By Billy PerrigoDecember 11, 2024 11:57 AM ESTCan a Big Tech company be sued in Kenya for alleged abuses at an outsourcing company working on its behalf?Thats the question at the heart of two lawsuits that are attempting to set a new precedent in Kenya, which is the prime destination for tech companies looking to farm out digital work to the African continent. The two-year legal battle stems from allegations of human rights violations at an outsourced Meta content moderation facility in Nairobi, where employees hired by a contractor were paid as little as $1.50 per hour to view traumatic content, such as videos of rapes, murders, and war crimes. The suits claim that despite the workers being contracted by an outsourcing company, called Sama, Meta essentially supervised and set the terms for the work, and designed and managed the software required for the task. Both companies deny wrongdoing and Meta has challenged the Kenyan courts' jurisdiction to hear the cases. But a court ruled in September that the cases could each proceed. Both appear likely to go to trial next year, unless the Kenyan Supreme Court intervenes.Read More: Inside Facebook's African SweatshopMeta declined to comment on ongoing litigation. Sama did not respond to requests for comment. It has previously called the allegations both inaccurate and disappointing.If successful, the lawsuits could enshrine a new precedent into Kenyan law that Big Tech companies not just their outsourcing partners are legally liable for any wrongdoing that happens inside subcontracted facilities. Supporters say that this will boost workers rights and guard against exploitative work in Kenyas data labeling sector, which is booming thanks to growing demand for AI training data. But opponents argue that such a decision would make Kenya a less attractive place for foreign firms to do business, potentially resulting in a loss of jobs and hindered economic development.In a sign of the cases significance, Kenyas president William Ruto waded into the debate on Monday. At a town hall event in Nairobi, Ruto said he was preparing to sign a bill into law that he claimed would prevent outsourcing companies from being sued in Kenya in the future. Those people were taken to court, and they had real trouble, Ruto said, referring to Sama, the outsourcing company that directly employed the Facebook content moderators. They really bothered me. Now I can report to you that we have changed the law, so nobody will take you to court again on any matter. Ruto said Sama had planned to relocate to Uganda because many of us were giving them trouble. And he cast the change to the law as an effort to make Kenya a more attractive location for outsourcing companies, similar to India or the Philippines, in order to bring much-needed jobs to the country.The reality is more complex than Ruto made it sound. There is a bill in the Kenyan Senate that would change employment law as it relates to the outsourcing industry. But that bill would not, as Ruto claimed, prevent outsourcing companies from being sued. Quite the opposite: its text instead explicitly prevents outsourcing companies clients for instance big tech companies like Meta or OpenAI from being drawn into lawsuits against their contractors in Kenya. The majority leader of the Kenyan Senate, who drafted the bill, said in a post on X that the proposed change was in the best interest of the ever growing number of unemployed youth in the country, arguing that it would make Kenya a more attractive place to do business without eroding its workplace protections. Industry players insist that if we are to fully realize our potential, this is their ask to us as a country, he said, without elaborating on which specific companies had lobbied for the change to the law. (He did not respond to a request for comment. Meta has not advocated for changes to these laws, a company spokesperson said in a statement to TIME. Rutos office did not respond to a request for comment.)Supporters of the lawsuits disagree. This notion that economic development can only come at the expense of exploitation, that needs to die, says Mercy Mutemi, the lawyer leading the cases against Meta and Sama at the law firm Nzili and Sumbi Advocates, alongside UK tech justice non-profit Foxglove. One hundred percent, lets get more jobs for young people. But it doesnt mean that they have to do these jobs in an exploitative model. Theres a way to achieve both.If the lawsuits against Meta proceed to trial and the courts decide in the plaintiffs' favor, Ruto could face a political headache. The President ran on a platform of economic transformation, says Odanga Madung, an independent tech analyst based in Nairobi and former Mozilla fellow who has studied the countrys outsourcing industry. Court cases that challenge the [outsourcing] sector are getting in the way of him delivering his political goals. In essence he's telling young Kenyans that court cases like the one against Meta are a threat to their future, which he is trying to secure. It's very important to consider that political context.The lawsuits in Kenya were filed after a 2022 TIME investigation revealed that young Africans had been recruited from across the continent for what some of them believed were call center positions at Sama, only to find themselves moderating graphic Facebook content. The story described how many of them developed PTSD, and how some were fired after advocating for better working conditions and planning a strike. The lawsuits allege human rights violations, labor law violations, discrimination, human trafficking, unfair dismissal, and intentional infliction of mental health harms. Both companies deny the accusations, with Meta also arguing it wasn't the direct employer of the moderators.While Rutos political intervention may stave off any lasting precedent, it does not appear likely to have a direct impact on the proceedings of the cases against Meta, says Mutemi. She says that this is because the cases cite human rights violations rather than simple employment claims, so they are protected under the Kenyan constitution, and could proceed regardless of any changes to employment law. We agree that the law needs to be amended to reflect the new categories of work, for example the gig economy and platform work, Mutemi says. However the bill thats currently in parliament does not offer any protections to the workers. As a matter of fact, it seems to be prioritizing the protection of the [outsourcing companies] and the tech companies at the expense of workers rights.

