Netflix lost more than one million users in Spain in the first three months of 2023 according to market research group Kantar, a sign that the streaming giant's crackdown on password-sharing could backfire. From a report: In early February, Spain became one of Netflix's first markets to introduce a monthly fee for users who shared their log-in details with another household and technical measures to detect such sharing. The move was linked to a fall in users of more than a million, two thirds of whom were using someone else's password, according to Kantar's research, which is based on surveys of household streaming habits.

"It's clear this steep drop is due to the crackdown," said Dominic Sunnebo, global insight director at Kantar's Worldpanel Division, adding that the loss of a million users, even if most weren't paid subscribers, would be a blow to Netflix in terms of word of mouth recommendation for its shows and service. Subscription cancellations in the first quarter tripled compared to the previous period, according to Kantar's research. Of all remaining Netflix subscribers in Spain, one-tenth said they planned to unsubscribe in the second quarter. Spanish subscribers are charged $6.57 a month to add members outside their household. A similar fee was introduced in Portugal, Canada and New Zealand after a roll-out in several Latin American countries.

ChatGPT, OpenAI's large language model for chatbots, not only produces mostly insecure code but also fails to alert users to its inadequacies despite being capable of pointing out its shortcomings. The Register reports: Amid the frenzy of academic interest in the possibilities and limitations of large language models, four researchers affiliated with Universite du Quebec, in Canada, have delved into the security of code generated by ChatGPT, the non-intelligent, text-regurgitating bot from OpenAI. In a pre-press paper titled, "How Secure is Code Generated by ChatGPT?" computer scientists Raphael Khoury, Anderson Avila, Jacob Brunelle, and Baba Mamadou Camara answer the question with research that can be summarized as "not very."

"The results were worrisome," the authors state in their paper. "We found that, in several cases, the code generated by ChatGPT fell well below minimal security standards applicable in most contexts. In fact, when prodded to whether or not the produced code was secure, ChatGPT was able to recognize that it was not." [...] In all, ChatGPT managed to generate just five secure programs out of 21 on its first attempt. After further prompting to correct its missteps, the large language model managed to produce seven more secure apps -- though that's "secure" only as it pertains to the specific vulnerability being evaluated. It's not an assertion that the final code is free of any other exploitable condition. [...]

The academics observe in their paper that part of the problem appears to arise from ChatGPT not assuming an adversarial model of code execution. The model, they say, "repeatedly informed us that security problems can be circumvented simply by 'not feeding an invalid input' to the vulnerable program it has created." Yet, they say, "ChatGPT seems aware of -- and indeed readily admits -- the presence of critical vulnerabilities in the code it suggests." It just doesn't say anything unless asked to evaluate the security of its own code suggestions.

Initially, ChatGPT's response to security concerns was to recommend only using valid inputs -- something of a non-starter in the real world. It was only afterward, when prompted to remediate problems, that the AI model provided useful guidance. That's not ideal, the authors suggest, because knowing which questions to ask presupposes familiarity with specific vulnerabilities and coding techniques. The authors also point out that there's ethical inconsistency in the fact that ChatGPT will refuse to create attack code but will create vulnerable code.

Canada's $190bn Ontario Teachers' Pension Plan says it is steering clear of the cryptocurrency sector after writing off a $95mn investment in FTX, the failed digital currency exchange. From a report: OTPP was among a number of big-name money managers to back FTX, with investments in 2021 and early 2022. The move was widely seen as a sign that high-profile, blue-chip investors were giving their stamp of approval to the fast-growing but lightly regulated crypto sector. But in November 2022 OTPP wrote off its entire stake, following FTX's dramatic collapse. The exchange's high-profile founder, Sam Bankman-Fried, is now facing fraud charges. "We're still working through what exactly happened there and you're going to be careful," OTPP chief executive Jo Taylor told the Financial Times. "It'd be unwise for us to rush" into another crypto investment based in part on "feedback from our members," he added.

