After the Supreme Court's O'Brien ruling that the Computer Fraud and Abuse Act criminalized only exceeding your authority as defined by software, and in particular did not cover access to data you had the technical authorization to access, they referred the LinkedIn v HiQ case back to the ninth circuit. The ninth circuit ruled in April 2022 as they did before: that HiQ did not need LinkedIn's permission to scrape publicly accessible data.
Of course, Clearview (the facial-recognition firm) got all their data by web scraping. But LinkedIn's data was available on the web without logging in and accepting their terms of service.
techcrunch.com/2022/04/18/web-scraping-legal-court.
The Dutch government used machine-learning algorithms to harass tens of thousands of innocent citizens who matched as suspects for benefits fraud. Racial profiling may have been incorporated into the system.
The EU has a proposed "AI Act" that is supposed to prevent things like this.
Personally, I think the biggest issue is that the Dutch just assumed that suspects identified by the system were in fact guilty. There was apparently little to no followup investigation or court oversight. Though the US uses a similar ML system to identify risk of recidivism in people convicted of crimes, and the net result is that Black defendants get longer sentences.
www.politico.eu/article/dutch-scandal-serves-as-a-warning-for-europe-over-risks-of-using-algorithms.
Remember Epic Games' epic lawsuit against Apple for App Store fees? Which Apple justified because they funded App Store security checks?
It turns out, not so much. It turns out that the My Metronome app won't allow quitting, and demands money.
mjtsai.com/blog/2022/04/15/mac-app-store-ransomware.
Also this line: "meanwhile, Disney gets a special flow for increasing the subscription price without the customer opting in."
Start with Eolas. Some people think it is clear that the Eolas patent is "obvious". Is that fair?
Vague and broad patents:
6,865,185, Patel et al
There are a lot of claims for this patent. Claim 1 recites:
A method for queuing traffic in a wireless
network, comprising:
receiving a stream of packets for transmission in a
wireless network, each packet including a flow identifier uniquely
identifying the flow;
determining for each packet based on the included flow
identifier a location for a corresponding flow, the location comprising at
least one of a sector in the wireless network, a latitude and a longitude
of a mobile device associated with the flow, and a specific beam within a
sector of the wireless network; assigning each packet to
one of a plurality of virtual groups based on the location for the
corresponding flow, the virtual groups comprising discrete transmission
resources, and queuing each packet in an assigned virtual group for
transmission in the wireless network.
So far, so good: packets are assigned to virtual groups based on data. But then many later claims add additional possible data, without specifying how the data should be used. In effect, the patent covers any use of data from a large number of categories:
These are all legitimate network parameters, but they are also extremely
well known.
8,793,151
Claim 1 is about risk analysis. But there are no details about the "'adaptive risk analysis engine".
10,826,941
Claim 1: A method for protecting an enterprise
network, the method comprising, at a system comprising one or more
processors and memory that are remote from the enterprise network:
controlling communications to and from the enterprise network according to
a set of security policies;
controlling endpoint to endpoint connections within the enterprise network
according to the set of security policies;
receiving a request for modifications to one or more policies of the set
of policies;
automatically generating a policy digest formatted according to a
predefined format, the policy digest comprising the modifications, and
storing the policy digest in the memory;
retrieving the policy digest from the memory;
generating one or more calls to one or more system components that control
the communications to and from the enterprise network and the endpoint to
endpoint connections based on the policy digest; and
modifying control of the communications to and from the enterprise network
and the endpoint to endpoint connections based on the one or more calls.
Security policies are well-known. The patent does not define them. Another part of the patent is about central control of security, but this isn't new either.
Claim 1 is the "method" claim and Claim 12 is the nearly identical "system" claim. Most patents do this.
i4i: did Microsoft even violate this patent?
NTP: what is the invention here? My argument is that all the pieces were "obvious", but that what was not obvious was that you could sign up enough subscribers at $50/month to make the service worthwhile.
E-data: classic case of "claims inflation".
Continue with Crime: Felony cases