An anonymous reader quotes a report from Ars Technica: The Trump administration has stepped up an effort to unmask a Reddit user who criticized Immigration and Customs Enforcement (ICE). After failing to obtain information through a summons issued (PDF) to Reddit, the government reportedly issued a subpoena demanding that Reddit provide the information and appear before a grand jury in Washington, DC. The Intercept described the subpoena today. "According to a subpoena obtained by The Intercept, Reddit has until April 14 to provide a wide range of personal data on one of its users, whom US Immigration and Customs Enforcement agents have been trying unsuccessfully to identify for more than a month," the article said.

The legal saga began in US District Court for the Northern District of California. On March 12, the anonymous Reddit user whose information is being sought filed a motion (PDF) to quash a summons seeking a host of information from Reddit. The summons was issued by the Department of Homeland Security and directed Reddit to turn information over to an ICE senior special agent. The summons cited authority under 19 U.S. Code 1509, which is part of the Smoot-Hawley Tariff Act of 1930. The motion to quash said the summons is not authorized by the law, which deals with imports of boats, alcoholic drinks, and animals, among other things.

"J. Doe is a US citizen who has not traveled out of the country, is not engaged in any international commerce, has no business concerns outside the United States, and primarily uses their Reddit account to engage in political speech relevant to their local community," said the filing by the Civil Liberties Defense Center (CLDC), which represents the Reddit user. "Yet the government claims the right to obtain Doe's name, telephone number, home address, banking and credit card information, IP addresses, telephone model number(s), and the names of any other accounts associated with their Reddit account. The information sought by the government in no way pertains to customs or importing or exporting merchandise, and is clearly intended to chill free speech." "We should be very, very, very concerned that they've now taken one of these to a grand jury," said David Greene, senior counsel for the Electronic Frontier Foundation. "It's something to be taken very seriously."

A Reddit spokesperson told Ars today that "we seek to inform users of any legal process compelling disclosure of their data, as we did in this case, because users should have the agency to protect their own information and are often better positioned to challenge requests that impact them."

"We do not voluntarily share information with any government, especially not on users exercising their rights to criticize the government or plan a protest. We review every inquiry for legal sufficiency and routinely object to requests that are overbroad or threaten civil rights. When legally compelled to disclose data, we provide only the minimum required and notify the user whenever possible so they can defend their interests."

MarketWatch looks at "surveillance wages," pay rates "based not on an employee's performance or seniority, but on formulas that use their personal data, often collected without employees' knowledge." According to Nina DiSalvo, policy director at labor advocacy group Towards Justice, some systems use signals associated with financial vulnerability — including data on whether a prospective employee has taken out a payday loan or has a high credit-card balance — to infer the lowest pay a candidate might accept. Companies can also scrape candidates' public personal social-media pages, she said...

A first-of-its-kind audit of 500 labor-management artificial-intelligence companies by Veena Dubal, a law professor at University of California, Irvine, and Wilneida Negrón, a tech strategist, found that employers in the healthcare, customer service, logistics and retail industries are customers of vendors whose tools are designed to enable this practice. Published by the Washington Center for Equitable Growth, a progressive economic think tank, the August 2025 report... does not claim that all employers using these systems engage in algorithmic wage surveillance. Instead, it warns that the growing use of algorithmic tools to analyze workers' personal data can enable pay practices that prioritize cost-cutting over transparency or fairness...

Surveillance wages don't stop at the hiring stage — they follow workers onto the job, too. The vendors that provide such services also offer tools that are built to set bonus or incentive compensation, according to the report. These tools track their productivity, customer interactions and real-time behavior — including, in some cases, audio and video surveillance on the job. Nearly 70% of companies with more than 500 employees were already using employee-monitoring systems in 2022, such as software that monitors computer activity, according to a survey from the International Data Corporation. "The data that they have about you may allow an algorithmic decision system to make assumptions about how much, how big of an incentive, they need to give to a particular worker to generate the behavioral response they seek," DiSalvo said.
The article notes that Colorado introduced the "Prohibit Surveillance Data to Set Prices and Wages Act" to ban companies from setting pay rates with algorithms that use payday-loan history, location data or Google search behavior for algorithmically set.

Thanks to long-time Slashdot reader sinij for sharing the article.