An anonymous reader quotes a report from Ars Technica: A Montreal man spent years trying to hold Google accountable for search results linking to a defamatory post falsely accusing him of pedophilia that he said ruined his career. Now Google must pay $500,000 after a Quebec Supreme Court judge ruled that Google relied on an "erroneous" interpretation of Canadian law in denying the man's requests to remove the links. "Google variously ignored the Plaintiff, told him it could do nothing, told him it could remove the hyperlink on the Canadian version of its search engine but not the US one, but then allowed it to re-appear on the Canadian version after a 2011 judgment of the Supreme Court of Canada in an unrelated matter involving the publication of hyperlinks," judge Azimuddin Hussain wrote in his decision (PDF) issued on March 28.

The plaintiff was granted anonymity throughout the proceedings. Google has been ordered not to disclose any identifiable information about him in connection to the case for 45 days. The tech company must also remove all links to the defamatory post in search results viewable in Quebec. [...] Instead of compensatory and punitive damages originally sought -- amounting to $6 million -- the man was awarded $500,000 for moral injuries caused after successfully arguing that he lost business deals and suffered strains on his personal relationships due to being wrongly stigmatized as a pedophile. Hussain described the plaintiff's experience battling Google to preserve his reputation as a "waking nightmare." Due to Google's refusals to remove the defamatory posts, the man "found himself helpless in a surreal and excruciating contemporary online ecosystem as he lived through a dark odyssey to have the Defamatory Post removed from public circulation," Hussain wrote. The plaintiff, now in his early 70s, has the option to appeal the judge's order that Google may not release any of his identifiable information for 45 days.

An anonymous reader quotes a report from TorrentFreak: Last year, a U.S. federal court handed a 40-month prison sentence to Gary Bowser. The Canadian pleaded guilty to being part of the Nintendo hacking group "Team Xecuter" and has now served his time. In part due to his good behavior, Bowser got an early release from federal prison. [...] In a recent video interview with Nick Moses, Bowser explains that he was released from federal prison on March 28th. He is currently in processing at the Northwest Detention Center in Tacoma, Washington, to prepare for his return to Canada.

What his life will look like in Canada remains uncertain. However, in federal prison, Bowser has shown that he doesn't shy away from putting in work and helping other people in need. Aside from his prison job, he spent several nightly hours on suicide watch. The prison job brought in some meager income, a large part of which went to pay for the outstanding restitution he has to pay, which is $14.5 million in total. Thus far, less than $200 has been paid off. "I've been making payments of $25 per month, which they've been taking from my income because I had a job in federal prison. So far I paid $175," Bowser tells Nick Moses.

If Bowser manages to find a stable source of income in Canada, Nintendo will get a chunk of that as well. As part of a consent judgment, he agreed to pay $10 million to Nintendo, which is the main restitution priority. "The agreement with them is that the maximum they can take is 25 to 30 percent of your gross monthly income. And I have up to six months before I have to start making payments," Bowser notes. At that rate, it is unlikely that Nintendo will ever see the full amount. Or put differently, Bowser will carry the financial consequences of his Team-Xecuter involvement for the rest of his life.

Netflix is planning a "broad rollout" of the password sharing crackdown that it began implementing in 2022, the company said today in its Q1 2023 earnings report (PDF). MacRumors reports: The "paid sharing" plan that Netflix has been testing in a limited number of countries will expand to additional countries in the second quarter, including the United States. Netflix said that it was "pleased with the results" of the password sharing restrictions that it implemented in Canada, New Zealand, Spain, and Portugal earlier this year. Netflix initially planned to start eliminating password sharing in the United States in the first quarter of the year, but the company said that it had learned from its tests and "found opportunities to improve the experience for members." There is a "cancel reaction" expected in each market where paid sharing is implemented, but increased revenue comes later as borrowers activate their own Netflix accounts and existing members add "extra member" accounts.

In Canada, paid sharing resulted in a larger Netflix membership base and an acceleration in revenue growth, which has given Netflix the confidence to expand it to the United States. When Netflix brings its paid sharing rules to the United States, multi-household account use will no longer be permitted. Netflix subscribers who share an account with those who do not live with them will need to pay for an additional member. In Canada, Netflix charges $7.99 CAD for an extra member, which is around $6. [...] Netflix claims that more than 100 million households are sharing accounts, which is impacting its ability to "invest in and improve Netflix" for paying members.

In March U.S. President Joe Biden "signed an executive order that limits U.S. government agencies from using commercially available spyware," writes EFF senior policy analyst Matthew Guariglia.

