Cities are planning to sue the Federal Communications Commission over its decision to preempt local rules on deployment of 5G wireless equipment. From a report: Seattle Mayor Jenny Durkan and City Attorney Pete Holmes yesterday said their city intends to appeal the FCC order in federal court. Seattle will be coordinating with other cities on a lawsuit, they said. "In coordination with the overwhelming majority of local jurisdictions that oppose this unprecedented federal intrusion by the FCC, we will be appealing this order, challenging the FCC's authority and its misguided interpretations of federal law," they said in a press release.

The FCC says its order will save carriers $2 billion, less than one percent of the estimated $275 billion it will take to deploy 5G across the country. In Oregon, the Portland City Council voted Tuesday to approve a lawsuit against the FCC, The Oregonian reported, saying the move "added Portland to a growing list of cities, primarily on the West Coast, that are preparing to fight" the FCC order. East Coast cities including New York City and Boston have also objected to the FCC decision. As we've previously reported, the FCC order drew opposition from rural municipalities as well.

Four lobby groups representing the broadband industry today sued California to stop the state's new net neutrality law. From a report: The lawsuit was filed in US District Court for the Eastern District of California by mobile industry lobby CTIA; cable industry lobby NCTA; telco lobby USTelecom; and the American Cable Association, which represents small and mid-size cable companies. Together, these four lobby groups represent all the biggest mobile and home Internet providers in the US and hundreds of smaller ISPs . Comcast, Charter, AT&T, Verizon, T-Mobile US, Sprint, Cox, Frontier, and CenturyLink are among the groups' members. "This case presents a classic example of unconstitutional state regulation," the complaint said. The California net neutrality law "was purposefully intended to countermand and undermine federal law by imposing on [broadband] the very same regulations that the Federal Communications Commission expressly repealed in its 2018 Restoring Internet Freedom Order." ISPs say the California law impermissibly regulates interstate commerce. "[I]t is impossible or impracticable for an Internet service provider ("ISP") offering BIAS to distinguish traffic that moves only within California from traffic that crosses state borders," the lobby groups' complaint said.

A new encryption bill that's expected to be passed in Australia is facing strong opposition from tech heavyweights. A new group called "Alliance for a Safe and Secure Internet" has been formed by Australian industry, technology, and human rights groups to persuade the country from passing the bill, reports ZDNet. "The membership of the new alliance consists of Australian Communications Consumer Action Network, Access Now, Ai Group, Australian Information Industry Association, Amnesty International Australia, AMTA, Blueprint for Free Speech, members of Communications Alliance sans NBN, DIGI, Digital Rights Watch, Future Wise, Hack for Privacy, Human Rights Law Centre, Internet Australia, IoT Alliance Australia, and Liberty Victoria." The Guardian also notes that Google and Facebook are part of the group. From the report: The Bill is currently before the Parliamentary Joint Committee on Intelligence and Security, with a minuscule three-week window for submissions closing on Friday, October 12 and a hearing set for Friday, October 19. The proposed legislation would allow the nation's police and anti-corruption forces to ask, before forcing, internet companies, telcos, messaging providers, or anyone deemed necessary, to break into whatever content interception agencies want access to.

"This Bill stands to have a huge impact on millions of Australians, so it is crucial that lawmakers reject this proposal in its present form before we sleepwalk into a digital dystopia," said board member of Digital Rights Watch and alliance spokesperson Lizzie O'Shea. "The rushed processes coupled with the lack of transparency can only mean that expert opinions from Australia and abroad are being disregarded, and deep concerns about privacy erosion and lack of judicial review have simply been tossed aside."

A new study from network equipment company Sandvine finds that BitTorrent usage and piracy is increasing after years of declines. The reason appears to be due to "an increase in exclusivity deals that force subscribers to hunt and peck among a myriad of streaming services to actually find the content they're looking for," reports Motherboard. From the report: Sandvine's new Global Internet Phenomena report offers some interesting insight into user video habits and the internet, such as the fact that more than 50 percent of internet traffic is now encrypted, video now accounts for 58 percent of all global traffic, and Netflix alone now comprises 15 percent of all internet downstream data consumed. But there's another interesting tidbit buried in the firm's report: after years of steady decline, BitTorrent usage is once again growing.