An anonymous reader quotes a report from Reuters: The Trump administration on Monday issued a long-awaited proposed rule to open up retirement plans to alternative assets, paving the way for private equity and cryptocurrencies to be added to 401(k) accounts. The measure, announced by the U.S. Department of Labor, is intended to ease longstanding barriers to incorporating these less liquid and less transparent assets into American retirement plans. It follows an executive order from President Donald Trump last summer and could clear the way for alternative asset management firms to tap a large new source of capital.

Industry groups have argued private market investments can enhance long-term returns and diversification for retirement savers, while skeptics warn higher fees, complexity and limited liquidity could limit those gains and pose risks for retail investors. Some private market funds that are already available to wealthier individual investors have shown signs of strain in recent months. Private credit funds known as business development companies have seen a wave of withdrawals. Treasury Secretary Scott Bessent said the proposed rule was "an initial step" and aimed to be "mindful of the importance of protecting retirement assets."

The guidance lays out how plan trustees, who have a legal fiduciary duty to act in the best interest of members, can incorporate these assets. They would have to "objectively, thoroughly, and analytically consider, and make determinations on factors including performance, fees, liquidity, valuation, performance benchmarks, and complexity," the DOL said. Trustees who abide by them will be granted safe harbor that protects them from lawsuits, it added. The Supreme Court agreed earlier this year to hear one such case filed in 2019 by a former Intel employee claiming trustees made "imprudent" decisions by investing in hedge funds and private equity funds.

Apple unveiled new device-level age restrictions in the UK on Wednesday. "After downloading a new update, users will now have to confirm that they are 18 or older to access unrestricted features," reports Gizmodo.

"Users will be able to confirm their age with a credit card or by scanning an ID." For those underage or who have not confirmed their age, Apple will turn on Web Content Filter and Communication Safety, which will not only restrict access to certain apps or websites, but will also monitor messages, shared photo albums, AirDrop, and FaceTime calls for nudity. Apple didn't specify exactly which services and features are banned for under-18 users, but it will likely be in compliance with UK legislation...

The British government does not require Apple and other OS providers to institute device-level age checks, but it does restrict minor access to online pornography under the Online Safety Act, which passed in 2023. So far, that restriction has only been implemented at the website level, but UK officials have been worried about easy loopholes to evade the age restrictions, like VPNs.

The broader tech industry has been campaigning for some time to use device-level age checks instead in response to the rising tide of under-16 social media and internet bans around the world. Last month, in a landmark social media trial in California, Meta CEO Mark Zuckerberg also supported this idea, saying that conducting age verification "at the level of the phone is just a lot clearer than having every single app out there have to do this separately." Pornhub-operator Aylo had advocated for device-level restrictions in the UK as well, and even sent out letters to Apple, Google, and Microsoft in November asking for OS-level age verification...

The most obvious question: Could this be brought stateside?

An anonymous reader quotes a report from Engadget: Users of Meta's AI smart glasses in Europe may be unknowingly sharing intimate video and sensitive financial information with moderators outside of the bloc, according to a report from Sweden's Svenska Dagbladet released last week. Employees in Kenya doing AI "annotation" told the journalists that they've seen people nude, using the toilet and engaging in sexual activity, along with credit card numbers and other sensitive information.

With Meta's Ray-Ban Display and other glasses with AI capabilities, users can record what they're looking at or get answers to questions via a Meta AI assistant. If a wearer wants to make use of that AI, though, they must agree to Meta's terms of service that allow any data captured to be reviewed by humans. That's because Meta's large language models (LLMs) often require people to annotate visual data so that the AI can understand it and build its training models.

This data can end up in places like Nairobi, Kenya, often moderated by underpaid workers. Such actions are subject to Europe's GDPR rules that require transparency about how personal data is processed, according to a data protection lawyer cited in the report. However, Svenska Dagbladet's reporters said they needed to jump through some hoops to see Meta's privacy policy for its wearable products. That policy states that either humans or automated systems may review sensitive data, and puts the onus on the user to not share sensitive information.

