Kristi Noem, the governor of South Dakota, has signed an executive order prohibiting government employees, agencies and contractors from downloading and using TikTok on state-owned devices. In her office's announcement, Noem said she issued the order due to growing security concerns that the Chinese Communist Party (CCP) has been using the social media app to gather information from American users and leveraging it to manipulate them. The order is already in effect and also prohibits government personnel from visiting the TikTok website on browsers.

"South Dakota will have no part in the intelligence gathering operations of nations who hate us," Noem said. "The Chinese Communist Party uses information that it gathers on TikTok to manipulate the American people, and they gather data off the devices that access the platform."

US officials have been raising security concerns about TikTok, which is owned by Chinese company ByteDance, over the past few years over the belief that the Chinese government is using it to gather data. In 2020, then-President Trump attempted to block TikTok and WeChat in the US. While that didn't quite go anywhere, nearly the entire US military had banned the app on government-issued devices, calling TikTok a "cybersecurity threat." A couple of Republican Senators also introduced a bill in the same year that would ban all government employees from using TikTok on work-issued smartphones. 

More recently, FCC Commissioner Brendan Carr asked Apple and Google to remove the app from their stores after a BuzzFeed News report came out that China-based ByteDance employees repeatedly accessed US users' private information. TikTok CEO Shou Zi Chew assured Republican Senators in a letter after the report came out that the company is working with Oracle to protect the data of its users in the US "with robust, independent oversight." He also said that TikTok is working towards fully pivoting to Oracle cloud servers in the US to be able to delete US users' data from its own systems.

But Chew's assurances weren't enough to assuage officials' fears: FBI Director Chris Wray warned US lawmakers earlier this month that the Chinese government could use TikTok to launch "influence operations" through its recommendation algorithm or to "technically compromise" millions of devices. A TikTok spokesperson told Reuters that the "FBI's input is being considered as part of [the company's] ongoing negotiations with the US government." They added that TikTok is confident that it is "on a path to fully satisfy all reasonable US national security concerns" after working with the Committee on Foreign Investment in the United States over the past few months. 

You won't have much success finding news of China's growing protests if you search the country's larger cities on Twitter. As TechCrunchreports, analysts have noticed a surge in bots peddling porn and gambling around these queries just as demonstrations flared in Beijing and other cities over the past three days in response to China's "zero-COVID" policies. The spam is making it harder to track the rallies, particularly for local activists who are using Twitter through a VPN to avoid Chinese government censorship of the protests on domestic social networks.

Twitter has effectively dissolved its communications team and hasn't officially commented on the matter. However, The Washington Postnotes a Twitter employee told a researcher that the company is "working to resolve" the bot problem. It was easier to find word of the protests by late Sunday, but spam was still cluttering results. A former staffer told The Post that government-linked Twitter accounts have previously spammed en masse, but usually to attack individual accounts or small groups.

The protests largely grew in the wake of a deadly fire at an apartment in Xinjiang province's capital city Urumqi. Critics blamed the Chinese government's strict COVID-19 lockdown measures for delaying firefighters and otherwise contributing to deaths. Working conditions at a Foxconn factory in Zhengzhou, including concerns about inadequate COVID safety measures, also led to protests. The street action is rare in its intensity — some protesters have called on President Xi Jinping and other members of the Communist Party to resign. Those demands could easily lead to prison time in the country.

There are concerns that Elon Musk's aggressive job cuts may have exacerbated the situation. TechCrunch pointed out that the entrepreneur laid off Twitter's anti-propaganda team, leaving only the core moderation group. Where Twitter previously reacted quickly to China's attempts to undercut Hong Kong protests, it took days to begin curbing spam this time around. The company has resumed hiring, but it's not clear how much support the anti-misinformation unit will get.

The spike also challenges Musk's stance on bots. He tried to back out of the Twitter acquisition over claims the social network was hiding the true number of fake accounts. Spammers and other bogus users may now be more of a problem than they were before, if just because Twitter isn't as well-equipped to deal with the threat.

Senator Ed Markey of Massachusetts is calling on Congress to pass new legislation to rein in tech companies after Twitter boss Elon Musk ignored an information request. “Elon Musk could respond to my tweets but failed to respond to my letter by yesterday’s deadline and answer basic questions about Twitter verification,” Markey tweeted on Saturday.