Why it matters: A legal feud between the co-founder of WordPress and a private equity-owned WordPress hosting platform has taken a sharp turn in favor of the latter. WP Engine users can resume normal operations but remain stuck in the crossfire of a fight that could impact tools critical to many websites. A California judge has granted hosting platform WP Engine a temporary injunction against WordPress parent company Automattic. Until the court battle between them is resolved, WordPress.com can no longer block WP Engine from accessing its toolchain.The court confirmed the injunction partly out of concern for WP Engine users, who aren't involved in the legal war between the platform and Automattic. Blocking WP Engine prevented users from viewing WordPress.com updates and accessing other crucial tools. WP Engine praised the ruling, saying it preserves the stability essential for collaboration within the WordPress community.Automattic CEO Matt Mullenweg founded WordPress, an open-source content management system that runs around 40 percent of websites. In September, he accused WP Engine, a hosting service that uses WordPress tools, of profiting by tricking customers into equating it with WordPress. In a scathing attack, he called the platform, which received most of its initial investment from private equity firm Silver Lake, a "cancer" on WordPress.WP Engine retaliated with a cease-and-desist, defending its use of the WordPress name under fair use and demanding that Mullenweg stop his defamatory statements. Automattic, claiming exclusive WordPress Foundation rights, responded by blocking WP Engine from using WordPress.org software and imposing a paid licensing fee equaling eight percent of WP Engine's monthly revenue.The WordPress Foundation is a non-profit supporting WordPress.org, the open-source set of tools underpinning WordPress.com, the free service many websites use. Although the main dispute is about who has the right to profit from WordPress, it has also ignited discussion over the meaning of the term "open source." // Related StoriesDavid Hansson, creator of the open-source web framework Ruby on Rails, claimed that Automattic's trademark claim goes against the spirit of open-source development and the GNU General Public License (GPL). By charging royalties, Automattic is theoretically treating WordPress.org as proprietary rather than open-source software, which could damage the credibility of the GPL and the Free Open Source Software movement.