"But that doesn't mean there will be no government use of spyware in the United States...." The executive order arrived only days before revelations that the United States, which was previously thought to have steered clear of some of the most infamous foreign spyware products, actually had a contract to test and deploy the notorious Pegasus created by Israeli company NSO Group. The contract was signed under a fake name on November 8, 2021 between an organization that acts as a front for the U.S. government and an American affiliate of NSO group. Only five days before, on November 3, 2021, the U.S. Commerce Department added NSO Group and other foreign spyware companies to a blacklist — the "Entity List for engaging in activities that are contrary to the national security or foreign policy interests of the United States." So the signing of this straw contract was in apparent breach of this ban. NSO Group is just one of the companies that should be covered by the new executive order....

Though the NSO Group's Pegasus spyware has garnered particular attention for its widespread use against human rights advocates, journalists, and politicians, the executive order did not name any company specifically, keeping the policy broad. This may lead some government agencies to think that their purchase of foreign spyware might fly under the radar if it comes from another, smaller vendor, or the vendor can plausibly deny that it is really spyware that they are selling. We urge the Biden administration to publish a non-exhaustive list of spyware companies included as part of this ban. That would send a clear message to agencies who wish to exploit any ambiguity in order to skirt the law.
The EFF applauds the U.S. order for specyfing ways in which spyware is not to be used — including a ban on its use against journalists, activists, political figures, and any U.S. person "without proper legal authorization, safeguards, and oversight." And the EFF also notes positive signs of progress towards stopping government misuse of spyware:
Building upon the U.S. executive order, a global coalition of eleven countries, including Australia, Canada, Costa Rica, Denmark, France, New Zealand, Norway, Sweden, Switzerland, the United Kingdom, and the United States, are working towards a common goal of countering the misuse of commercial spyware. This alliance is committed to establishing robust guardrails and procedures that uphold fundamental human rights, civil liberties, and the rule of law, within each of their respective systems.
But the EFF also points out the biggest concern of the U.S. government appears to be with the dangers in spyware that's foreign made. "While this signals discomfort with foreign-made spyware, no one should take this as an indication that the U.S. government is averse to using similar technologies developed internally, or indeed acquiring foreign spyware companies for domestic use.

"Given the government's long history of using and abusing incredibly invasive techniques, people in the United States should push for robust human rights safeguards to ensure the government won't proceed with only the minor restrictions of this executive order to rein them in."

Several government cybersecurity agencies united to urge secure-by-design and secure-by-default software. Releasing "joint guidance" for software manufactuers were two U.S. security agencies — the FBI and the NSA — joined with the U.S. Cybersecurity and Infrastructure Security Agency and the cybersecurity authorities of Australia, Canada, the United Kingdom, Germany, Netherlands, and New Zealand. "To create a future where technology and associated products are safe for customers," they wrote in a joint statement, "the authoring agencies urge manufacturers to revamp their design and development programs to permit only secure-by-design and -default products to be shipped to customers."

The Washington Post reports: Software manufacturers should put an end to default passwords, write in safer programming languages and establish vulnerability disclosure programs for reporting flaws, a collection of U.S. and international government agencies said in new guidelines Thursday. [The guidelines also urge rigorous code reviews.]

The "principles and approaches" document, which isn't mandatory but lays out the agencies' views on securing software, is the first major step by the Biden administration as part of its push to make software products secure as part of the design process, and to make their default settings secure as well. It's part of a potentially contentious multiyear effort that aims to shift the way software makers secure their products. It was a key feature of the administration's national cybersecurity strategy, which was released last month and emphasized shifting the burden of security from consumers — who have to manage frequent software updates — to the companies that make often insecure products... The administration has also raised the prospect of legislation on secure-by-design and secure-by-default, but officials have said it could be years away....

The [international affairs think tank] Atlantic Council's Cyber Statecraft Initiative has praised the Biden administration's desire to address economic incentives for insecurity. Right now, the costs of cyberattacks fall on users more than they do tech providers, according to many policymakers. "They're on a righteous mission," Trey Herr, director of the Atlantic Council initiative, told me. If today's guidelines are the beginning of the discussion on secure-by-design and secure-by-default, Herr said, "this is a really strong start, and an important one."

