Coinbase is facing a US Securities and Exchange Commission (SEC) probe into whether it allowed users to trade digital tokens that should have been registered as securities, Bloomberg has reported. Coinbase, involved indirectly in another probe by the SEC and state of New York, recently caught the regulator's eye after expanding the number of tokens it offers for trading. 

After taking a conservative approach to listing cryptocurrencies, Coinbase now lets Americans trade more than 150 tokens, according to Bloomberg. If any of those are considered to be securities, it would need to register as an exchange with the SEC. A token is considered to be a security if it involves investors putting up funds for a company in order to profit from the work of its leadership.

Last week, the commission accused a former Coinbase employee of violating insider-trading rules by helping his brother and a friend buy dozens of different types of tokens before they were listed on the platform. Coinbase itself wasn't accused of any wrongdoing, but the SEC said it considered nine of the dozens of digital tokens traded by the men to be securities, including seven listed by the exchange. 

In a response by chief legal officer Paul Grewal, Coinbase said that it "does not list securities on the platform. Period." As evidence of that, it said that the US Department of Justice "reviewed the same facts [as the SEC] and chose not to file securities fraud charges against those involved." 

Coinbase has previously complained that there's no regulatory framework for digital asset securities. As it happened, the company filed a petition for rule making to clarify those rules just before the SEC filed charges. "Instead of crafting tailored rules in an inclusive and transparent way, the SEC is relying on these types of one-off enforcement actions to try to bring all digital assets into its jurisdiction, even those assets that are not securities," Grewal wrote. 

The US and UK have signed a Data Access Agreement that will allow law enforcement agencies in each country to request user internet data from the other, the Department of Justice (DoJ) and UK Home Office said in a joint press release. The agreement was created in 2019 as the CLOUD Act to allow the nations to fight serious crimes including terrorism, child abuse and cybercrime. 

"The Data Access Agreement will allow information and evidence that is held by service providers within each of our nations and relates to the prevention, detection, investigation or prosecution of serious crime to be accessed more quickly than ever before," the DoJ wrote. "This will help, for example, our law enforcement agencies gain more effective access to the evidence they need to bring offenders to justice, including terrorists and child abuse offenders, thereby preventing further victimization."

First hatched in 2017, the plan came about because crime fighting agencies in each country were hamstrung by laws that made it difficult to obtain overseas data from ISPs and companies like Google and Facebook. The aim was to create a bilateral agreement to remove some of those roadblocks and still "maintain rigorous privacy protections for citizens," the UK Home Office said at the time. Australia also joined the CLOUD Act late last year. 

Both agencies promise to "maintain the strong oversight and protections that our citizens enjoy," and not compromise or erode human rights. When the law was originally drafted, however, the Electronic Frontier Foundation (EFF) called it "a dangerous expansion of police snooping on cross-border data."

A 65-year-old man named Michael Williams spent almost a year in jail over the shooting of a man inside his car before prosecutors asked a judge to dismiss his case due to insufficient evidence. Now, the MacArthur Justice Center has sued the city of Chicago for using ShotSpotter, which it calls an "unreliable" gunshot detection technology, as critical evidence in charging him with first-degree murder. The human rights advocate group out of Northwestern University accuses the city's cops of relying on the technology and failing to pursue other leads in the investigation.

Williams was arrested in 2021 over the death of Safarian Herring, a young man from the neighborhood, who asked him for a ride in the middle of unrest over police brutality in May that year. According to an AP report from March, the key piece of evidence used for his arrest was a clip of noiseless security video showing a car driving through an intersection. That's coupled with a loud bang picked up by ShotSpotter's network of surveillance microphones. ShotSpotter uses a large network of audio sensors distributed through a specific area to pick up the sound of gunfire. The sensors work with each other to triangulate the shot's location, so perpetrators can't hide behind walls or other structures to mask their crime.

However, a study conducted by the MacArthur Justice Center in 2021 found that 89 percent of the alerts the system sends law enforcement turn up no evidence of any gun-related crime. "In less than two years, there were more than 40,000 dead-end ShotSpotter deployments," the report said. The group also pointed out that ShotSpotter alerts "should only be used for initial investigative purposes." San Francisco's surveillance technology policy (PDF), for instance, states that its police department must only use ShotSpotter information to find shell casing evidence on the scene and to further analyze the incident.

