November 23, 2022

We'll be off tomorrow and Friday for Thanksgiving. I'd like to take a moment to say how thankful I am for all of you for welcoming me in your inbox each day.

📣 Situational awareness: Violent demonstrations sprang up at Apple’s primary iPhone plant in China as workers protested strict COVID restrictions, Bloomberg reports.

Today's Login is 1,240 words, a 5-minute read.

1 big thing: Global legal perils beset a downsized Twitter

Illustration: Allie Carl/Axios

Twitter faces a mass of forces abroad and in Washington that aim to compel the company to obey privacy rules, speech limits and other regulations as Elon Musk remakes the service, Axios' Ashley Gold reports.

Why it matters: Musk's word is law inside Twitter now, but his disdain for rules will encounter tough pushback from governments around the world — just as the company has lost most of the people who managed its relationships with regulators and legislators.

Twitter's biggest challenges lie abroad, particularly in Europe, which has been steadily tightening tech regulations for years.

In authoritarian countries, Twitter has consistently fought against court orders for user information and opposed data localization laws. Twitter sued the Indian government in July over takedown orders and faces challenges in Japan, Russia, Turkey and South Korea.

  • "[Twitter] had an entire team handling information requests... a lot of that team has left, and they had held deeply that they were the last backstop over government overreach," a person familiar with Twitter's policy team told Axios.

In the U.S., Twitter also has multiple major policy and legal concerns.

The Federal Trade Commission has its eyes on the company's 2011 consent decree covering users' data privacy, which Twitter would face steep fines and penalties for violating.

  • The FTC has publicly said it was deeply concerned about Twitter's changes and has called for those with any information on potential violations of FTC orders to come forward.
  • Three senior Twitter executives who had partly worked on FTC compliance resigned earlier this month. Musk adviser Alex Spiro has said, per Bloomberg Law, that the company's legal department was continuing compliance.
  • The FTC's enforcement powers under a consent decree include assessing fines, taking depositions from current and former employees and third parties, requesting documents, and compelling people under the force of law if they don't comply.

Congress has a new Republican House majority that is determined to knock down Section 230 of the Communications Decency Act, a key law underlying all social media platforms which shields them from liability for what users post.

State governments are passing new tech regulations and content moderation laws much more quickly than Congress can.

The big picture: "Regulators have significant tools at their disposal to enforce their will on Twitter and on Mr. Musk," wrote Yoel Roth, Twitter's former head of trust and safety, in the New York Times this month. "Even a Musk-led Twitter will struggle to shrug off these constraints."

Back at Twitter HQ, Musk's layoffs and ultimatums have left the company with severely reduced privacy, trust and safety, policy and legal teams who don't have clear directives from the top, several team members who recently left Twitter told Axios.

  • Where there are personnel gaps, those who remain will fill in as they can, but "the risk is that the team is pushed to the breaking point," Colin Crowell, former vice president of public policy at Twitter, told Axios. "It's like trying to spread one pat of butter across an entire loaf of bread."

The bottom line: Twitter's remaining public policy staff will have a hard time representing the company if they don't know where the CEO stands and everyone else knows that he might reverse a policy via a tweet at any hour of the day.

2. Retail braces for holiday scams and phishing

Illustration: Natalie Peeples/Axios

Hackers are ramping up their phishing and ransomware campaigns targeting the retail sector as the holiday shopping season kicks off, Axios' Sam Sabin reports.

The big picture: The ongoing economic downturn is prompting more shoppers to look for online discount codes and more hackers to trick these consumers with phony deals, threat analysts tell Axios.

  • Ransomware gangs are also predicted to target small to medium-size businesses that could be more likely to pay off hackers to prevent an operational outage during the holiday season.

Why it matters: While the retail sector has gotten better at defending its systems against cyberattacks in recent years, no company can ever be considered completely hackproof.

  • Traditional phishing lures — where hackers impersonate retailers in emails to collect consumers' login information and credit card numbers — are nearly impossible for retailers to track unless a consumer reports them.

Threat level: This year's economic downturn and the return of in-person holiday gatherings are exacerbating the existing threats that retailers have long had to fight, says Ashley Allocca, a threat analyst at cyber intelligence firm Flashpoint.

  • Each year, analysts see a bump in the number of retail companies listed on ransomware extortion sites, where gangs post a list of victims they've targeted that haven't paid up yet, Allocca says.
  • Phishing is also one of the "most popular hacking services advertised within illicit communities" this year, according to a report from the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) published earlier this month.

Details: Hackers rely on employees and consumers being too busy during the holiday seasons to spot scam emails.

  • Phishing campaigns can lead to consumers entering their credentials and credit card info into fake sites or employees accidentally downloading ransomware at their organization.
  • Reports of impostor websites, which mimic well-known retailers and place fake product listings that consumers purchase, also rise during the holidays.

Be smart: Monitor bank statements, double-check sender emails and website URLs, and be suspicious of any deals that seem too good to be true, experts tell Axios.

  • "If it feels suspicious, it probably is suspicious," Allocca says.

Sign up for Axios’ cybersecurity newsletter Codebook here.

3. HP plans up to 6,000 layoffs over three years

Illustration: Allie Carl/Axios

Computer and printer maker HP Inc. said Tuesday it will cut between 4,000 and 6,000 jobs by the end of 2025 as part of a restructuring.

The big picture: The move comes amid large-scale layoffs at a number of large tech companies including Meta, Twitter and Snap.

HP said the restructuring will save it at least $1.4 billion annually by the end of fiscal 2025.

  • However, it expects the move will lead to $1 billion in costs, with $600 million in fiscal 2023 and the rest split over the remaining two years.
  • It made the announcement alongside its quarterly earnings report.

Go deeper: What to expect when your tech firm is downsizing

4. Take note

On Tap

  • Turkey, football, and fixing my parents' computer problems, if history is any predictor.

Trading Places


5. After you Login

Courtesy of Ashley Mayer.

As techies and tech enthusiasts, here is a list of things you might get asked about at Thanksgiving, compiled into bingo format by Coalition Operators venture capitalist Ashley Mayer.

Thanks to Scott Rosenberg and Peter Allen Clark for editing and Nick Aspinwall for copy editing this newsletter.