"It really takes aim at security features as a profit center," which for some companies has led to a lot of financial growth, Herr said. "I do think that's going to rub people the wrong way and quick, but that's good. That's a good fight."
In the statement CISA's director says consumers also have a role to play in this transition. "As software now powers the critical systems and services we collectively rely upon every day, consumers must demand that manufacturers prioritize product safety above all else."

Among other things, the new guidelines say that manufacturers "are encouraged make hard tradeoffs and investments, including those that will be 'invisible' to the customers, such as migrating to programming languages that eliminate widespread vulnerabilities."

Alphabet's Google received a mixed ruling on Thursday from a San Francisco federal judge in a patent lawsuit brought by Sonos over wireless audio technology, failing to invalidate all of the patents before a trial but narrowing Sonos' claims. Reuters reports: The case, set for trial May 8, is part of a contentious intellectual property dispute between the former business partners over their smart speakers that includes lawsuits in the United States, Canada, France, Germany and the Netherlands. Sonos won a limited import ban on some Google devices from the U.S. International Trade Commission (ITC) last year, while Google has sued Sonos for patent infringement at the ITC and in California. [...]

Sonos accused Google in the San Francisco case of infringing four patents related to multi-room wireless speaker technology. U.S. District Judge William Alsup previously invalidated one of the patents and determined Google infringed another. Alsup found Thursday that a second Sonos patent was also invalid, but rejected Google's request to cancel the remaining two patents before trial. The judge also said Google did not infringe one of the surviving patents willfully, reducing Sonos' potential damages. Alsup also said he would hold a separate bench trial after the jury trial to determine whether Google's redesigned speakers infringe Sonos' patents.

Ford said Tuesday it will spend $1.34 billion (C$1.8B) to turn its 70-year-old Oakville facility in Canada into an assembly plant for its next-generation of electric vehicles. TechCrunch reports: The campus, which first opened in 1953, will be renamed Oakville Electric Vehicle Complex. The company said Tuesday it will begin modernizing the 487-acre site in the second quarter of 2024. The upgrade includes completely retooling the facility that currently produces the internal combustion engine-powered Ford Edge and Lincoln Nautilus to own that only produces EVs. This is the first time that Ford has completely retooled an existing plant for EVs in North America.

Ford also plans to add a 407,000-square-foot battery plant that will use cells and arrays from its BlueOval SK Battery Park in Kentucky. Workers will assemble the components into battery packs and then install them into EVs produced at the plant. "I'm most excited for the world to see the incredible next-generation electric and fully digitally connected vehicles produced in Oakville," CEO Jim Farley said in a statement.

The Biden administration is planning some of the most stringent auto pollution limits in the world, designed to ensure that all-electric cars make up as much as 67 percent of new passenger vehicles sold in the country by 2032, The New York Times reported, citing two people familiar with the matter. From the report: That would represent a quantum leap for the United States -- where just 5.8 percent of vehicles sold last year were all-electric -- and would exceed President Biden's earlier ambitions to have all-electric cars account for half of those sold in the country by 2030. It would be the federal government's most aggressive climate regulation and would propel the United States to the front of the global effort to slash the greenhouse gases generated by cars, a major driver of climate change. The European Union has already enacted vehicle emissions standards that are expected to phase out the sale of new gasoline-powered vehicles by 2035. Canada and Britain have proposed standards similar to the European model.

At the same time, the proposed regulation would pose a significant challenge for automakers. Nearly every major car company has already invested heavily in electric vehicles, but few have committed to the levels envisioned by the Biden administration. And many have faced supply chain problems that have held up production. Even manufacturers who are enthusiastic about electric models are unsure whether consumers will buy enough of them to make up the majority of new car sales within a decade. The action from the E.P.A. is likely to hearten climate activists, who are angry over the Biden administration's recent decision to approve an enormous oil drilling project on federal land in Alaska. Some inside the administration argue that speeding up a transition to renewable energy, with most Americans driving electric vehicles, would lessen demand for oil drilled in Alaska or elsewhere.