The lawsuit accuses Chicago's police department of failing to pursue other leads in investigating Williams, including reports that the victim was shot earlier at a bus stop. Authorities never established what's supposed to be Williams' motive, didn't find a firearm or any kind of physical evidence that proves that Williams shot Herring, the group said.

On its website, ShotSpotter posted a response to "false claims" about its technology, calling reports about its inaccuracy "absolutely false." The company claims its technology has a 97 percent accuracy rate, including a 0.5 percent false positive rate, and says those numbers were independently confirmed by Edgeworth Analytics, a data science firm in Washington, D.C. It also answers the part of the lawsuit that criticizes Chicago's decision to place most of it sensors in predominantly Black and Latino neighborhoods, which could lead to potentially dangerous clashes with the police. ShotSpotter said it's a false narrative that its coverage areas are biased and racially discriminatory and that it works with clients to determine coverage areas based on historical gunfire and homicide data .

As AP reports, the lawsuit is seeking class-action status for any Chicago resident who was stopped because of a ShotSpotter alert. The MacArthur Justice Center is also seeking damages from the city for the mental anguish and loss of income Williams had experienced throughout the whole ordeal, as well as for the legal fees he incurred. Further, the group is asking the court to ban the technology's use in the city altogether.

American authorities are continuing to crack down against insider trading of digital assets. The New York Timesreports that federal prosecutors in New York City have charged three people with wire fraud relating to an insider trading scheme for cryptocurrency, including former Coinbase exchange employee Ishan Wahi. This is the first time officials have levelled charges relating to insider trading of digital currency, according to Southern District of New York attorney Damian Williams.

As with a companion civil case from the Securities and Exchange Commission, prosecutors allege Wahi shared confidential information about future asset listings with his brother Nikhil Wahi and his brother's friend Sammer Ramani. The data, shared between "at least" June 2021 and April 2022, helped Nikhil and his friend buy assets before the listing boosted their value. The two would then sell their assets for a profit. The purchases of 25 or more assets netted a profit of more than $1.1 million, according to the SEC.

Coinbase started an internal investigation in April in response to a Twitter post about unusual trading activity. Ishan Wahi booked a flight to India right before Coinbase was set to interview him, but he and his brother were arrested in Seattle this morning. Ramani is still at large and believed to be in India, the SEC said.

Wahi's lawyers maintained their client's innocence, and said he would "vigorously" defend against the charges. Ramani and the attorney for Wahi's brother haven't commented on the charges. Coinbase said it had turned over information to the Justice Department and had fired Wahi as part of a "zero tolerance" policy for this behavior.

This is far from the largest crypto case. Lending firm BlockFi recently paid $100 million to settle securities violations, while Telegram had to return $1.2 billion to investors for its own violations on top of paying $18.5 million. However, the charges are intended more to send a warning. The government wants to make clear that fraud is illegal whether it's "on the blockchain or on Wall Street," as Williams explained to The Times. This is as much about discouraging would-be crooks as it is punishment for the defenders.

Joshua Schulte, the former CIA engineer arrested for what's being called the biggest theft of classified information in the agency's history, has been convicted by a federal jury. Schulte was arrested in relation to the large cache of documents that Wikileaks had published throughout 2017. That string of CIA leaks known as "Vault 7" contained information on the tools and techniques the agency used to hack into iPhones and Android phones for overseas spying. It also had details on how the CIA broke into computers and how it turned smart TVs into listening devices. A federal jury has found Schulte guilty on nine counts, including illegally gathering national defense information and then transmitting it.

According to The New York Times, Schulte was arrested after investigators traced the leaks to him. The former CIA engineer worked with a team in a secret building protected by armed guards to create tools, like malware, that were used to target the devices of suspected terrorists. In 2018, he was formally charged with 13 counts that included theft of classified information, obstruction of justice, as well as possessing and sending images and videos with child pornography. He's still awaiting trial on charges of possessing child pornography, which he allegedly downloaded from 2009 until March 2017. 

Schulte's original trial back in 2020 was declared a mistrial after jurors couldn't come to an agreement regarding some of hist most serious charges, illegally gathering and transmitting national defense information included. After that event, the former CIA engineer had decided to represent himself. As part of his closing arguments, he told the jurors that the CIA and the FBI made him a scapegoat for their embarrassing failure, repeating what his side had been saying from the time he was arrested.

