In October, the New York Times published a story that several other outlets had been chasing, in some cases for years: the story of how Andy Rubin, the founder of Android, had received a $90 million payout upon leaving the company despite having a credible complaint of sexual misconduct against him from another Google employee.

The story, which included several other examples of male Google executives receiving multimillion-dollar payouts after being accused of sexual harassment, sparked a furor inside the company that led to 20,000 employees walking off the job. Google parent Alphabet made a handful of concessions in response, including a move to end the practice of forcing employees to settle sexual harassment complaints through arbitration rather than lawsuits.

But the size of the payouts, coupled with the fact that multiple members of the Alphabet board had formerly dated their subordinates, all but guaranteed that the company would face a shareholder lawsuit. This week, those lawsuits were filed. I wrote about one of the suits today at The Verge:

The suit was filed this morning in San Mateo Superior Court by Alphabet shareholder James Martin. The suit seeks three new independent directors for the Alphabet board, and an end to the dual-class voting structure of the stock — moves that would greatly diminish the power held by co-founders Larry Page and Sergey Brin. It also calls for executives who received payouts to return them to the company. It also seeks unspecified financial damages. Google did not immediately respond to a request for comment. [...] “We are saying to the board of directors that it’s time they stand up and do what Google says — ‘do the right thing,” said Louise Renne, one of the lawyers who filed the suit, in a press conference today. (“Do the right thing” became Alphabet’s motto after it retired “don’t be evil.”) “There has been substantial evidence of sexual harassment at Google. And yet there hasn’t been the appropriate follow-through. In fact, quite to the contrary. The perpetrators of the sexual harassment have been rewarded handsomely — in one case, by a $90M payout. And that’s just wrong.”

The suit seeks three new independent directors for the Alphabet board, and an end to the dual-class voting structure of its stock — moves that would greatly diminish the power held by co-founders Larry Page and Sergey Brin. The suit also calls for executives who received payouts to return them to the company. It also seeks unspecified financial damages.

Google didn’t respond to a request for comment. Rubin has previously denied any wrongdoing.

Meanwhile, two pension funds have also filed suit against Alphabet. Melia Robinson talked to one of them:

“We think Google, or Alphabet, can really do a better job of looking out for shareholders and its employees,” Julie Goldsmith Reiser, an attorney representing pension funds in the litigation.

Do shareholders have a case? Daisuke Wakabayashi, one of the Times reporters who broke the Rubin story, said in a Twitter thread that Alphabet insiders argued that the company “had a fiduciary duty to prevent top execs from leaving to work for [or] create a rival.” By forcing them to sign non-compete agreements in exchange as part of their exit deals, the thinking went, Alphabet was acting in its fiduciary duty to shareholders. Moreover, Wakabayashi wrote, some of the executives may have explicitly threatened to build rival products “if they felt that the exit packages were not rich enough.”

On the other hand, as the great Matt Levine often says in his excellent newsletter, Money Stuff, everything is securities fraud. “In a crude sense,” Levine writes, “the test of securities fraud is just: When you finally come clean, does the stock drop?” If it does drop, shareholders can argue that you withheld a material fact from them, and sue. Any time a bad thing happens, in other words, shareholders can make a case for securities fraud. In that sense, you can see the incentives a board has to cover up a scandal — if no one ever finds out, shareholders can never accuse you of withholding a material fact! (This is not legal advice.)

In any case, organizers of the Google walkout said in a Medium post on Thursday that they support the lawsuits:

We have all the evidence we need that Google’s leadership does not have our best interests at heart. We need to change the way the system works, above and beyond addressing the wrongs of those who work within the system. It is time for oversight, accountability, and for workers to truly have a say in decisions that affect their lives and the world around them.

I won’t predict whether the lawsuits will be successful. But with revolt still simmering at Google over a number of issues — and the prospect of embarrassing discovery in these lawsuits still to come — at the very least they will keep Alphabet executives on the defensive.

Democracy

AT&T says it’ll stop selling your location data, amid calls for a federal investigation

Days after Motherboard revealed the practice — and prompted US senators to to call for an investigation — AT&T said it would stop selling your real-time location to whoever wanted it. The other big telecoms have pledged to stop the practice as well.

“In light of recent reports about the misuse of location services, we have decided to eliminate all location aggregation services — even those with clear consumer benefits,“ AT&T said in a statement. “We are immediately eliminating the remaining services and will be done in March.” In characteristic fashion, T-Mobile chief executive John Legere tweeted Tuesday that his firm would be “completely ending location aggregator work” in March. Verizon said in a statement Thursday that it, too, was winding down its four remaining location-sharing agreements, which are all with roadside assistance services – after that, customers would have to give the company permission to share their data with roadside assistance firms. A Sprint spokeswoman didn’t immediately respond to a request for comment.