The company behind ChatGPT will propose measures to resolve data privacy concerns that sparked a temporary Italian ban on the artificial intelligence chatbot, regulators said Thursday. The Associated Press reports: In a video call late Wednesday between the watchdog's commissioners and OpenAI executives including CEO Sam Altman, the company promised to set out measures to address the concerns. Those remedies have not been detailed. The Italian watchdog said it didn't want to hamper AI's development but stressed to OpenAI the importance of complying with the 27-nation EU's stringent privacy rules. The regulators imposed the ban after some users' messages and payment information were exposed to others. They also questioned whether there's a legal basis for OpenAI to collect massive amounts of data used to train ChatGPT's algorithms and raised concerns the system could sometimes generate false information about individuals.

Other regulators in Europe and elsewhere have started paying more attention after Italy's action. Ireland's Data Protection Commission said it's "following up with the Italian regulator to understand the basis for their action and we will coordinate with all EU Data Protection Authorities in relation to this matter." France's data privacy regulator, CNIL, said it's investigating after receiving two complaints about ChatGPT. Canada's privacy commissioner also has opened an investigation into OpenAI after receiving a complaint about the suspected "collection, use and disclosure of personal information without consent." In a blog post this week, the U.K. Information Commissioner's Office warned that "organizations developing or using generative AI should be considering their data protection obligations from the outset" and design systems with data protection as a default. "This isn't optional -- if you're processing personal data, it's the law," the office said.

In an apparent response to the concerns, OpenAI published a blog post Wednesday outlining its approach to AI safety. The company said it works to remove personal information from training data where feasible, fine-tune its models to reject requests for personal information of private individuals, and acts on requests to delete personal information from its systems.

A NASA instrument to provide unprecedented resolution of monitoring major air pollutants -- down to four square miles -- lifted off on its way to geostationary orbit at 12:30 a.m. EDT Friday. The Tropospheric Emissions: Monitoring of Pollution (TEMPO) instrument will improve life on Earth by revolutionizing the way scientists observe air quality from space. From a report: "The TEMPO mission is about more than just studying pollution -- it's about improving life on Earth for all. By monitoring the effects of everything from rush-hour traffic to pollution from forest fires and volcanoes, NASA data will help improve air quality across North America and protect our planet," said NASA Administrator Bill Nelson. [...] From a fixed geostationary orbit above the equator, TEMPO will be the first space-based instrument to measure air quality over North America hourly during the daytime and at spatial regions of several square miles -- far better than existing limits of about 100 square miles in the U.S. TEMPO data will play an important role in the scientific analysis of pollution, including studies of rush hour pollution, the potential for improved air quality alerts, the effects of lightning on ozone, the movement of pollution from forest fires and volcanoes, and even the effects of fertilizer application.

TEMPO's observations will dramatically improve the scientific data record on air pollution -- including ozone, nitrogen oxide, sulfur dioxide and formaldehyde -- not only over the continental United States, but also Canada, Mexico, Cuba, the Bahamas, and part of the island of Hispaniola. "Our TEMPO slogan is 'It's about time,' which hints at TEMPO's ability to provide hourly air pollution data," said Xiong Liu, deputy principal investigator for TEMPO at the Center for Astrophysics, Harvard & Smithsonian in Cambridge, Massachusetts. "After working on the TEMPO for more than 10 years, it is about time to launch TEMPO to produce real TEMPO data and start the new era of air quality monitoring over North America."

Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. KrebsOnSecurity reports: Sources tell KrebsOnsecurity the domain seizures coincided with "dozens" of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly-stolen data. Active since 2018, Genesis Market's slogan has long been, "Our store sells bots with logs, cookies, and their real fingerprints." Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials.

But earlier today, multiple domains associated with Genesis had their homepages replaced with a seizure notice from the FBI, which said the domains were seized pursuant to a warrant issued by the U.S. District Court for the Eastern District of Wisconsin. But sources close to the investigation tell KrebsOnSecurity that law enforcement agencies in the United States, Canada and across Europe are currently serving arrest warrants on dozens of individuals thought to support Genesis, either by maintaining the site or selling the service bot logs from infected systems. The seizure notice includes the seals of law enforcement entities from several countries, including Australia, Canada, Denmark, Germany, the Netherlands, Spain, Sweden and the United Kingdom. [...]