An anonymous reader quotes a report from Wired: Last month, Jason Grad issued a late-night warning to the 20 employees at his tech startup. "You've likely seen Clawdbot trending on X/LinkedIn. While cool, it is currently unvetted and high-risk for our environment," he wrote in a Slack message with a red siren emoji. "Please keep Clawdbot off all company hardware and away from work-linked accounts." Grad isn't the only tech executive who has raised concerns to staff about the experimental agentic AI tool, which was briefly known as MoltBot and is now named OpenClaw. A Meta executive says he recently told his team to keep OpenClaw off their regular work laptops or risk losing their jobs. The executive told reporters he believes the software is unpredictable and could lead to a privacy breach if used in otherwise secure environments. He spoke on the condition of anonymity to speak frankly.

[...] Some cybersecurity professionals have publicly urged companies to take measures to strictly control how their workforces use OpenClaw. And the recent bans show how companies are moving quickly to ensure security is prioritized ahead of their desire to experiment with emerging AI technologies. "Our policy is, 'mitigate first, investigate second' when we come across anything that could be harmful to our company, users, or clients," says Grad, who is cofounder and CEO of Massive, which provides Internet proxy tools to millions of users and businesses. His warning to staff went out on January 26, before any of his employees had installed OpenClaw, he says. At another tech company, Valere, which works on software for organizations including Johns Hopkins University, an employee posted about OpenClaw on January 29 on an internal Slack channel for sharing new tech to potentially try out. The company's president quickly responded that use of OpenClaw was strictly banned, Valere CEO Guy Pistone tells WIRED. "If it got access to one of our developer's machines, it could get access to our cloud services and our clients' sensitive information, including credit card information and GitHub codebases," Pistone says. "It's pretty good at cleaning up some of its actions, which also scares me."

A week later, Pistone did allow Valere's research team to run OpenClaw on an employee's old computer. The goal was to identify flaws in the software and potential fixes to make it more secure. The research team later advised limiting who can give orders to OpenClaw and exposing it to the Internet only with a password in place for its control panel to prevent unwanted access. In a report shared with WIRED, the Valere researchers added that users have to "accept that the bot can be tricked." For instance, if OpenClaw is set up to summarize a user's email, a hacker could send a malicious email to the person instructing the AI to share copies of files on the person's computer. But Pistone is confident that safeguards can be put in place to make OpenClaw more secure. He has given a team at Valere 60 days to investigate. "If we don't think we can do it in a reasonable time, we'll forgo it," he says. "Whoever figures out how to make it secure for businesses is definitely going to have a winner."

An anonymous reader shares a report: Oracle could cut up to 30,000 jobs and sell health tech unit Cerner to ease its AI datacenter financing challenges, investment banker TD Cowen has claimed, amid changing sentiment on Big Red's massive build-out plans.

A research note from TD Cowen states that finding equity and debt investors are increasingly questioning how Oracle will finance its datacenter building program to support its $300 billion, five-year contract with OpenAI.

The bank estimates the OpenAI deal alone is going to require $156 billion in capital spending. Last year, when Big Red raised its capex forecasts for 2026 by $15 billion to $50 billion, it spooked some investors. This year, "both equity and debt investors have raised questions about Oracle's ability to finance this build-out as demonstrated by widening of Oracle credit default swap (CDS) spreads and pressure on Oracle stock/bonds," the research note adds.

Amazon is discontinuing its Amazon One palm recognition ID system for stores later this year, the company informed users. From a report: The company will discontinue Amazon One services at retail businesses on June 3, 2026, according to a support page for the service and email messages to customers. "In response to limited customer adoption, we're discontinuing Amazon One, our authentication service for facility access and payment," an Amazon spokesperson said. "All customer data associated with Amazon One will be securely deleted after the service ends."

The move coincides with a sweeping pullback from Amazon's physical retail experiments. Amazon announced Tuesday that it's closing all of its Amazon Go and Amazon Fresh locations, a total of 72 stores nationwide, concentrating its efforts instead on its Whole Foods Market locations and grocery delivery from Amazon.com. Amazon One launched in 2020 as a way to help speed up in-store entry and payments, identifying customers who opted-in and eliminating the need for them to present a credit card to pay. It often worked in conjunction with the company's Just Walk Out technology, which uses cameras and sensors to let customers avoid using a checkout line.