America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It

Rebecca Smith and Rob Barry have a disturbing report on how Russia hacked America’s power grid:

The cyberattack on the 15-person company near Salem, Ore., which works with utilities and government agencies, was an early thrust in the worst known hack by a foreign government into the nation’s electric grid. It set off so many alarms that U.S. officials took the unusual step in early 2018 of publicly blaming the Russian government. A reconstruction of the hack reveals a glaring vulnerability at the heart of the country’s electric system. Rather than strike the utilities head on, the hackers went after the system’s unprotected underbelly—hundreds of contractors and subcontractors like All-Ways who had no reason to be on high alert against foreign agents. From these tiny footholds, the hackers worked their way up the supply chain. Some experts believe two dozen or more utilities ultimately were breached.

Young politicians hustle to keep followers under House social media rules

Makena Kelly reports on the arcane rules regarding social media usage for members of Congress:

Members of Congress were sworn into office on January 3rd and many freshman have already set up new social media accounts, starting fresh and rebuilding the massive followings they created on the campaign trail. These official accounts must clearly state in their bios that the person it represents is a member of Congress, according to the longstanding guidelines in the Members’ Congressional Handbook. Many of the social media darlings from the past election, like Ocasio-Cortez and Rep. Dan Crenshaw (R-TX), have tweeted out messages citing these ethics rules, asking for fans to follow them to new accounts as they embark on their first year under the Capitol dome. The Members’ Congressional Handbook doesn’t explicitly say that lawmakers are required to make new accounts, but in most cases it’s easier to separate their government resources and personal ones in order to avoid ethics violations. The rules do prohibit lawmakers from using any of their newfound government resources to maintain their personal accounts, whether that be their new staff or office funds.

How Far Should Facebook Go in Regulating Users’ Speech?

Media coverage of Facebook and content moderation often appears to be contradicting itself. Some coverage argue the company isn’t moderating enough (look at this terrible post that got left up!), while other coverage argues that the company is moderating too much (look at how these unelected tech company workers are dictating the bounds of political speech!) Max Fisher, who recently wrote a piece in the latter vein, tries to square the circle in his newsletter this week.

Many employees maintain an almost ideological belief that growing Facebook’s user base — and therefore its power — will, on net, be a force for good in the world. This constrains thinking within the company, limiting the ability of even the most well-meaning employees to confront problems created by the platform. But many critics, by pushing the company to be more intrusive on some days and less intrusive on others, also constrain thinking. This approach treats Facebook’s pervasive power as an accepted fact of life — which even some Facebook employees question. And it deepens assumptions that users should act as subjects, able to pressure Facebook over specific policies but not to question its broader authority.

Google Nears Win in Europe Over ‘Right to Be Forgotten’

The European Union has a “right to be forgotten” link that can be used to require Google to remove search results about its citizens. Google has complied within the EU, but left the search results up in other countries. France has argued that Google should apply the law globally — while Google has said that infringes on the sovereignty of other countries. Now it appears the EU will side with Google, Sam Schechner reports.

Google and other search engines shouldn’t be forced to apply the European Union’s “right to be forgotten” beyond the bloc’s borders, an adviser to the EU’s top court argued Thursday. The recommendation—if followed by the EU’s Luxembourg-based Court of Justice—would be a major victory for Google, a unit of Alphabet Inc., which has for three years been fighting an order from France’s privacy regulator to apply the EU principle globally.

Group of 4,000 Anonymous Google Employees Urging Company Not to Be “In the Business of War” Voted 2018 Arms Control Persons of the Year

Good luck coordinating an acceptance speech among 4,000 people!

A group of 4,000 anonymous Google employees opposing the company’s work on a Pentagon project using artificial intelligence (AI), which could be used to improve drone targeting, was chosen as the 2018 Arms Control Persons of the Year for 2018. Due to the employees’ actions, which included an internal petition to company management, Google ended its work on Project Maven when the contract expired and announced it would focus on “socially beneficial” AI and avoid work that causes “overall harm.”

Prager University Refiles Lawsuit Against YouTube in State Court

Matt Drange reports that a conservative YouTube channel has refiled a free-speech lawsuit against Google in state court after it was dismissed in federal court. Lawyers for Prager are arguing that YouTube should not be able to restrict its videos to certain audiences under the First Amendment.

