Be sure to check out the latest episode of Left to Their Own Devices to hear social psychologist Jonathan Haidt and GenZ host Ava Smithing reach across the generational and ideological divide to discuss one of the most fraught tech issues of our time: what to do about kids and the internet.
The Court’s opinion did not get all the Section 230 analysis exactly right, but today’s outcome nonetheless represents another important step toward holding tech giants accountable when they knowingly or recklessly harm users for profit.
While Big Tech had some early success with that tactic, their luck appears to have changed. Courts have begun rejecting their overly broad legal theories, and juries have found the companies at fault for the harms they caused.
This case is one of many brought against social media giants for designing their platforms in ways that they knew harmed users. Instead of defending their behavior on the merits, the companies tried to sidestep accountability by pushing overly broad interpretations of the First Amendment and S230.
Meta pushed its party line on Section 230, claiming the law preempts any publishing-related claim. But the Court corrected Meta: S230 only applies to claims directly faulting companies like Meta for harmful user-generated content.
In short: Meta’s design decisions are its own responsibility.
In this case, as in many recent ones, the Court found that Section 230 does not block claims alleging the companies designed their platforms harmfully and lied about it. This means plaintiffs can get to discovery and tech companies have to defend their conduct on the merits.
In an opinion published today in Massachusetts v. Meta, the Massachusetts Supreme Judicial Court ruled against Meta’s overbroad Section 230 arguments, allowing the Commonwealth’s claim—that Meta designed its platform to be addictive and then publicly denied doing so—to proceed.
Major ruling from the en banc Fourth Circuit in AFSCME v. SSA, which validates the core basis for Article III standing in the many Privacy Act cases against DOGE & other agency database incursions.
"DOGE is the nosy janitor."
storage.courtlistener.com/recap/gov.us...
On Wednesday, April 15, EPIC Counsel Tom McBrien will speak at the National Association of Attorneys General’s Annual Conference on a panel about the data-driven pricing ecosystem. Learn more, or register to attend the conference:
On May 6, EPIC Senior Counsel Sara Geoghegan will speak on a panel about data ethics and misuse in senior marketing at the Network & Navigate Virtual Summit. Learn more, and register to attend here:
EPIC Deputy Director and Director of Enforcement @johndavisson.bsky.social spoke to @votebeat.org about the EO’s reliance on the unreliable SAVE system:
As EPIC and its partners explained in a recent brief, the overhauled SAVE has inflicted widespread privacy violations and falsely identified a significant number of eligible voters as non-citizens, causing numerous people to be wrongfully removed from voter rolls.
DHS has pressured states to use the overhauled and unreliable SAVE system for bulk citizenship checks to “verify” eligible voters, open investigations, and purge voter rolls. The administration is also suing to force states to turn over their voter rolls, which DOJ would run through SAVE itself.
Last year, DHS illegally repurposed SAVE to pull personal data from other government databases—including notoriously unreliable citizenship data from the Social Security Administration—for voter eligibility determinations.
One of the systems that would be used to generate state-by-state lists of citizens is Systematic Alien Verification for Entitlements (SAVE)—already the target of a lawsuit by the League of Women Voters, EPIC, and counsel at CREW, Democracy Forward, & Fair Elections Center.
The order is sloppily drafted, but the apparent aim is to hijack the states’ role in determining voter eligibility and block USPS from delivering mail ballots that aren’t individually traceable to people the administration decides can vote. This poses a grave threat to privacy and voting rights.
Last week, President Trump issued an executive order asserting a radical expansion of federal power over mail-in voting. The order directs DHS to compile lists of citizens over 18 residing in each state—an ominous tactic for which the federal government lacks both legal authority and reliable data.
It's the last day to register to attend the Puget Sound Symposium on AI & Privacy, where EPIC Law Fellow Mayu Tobin-Miyaji will speak on a panel titled "Blurred Boundaries: Bodies, Brains, and Identity," at 10:45 a.m. on April 16.
Last week, EPIC published a one-pager detailing how government agencies exploit the third-party doctrine as a loophole to purchase personal information from data brokers, even though they would have to get a warrant to access the same information directly.
Kendall Schrohe, EPIC’s Assistant to the Director for Development & Operations and founding partner of TheAttentionStudio, was integral to planning the event.
Be sure to follow LTTOD on your preferred podcast platform, where a recording of the conversation will go live next week! shorturl.at/91vhY
EPIC was proud to table alongside other digital rights orgs on Tuesday at a community showcase following “Left to Their Own Devices Live,” a conversation between social psychologist Jonathan Haidt and Ava Smithing, GenZ host of Left to Their Own Devices and founding partner of TheAttentionStudio.
On Tuesday, EPIC and 63 other civil society organizations sent a letter strongly opposing plans to integrate facial recognition into Meta glasses to Meta, Ray-Ban’s parent company, the White House, the FTC, the DOJ, several state attorneys general, and the leaders of key congressional committees.
Last week, EPIC joined two former FCC chairs and five other consumer advocacy groups to submit an amicus brief to the U.S. Supreme Court in cases regarding the FCC’s ability to hold wireless carriers accountable for violating consumers' privacy rights.
EPIC has long advocated for more regulation of these companies. This situation exemplifies why.
Data brokers who can't accurately fill out a legal document to report information about their own business practices certainly can't be trusted to regulate themselves.
As Sherman noted: "In addition to brokers that say they erroneously reported that they did sell data to 'foreign actors' under California’s law, it is also possible that there are data brokers that erroneously reported that they did not sell data to said 'foreign actors' when they in fact did so."
The apparent inaccuracy of registry entries for at least seven of these brokers underscores an important point: Attempting to conduct oversight on data brokers via self-reported data is a fool’s errand.
Data brokers started reaching out, claiming that they do not in fact sell or share data with foreign actors (in this case: North Korea, China, Russia, or Iran). But the information in CA's registry is provided by data brokers themselves, meaning brokers are the ones telling the state they do.
Last week, EPIC's scholar-in-residence Justin Sherman posted a blog about which data brokers are selling U.S. data to foreign actors, according to California's registry. Then something strange happened.
“Every minute of every day, our personal data is gathered in ways we don’t expect. A real data minimization rule is key to ensuring that data collection and use actually relate to the purposes the consumer expects." (3/3)
"The current state of online tracking and data abuse makes it pretty clear why data minimization matters,” she said. (2/3)