Cyber Week in Review: October 11, 2024
Judge orders Google to overhaul Play Store fees; Chinese hackers breach U.S. wiretaps; Russia, Turkey block Discord; EU adopts new sanctions against Russia; NYU study: AI-labeled ads can reduce trust.
October 11, 2024 1:54 pm (EST)
- Post
- Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.
Federal District judge rules Google must overhaul Google Play store and fee arrangements
On Monday, Judge James Donato from the Northern California U.S. District Court ruled that Google will need to expand access for users to third party app stores on its Google Play marketplace. The order came as part of an antitrust suit brought by video game studio Epic Games and allows third-party providers like Epic to avoid many of the fees Google had collected through its store. The ruling is an outcome of a federal jury’s decision in December 2023 that Google’s policies around its Google Play store constituted anticompetitive practices. Judge Donato’s ruling prohibits Google from paying companies to avoid competing with Google Play or requiring app makers to use Google Billing (and its attendant 15 percent fee for Google) in their apps, or paying companies to preinstall Google Play on new devices, among other aspects. The ruling also requires Google to allow users to download apps from third-party app stores, and to reduce some barriers to access for those stores, such as unfair security warnings. Google said it would appeal the verdict and asked the court to pause the implementation of the ruling while the case plays out. Epic brought a similar lawsuit against Apple in August 2020 alleging that Apple’s iOS App Store was propped up by similar anticompetitive practices. A federal judge ruled largely in Apple’s favor in the case, only requiring Apple to allow developers to provide notice of alternative payment systems on their apps.
More on:
Chinese threat actor hacks U.S. wiretap systems
U.S. authorities are investigating a Chinese cyberattack on U.S. telecommunications companies, including AT&T, Lumen Technologies, and Verizon. The hackers may have established access to internal systems used to comply with wiretap orders for months on end; penetrating these systems would offer near-total access to information moving across individual telecommunications networks and could offer intelligence on major investigations being conducted in the United States. The group responsible, dubbed Salt Typhoon, was reportedly discovered by the federal government last month and the depth or length of its intrusion is not entirely clear; both the affected telecommunications providers and the federal government are investigating. Under the Communications Assistance for Law Enforcement Act of 1994, companies are required to build “backdoors” into their own systems to comply with federal orders for information and wiretapping requests. The backdoors have been controversial, with some technologists arguing that a backdoor, even those inserted with lawful intent, can be abused by malicious actors, while law enforcement and national security experts maintain that it would be impossible to fulfill their mandate without such access. Chinese state-sponsored hackers appear to have become increasingly skilled and brazen over the past three years, as groups like Volt Typhoon have infiltrated deeply into U.S. critical infrastructure; on September 20, the FBI said it had taken down a botnet run by Volt Typhoon that had commandeered over 260,000 devices and had likely used the botnet to facilitate espionage operations against U.S. military and government systems.
Russia and Turkey block messaging app Discord
Russia and Turkey blocked access to the messaging platform Discord this week, accusing it of failing to collaborate with local authorities. Russian authorities said the platform was being used for “terrorist purposes” and to facilitate the sale of drugs. Discord has gained a following among members of the Russian military, and Russian military blogger Yan Matveyev criticized the ban, arguing it would weaken Russian drone warfare and contribute to an information vacuum. Turkish authorities, meanwhile, said that they banned the app because of “child sexual abuse and obscenity” concerns; Turkey has faced sweeping protests in recent weeks over the murder of two nineteen-year-old women, İkbal Uzuner and Ayşenur Çelik. The perpetrator, who attended the same school as the victims, had reportedly stalked Uzuner for years, and the murder of the two women has fed larger concerns around violence against women in the country. According to reporting from news outlet BalkanInsight, the murderer was an active participant in several Discord groups which advocated violence, extortion, sexual assault against women and children, and glorified “incel culture.” The protestors have especially focused on Uzuner’s repeated attempts to file complaints against her killer in previous years, arguing that the authorities’ failure to take action on the complaints is symptomatic of a larger culture of impunity around violence against women in the country.
European Commission adopts new sanctions framework against Russia
More on:
The European Union announced a new sanctions framework on Tuesday to address Russia’s hybrid threats against the EU and its Member States; the new order will specifically target individuals engaged in sabotage campaigns, coordinated distribution of disinformation and information manipulation, and the undermining of electoral systems, among other areas of focus. The same day, the EU formally condemned Russian destabilizing activity, including targeting critical infrastructure and interfering in elections across the continent, and said it has “detected an increasing number of a broad range of activities” in each of the categories outlined in the framework. EU Member-States have dealt with several major sabotage incidents in recent years, and some leaders expect that trend to accelerate; Vice Admiral Nils Andreas Stensønes, the head of the Norwegian Intelligence Service, said earlier this year that “the risk level has changed” regarding Russian acts of sabotage in Europe. The EU has not yet imposed sanctions under the order, but, with the consent of Member-States, it could use the order to seize assets or impose travel bans on people or groups that try to undermine its “security, independence, and integrity.” Hungary, which currently sits in the EU presidency, has said it does not want to discuss major sanctions against Russia before the November U.S. election.
NYU study finds that labeled AI-generated ads can decrease trusts in candidates
New York University’s Center on Technology Policy published a study earlier this week that found that the inclusion of AI-use disclaimers on political ads had a negative impact on scores of candidate trustworthiness and appeal. In the study, AI-use disclaimers had a small but statistically significant negative impact on participants’ trust in candidates from their own party or from a party with which they had no affiliation. Interestingly, the study also found that in the case of ads attacking a particular candidate, labeled AI-generated ads did not affect respondents’ views of the targeted candidate. The study found that disclaimers had no impact on scores for candidates from the opposing political party scores, which the study’s authors said was likely because participants already rated those candidates poorly on trustworthiness and appeal. Despite the apparent persuasiveness of the disclaimers, the authors also noted that a significant minority, in some cases up to 37 percent of respondents, didn’t recall seeing an AI disclaimer at all. At least ten U.S. states have adopted regulations requiring the disclosure of the use of AI in political advertising, with some laws already in force or slated to take effect before the November presidential election. Several other state legislatures are considering similar laws which would require disclosure of the use of AI in political advertising.
Maya Schmidt is the intern for the Digital and Cyberspace Policy Program.