Twitter Users in China Face Detention and Threats in New Beijing Crackdown

Paul Mozur reports on an escalation in China’s battle against internal dissidents:

Interviews with nine Twitter users questioned by the police and a review of a recording of a four-hour interrogation found a similar pattern: The police would produce printouts of tweets and advise users to either delete the specific messages or their entire accounts. Officers would often complain about posts that were critical of the Chinese government or that specifically mentioned Mr. Xi. The police have used threats and, sometimes, physical restraints, according to Twitter users who were questioned. Huang Chengcheng, an activist with more than 8,000 Twitter followers, said his hands and feet were manacled to a chair while he was interrogated for eight hours in Chongqing. When the inquiry was over, he signed a promise to stay off Twitter.

Elsewhere

Apple reportedly hires Facebook critic in privacy role

Sandy Parakilas, who worked at Facebook before speaking out about its advertising practices, will now work on data protection at Apple:

Now, the Financial Times reports, Parakilas has been hired to work as a product manager on the privacy team at Apple. The paper says Parakilas’ job will involve working to ensure that future products minimise data collection and protect privacy. Parakilas had spent the last year working as the chief strategy officer of the San Francisco-based Center for Humane technology, a not-for-profit organisation set up by former Silicon Valley workers to push for “safer, healthier tech”.

A Man Sent 1,000 Men Expecting Sex And Drugs To His Ex-Boyfriend Using Grindr, A Lawsuit Says

Davey Alba has the disturbing story of a man who was harassed to an unbelievable degree by his ex, who used the gay hookup app Grindr to deliver a steady stream of unwitting men to his house long after they had broken up. (The story is new to me, but CNN covered the case almost two years ago.) The question is to what degree Grindr should be held responsible for one of its user’s actions — and whether that could have implications for Section 230 of the Communications Decency Act. (One thought occurs here is that if the law took online harassment more seriously, and punished the harasser here accordingly, there would be less pressure to weaken Section 230.)

Protective orders and police reports against J.C. failed to stop the torrent of harassment. Herrick, his friends, and lawyers submitted 100 complaints to Grindr asking it to block J.C., but they received no response. Eventually, Herrick took Grindr to court in an attempt to force it to do something to stop the nightmare. Grindr argued that under federal law, it didn’t have to help Herrick, and in February 2017, a federal judge agreed. Now Herrick’s lawyers are arguing that the judge got it wrong. On Monday, they took their case before the US Court of Appeals for the 2nd Circuit, whose decision could have far-reaching consequences on what apps and social media companies must do to combat harassment on their platforms. At the heart of the dispute is how much protection a 1996 law — Section 230 of the Communications Decency Act — gives a website or app against liability for atrocious acts committed on its platform by users. It’s the law that protects Twitter from being sued for controversial tweets, and guards against Yelp being taken to court over negative restaurant reviews by users. But a growing coalition of consumer protection groups and advocates for victims of intimate partner violence say Section 230 gives companies an incentive to turn a blind eye to abuse.

This Man Was Scammed By A Fake Sugar Daddy On Grindr — But He Can’t Report The Identity Theft Because Of The Government Shutdown

Here’s more Grindr drama: a guy pretending to be a sugar daddy scamming men out of their savings. And the Federal Trade Commission isn’t doing anything about it, because the government is shut down.

Update from Gary King and Nate Persily

Social Science One was founded last year to facilitate access for researchers to social media data from Facebook and other platforms. Here’s an interesting blog post from its founders about the state of its efforts to actually make that data available, amid multiplying privacy concerns. The good news here is that the founders say they are close to announcing (and funding) the first set of research projects. But also, Facebook appears to be building a new set of tools to make it easier for them to collaborate with researchers in a way that also preserves user privacy:

The immediate issue is that Facebook has determined that it cannot, at present, deliver the complete URLs dataset that it promised as part of the RFP announced over the summer. We are obligated to report to the public if Facebook reneges on its original agreement with Social Science One, such as by trying to keep data from researchers that would embarrass the company, but we do not believe that is the issue here. Instead, it turned out privacy experts at Social Science One, along with Facebook staff, discovered more privacy-preserving and scalable ways of making data access available to outside researchers than had existed before. We agreed with Facebook that making this considerable investment was necessary for the long-term success of our project. It took Facebook longer than we would have liked, and they had originally indicated, to make this investment and implement these solutions by building the necessary systems and tools. We are happy to report that Facebook is now in the midst of a major project to construct an entirely new set of security and privacy systems, including cutting edge differential privacy tools, for data access by researchers. Social Science One includes some of the world’s foremost experts on these issues and are advising Facebook on aspects of this project. Once this system is built and tested by security experts, it will be useful not only for the full URLs data set, but for a long sequence of data sets we have queued up for release after that.