The senator sent a letter on November 11th about Twitter’s paid account verification feature. Following the initial rollout, trolls could impersonate celebrities, politicians and company brand accounts, the latter leading to real-world effects on stock prices.

Musk addressed one of Markey’s questions when he announced Twitter’s new verification system on Friday. It’ll feature manual authentication and different colored check marks for different types of users. "Gold check for companies, gray check for government, blue for individuals (celebrity or not) and all verified accounts will be manually authenticated before check activates," Musk said. He’s also said sign-ups have hit an all-time high.

– Mat Smith

The Morning After isn’t just a newsletter – it’s also a daily podcast. Get our daily audio briefings, Monday through Friday, by subscribing right here.

The biggest stories you might have missed

• Hitting the Books: Social media's long, pointless war against sex on the internet

• ‘Half-Life: Alyx’ mod adds four hours of single-player content

• ‘Slow Horses’ settles into a familiar but welcome groove

• Ferrari’s Vision hybrid race car arrives in ‘Gran Turismo 7’ on December 23rd

• The Internet Archive’s PalmPilot Emulation project lets you relive tech history

FCC bans telecom and video surveillance gear from Huawei and ZTE

The agency is implementing the rules from the 2021 Secure Equipment Act.

Getty Images

The FCC announced it's officially implementing the Secure Equipment Act, which means some future equipment from Huawei, ZTE, Hytera, Hikvision and Dahua won't be authorized for sale in the US. Existing equipment from those companies, all listed under the FCC's Covered List, aren't affected by the law. Last year, the Biden administration signed into law the Secure Equipment Act, which aimed to block the authorization of network licenses from several Chinese companies whose hardware has been deemed a national security threat.

Continue reading.

NASA’s Orion spacecraft breaks Apollo 13 flight record

The capsule traveled farther than any spacecraft designed to carry humans had before.

NASA

The Artemis 1 Orion crew vehicle has set a record for a NASA flight. On Saturday, Orion flew farther than any spacecraft designed to carry human astronauts had ever before, surpassing the previous record set by Apollo 13 back in 1970 – not that it was the aim of the mission. Funnily enough, it’s fitting that Artemis 1 was the one to do it. As Space.com points out, Apollo 13’s original flight plan didn’t call for a record-setting flight. It was only after a mid-mission explosion forced NASA to plot a new return course that Apollo 13’s Odyssey command module set the previous record at 248,655 miles (400,171 kilometers) from Earth.

Continue reading.

Charles Darwin's full correspondence is now available online

You can read over 15,000 letters from the evolutionary science pioneer.

The University of Cambridge has published all the evolutionary scientist's surviving correspondence online, including 400 letters that have either surfaced or are newly "reinterpreted." The searchable collection now covers over 15,000 letters written between 1822 and 1882, ranging from his influential time aboard the HMS Beagle to On the Origin of Species and his end-of-life reflections. The internet archive may even be the only way to see a fuller picture of Darwin's life. The university notes a print edition of his correspondence, due in early 2023, doesn't include letters that arrived too late to reach physical copies.

Continue reading.

UK aims to ban non-consensual deepfake porn

Critics say other aspects of the proposed legislation pose dangers to privacy and security.

The UK government will amend its Online Safety Bill with measures designed to prohibit abuse of intimate images, whether or not they're real. If the bill becomes law as is, it will be illegal to share deepfake porn without the subject's consent. This would be the first ban on sharing deepfakes in the country, and if the law comes into effect, violating this rule could lead to a prison sentence. Critics have pushed back against certain aspects of the bill, including a revived plan to verify a person's age before permitting them to access adult content online.

Continue reading.

Senator Ed Markey of Massachusetts is calling on Congress to pass new legislation to rein in Big Tech companies after Elon Musk ignored an information request. “Elon Musk could respond to my tweets but failed to respond to my letter by yesterday’s deadline and answer basic questions about Twitter verification,” Markey tweeted Saturday. “Congress must end the era of failed Big Tech self-regulation and pass laws that put user safety over the whims of billionaires.”