Facepalm: Building a robotaxi business isn't easy, even for one of the nation's biggest automobile manufacturers. General Motors has concluded that problems with regulation and operation, coupled with ever-increasing costs of scale and stiff competition, make further development of the Cruise taxi service not worth the capital expenditure. General Motors is calling it quits on its goal of operating a robotaxi service. On Tuesday, GM announced it would combine its teams working on the Cruise autonomous taxi with teams in charge of its Super Cruise advanced driving features in passenger cars. The focus shift comes after GM put Cruise Origin development on indefinite hold in July.After evaluating the project over the last several months, GM has determined that the robotaxi business is not profitable enough to warrant further development. It cited expanding investments to scale and increasing competition in the robotaxi market as reasons for pulling out."[General Motors] intends to combine the majority-owned Cruise LLC and GM technical teams into a single effort to advance autonomous and assisted driving," the automaker said. "Consistent with GM's capital allocation priorities, GM will no longer fund Cruise's robotaxi development work given the considerable time and resources that would be needed to scale the business, along with an increasingly competitive robotaxi market."Since purchasing a majority share of Cruise LLC, GM has poured over $10 billion into the startup, with $2 billion in just 2024. However, raw capital is only the least of the now-defunct project's problems.Going back as far as 2022 and earlier, Cruise has had trouble operating on the streets of San Francisco. Initially, the robotaxis were causing traffic flow issues because they would stop in the middle of the street for no reason. When this happened, remote techs had to boot into the cars to get them moving again. This issue spawned many complaints from civilians and emergency workers, such as fire and EMS personnel, who could not escape the traffic jams.In an incident in October 2023, a motorist hit a pedestrian and knocked the woman into the next lane, where a Cruise taxi ran over and stopped on top of her. Firefighters had to use the Jaws of Life to remove the car from the pedestrian's pinned leg. // Related StoriesThree weeks later, San Francisco officials suspended GM's permit to operate Cruise. Two days after the suspension, the automaker halted Cruise operations nationwide, which included pilot programs in Austin, Houston, Phoenix, and Miami. The entire debacle cost Cruise CEO Kyle Vogt and about a quarter of Cruise's workforce their jobs.General Motors did not say whether its restructuring would impact employees through layoffs, although that is highly likely. It is merging at least some of the Cruise workforce into its driver assistance division, but it's unclear if the Super Cruise team can accommodate all of them.In the meantime, GM has offered up a restructuring plan to shareholders, including purchasing at least 97 percent of Cruise it currently owns 90 percent. If the board approves the plan (and can acquire the proposed shares), the company will "work with the Cruise leadership team to restructure and refocus Cruise's operations." So, a Cruise robotaxi is still possible, but under entirely different conditions.If everything goes as planned, GM will execute its Cruise restructuring in the first half of 2025 and expects to save over $1 billion annually.

Google is adding a couple of new features to Androids safety alert system that will help users find unknown trackers moving with them. The new features cover all tags and tracking devices that support Googles Find My Device service for locating lost hardware.The first one is Find Nearby. This one will help users locate any hidden tracker. For example, if your Android phone flashes an unknown tracker alert, you can check for its presence using the Play Sound feature.Recommended VideosHowever, if the tracker is covered under layers, or its speaker system has been tampered with, it becomes nigh impossible to find it. For such scenarios, the Find Nearby feature opens a map that guides them in the direction of the hidden device.GoogleThe shape fills as you get closer to the tracker and also displays a text that describes the status of the connection, explains the company on a support page. Once you reach close to the indicated spot, you can tap on the Play Sound feature and try to find it using audio cues.Please enable Javascript to view this contentAs an extra layer of precaution for such scenarios, Google will also let users disable their phones location sharing for the Find My Device network. This temporary pause on location sharing lasts for 24 hours. It can be done by following this path: I cant find the tracker > Temporarily pause.RelatedGoogle assures that doing so will prevent your devices location from being used by a detected unknown tag for up to 24 hours. Googles tracker alert system for Android also helps users with tracker details, such as device identifier and owners hidden email address, and in some cases, the last four digits of the owners phone number.Get constant protection with Android's unknown tracker alertsGoogles support page also offers a resource table where you can find steps to disable trackers from different brands, including Chipolo, Motorola, and Apple, among others. It can be accessed here.It is advised that when you find an unknown tracking device, move to a safe public spot and alert law enforcement officials as soon as possible. Moreover, take screenshots and save details of the tracking device that appears following the initial alert.The unknown tracker alert system developed by Google kicks into action on its own. But if you have any suspicions, you can launch a manual scan from within the Settings app by following these steps: Safety & Emergency > Unknown tracker alerts > Scan now.Back in 2021, Apple had to release a dedicated app called Tracker Detect so that Android phones could detect hidden AirTags. Google started working on an automatic tracker detection systemand released it soon after.Editors Recommendations