Subtle Asian Dating: Why a raunchy, self-aware Subtle Asian Traits offshoot is quickly growing.

Aaron Mak profiles Subtle Asian Dating, an offshoot of the popular Facebook group Subtle Asian Traits, which has more than 1 million members:

Hella recruited some friends and formed an unofficial offshoot called Subtle Asian Dating, or SAD, in November. It began as a 10-person group but started attracting thousands of followers within the first few weeks, mostly due to the newfound demand for groups that have “Subtle Asian” in the title. When a meme promoting the group gained traction in Subtle Asian Traits, users flocked to it in droves. By Wednesday, it had more than 310,000 members, primarily from the U.S., Canada, and Australia, according to an informal public poll. SAD is now one of the largest offshoots of Subtle Asian Traits, elucidating the absurdities and anxieties that come with dating as an Asian in a Western society. SAD is a hub where people can “auction” off their single friends by posting dating profiles. Most posts consist of basic physical and education stats, a list of pros and cons, and a reel of candid photos. “I’ll call it the resume format: they have to go to a prestigious school, have a nice job, etc. But then we also added our own modern spice to it,” says Jonny Kounnavong, a student at the University of North Carolina at Greensboro who has a profile in the group. He notes that many of the selling points on profiles seem geared toward what “our parents would want in a significant other.”

Gallup Poll: Labeling Sites May Help Stop Fake News Spread

NewsGuard is the Steven Brill startup that rates articles for accuracy and hopes to get platforms to buy and implement this data. Recently it commissioned a poll, and people who saw its ratings for up to two weeks said it made them less likely to share fake news. The problem here is that this is self-reported data versus data about actual user behavior; of course people are going to say that a proactive step they took to reduce fake news is reducing the spread of fake news. A previous study found that labeling stories as false sometimes made users more likely to share them.

Chart of the day

Brutal chart for Snap — Cowen surveyed ad buyers about which platform their clients would prefer to advertise on, and every single one chose Instagram Stories over Snapchat Stories. pic.twitter.com/DgMFCLlEtw — Rob Price (@robaeprice) January 10, 2019

Takes

That sophisticated, specific Russian 2016 voter targeting effort doesn’t seem to exist

This week it was revealed that former Trump campaign manager Paul Manafort passed polling data to a man linked to Russian intelligence — suggesting that prosecutors may now have real evidence of collusion between Russia and the Trump campaign. Here’s a thoughtful, closely argued piece by Philip Bump arguing that the evidence is thinner than it looks.

Certainly it seems that this particular effort to collude, if it was one, doesn’t seem to have been very effective. But whether the collusion took place at all and whether it was effective seem to me to be very different questions. In any case:

Even if Russia had deployed a particularly insightful, strategic effort to influence specific voters in specific places, it’s not necessarily the case that they would have had to rely on data from the Trump campaign to do so. As the New Yorker reported last year, hackers believed to be linked to Russian intelligence stole information from the Clinton campaign that could have revealed where they were most concerned about turnout, giving the Russians a map for where to deploy their resources the most effectively. But, again, there’s no evidence that they did any particularly sophisticated targeting. Russia’s hacking of the Democratic National Committee and Clinton’s campaign chairman remains the more obviously successful and effective influence effort of the 2016 campaign.

And finally ...

Beto O’Rourke *checks notes* Instagrammed his dentist appointment

In 2000, John McCain generated enormous goodwill among reporters by inviting them onto his bus — the Straight Talk Express — for a series of candid chats. In 2019, Instagram stories are the new Straight Talk Express, and all of us are invited to watch — uh, Beto O’Rourke’s dentist appointment? Twitter was briefly taken over of Beto’s selfies from his dentist chair, complete with harsh lighting and and that brace thing that holds your mouth open.

Chloe Bryan fills us in on the rest:

Most of the Story, though, is an interview with Beto’s dental hygienist, Diana, about growing up in El Paso near the U.S.-Mexico border. She tells a story about how her community banded together to help her mother, who is from Mexico, pass her citizenship test — a testament to the strong border communities overlooked and mischaracterized by the GOP.

Fair enough. But count me with Ben C. Jacobs: “I hope Beto O’Rourke doesn’t need a colonoscopy any time soon.”

Talk to me

Send me tips, comments, questions, and the minutes of Google board meetings: casey@theverge.com.