Musk had until November 25th to answer a letter the senator sent on November 11th about Twitter’s paid account verification feature. The initial rollout of the new Twitter Blue saw trolls use the service to impersonate celebrities, politicians and brands. Markey sent Musk a list of questions about the launch after The Washington Post created a “verified” account impersonating him. One day after Markey shared a copy of the letter on Twitter, Musk attacked the senator.

“Perhaps it is because your real account sounds like a parody,” Musk tweeted. “And why does your pp have a mask!?” he added a few hours later, referring to Markey’s profile picture, which shows the policymaker wearing a face covering. The exchange prompted Markey to chastise the billionaire. “One of your companies is under an FTC consent decree. Auto safety watchdog NHTSA is investigating another for killing people. And you’re spending your time picking fights online,” the senator said. “Fix your companies. Or Congress will.”

As of the writing of this article, Musk has yet to respond to Markey’s latest tweet. It’s hard to say whether the senator’s call will translate to legislative action, particularly with a split between the House of Representatives and Senate. Musk did appear to answer at least one of Markey’s questions when he announced Twitter’s new verification system on Friday. The latest iteration of the program will feature manual authentication and different colored check marks for different types of users. "Gold check for companies, grey check for government, blue for individuals (celebrity or not) and all verified accounts will be manually authenticated before check activates," he said.

Last year, the Biden administration signed the Secure Equipment Act into law, which aimed to block the authorization of network licenses from several Chinese companies whose hardware has been deemed a national security threat. Today, the FCC announced that it's officially implementing that ruling, which means some future equipment from Huawei, ZTE, Hytera, Hikvision and Dahua won't be authorized for sale in the US. Existing equipment from those companies, which are all listed under the FCC's "Covered List," aren't affected by the law.

“The FCC is committed to protecting our national security by ensuring that untrustworthy communications equipment is not authorized for use within our borders, and we are continuing that work here,” FCC Chairwoman Jessica Rosenworcel said in a statement. “These new rules are an important part of our ongoing actions to protect the American people from national security threats involving telecommunications.”

To be clear, the FCC isn't completely blocking all hardware from these companies. And for some, like Hytera, Hikvision and Dahua, Rosenworcel writes that it's specifically focusing on gear related to "the purpose of public safety, security of government facilities, physical surveillance of critical infrastructure, and other national security purposes." If those companies can show that they're not marketing that equipment for government use — for example, directing it consumers instead — they may be able get authorized by the FCC.

This latest move follows years of conflict between the US and companies closely tied to Chinese governments. That's included placing several notable Chinese companies, including DJI, on the Department of Commerce's "Entity List," which prohibits US firms from selling equipment to them. The FCC is also calling for $5 billion to help US carriers with the massive task of replacing equipment from Huawei and ZTE.

The UK government will amend its Online Safety Bill with measures designed to prohibit abuse of intimate images, whether or not they're real. If the bill becomes law as is, it will be illegal to share deepfake porn without the subject's consent. This would be the first ban on sharing deepfakes in the country and if the law comes into effect, violating this rule could lead to a prison sentence.

Additionally, the Ministry of Justice aims to ban "downblousing," which it describes as an incident "where photos are taken down a woman’s top without consent." The country banned upskirt photos, which are exactly what the term suggests, in 2019. Furthermore, the government wants to make it illegal to install certain equipment, including hidden cameras, to capture images of someone without their consent.

The UK banned revenge porn in 2015 and the government is aiming to expand the scope to make it illegal for anyone to share any intimate image of someone without consent. As it stands, prosecutors have to prove that the perpetrator had "intent to cause distress." Based on recommendations from the Law Commission, the government also intends to establish two additional serious offenses, which are "based on intent to cause humiliation, alarm, or distress and for obtaining sexual gratification." Officials already intended to outlaw cyberflashing, or sending unsolicited nudes, as part of the Online Safety Bill.

"We must do more to protect women and girls, from people who take or manipulate intimate photos in order to hound or humiliate them," Dominic Raab, the deputy prime minister and secretary of state for justice, said. "Our changes will give police and prosecutors the powers they need to bring these cowards to justice and safeguard women and girls from such vile abuse."