Longtime Slashdot reader AmiMoJo shares a report from the Guardian: The financial campaigner James Daley has launched a 1.5 billion pound (approximately $1.5 billion) class action lawsuit against Apple over its mobile phone wallet, claiming the U.S. tech company blocked competition and charged hidden fees that ultimately harmed 50 million UK consumers. The lawsuit takes aim at Apple Pay, which they say has been the only contactless payment service available for iPhone users in Britain over the past decade.

Daley, who is the founder of the advocacy group Fairer Finance, claims this situation amounted to anti-competitive behavior and allowed Apple to charge hidden fees, ultimately pushing up costs for banks that passed charges on to consumers, regardless of whether they owned an iPhone. It is the first UK legal challenge to the company's conduct in relation to Apple Pay, and takes place months after regulators like the Competition and Markets Authority and the Payments Systems Regulator began scrutinising the tech industry's digital wallet services. The case has been filed with the Competition Appeal Tribunal, which will now decide whether the class action case can move forward.

[...] Daley's lawsuit alleges that Apple refused to give other app developers and outside businesses access to the contactless payment technology on its iPhones, which meant it could charge banks and card issuers fees on Apple Pay transactions that his lawyers say "are not in line with industry practice." The lawsuit notes that similar fees are not charged on equivalent payments on Android devices, which are built by Google. It says that the additional costs were borne by UK consumers, having been passed on through charges on a range of personal banking products ranging from current accounts, credit cards, to savings and mortgages. The lawsuit says that about 98% of consumers are exposed to banks that listed cards on Apple Pay, meaning the vast majority of the UK population may have been affected.

Eightfold AI, a venture capital-backed AI hiring platform used by Microsoft, PayPal and many other Fortune 500 companies, is being sued in California for allegedly compiling reports used to screen job applicants without their knowledge. From a report: The lawsuit, filed on Tuesday accusing Eightfold of violating the Fair Credit Reporting Act shows how consumer advocates are seeking to apply existing law to AI systems capable of drawing inferences about individuals based on vast amounts of data.

Santa Clara, California-based Eightfold provides tools that promise to speed up the hiring process by assessing job applicants and predicting whether they would be a good fit for a job using massive amounts of data from online resumes and job listings. But candidates who apply for jobs at companies that use those tools are not given notice and a chance to dispute errors, job applicants Erin Kistler and Sruti Bhaumik allege in their proposed class action. Because of that, they claim Eightfold violated the FCRA and a California law that gives consumers the right to view and challenge credit reports used in lending and hiring.

According to the Wall Street Journal (paywalled), Goldman Sachs is transferring Apple Card and Apple Savings to JPMorgan Chase. "It was clear in 2023 that Goldman Sachs would exit the consumer credit game, abandoning its Apple Card partnership with it," reports AppleInsider. "However, it has taken 26 months to reach a point where it can finally hand over issuing control to another bank." From the report: Goldman Sachs is reportedly expected to hand over the $20 billion of outstanding balances at a $1 billion discount. Such discounts are rare, and allegedly reflect the higher-than-average delinquency rate found with Apple Card holders. JPMorgan will have to issue new Apple Cards to existing users, but it may be some time before that is done. A new Apple Savings will be opened by JPMorgan as well, but users will be given the option to move or stay.

An anonymous reader quotes a report from SecurityWeek: Insurance giant Aflac is notifying roughly 22.65 million people that their personal information was stolen from its systems in June 2025. The company disclosed the intrusion on June 20, saying it had identified suspicious activity on its network in the US on June 12 and blaming it on a sophisticated cybercrime group. The company said it immediately contained the attack and engaged with third-party cybersecurity experts to help with incident response. Aflac's operations were not affected, as file-encrypting ransomware was not deployed.

[...] The compromised information, the insurance giant says, includes names, addresses, Social Security numbers, dates of birth, driver's license numbers, government ID numbers, medical and health insurance information, and other data. "The review of the potentially impacted files determined personal information associated with customers, beneficiaries, employees, agents, and other individuals related to Aflac was involved," Aflac said in a notification (PDF) on its website. The company is providing the affected individuals with 24 months of free credit monitoring, identity theft protection, and medical fraud protection services.