One feature of Genesis that sets it apart from other bot shops is that customers can retain access to infected systems in real-time, so that if the rightful owner of an infected system creates a new account online, those new credentials will get stolen and displayed in the web-based panel of the Genesis customer who purchased that bot. "While some infostealers are designed to remove themselves after execution, others create persistent access," reads a March 2023 report from cybersecurity firm SpyCloud. "That means bad actors have access to the current data for as long as the device remains infected, even if the user changes passwords. SpyCloud says Genesis even advertises its commitment to keep the stolen data and the compromised systems' fingerprints up to date. "According to our research, Genesis Market had more than 430,000 stolen identities for sale as of early last year -- and there are many other marketplaces like this one," the SpyCloud report concludes.

Hong Kong's attempt to attract cryptocurrency companies is getting help from an intensifying crackdown by American regulators. From a report: The city was once home to a number of prominent companies, including Crypto.com, BitMEX and now-bankrupt FTX. But increasing competition from Singapore, concerns about China's tough approach to crypto and Hong Kong's prolonged and strict response to Covid-19 meant many companies in the sector left. Hong Kong is now determined to bring some of that action back, in contrast with the U.S. In the past few weeks alone, U.S. regulators have cut off access to crypto products and services, targeted crypto friendly banks, brought civil charges against celebrities said to have touted digital assets and sued exchanges including Binance, the operator of the world's largest crypto exchange. Prosecutors have also accused FTX founder Sam Bankman-Fried, who was based in Hong Kong at one point, of conspiring to bribe Chinese government officials in their latest indictment.

"The U.S. being more stringent these days than ever on crypto and Hong Kong regulating in a more favorable way...is going to clearly shift the center of gravity of crypto assets trading and investments more towards Hong Kong," said Ambre Soubiran, chief executive of Kaiko, a digital assets data provider based in Paris. "We want to be where our clients are," she said. Hong Kong's Securities and Futures Commission proposed a new licensing framework in February, focusing on investor protection. A senior official said at a briefing that the regulator wanted to prevent a recurrence of the problems that brought down FTX, as well as other fraudulent behavior. More than 20 crypto and blockchain companies from mainland China, Europe, Canada and Singapore have told the government they are planning to establish a presence in Hong Kong, while over 80 firms have expressed interest in doing so, according to official figures.

Australia will announce a ban on TikTok on government phones this week, following other countries in barring the Chinese-owned video app over security concerns, Australian newspapers reported late on Monday. From a report: Prime Minister Anthony Albanese agreed to a government-wide ban on the use of TikTok after the completion of a review by the Home Affairs department, The Australian newspaper reported. Victoria state will also ban the short video app from government phones, The Age newspaper reported, quoting a state government official as saying Victoria would follow the federal government's guidance. The United States, Britain, New Zealand, Canada, Belgium and the European Commission have already banned the app from official devices over security concerns./i

It was exactly 30 years ago that The X-Files began filming in Vancouver. Now X-Files creator Chris Carter tells CBC's On the Coast that the groundbreaking TV series is going to be "remounted" by Black Panther director Ryan Coogler: Carter says he thinks the series would need to be significantly tweaked for current audiences. "We're so steeped in conspiracies now," he said. "The X-Files dealt with a central conspiracy, but now the world is so full of conspiracies that I think that it would be a different show."
The original X-Files series is available for streaming on Disney+. (And Wikipedia notes there was also a six-episode 10th season ran in 2016 and a 10-episode 11th in 2018.) There was also a Lone Gunmen spin-off series in 2001 (co-created by Vince Gilligan, who went on to produce and create Breaking Bad).

The CBC also reports that a documentary about the show will be released this fall. "Superfans Lauren Krattiger and Carly Blake have created The X-Files Fan Retrospective, where they conducted more than 90 interviews with crew members, cast and fans to memorialize the show and its impact."

But don't get your hopes up for an X-Files cartoon. "A few years ago it was announced that Chris Carter was developing an X-Files animated series titled The X-Files: Albuquerque..." writes GeekTyrant, "but unfortunately, it's no longer moving forward at Fox." It was going to revolve around an "office full of misfit agents who investigate X-Files cases too wacky, ridiculous or downright dopey for Mulder and Scully to bother with." It's explained that these agents are basically the X-Files' B-team.
Thanks to Slashdot reader GoJays for sharing the news.