The government hasn't yet released the text of the amended Online Safety Bill. "The government will bring forward the wider package of changes as soon as parliamentary time allows and will announce further details in due course," the Ministry of Justice said. The bill has been delayed several times but it's set to return to parliament in December. 

As TechCrunch notes, though, finding parliamentary time to formally read the amended bill, then to eventually debate and vote on it, may not be easy. It's unclear whether the government will be able to pass the legislation before the next general election is called within the next two years.

Critics have pushed back against certain aspects of the bill, including a revived plan to verify a person's age before permitting them to access adult content online. For many reasons, that measure may not be workable in practice.

The proposed legislation has also been described as a threat to free speech. On Thursday, an open letter to Prime Minister Rishi Sunak signed by 70 cyber security experts, organizations and elected officials laid out some of the dangers to privacy and security that the bill poses. Among other issues, the signatories argued that the Online Safety Bill includes "clauses that would erode end-to-end encryption in private messaging." The letter adds that UK businesses would have less data flow protection than counterparts in the US and EU, "leaving them more susceptible to cyberattacks and intellectual property theft."

"The bill is a deeply flawed censorship proposal that would allow UK residents to be thrown in jail for what they say online," the Electronic Frontier Foundation said this week. "It would also force online service providers to use government-approved software to search for user content that is deemed to be related to terrorism or child abuse. In the process, it will undermine our right to have a private conversation, and the technologies that protect that right, like end-to-end encryption."

Twitter's Brussels office is no more, according to reports, which could make it more difficult for the company to adhere to new European Union regulations regarding content moderation. The number of people employed at the office dropped from six to two after new owner Elon Musk cut the workforce in half. The remaining executives, Julia Mozer and Dario La Nasa, left Twitter last week, according to the Financial Times — just as Musk told employees to commit to his vision for a "hardcore" Twitter 2.0 or leave.

Mozer and La Nasa oversaw public policy for Twitter in Europe. They were in charge of efforts to make sure Twitter complies with the EU's disinformation code as well as the Digital Services Act. The DSA came into force last week and will apply to companies starting in February 2024. It gives EU governments more power over how platforms moderate content and when tech companies have to take down illegal content. Platforms will need to be transparent about the reasons for content moderation decisions. Affected users will have the right to challenge moderation decisions if their content is removed or access to it is restricted.

If Twitter fails to comply with the DSA's rules, it faces potentially heavy penalties. Regulators could fine Twitter up to six percent of its global turnover or even ban the platform. EU internal market commissioner Thierry Breton has warned Musk that Twitter needs to abide by the bloc's content regulations.

Twitter no longer has a communications department that can be asked for comment. Musk said early Thursday that the "general idea" is to limit moderation rules to "illegal content." Minutes earlier, he asked users to reply to him with "anything that Twitter needs to address" in terms of child exploitation on the platform. Regulations about which content is legal can vary significantly by jurisdiction (Germany has fairly strict social media edicts, for instance), and having fewer staff dedicated to ensuring Twitter plays by the rules could make it more difficult for the company to do so.

“I am concerned about the news of firing such a vast amount of staff of Twitter in Europe,” Věra Jourová, an EU vice president who is in charge of the bloc's disinformation code, told the Financial Times. “If you want to effectively detect and take action against disinformation and propaganda, this requires resources. Especially in the context of Russian disinformation warfare, I expect Twitter to fully respect the EU law and honor its commitments."

Meanwhile, several Democratic senators have asked the Federal Trade Commission to determine whether the company has broken consumer protection laws or violated a consent decree with the agency. Among other things, the latter requires Twitter to review new features for potential privacy issues. Earlier this month, it was reported that Twitter engineers have to "self-certify" that they're complying with FTC rules and other laws. The FTC recently said it's “tracking recent developments at Twitter with deep concern.”

The San Francisco Police Department is currently petitioning the city's Board of Supervisors for permission to deploy robots to kill suspects that law enforcement deems a sufficient threat that the "risk of loss of life to members of the public or officers is imminent and outweighs any other force option available to SFPD." The draft policy, which was written by the SFPD itself, also seeks to exclude "hundreds of assault rifles from its inventory of military-style weapons and for not include personnel costs in the price of its weapons," according to a report from Mission Local.  