According to Sandvine, file-sharing accounts for 3 percent of global downstream and 22 percent of upstream traffic, with 97% of that traffic in turn being BitTorrent. While BitTorrent is often used to distribute ordinary files, it remains the choice du jour for those looking to distribute and trade copyrighted content online, made easier via media PCs running Kodi and select plugins. Back in 2011, Sandvine stated that BitTorrent accounted for 52.01% of upstream traffic on fixed broadband networks in North America. By 2015, BitTorrent's share of upstream traffic on these networks had dipped to 26.83 percent, largely thanks to the rise in quality, inexpensive streaming alternatives to piracy. But Sandvine notes that trend is now reversing slightly, with BitTorrent's traffic share once again growing worldwide. That's especially true in the Middle East, Europe, and Africa, where BitTorrent now accounts for 32% of all upstream network traffic.

An anonymous reader quotes a report from The Washington Post: A unit of Google's parent company Alphabet is proposing to turn a rundown part of Toronto's waterfront into what may be the most wired community in history -- to "fundamentally refine what urban life can be." Sidewalk Labs has partnered with a government agency known as Waterfront Toronto with plans to erect mid-rise apartments, offices, shops and a school on a 12-acre (4.9-hectare) site -- a first step toward what it hopes will eventually be a 800-acre (325-hectare) development. High-level interest is clear: Prime Minister Justin Trudeau and Alphabet's then-Executive Chairman Eric Schmidt appeared together to announce the plan in October. But some Canadians are rethinking the privacy implications (Warning: source may be paywalled; alternative source) of giving one of the most data-hungry companies on the planet the means to wire up everything from street lights to pavement. And some want the public to get a cut of the revenue from products developed using Canada's largest city as an urban laboratory.

"The Waterfront Toronto executives and board are too dumb to realize they are getting played," said former BlackBerry chief executive Jim Balsillie, a smartphone pioneer considered a national hero who also said the federal government is pushing the board to approve it. "Google knew what they wanted. And the politicians wanted a PR splash and the Waterfront board didn't know what they are doing. And the citizens of Toronto and Canada are going to pay the price," Balsillie said. Complaints about the proposed development prompted Waterfront Toronto to re-do the agreement to ensure a greater role for the official agency, which represents city, provincial and federal governments. So far the project is still in the embryonic stage. After consultations, the developers plan to present a formal master plan early next year. Sidewalk Labs' CEO, Dan Doctoroff, says the company isn't looking to monetizing people's personal information in the way that Google does now with search information. He said the plan is to invent so-far-undefined products and services that Sidewalk Labs can market elsewhere. "People automatically assume because of our relationship to Alphabet and Google that they will be treated one way or another. We have never said anythingâ about the data issue, he said. "To be honest people should give us some time. Be patient."

Hackers are selling Facebook logins for just $3 on the dark web, according to new research. From a report: The study by Money Guru found that Facebook logins can be bought for as little as 2.30 Pound ($3), with the report coming just hours after it was revealed that an enormous data breach has left at least 50 million Facebook accounts compromised. The research also found that hacked email logins are also being flogged on dark web marketplaces, which are easily accessible to anyone with the right browser and web addresses. Even financial data is being sold cheaply, with credit card information available for as little as $14 and debit card information for $19.50. The research was looking into the availability of logins for sale for the 26 most commonly used online accounts.

Zorro shares a report from Quartz: According to recently released U.S. federal contracting data, the Drug Enforcement Administration will be expanding the footprint of its nationwide surveillance network with the purchase of "multiple" trailer-mounted speed displays "to be retrofitted as mobile LPR [License Plate Reader] platforms." The DEA is buying them from RU2 Systems Inc., a private Mesa, Arizona company. How much it's spending on the signs has been redacted. Two other, apparently related contracts, show that the DEA has hired a small machine shop in California, and another in Virginia, to conceal the readers within the signs. An RU2 representative said the company providing the LPR devices themselves is a Canadian firm called Genetec.

An anonymous reader quotes a report from Ars Technica: The practice of "swatting," or calling in fake threats to activate an aggressive police response to an unwitting home or business, has unfortunately lingered for the past few years. Starting this week, one police department in the United States is rolling out a system targeted directly at this illegal hoax practice. On its official "swatting" resource site, the Seattle Police Department acknowledges how swatting works, along with the fact that citizens have requested a way to submit their own concerns or worries about being a potential victim. "To our knowledge, no solution to this problem existed, so we engineered one," SPD's site reads. The site claims that swatting victims are "typically associated with the tech industry, video game industry, and/or the online broadcasting community."