Google is suing a Chinese-speaking cybercriminal group it says is responsible for a massive wave of scam text messages sent to Americans this year, according to a legal complaint filed Tuesday. From a report: The group, known as Darcula, sells software that allows users to send phishing text messages en masse, impersonating organizations like the IRS or the U.S. Postal Service in scams. The lawsuit is designed to give Google legal standing so U.S. courts will allow it to seize websites the group uses, hampering their operations, a spokesperson said.

Darcula is possibly the most prominent name in an emerging, loosely affiliated cybercrime world that creates and sells hacking programs for aspiring scammers to use. Darcula's signature program, called Magic Cat, provides an easy-to-use, intuitive way for cybercriminals without advanced hacking skills to quickly spam millions of phone numbers with links to fake websites impersonating businesses like YouTube's premium service, then steal the credit card numbers victims put in.

Nonprofit Code.org released its 2025 State of AI & Computer Science Education report this week with a state-by-state analysis of school policies complaining that "0 out of 50 states require AI+CS for graduation."

But meanwhile, at the college level, "Purdue University will begin requiring that all of its undergraduate students demonstrate basic competency in AI," writes former college president Michael Nietzel, "starting with freshmen who enter the university in 2026." The new "AI working competency" graduation requirement was approved by the university's Board of Trustees at its meeting on December 12... The requirement will be embedded into every undergraduate program at Purdue, but it won't be done in a "one-size-fits-all" manner. Instead, the Board is delegating authority to the provost, who will work with the deans of all the academic colleges to develop discipline-specific criteria and proficiency standards for the new campus-wide requirement. [Purdue president] Chiang said students will have to demonstrate a working competence through projects that are tailored to the goals of individual programs. The intent is to not require students to take more credit hours, but to integrate the new AI expectation into existing academic requirements...

While the news release claimed that Purdue may be the first school to establish such a requirement, at least one other university has introduced its own institution-wide expectation that all its graduates acquire basic AI skills. Earlier this year, The Ohio State University launched an AI Fluency initiative, infusing basic AI education into core undergraduate requirements and majors, with the goal of helping students understand and use AI tools — no matter their major.

Purdue wants its new initiative to help graduates:

— Understand and use the latest AI tools effectively in their chosen fields, including being able to identify the key strengths and limits of AI technologies;

— Recognize and communicate clearly about AI, including developing and defending decisions informed by AI, as well as recognizing the influence and consequences of AI in decision-making;

— Adapt to and work with future AI developments effectively.

Longtime Slashdot reader sinij shares a report from Car and Driver: [T]he Trump administration announced less stringent Corporate Average Fuel Economy (CAFE) standards in an effort to bring down the price of new vehicles. The administration says that rules put in place by the Biden administration broke the law by going beyond the requirements mandated by Congress when the CAFE program was started. The new regulations will require automakers to meet an average fuel-economy figure of 34.5 mpg across 2031-model-year vehicles, instead of the 50.4 mpg that would have been required under the previous regulations. sinij comments: "This is a much-needed move as they also recently closed a number of loopholes, such as the assumed fuel-savings credit for engine start-stop technology, that made it more difficult to meet these goals. More so, a recent string of engine and transmission failures from multiple manufacturers shows that meeting fleet standards came at a very significant cost of reduced reliability."

An anonymous reader quotes a report from TechCrunch: South Korean e-commerce platform Coupang over the weekend said nearly 34 million Korean customers' personal information had been leaked in a data breach that had been ongoing for more than five months. The company said it first detected the unauthorized exposure of 4,500 user accounts on November 18, but a subsequent investigation revealed that the breach had actually compromised about 33.7 million customer accounts in South Korea. The breach affected customers' names, email addresses, phone numbers, shipping addresses, and certain order histories, per Coupang. More sensitive data like payment information, credit card numbers, and login credentials was not compromised and remains secure, the company said. [...] Police have reportedly identified at least one suspect, a former Chinese Coupang employee now abroad, after launching an investigation following a November 18 complaint.

An anonymous reader shares a report: The IRS accessed a database of hundreds of millions of travel records, which show when and where a specific person flew and the credit card they used, without obtaining a warrant, according to a letter signed by a bipartisan group of lawmakers and shared with 404 Media. The country's major airlines, including Delta, United Airlines, American Airlines, and Southwest, funnel customer records to a data broker they co-own called the Airlines Reporting Corporation (ARC), which then sells access to peoples' travel data to government agencies.

