Sen. Ed Markey, D-Mass., plans to introduce legislation in September or October on strategies websites use to “glue” children to devices, said Senior Policy Adviser Joseph Wender Thursday. Markey, who will prioritize two other privacy-related legislative items after congressional recess, is having ongoing conversations with lawmakers about co-sponsoring the Kids (Kids Internet Design and Safety) Act, Wender told us after a Family Online Safety Institute event.
Karl Herchenroeder
Karl Herchenroeder, Associate Editor, is a technology policy journalist for publications including Communications Daily. Born in Rockville, Maryland, he joined the Warren Communications News staff in 2018. He began his journalism career in 2012 at the Aspen Times in Aspen, Colorado, where he covered city government. After that, he covered the nuclear industry for ExchangeMonitor in Washington. You can follow Herchenroeder on Twitter: @karlherk
The FTC released a highly redacted version of Uber’s third-party privacy assessment related to its 2016 data breach (see 1810260040) Tuesday. Commissioner Rebecca Kelly Slaughter and advocates quickly called for greater transparency. After the FTC reached a no-fine settlement with Uber in October, Slaughter and Commissioner Rohit Chopra urged the agency to release the Uber assessment. Though the commission didn’t release the document then, Chopra and Slaughter noted it could be accessed through a Freedom of Information Act request, which is how we obtained it Tuesday.
North Carolina Attorney General Josh Stein (D) and Arizona AG Mark Brnovich (R) are participating in bipartisan discussions about a multistate investigation of tech industry competition, aides from both offices said. The group, which also involves Texas and Nebraska, is expected to issue civil investigative demands (CID) around Labor Day, said a source familiar with the effort. CIDs are prelitigation, administrative subpoenas officials can use to compel documents and testimony from the industry.
France’s digital service tax (DST) is a radical departure from international norm, discriminates against U.S. companies and undermines efforts to reach global, multilateral consensus on the digital economy, tech companies and trade groups told U.S. officials Monday (see 1908140056). Witnesses from Facebook, Google, Amazon, the Information Technology and Innovation Foundation, the Computer & Communications Industry Association and the Information Technology Industry Council testified before the Office of the U.S. Trade Representative and officials from various federal agencies. Representatives from the departments of Commerce, State, Agriculture, Homeland Security and others questioned tech witnesses as part of the USTR’s Section 301 investigation of France’s DST.
Congress can protect privacy and national security by letting the Patriot Act-related phone records program and other unwanted surveillance authorities expire (see 1905060048), said Sen. Ron Wyden, D-Ore. Friday's comments responded to Office of National Intelligence outgoing Director Dan Coats’ request that the Senate Intelligence and Judiciary Committees permanently reauthorize certain Patriot and USA Freedom Act-related authorities. Coats seeks permanent authorization of a controversial call detail records (CDR) program he acknowledged the intelligence community suspended. Privacy advocates hoped ODNI would allow some provisions to expire, after reports the program had gone dormant (see 1904240068).
It’s a “significant problem” that consumers lack the ability to opt out of doing business with credit reporting agencies like Equifax, which collect data indirectly, Information Technology and Innovation Foundation Vice President Daniel Castro said during an interview on C-SPAN's The Communicators to be televised Saturday and posted here Friday. There are legitimate questions about government oversight for credit entities, he said. Castro believes policymakers should consider ways to make certain types of consumer data less valuable. Social Security numbers, one of the most valuable pieces of information, shouldn’t be the sole input for verifying identity, he said. Castro was asked about ITIF’s study on the cost of the U.S. adopting a federal privacy law mirroring laws in the EU or California (see 1908050058). The key is to create a privacy law at reasonable cost, he said: Consumers should have enhanced privacy, but they should retain access to innovative products and services. On data breaches, such as those that Capital One, Equifax and Target have suffered, the analyst said that companies could offer customers a "menu of options" such as password-storage or other services rather than frequent credit monitoring at no cost. He noted that such monitoring is often provided for free, anyway. Equifax didn't comment right away Thursday.
A tech-communications industry coalition plans to publish a white paper this quarter proposing baseline IoT security standards, said CTA Vice President-Technology and Standards Michael Bergman Tuesday. The document for the so-called C2 Consensus on IoT Device Security will parallel similar IoT baseline setting efforts (see 1908010054) from NIST, he said during a workshop at agency headquarters.
DOJ should defer to Congress before potentially altering the ASCAP and BMI consent decrees, broadcast and film associations commented. They joined consumer and tech industry groups in supporting preserving the decrees. Comments (see 1906050060) were due Friday night.
Congress should bring more transparency to data broker practices through the FTC, Sens. Gary Peters, D-Mich., and Martha McSally, R-Ariz., told us after introduction of their bill (see 1908010043) to require data brokers to register annually with the FTC for acquisition, use and protection of brokered personal data.
U.S. Trade Representative Robert Lighthizer shouldn’t include Section 230-like protections in trade deals, given ongoing policy discussions about the tech industry's liability shield, House Commerce Committee Chairman Frank Pallone, D-N.J., and ranking member Greg Walden, R-Ore., wrote Tuesday.