At a glance.
- Coin Center sues OFAC over Tornado Cash sanctions.
- CERT-In expected to extend deadline for new incident disclosure requirements.
- Section 230 and Yeezy’s right to tweet.
- Turkish legislature passes law that could put dissenters in jail.
Coin Center sues OFAC over Tornado Cash sanctions.
In August, the US Treasury's Office of Foreign Assets Control (OFAC) placed sanctions on cryptocurrency mixer Tornado Cash for allegedly laundering over $7 billion in digital currency, including $455 million allegedly stolen by North Korean hackers. Now, Washington, DC crypto-focused think-tank Coin Center is filing a lawsuit against the Treasury Department, arguing that because Tornado Cash is a technology, not an individual, OFAC doesn’t have statutory authority to sanction it. Coin Center also claims that, by prohibiting “normal, privacy-seeking Americans” from using Tornado Cash, the sanctions are impeding people’s ability to conduct private transactions in support of political causes, therefore violating Americans’ right to privacy and the First Amendment. Jerry Brito, executive director of Coin Center, told the Wall Street Journal, “When you think about it, it is a technology that can be used by anybody … by law-abiding citizens, and will also be abused by criminals. This is why we have law enforcement to address illicit use, but what you can’t do is ban all Americans from using the technology.” Though the Treasury has not officially responded to Coin Center’s claims, in September OFAC stated that the sanctions don’t prohibit individuals or businesses from interacting with Tornado Cash’s open-source code itself, as long as it doesn’t involve a prohibited transaction with the platform.
CERT-In expected to extend deadline for new incident disclosure requirements.
Back in April, the Indian Computer Emergency Response Team (CERT-In) issued new cyberincident reporting guidelines for businesses. Business Standard reports that the Indian government has indicated that it will extend the compliance deadline by three months for micro, small, and medium enterprises (MSMEs) and small and medium enterprises (SMEs). Minister of State for Electronics and IT Rajeev Chandrasekhar stated, “We are very clear. We will not make SMEs or MSMEs bear the burden of this additional compliance until they are ready.” The guidelines state that businesses are required to report any data breach to the government within six hours of detection. It’s worth noting that the guidelines has also made it compulsory for Virtual Private Network (VPN) service providers to retain any information collected from users for KYC (know-your-customer) rules and supply the data to the government upon request, leading several major VPN providers to pull out of the country.
Section 230 and Yeezy’s right to tweet.
As we previously noted, the US Supreme Court has agreed to hear a case concerning Section 230 of the Communications Decency Act, a liability shield which frees internet companies of any culpability for transmitting content posted by others. As Brookings notes, Section 230 is often regarded as the “26 words that created the internet,” because when it was established during the internet’s early adolescence, it allowed websites the freedom to publish user content without taking on the seemingly insurmountable task of screening every post for legality. However, as social media has exploded and platforms increasingly use algorithms to recommend content and drive users to their sites, human rights advocates have questioned whether such content should be protected under Section 230. This is the question posed by Gonzalez v. Google, in which the plaintiffs allege that YouTube (owned by Google) should be held responsible for the 2015 murder of Nohemi Gonzalez, a US citizen killed by ISIS terrorists, because the platform recommended videos promoting extremist Islamic State views. And with high-profile Twitter users like former US President Donald Trump, and most recently, musician Kanye West, finding themselves banned from the platform for posts promoting violence, some experts wonder whether social media platforms should be regulated by a government body like the Federal Communications Commission. In the Guardian, Robert Reich posits that the true solution will require addressing the monopoly power these social media giants possess. “The way to do this is apply the antitrust laws – and break them up. My guess is that this is where we’ll end up, eventually,” Reich says.
Turkish legislature passes law that could put dissenters in jail.
Yesterday Turkish lawmakers adopted a measure that would jail journalists and social media users for up to three years for spreading "disinformation,” Reuters reports. Proposed by President Tayyip Erdogan, the new law was approved by the ruling AK Party and its allies the MHP, despite concerns from the opposition party and media rights advocates that the measure infringes on freedom of speech. Article 29 of the measure states that those who spread false information online about Turkey's security to "create fear and disturb public order" could face a prison sentence of up to three years, and opponents say the vagueness of terms like “false information” could lead to the unfair punishment of those who express opposition to the current regime. The timing of the new law could have a huge impact as the country prepares for next year's presidential and parliamentary elections. The bill will now go to the president for approval.