The IRS case in the letter is the clearest example yet of how agencies are searching the massive trove of travel data without a search warrant, court order, or similar legal mechanism. Instead, because the data is being sold commercially, agencies are able to simply buy access. In the letter addressed to nine major airlines, the lawmakers urge them to shut down the data selling program. Update: after this piece was published, ARC said it already planned to shut down the program.

"Disclosures made by the IRS to Senator Wyden confirm that it did not follow federal law and its own policies in purchasing airline data from ARC," the letter reads. The letter says the IRS "confirmed that it did not conduct a legal review to determine if the purchase of Americans' travel data requires a warrant."

An anonymous reader shares a report: Costing tens of thousands of dollars each, Nvidia's pioneering AI chips make up a hefty chunk of the $400 billion that Big Tech plans to invest this year -- a bill expected to hit $3 trillion by 2029. But unlike 19th-century railroads, or the Dotcom boom's fiber-optic cables, the GPUs fueling today's AI mania are short-lived assets with a shelf life of perhaps five years.

As with your iPhone, this stuff tends to lose value and may need upgrading soon because Nvidia and its rivals aim to keep launching better models. Customers like OpenAI will have to deploy them to stay competitive. So while it's comforting that the companies spending most wildly have mountains of cash to throw around (OpenAI aside), the brief useful life of the chips and the generous accounting assumptions underpinning all of this investment are less consoling.

Michael Burry, who made his name betting against US housing and who's recently turned to the AI boom, waded in this week, warning on X that hyperscalers -- industry jargon for the giant companies building gargantuan data centers -- are underestimating depreciation. Far from being a one-off outlay, there's a danger of AI capex becoming a huge recurring expense. That's great for Nvidia and co., but not necessarily for hyperscalers such as Google and Microsoft. Some face a depreciation tsunami that's forcing them to be extra vigilant about controlling other costs. Amazon has plans to eliminate roughly 14,000 jobs.

And while Wall Street is used to financing fast-depreciating assets such as aircraft and autos, it's worrying that private credit funds are increasingly using GPUs as collateral to finance loans. This includes lending to more speculative startups known as neoclouds, who offer GPUs for rent. Microsoft alone has signed more than $60 billion of neocloud deals.

The furious push by AI hyperscalers to build out data centers will need about $1.5 trillion of investment-grade bonds over the next five years and extensive funding from every other corner of the market, according to an analysis by JPMorgan. From a report: "The question is not 'which market will finance the AI-boom?' Rather, the question is 'how will financings be structured to access every capital market?'" according to strategists led by Tarek Hamid.

Leveraged finance is primed to provide around $150 billion over the next half decade, they said. Even with funding from the investment-grade and high-yield bond markets, as well as up to $40 billion per year in data-center securitizations, it will still be insufficient to meet demand, the strategists added. Private credit and governments could help cover a remaining $1.4 trillion funding gap, the report estimates. The bank calculates an at least $5 trillion tab that could climb as high as $7 trillion, singlehandedly driving a reacceleration in growth in the bond and syndicated loan markets, the strategists wrote in a report Monday. The analysts project $300 billion in high-grade bonds going toward AI data centers next year. That could account for nearly one fifth of total issuance in that market, which a report from Barclays estimates will grow to $1.6 trillion.

Visa and Mastercard are nearing a settlement with merchants that aims to end a 20-year-old legal dispute by lowering fees stores pay and giving them more power to reject certain credit cards, WSJ reports, citing people familiar with the matter. From the report: Under terms being discussed, Visa and Mastercard would lower credit-card interchange fees, which are often between 2% and 2.5%, by an average of around 0.1 percentage point over several years, the people said. They would also loosen rules that require merchants that accept one of a network's credit cards to accept all of them.

A deal could be announced soon, the people said, and would require court approval to take effect. If an agreement is finalized, consumers could see big changes at the register. Merchants that accept one kind of Visa credit card wouldn't have to accept all Visa credit cards, for example. Under the current talks, credit-card acceptance would be divided into several categories including rewards credit cards, credit cards with no rewards programs, and commercial cards, the people familiar with the matter said.

Some stores might turn away rewards cards, which charge them higher fees and in recent years have become very popular with consumers. But stores that reject those cards would face the risk of declining sales.