Facebook Monday disclosed more detailed data on national security requests it received from the government (http://bit.ly/1dYVxkt). “With last week’s announcement that the U.S. government has relaxed its limitations on what we are allowed to disclose, we are now permitted to provide important new information that we believe will help foster an informed public debate about the government’s efforts to keep the public safe,” said Facebook General Counsel Colin Stretch in a blog post. The company received between zero and 999 Foreign Intelligence Surveillance Act (FISA) content requests from January to June of 2013, the same range it had received in the six previous months. Those requests identified between 5,000 and 5,999 accounts during the first six months of 2013, up from the 4,000 to 4,999 accounts identified in those requests during the last six months of 2012. Facebook has also received between zero and 999 national security letters in both the first and last half of 2013, and the last half of 2012.
Twitter acquired more than 900 patents from IBM in December, the two companies revealed in a Friday release (http://ibm.co/1elUMq7). The price wasn’t disclosed. The companies also said they had entered into a patent cross-license agreement. “This acquisition of patents from IBM and licensing agreement provides us with greater intellectual property protection and gives us freedom of action to innovate on behalf of all those who use our service,” said Twitter Legal Director Ben Lee in a statement. The deal “illustrates the value of patented IBM inventions,” said IBM General Manager of Intellectual Property Ken King in a statement. IBM recently said it had received 6,809 patents in 2013, the most any company had ever received in one year (http://ibm.co/L02ZF6), adding the company had received the most U.S. patents each year for 21 straight years.
Security and compliance management firm Tripwire joined the Council on CyberSecurity as a founding member. The group’s advisory board includes Google Chief Internet Evangelist Vint Cerf and Kaspersky Lab CEO Eugene Kaspersky. Tripwire said it believes it will be able to “support and amplify the council’s efforts to accelerate the widespread availability and adoption of effective cybersecurity measures, practice and policy.” Tripwire and the council “have a shared vision of a widely adopted framework of security controls and practices that allow business and technical executives to understand and quantify cybersecurity risks with the same level of clarity used for other types of business risk,” said CEO Jim Johnson in the company’s news release Thursday (http://bit.ly/1iQMHgK).
The federal government should institute baseline cybersecurity requirements as a condition for contract awards for “appropriate acquisitions,” the Department of Defense and General Services Administration said in a report released Wednesday. The report, prepared as part of President Barack Obama’s February 2013 cybersecurity executive order, “provides a path forward to aligning federal cybersecurity risk management and acquisition processes,” DOD and GSA said. The agencies also recommended the federal government develop common definitions for cybersecurity jargon for all federal acquisitions and institute a federal acquisition cyber-risk management strategy. The government should include cybersecurity in acquisition training and increase government accountability for cyber risk management, DOD and GSA said. The government should also require all federal agencies to make purchases from original equipment manufacturers, authorized resellers and “other trusted sources,” DOD and GSA said (http://1.usa.gov/1aIm9eX).
The investigation of “counterfeiting, fraud, unauthorized access, fraudulent use of domain names,” and other crimes that affect intellectual property will fall to the newly formed Intellectual Property Protection Division of the Software and Information Industry Association (SIIA), said SIAA in a blog post Wednesday (http://bit.ly/1b7Jd1o). The new scope of SIIA comes from an understanding “that companies’ intellectual property needs no longer begin and end with piracy,” said Keith Kupferschmid, SIIA general counsel, in the post. “While software and content piracy remains commonplace, new infractions -- like illegal access to software and content in the cloud and misuse of popular brands online to defraud consumers -- are becoming far more prevalent,” he said.