As Mission Local notes, this proposal has already seen significant opposition from both within and without the Board. Supervisor Aaron Peskin, initially pushed back against the use of force requirements, inserting “Robots shall not be used as a Use of Force against any person," into the policy language. The SFPD removed that wording in a subsequent draft, which I as a lifelong San Francisco resident did not know was something that they could just do. The three-member Rules Committee, which Peskin chairs, then unanimously approved that draft and advanced it to the full Board of Supervisors for a vote on November 29th. Peskin excused his decision by claiming that “there could be scenarios where deployment of lethal force was the only option.”

The police force currently maintains a dozen fully-functional remote-controlled robots, which are typically used for area inspections and bomb disposal. However, as the Dallas PD showed in 2016, they make excellent bomb delivery platforms as well. Bomb disposal units are often equipped with blank shotgun shells used to forcibly disrupt an explosive device's internal workings, though there is nothing stopping police from using live rounds if they needed, as Oakland police recently acknowledged to that city's civilian oversight board. 

While San Francisco has never explicitly allowed for robots to take human lives, lethal autonomous weapons (LAWs), are increasingly common in modern warfare. Anti-personnel mines, one of the earliest iterations of automated weaponry, have been banned since 1997 (but tell that to the mines already in the ground) and fully automated defenses like shipboard Phalanx systems have been in use since the 1970s. Autonomous offensive systems, such as UAVs and combat drones, have been used for years but have always required a "human in the loop" to bear the responsibility of actually firing the weapons. Now, the SFPD — the same department that regularly costs the city six-figure settlements for its excessive use of force and obstructs investigations into its affinity for baton-based beatings — wants to wield that same life-and-death power over San Francisco's civilians.

Cryptocurrency mining companies hoping to set up shop in New York State may bump into some limits. Governor Kathy Hochul has signed legislation restricting crypto mining in the country, making it the first state to clamp down on the practice. The environment-focused law establishes a two-year freeze on new and renewed air permits for fossil fuel power plants used for mining that uses demanding "proof-of-work" authentication. The Department of Environmental Conservation will also have to study if and how crypto mining hurts the government's climate change mitigation efforts.

The bill passed the state legislature in June, but didn't reach Hochul's desk until this Tuesday. It wasn't guaranteed to become law. The Hillnotes that the governor didn't commit to signing the measure during an October election debate. Her main opponent, Lee Zeldin, said he wouldn't sign the bill if he were in a position to do so.

Politicians and environmental groups have worried that crypto mining, particularly that involving proof-of-work, consumes too much energy. The computationally intensive process adds to the load on the electrical grid, and has even prompted some mining outfits in New York to build natural gas-based power plants to sustain their operations. The cryptocurrency world has sometimes tried to minimize the impact. Ethereum, for instance, recently completed a merge to a less energy-hungry "proof-of-stake" system that revolves around validation from certain users.

It's not certain if other states will follow suit. Democratic Senators have pressured Texas to take action on crypto mining energy demands, but that state's government hasn't budged so far. Not surprisingly, crypto proponents have also balked at laws limiting their activity. The Chamber of Digital Commerce claimed New York's law sets a "dangerous precedent," and that proof-of-work mining played a role in economic growth. There's also the question of effectiveness — New York's law might drive some miners to states with looser policies.

You're not the only one tired of ringless voicemails that put spam in your inbox. The Federal Communications Commission has determined that these silent voicemails are covered by the same Telephone Consumer Protection Act (TCPA) rules that forbid robocalls without consent. Companies need your permission to leave these junk messages as they're still considered calls, the FCC says. The ruling takes effect today.

The finding comes five years after marketers first asked for exemptions to the regulations surrounding ringless voicemails, the FCC says. The requests, from All About the Message and two other petitioners, reportedly drew "overwhelming" negative feedback from public commenters. The Commission added that it receives "dozens" of complaints about these voicemails each year. FCC chair Jessica Rosenworcel proposed extending the TCPA to this spam in February.

As with other robocall crackdowns, there's no guarantee the voicemails will stop. Spammers may find alternate avenues to deliver these messages, and the FCC can only do so much to limit spam originating outside the US. However, this does establish firm boundaries inside the country — companies who flout the rules risk FCC action and customer lawsuits that could prove costly.