SPD's process asks citizens to create a profile on a third-party data-management service called Rave Facility (run by the company Smart911). Though this service is advertised for public locations and businesses, it supports private residences as well, and SPD offers steps to input data and add a "swatting concerns" tab to your profile. With that information in hand, SPD says that any police or 911 operator who receives a particularly troubling emergency report and matches it to a location that has already been flagged with a "swatting concerns" notice, will share that information "with first responders to inform and improve their police response to the incident." The report notes that "all calls" will still receive standard police response, whether or not any swatting concerns are filed. "Nothing about this solution is designed to minimize or slow emergency services," the site reads. "At the same time, if information is available, it is more useful for responding officers to have it than to not."

An anonymous reader quotes a report from Ars Technica: A lone engineer has succeeded in doing what Uber's top lawyers and expert witnesses could not -- overturning most of a foundational patent covering arch-rival Waymo's lidar laser ranging devices. Following a surprise left-field complaint by Eric Swildens, the US Patent and Trademark Office (USPTO) has rejected all but three of 56 claims in Waymo's 936 patent, named for the last three digits of its serial number. The USPTO found that some claims replicated technology described in an earlier patent from lidar vendor Velodyne, while another claim was simply "impossible" and "magic." The 936 patent played a key role in last year's epic intellectual property lawsuit with Uber. In December 2016, a Waymo engineer was inadvertently copied on an email from one of its suppliers to Uber, showing a lidar circuit design that looked almost identical to one shown in the 936 patent.

The patent describes how a laser diode can be configured to emit pulses of laser light using a circuit that includes an inductor and a gallium nitride transistor. That chance discovery helped spark a lawsuit in which Waymo accused Uber of patent infringement and of using lidar secrets supposedly stolen by engineer Anthony Levandowski. In August 2017, Uber agreed to redesign its Fuji lidar not to infringe the 936 patent. Then, in February 2018, Waymo settled the remaining trade secret theft allegations in exchange for Uber equity worth around $245 million and a commitment from Uber not to copy its technology. "This includes an agreement to ensure that any Waymo confidential information is not being incorporated in Uber hardware and software," said a Waymo spokesperson at the time. That redesign now seems to have been unnecessary, says Swildens, the engineer who asked the USPTO to take a closer look at 936. "Waymo's claim that Uber infringed the 936 patent was spurious, as all the claims in the patent that existed at the time of the lawsuit have been found to be invalid," he said. Uber told Ars that despite the ruling, it would not be redesigning its lidars yet again. Swildensj, an employee at a small cloud computing startup, reportedly "spent $6,000 of his own money to launch a formal challenge to 936," reports Ars. "In March, an examiner noted that a re-drawn diagram of Waymo's lidar firing circuit showed current passing along a wire between the circuit and the ground in two directions -- something generally deemed impossible. 'Patent owner's expert testimony is not convincing to show that the path even goes to ground in view of the magic ground wire, which shows current moving in two directions along a single wire,' noted the examiners dryly."

"As I investigated the 936 patent, it became clear it was invalid due to prior art for multiple reasons," Swildens told Ars. "I only filed the reexamination because I was absolutely sure the patent was invalid."

Google is finally turning its attention to Chrome Web Store. On Monday, the company announced a range of big changes that would make the online store more secure for customers. From a report: The first two are happening now: Developers are being subjected to a more rigorous review process, and the Chrome Web Store no longer accepts obfuscated JavaScript files. In a couple of weeks, Chrome users will get the option to restrict host access for their extensions. And in 2019, two more changes will take effect: Chrome Web Store developer accounts will require 2-step verification, and Google will introduce manifest version 3 of the extensions platform.

[...] Effective today, extensions that request powerful permissions will be subject to additional compliance review. Google doesn't offer much detail here, but it does say your extension's permissions should be as narrowly scoped as possible and all your code should be included directly in the extension package to minimize review time. If your extension uses remotely hosted code, Google will also be taking a closer look (and will monitor on an ongoing basis).

An anonymous reader shares an NPR report: Shiru Cafe looks like a regular coffee shop. Inside, machines whir, baristas dispense caffeine and customers hammer away on laptops. But all of the customers are students, and there's a reason for that. At Shiru Cafe, no college ID means no caffeine. "We definitely have some people that walk in off the street that are a little confused and a little taken aback when we can't sell them any coffee," said Sarah Ferris, assistant manager at the Shiru Cafe branch in Providence, R.I., located near Brown University. Ferris will turn away customers if they're not college students or faculty members. The cafe allows professors to pay, but students have something else the shop wants: their personal information.