While the judge, AP said, was impressed with his closing arguments, they weren't enough to get the jury on his side. In court, he argued that the government's case is full of holes and that he didn't even have motive to leak the CIA's hacking tools. Prosecutors, however, accused him of being a disgruntled employee who felt that he was disrespected when the agency ignored his complaints about his work environment. As retaliation, he allegedly tried "to burn [the CIA] to the ground." US Attorney Damian Williams said his actions rendered the "most valuable intelligence-gathering cyber tools used to battle terrorist organizations and other malign influences around the globe" essentially useless. Williams also accused Schulte of trying to leak more classified materials against the government while he was behind bars. 

Schulte will have to face the court again to face charges related to possession of child pornography before a sentencing date can be set. The nine counts he was convicted of, however, are enough to keep him in prison for up to 80 years.

As of July 1st of this year, Amazon has provided Ring footage to US law enforcement 11 times without user consent or a court order, according to a disclosure shared by Senator Edward Markey on Wednesday. The Massachusetts Democrat sent Amazon a letter last month with questions about the company’s policies related to Ring and its relationships with police. Amazon responded to the letter at the start of July.

The disclosure marks the first time Amazon has shared this kind of information with the public. In its law enforcement guidelines, Ring says it reserves the right to “immediately” respond to police requests in cases where someone could die or suffer serious injury.

“In each instance, Ring made a good-faith determination that there was an imminent danger of death or serious physical injury to a person requiring disclosure of information without delay,” wrote Brian Huseman, Amazon’s vice-president of public policy, of the 11 videos. Huseman didn’t say the specific footage Ring shared with police.

In his letter, Markey asked Amazon to agree not to accept financial contributions from police or participate in sting operations. The company did not agree to those restrictions. In the past, Ring has actively courted partnerships with law enforcement and even gone so far as to author statements shared by police.

“It’s simply untrue that Ring gives anyone unfettered access to customer data or video, as we have repeatedly made clear to our customers and others,” a Ring spokesperson told Engadget. “The law authorizes companies like Ring to provide information to government entities if the company believes that an emergency involving danger of death or serious physical injury to any person, such as a kidnapping or an attempted murder, requires disclosure without delay. Ring faithfully applies that legal standard.” 

The news that Amazon shared footage with police without user consent at least 11 times this year is likely to add to the concerns many privacy experts have about the company. In 2021, the Electronic Frontier Foundation reported that the Los Angeles Police Department requested footage from Ring of Black Lives Matter protests captured by residential cameras. 

Markey used the disclosure to call on lawmakers to pass the Facial Recognition and Biometric Technology Moratorium Act, a bill he introduced alongside Senator Jeff Merkley and Representatives Pramila Jayapal and Ayanna Pressley. “As my ongoing investigation into Amazon illustrates, it has become increasingly difficult for the public to move, assemble, and converse in public without being tracked and recorded,” said Markey. “We cannot accept this as inevitable in our country.”

Ramesh “Sunny” Balwani, Theranos’ former chief operating officer, has been found guilty of all charges in his criminal trial. Balwani, whose trial began in March, was charged with ten counts of wire fraud and two counts of conspiracy to commit wire fraud. He could face up to 20 years in prison for defrauding investors and Theranos patients.

The verdict comes nearly six months after Elizabeth Holmes was found guilty of defrauding Theranos investors. She also faces up to 20 years in prison, but hasn’t yet been sentenced. During her trial, Holmes testified that Balwani had been controlling and abusive during their relationship. Balwani’s attorneys denied the allegations.

The case against Balwani was similar to the one against Holmes. Like Holmes, Balwani was charged with defrauding Theranos investors as well as patients. Holmes was found guilty on just four of the 11 fraud charges she faced, all of which related to Theranos investors. She was acquitted on charges of defrauding patients. 

Unlike Holmes, Balwani did not take the stand during his three-month trial. His lawyers argued that “he did not control Theranos” and that Holmes was ultimately in charge of running the company. Prosecutors maintained he worked hand-in-hand with Holmes to mislead investors, and that he was the executive responsible for erroneous financial projections claiming the startup would bring in $1 billion in revenue by 2015.