An anonymous reader quotes a report from Ars Technica: Like in other parts of the world, Canada is working out what the right to repair means for its people. The federal government said in its 2023 budget released Tuesday that it will bring the right to repair to Canada. At the same time, it's considering a universal charging port mandate like the European Union (EU) is implementing with USB-C. The Canadian federal government's 2023 budget introduces the right to repair under the chapter "Making Life More Affordable and Supporting the Middle Class." It says that the "government will work to implement a right to repair, with the aim of introducing a targeted framework for home appliances and electronics in 2024." The government plans to hold consultations on the matter and claimed it will "work closely with provinces and territories" to implement the right to repair in Canada:

"When it comes to broken appliances or devices, high repair fees and a lack of access to specific parts often mean Canadians are pushed to buy new products rather than repairing the ones they have. This is expensive for people and creates harmful waste. Devices and appliances should be easy to repair, spare parts should be readily accessible, and companies should not be able to prevent repairs with complex programming or hard-to-obtain bespoke parts. By cutting down on the number of devices and appliances that are thrown out, we will be able to make life more affordable for Canadians and protect our environment."

The budget also insinuates that right-to-repair legislation can make third-party repairs cheaper than getting a phone, for example, repaired by the manufacturer, where it could cost "far more than it should." Canada's 2023 budget also revealed the government's interest in introducing a standard charging port for electronics. The budget says the government "will work with international partners and other stakeholders to explore implementing a standard charging port in Canada." It says a universal charging port could help residents save money and e-waste. "Every time Canadians purchase new devices, they need to buy new chargers to go along with them, which drives up costs and increases electronic waste," the budget says.

Anti-piracy group CODA is reporting the shutdown of B9Good, a pirate manga site that targeted Japan but was operated from China. In response to a criminal complaint filed by CODA on behalf of six Japanese companies, which were backed by 21 others during the investigation, Chinese authorities arrested four people and seized one house worth $580,000. TorrentFreak reports: Manga piracy site B9Good initially appeared in 2008 and established itself under B9DM branding. SimilarWeb stats show that the site was enjoying around 15 million visits each month, with CODA noting that in the two-year period leading to February 2023, the site was accessed more than 300 million times Around 95% of the site's visitors came from Japan. B9Good had been featured in an MPA submission to the USTR's notorious markets report in 2019. Traffic was reported as almost 16 million visits per month back then, meaning that site visitor numbers remained stable for the next three years. The MPA said the site was possibly hosted in Canada, but domain records since then show a wider spread, including Hong Kong, China, United States, Bulgaria, and Japan.

Wherever the site ended up, the location of its operator was more important. In 2021, CODA launched its International Enforcement Project (CBEP), which aimed to personally identify the operators of pirate sites, including those behind B9Good who were eventually traced to China. Pursuing copyright cases from outside China is reportedly difficult, but CODA had a plan. In January 2022, CODA's Beijing office was recognized as an NGO with legitimate standing to protect the rights of its member companies. Working on behalf of Aniplex, TV Tokyo, Toei Animation, Toho, Japan Broadcasting Corporation (NHK), and Bandai Namco Film Works, CODA filed a criminal complaint in China, and starting February 14, 2023, local authorities began rounding up the B9Good team.

The United States and some of its partner countries on Thursday called for strict domestic and international controls to counter the proliferation and misuse of commercial spyware. From a report: The joint statement was issued by the governments of Australia, Canada, Costa Rica, Denmark, France, New Zealand, Norway, Sweden, Switzerland, the United Kingdom, and the United States. The countries said they were committed to preventing the export of technology and equipment to end-users who are likely to use them for "malicious cyber activity." The joint statement also said the countries would share information with each other on spyware proliferation and misuse, including to better identify these tools. On Monday, U.S. President Joseph Biden signed an executive order intended to curb the malicious use of digital spy tools around the globe targeting U.S. personnel and civil society. The new executive order was designed to apply pressure on the secretive industry by placing new restrictions on U.S. government defense, law enforcement and intelligence agencies' purchasing decisions.