’s request that the lawsuit be put off. Oral arguments for this major challenge to the agency’s rollback of 2015’s internet regulations will go ahead as planned on February 1. During a shutdown, federal employees — including government lawyers — must have specific authorization to continue working, since it’s illegal for them to do so without pay. In this case a judge on the case must effectively make that authorization. The FCC is among the many agencies and organizations affected by the shutdown, and many employees are stuck at home. As such it requested a postponement of an upcoming court date at which it and several companies and advocacy groups are scheduled to argue over its rollback of net neutrality. A counter-argument filed immediately by industry group INCOMPAS pointed out that during previous shutdowns, the court had not granted such requests and should stick to that precedent. The judges of the D.C. Circuit Appeals Court appear to agree with the latter argument; the FCC’s motion was denied and arguments will go forward as planned on February 1. This is definitely not good news for the FCC. While it no doubt has its ducks in a row as far as defending its net neutrality rollback and new rules in court (it has done so before and will again), it’s far from ideal that the case will take place after a prolonged absence of all the pertinent experts from their posts. Briefing the lawyers, updating arguments, responding to industry concerns — it’s not easy to do when all your staff is sitting at home watching “Bandersnatch” over and over. The lawsuit against the FCC has lots of good points to make about the rules it has established and the process by which it approved those rules, so this is no mere formality or frivolous suit. And net neutrality champions are likely happy to hear that they may very well catch the agency flat-footed. Source

LA wants Uber’s location data, but the ride-hailing company says it’s worried about privacy The fight between the city of Los Angeles and scooter companies over location data is heating up. On Monday, Uber filed a lawsuit against LA’s Department of Transportation (LADOT) pushing back against the requirement that scooter operators share anonymized real-time location data with the city. The suit, which was first reported by CNET but has yet to be filed in LA Superior Court, centers on LADOT’s use of a digital tool called the mobility data specification program (MDS). The department created the tool as a way to track and regulate all of the electric scooters that are operating on its streets. MDS provides the city with data on where each bike and scooter trip starts, the route each vehicle takes, and where each trip ends. LADOT has said the data won’t be shared with police without a warrant, won’t contain personal identifiers, and won’t be subject to public records requests. Naturally, MDS has proven controversial with scooter companies, which have balked over having to share location data with the city. It’s growing into a bigger problem beyond LA. Cities such as Columbus, Chattanooga, Omaha, San Jose, Seattle, Austin, and Louisville are demanding scooter companies agree to share data through MDS as a condition for operating on their streets. Uber, which owns the dockless scooter and bike company Jump, said MDS would lead to “an unprecedented level of surveillance” and vowed to stop it. It’s leaning on a recent analysis by California’s Legislative Counsel to make its argument. The counsel said MDS could violate the California Electronic Communications Privacy Act, which was signed into law in 2015. In August, Uber and Lyft sent a letter to California Attorney General Xavier Becerra, in which the companies argued that LADOT was exceeding its authority with MDS. “While we support the creation of a global standard for data-sharing for local municipalities, it appears that certain city MDS requirements may be in violation of CalECPA,” the companies wrote. “We have repeatedly raised concerns directly with these municipalities throughout the development and implementation of MDS, and yet they continue to require the MDS as a condition of our operating permits.” In a statement, Uber said that it has exhausted its options and had “no choice” but to sue the city. A spokesperson for LADOT did not immediately respond to a request for comment. In an interview with The Verge on September 9th, LADOT director Seleta Reynolds said that the city “encoded” privacy protections into the regulations in order to give them “the force of law.” She added that it’s a “Day One job and a forever job” of city officials to make sure that the “open source tools that we build do not become tools that people can use to invade the privacy of others.” Source: Uber sues Los Angeles as the fight over scooter data escalates (via The Verge)