Balwani’s trial didn’t attract the same level of media attention as Holmes’, but his relationship with Holmes played a major role in the widespread fascination surrounding Theranos. Balwani joined Theranos as COO in 2009 and oversaw much of the day-to-day operations of the company’s lab. The two executives hid their longtime romantic relationship from other Theranos employees, as well as the company’s investors and board members. More recently, their relationship was a major focus of The Dropout, a Hulu miniseries about the rise and downfall of Holmes and Theranos.

Developing...

A Seattle jury has found Paige Thompson, a former Amazon software engineer accused of stealing data from Capital One in 2019, guilty of wire fraud and five counts of unauthorized access to a protected computer. The Capital One hack was one of the biggest security breaches in the US and compromised the data of 100 million people in the country, along with 6 million people in Canada. Thompson was arrested in July that year after a GitHub user saw her post on the website sharing information about stealing data from servers storing Capital One information. 

According to the Department of Justice, Thompson used a tool she built herself to scan Amazon Web Services for misconfigured accounts. She then allegedly used those accounts to infiltrate Capital One's servers and download over 100 million people's data. The jury has decided that Thompson violated the Computer Fraud and Abuse Act by doing so, but her lawyers argued that she used the same tools and method also used by ethical hackers.

The Justice Department recently amended the Computer Fraud and Abuse Act to protect ethical or white hat hackers. As long as researchers are investigating or fixing vulnerabilities in "good faith" and aren't using the security holes they discover for extortion or other malicious purposes, they can no longer be charged under the law.

US authorities, however, disagreed with the assertion that she was only trying to expose Capital One's vulnerabilities. The Justice Department said she planted cryptocurrency mining software onto the bank's servers and sent the earnings straight to her digital wallet. She also allegedly bragged about the hack on online forums. 

"Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself," US Attorney Nick Brown said. Thompson could be sentenced with up to 20 years of prison time for wire fraud and up to five years for each charge of illegally accessing a protected computer. Her sentencing hearing is scheduled for September 15th.

As expected, Stellantis, the parent company of Dodge and Jeep, has pleaded guilty to criminal conspiracy charges related to its efforts to conceal the amount of pollution produced by its diesel engines. The world’s fifth-largest automaker agreed this week to pay $300 million in penalties to end a multi-year investigation by the US Justice Department, Reutersreported on Friday.

Federal prosecutors accused Stellantis of violating the Clean Air Act, alleging the automaker attempted to deceive US regulators by selling vehicles it knew did not meet national emissions standards. The Justice Department said Fiat Chrysler Automobiles, which merged with Peugeot parent company PSA to form Stellantis in 2021, installed illegal software designed to cheat government emissions tests.

According to the agency, the company “purposely” programmed its cars to produce fewer emissions during testing than under normal circumstances. The settlement covers approximately 100,000 vehicles sold in the US between 2014 and 2016, including SUVs and pickup trucks produced by the automaker for its Jeep and Ram brands.

In addition to paying a fine, Stellantis has agreed to submit Clean Air Act compliance reports to the Justice Department as part of a three-year probation period. Additionally, three Stellantis employees are awaiting trial for criminal charges related to the case. The deal comes five years after Volkswagen famously pleaded guilty to its own emissions scandal. “Dieselgate” saw the German automaker eventually pay more than $20 billion in fines and legal settlements.

The world’s fifth-largest automaker will reportedly soon plead guilty to end a multi-year investigation into its efforts to conceal the amount of pollution created by its diesel engines. According to Reuters, the US Justice Department and Dodge parent company Stellantis could announce as early as next week that the automaker has agreed to pay $300 million to settle allegations of crminal fraud. Stellantis declined to comment on the report.

The Justice Department began investigating Stellantis around 2019 when the automaker recalled nearly 1 million vehicles in the US and Canada for not meeting federal tailpipe emission standards. As of last year, the agency has announced criminal charges for just three Stellantis employees. The probe involved approximately 100,000 Ram pickup trucks and Jeep SUVs sold in the US.

The deal comes five years after Volkswagen famously pleaded guilty to its own emissions scandal. “Dieselgate” saw the German automaker eventually pay more than $20 billion in fines and legal settlements for installing illegal software designed to cheat government emissions tests. Since then, sales of diesel vehicles have plummeted in Europe and other parts of the world.