To get the free coffee, university students must give away their names, phone numbers, email addresses and majors, or in Brown's lingo, concentrations. Students also provide dates of birth and professional interests, entering all of the information in an online form. By doing so, the students also open themselves up to receiving information from corporate sponsors who pay the cafe to reach its clientele through logos, apps, digital advertisements on screens in stores and on mobile devices, signs, surveys and even baristas. According to Shiru's website: "We have specially trained staff members who give students additional information about our sponsors while they enjoy their coffee." The source article additionally explores privacy aspects of the business. The cafe, which is owned by Japanese company Enrission, says it shares general, aggregate data such as student majors and expected graduation years.

Travelers in New Zealand who refuse to hand over their phone or laptop passwords to Customs officials can now be slapped with a $5000 fine. From a report: The Customs and Excise Act 2018 -- which comes into effect today -- sets guidelines around how Customs can carry out "digital strip-searches." Previously, Customs could stop anyone at the border and demand to see their electronic devices. However, the law did not specify that people had to also provide a password. The updated law makes clear that travelers must provide access -- whether that be a password, pin-code or fingerprint -- but officials would need to have a reasonable suspicion of wrongdoing. "It is a file-by-file [search] on your phone. We're not going into 'the cloud.' We'll examine your phone while it's on flight mode," Customs spokesperson Terry Brown said. If people refused to comply, they could be fined up to $5000 and their device would be seized and forensically searched. Mr Brown said the law struck the "delicate balance" between a person's right to privacy and Customs' law enforcement responsibilities. "I personally have an e-device and it maintains all my records -- banking data, et cetera, et cetera -- so we understand the importance and significance of it."

In what may be a world first, the FBI has forced a suspect to unlock his iPhone X using Apple's Face ID feature. From a report: Agents in Columbus, Ohio entered the home of 28-year-old Grant Michalski, who was suspected of child abuse, according to court documents spotted by Forbes. With a search warrant in hand, they forced him to put his face on front of the device to unlock it. They were then able to freely search for his photos, chats and any other potential evidence. The FBI started investigating Michalski after discovering his ad on Craigslist titled "taboo." Later, they discovered emails in which he discussed incest and sex with minors with another defendant, William Weekly.

The Trump administration has completed a detailed legal proposal to dramatically weaken a major environmental regulation covering mercury, a toxic chemical emitted from coal-burning power plants, The New York Times reports, citing a person familiar with the matter. From the report: The proposal would not eliminate the mercury regulation entirely, but it is designed to put in place the legal justification for the Trump administration to weaken it and several other pollution rules, while setting the stage for a possible full repeal of the rule. Andrew Wheeler, a former coal lobbyist who is now the acting administrator of the Environmental Protection Agency, is expected in the coming days to send the proposal to the White House for approval. The move is the latest, and one of the most significant, in the Trump administration's steady march of rollbacks of Obama-era health and environmental regulations on polluting industries, particularly coal. The weakening of the mercury rule -- which the E.P.A. considers the most expensive clean air regulation ever put forth in terms of annual cost to industry -- would represent a major victory for the coal industry. Mercury is known to damage the nervous systems of children and fetuses.

California Gov. Jerry Brown signed into law on Sunday a bill to restore net neutrality protections that President Donald Trump's Federal Communications Commission killed late last year. From a report: The new law prohibits internet service providers, or ISPs, from blocking or slowing access to legal online content, demanding special fees from websites to prioritize their traffic or charging customers for special exemptions to caps on their data use. Brown signed the measure without comment, setting up almost certain showdowns with both ISPs and the FCC, which barred states from setting their own rules in its repeal last December of protections instituted during the administration of President Barack Obama. The U.S. Justice Department quickly filed a federal action in U.S. District Court in Sacramento to block the new law Sunday night. In a statement, Attorney General Jeff Sessions said: "Under the Constitution, states do not regulate interstate commerce -- the federal government does. Once again the California legislature has enacted an extreme and illegal state law attempting to frustrate federal policy." Brown also signed A.B. 1999, which makes it easier for local governments to build community broadband and offer competitive high-speed fiber.