The U.S. had the highest-ranked overall intellectual property (IP) protections out of 25 countries, said a report (http://bit.ly/1cuElre) from the U.S. Chamber of Commerce’s Global Intellectual Property Center (GIPC) released Wednesday. The U.K. placed second and France third, with China 17th and India 25th, it said. The rankings are based on 30 IP standards, including “protection and enforcement of patents, trademark, copyrights, trade secrets, and participation in relevant international treaties,” and said the U.S. had “fallen behind” in IP “enforcement,” said a GIPC news release (http://bit.ly/1byiVVZ). The federal government should strengthen “current enforcement programs and allocate dedicated resources throughout the government to effectively enforce IP rights and protect consumers,” said David Hirschmann, GIPC president. The analysis was done by Pugatch Consilium, an international research consultancy.
A two-year federal grant will back a pilot program to safeguard children’s online activities and personal information, said a Verizon release Wednesday (http://on.mktw.net/1eg7aId). Privacy Vaults Online (PRIVO) -- which helps companies comply with the Children’s Online Privacy Protection Act (COPPA) -- put together the group of technology and identity companies and government agencies to work on the program, said Verizon. Verizon Enterprise Solutions will be among the participating companies. The government grant lasts for two years, is worth as much as $3.2 million and is funded through the National Strategy for Trusted Identities in Cyberspace (NSTIC), a White House-launched, public-private sector initiative, said Verizon. NSTIC is housed within the National Institute of Standards and Technology. The pilot program is expected to create the Minors Trust Framework, “a collection of policies and online tools that provides parents more control over the online activities of their children and helps businesses address” COPPA requirements, Verizon said. The group will issue “privacy-enhancing login credentials” to “indicate parental consent, helping to reduce the capture of sensitive information about a child, and enabling easier, more secure online access,” Verizon said. PRIVO expects 1 million of these credentials will be issued by the end of 2014, with 10 million issued by the end of the pilot program in 2015, Verizon said. “Businesses, government agencies and nonprofit organizations that offer online services to children have been hindered in their efforts to comply with COPPA by the lack of a unified approach to notify parents and obtain their consent,” said PRIVO CEO Denise Tayloe in a statement.
Seven of the top 10 leading countries in IPv6 adoption were European in Q3, said an Akamai report released Tuesday, according to the company’s news release (http://bit.ly/1fk4Vnp). Japan was the only Asian Pacific country in the top 10, it said. China accounted for 35 percent of “attack traffic” in Q3, followed by Indonesia at 20 percent; the U.S. was at 11 percent, it said. Average Internet connection speeds increased 10 percent from Q2 to 3.6 Mbps, it said.
A GAO report released Tuesday said the Department of Homeland Security should collaborate with the emergency services sector to address the cybersecurity implications of Internet-related technologies, in a revised version of the sector’s Sector-Specific Plan. DHS, along with the FCC and the departments of Commerce, Justice and Transportation, coordinated cybersecurity-related activities with state and local governments, but that coordination had not focused on the cybersecurity of public safety entities involved in 911 calls, the report said. DHS efforts to work with emergency services did not address Internet-based information technologies, such as next-generation 911, the GAO said. Those technologies were not included because updates to the emergency services sector-specific plan weren’t set to begin until after DHS released a revised version of the National Infrastructure Protection Plan in December, the GAO said. DHS plans to complete the emergency services sector plan by December. Until that plan is completed, “information systems are at an increased risk of failure or being unavailable at critical moments,” the GAO said (http://1.usa.gov/1evFtY7).
Apple updated its statistics on national security orders (http://bit.ly/1mRZJHV) after the Justice Department lifted some restrictions on reporting government requests for information (CD Jan 28 p10). The company said it received between zero and 249 national security orders Jan. 1-June 30, 2013 -- a range it had not been able to report in its previous disclosure (CD Nov 7 p12). National security orders represent the total number of national security requests received from the government, which includes national security letters issued by the FBI, said Electronic Frontier Foundation Staff Attorney Nate Cardozo. In total, the company received 927 law enforcement account requests, specifying 2,330 accounts. Previously, those numbers were reported as 1,000 to 2,000 account requests and 2,000 to 3,000 accounts. Data disclosed was to law enforcement in 747 of the 2,330 accounts named. That disclosure number was initially reported as zero to 1,000.