Microsofts Copilot is an amazing AI assistant, and Copilot+ PCs and laptops are designed to take advantage of the technology. The Acer Swift 14 AI is an excellent example, and its available from Best Buy with a huge $400 discount that slashes its price from $1,200 to only $800. Were not sure how much time is remaining before this offer expires, but if you want to make sure that you buy this powerful machine for less than $1,000, we highly recommend proceeding with your purchase as soon as possible.The Acer Swift 14 AI is a Copilot+ laptop thats made by one of the best laptop brands, so you can be sure youre getting a high-quality device. With Microsofts Copilot running on the laptop itself, youll receive faster response times from the AI with enhanced security, for tasks such as finding documents and web pages using Recall, generating and editing images, and translating between languages in real-time. The Acer Swift 14 AI can handle these functions because its powered by the Qualcomm Snapdragon X Elite processor, Qualcomm Snapdragon X Elite Adreno Graphics, and 16GB of RAM.Another major feature of the Acer Swift 14 AI, as we described in our review, is its exceptionally long-lasting battery life. This makes the laptop pretty portable, as its also compact with its 14.5-inch screen with WQXGA resolution and a 120Hz refresh rate. The Acer Swift 14 AI ships with Windows 11 Home, which is pre-loaded in its 1TB SSD that will provide you with lots of storage space for all of your projects.RelatedIf youre on the hunt for laptop deals, you should think about going for one thats built for Microsofts Copilot. The Acer Swift 14 AI, a Copilot+ laptop, should be at the top of your list because its on sale from Best Buy for just $800, for savings of $400 on its sticker price of $1,200. The discount may end at any moment though, so you better hurry if youre interested in this offer. Push forward with your transaction for the Acer Swift 14 AI laptop immediately, as you may miss out on this special price if you wait too long.Editors Recommendations

The auction house, which just got a $1 billion boost, blames cuts on a challenging art market.

A new generation of AI models will take its time to reason, providing more reliable answers to increasingly complex questions.

Following an enormous, expensive restoration effort after the devastating 2019 fire, the Paris cathedral has reopened to the world, at once recognizably itself and possessed of a startling new vibrancy.

The American and Soviet women who conversed as pen pals in the 1940s and 50s found common ground in spite of the differences in their lives.

NATION STATE FREELOADING Russia takes unusual route to hack Starlink-connected devices in Ukraine Secret Blizzard has used the resources of at least 6 other groups in the past 7 years. Dan Goodin Dec 11, 2024 6:18 pm | 9 Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreRussian nation-state hackers have followed an unusual path to gather intel in the country's ongoing invasion of Ukraineappropriating the infrastructure of fellow threat actors and using it to infect electronic devices its adversarys military personnel are using on the front line.On at least two occasions this year, the Russian hacking group tracked under names including Turla, Waterbug, Snake, and Venomous Bear has used servers and malware used by separate threat groups in attacks targeting front-line Ukrainian military forces, Microsoft said Wednesday. In one case, Secret Blizzardthe name Microsoft uses to track the groupleveraged the infrastructure of a cybercrime group tracked as Storm-1919. In the other, Secret Blizzard appropriated resources of Storm-1837, a Russia-based threat actor with a history of targeting Ukrainian drone operators.The more common means for initial access by Secret Blizzard is spear phishing followed by lateral movement through server-side and edge device compromises. Microsoft said that the threat actors pivot here is unusual but not unique. Company investigators still dont know how Secret Blizzard obtained access to the infrastructure.Priority one: Ukraine military personnelRegardless of the means, Microsoft Threat Intelligence assesses that Secret Blizzards pursuit of footholds provided by or stolen from other threat actors highlights this threat actors prioritization of accessing military devices in Ukraine, Wednesdays post stated.From March to April of this year, Secret Blizzard used Amadey, a bot Storm-1919 typically uses to in attacks that deploy the XMRIG cryptocurrency app on targeted servers in cryptojacking campaigns. Such campaigns are carried out by crime groups that profit by mining digital coin using the resources of victims.Microsoft assesses that Secret Blizzard either used the Amadey malware as a service (MaaS) or accessed the Amadey command-and-control (C2) panels surreptitiously to download a PowerShell dropper on target devices, Microsoft said. The PowerShell dropper contained a Base64-encoded Amadey payload appended by code that invoked a request to Secret Blizzard C2 infrastructure.The ultimate objective was to install Tavdig, a backdoor Secret Blizzard used to conduct reconnaissance on targets of interest. The Amdey sample Microsoft uncovered collected information from device clipboards and harvested passwords from browsers. It would then go on to install a custom reconnaissance tool that was selectively deployed to devices of further interest by the threat actorfor example, devices egressing from STARLINK IP addresses, a common signature of Ukrainian front-line military devices.When Secret Blizzard assessed a target was of high value, it would then install Tavdig to collect information, including user info, netstat, and installed patches and to import registry settings into the compromised device.Earlier in the year, Microsoft said, company investigators observed Secret Blizzard using tools belonging to Storm-1887 to also target Ukrainian military personnel. Microsoft researchers wrote:In January 2024, Microsoft observed a military-related device in Ukraine compromised by a Storm-1837 backdoor configured to use the Telegram API to launch a cmdlet with credentials (supplied as parameters) for an account on the file-sharing platform Mega. The cmdlet appeared to have facilitated remote connections to the account at Mega and likely invoked the download of commands or files for launch on the target device. When the Storm-1837 PowerShell backdoor launched, Microsoft noted a PowerShell dropper deployed to the device. The dropper was very similar to the one observed during the use of Amadey bots and contained two base64 encoded files containing the previously referenced Tavdig backdoor payload (rastls.dll) and the Symantec binary (kavp.exe).As with the Amadey bot attack chain, Secret Blizzard used the Tavdig backdoor loaded into kavp.exe to conduct initial reconnaissance on the device. Secret Blizzard then used Tavdig to import a registry file, which was used to install and provide persistence for the KazuarV2 backdoor, which was subsequently observed launching on the affected device.Although Microsoft did not directly observe the Storm-1837 PowerShell backdoor downloading the Tavdig loader, based on the temporal proximity between the execution of the Storm-1837 backdoor and the observation of the PowerShell dropper, Microsoft assesses that it is likely that the Storm-1837 backdoor was used by Secret Blizzard to deploy the Tavdig loader.Wednesdays post comes a week after both Microsoft and Lumen's Black Lotus Labs reported that Secret Blizzard co-opted the tools of a Pakistan-based threat group tracked as Storm-0156 to install backdoors and collect intel on targets in South Asia. Microsoft first observed the activity in late 2022. In all, Microsoft said, Secret Blizzard has used the tools and infrastructure of at least six other threat groups in the past seven years.When parts one and two of this blog series are taken together, it indicates that Secret Blizzard has been using footholds from third partieseither by surreptitiously stealing or purchasing accessas a specific and deliberate method to establish footholds of espionage value, Wednesdays report concluded. Nevertheless, Microsoft assesses that while this approach has some benefits that could lead more threat adversaries to use it, it is of less use against hardened networks, where good endpoint and network defenses enable the detection of activities of multiple threat adversaries for remediation.Dan GoodinSenior Security EditorDan GoodinSenior Security Editor Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82. 9 Comments