ICANN CEO Fadi Chehadé and former National Security Adviser Stephen Hadley, now a partner at consulting firm RiceHadleyGates, led an off-the-record roundtable event Monday on the national security and geostrategic implications of the Internet Assigned Numbers Authority transition, stakeholders told us. The event, at the Atlantic Council’s Washington office, was aimed at civil society Internet governance stakeholders but also included State Department officials, an industry official said. The event was also an opportunity for invited stakeholders to learn what they “can do in the critical coming months, as ICANN prepares to present” the IANA transition proposal and a related set of proposed changes to ICANN’s accountability mechanisms to NTIA for final approval, an invitation to the roundtable said. The roundtable is “really another in a long series of events we’ve participated in to raise awareness among” Washington-based parties about the IANA transition as planning for the transition has continued to progress, said ICANN Vice President-Business Engagement Chris Mondini. The roundtable was a follow-up to a similar off-the-record Atlantic Council event earlier this year. ICANN has participated in “dozens of these smaller roundtables,” including events at the U.S. Chamber of Commerce and the Center for Strategic and International Studies, Mondini said. ICANN’s presence at the off-the-record roundtable raised concerns among some stakeholders amid a push for ICANN to increase its transparency, though an industry lobbyist said hosting organizations -- rather than ICANN -- typically dictate whether such meetings are on or off the record. The Atlantic Council and Hadley didn’t comment. This roundtable specifically focused on general security issues on how international pressure in the Internet governance space might lead to balkanization of the Internet along national borders, Mondini told us. The session wasn’t being held in connection with recent concerns about government stakeholders’ demands for revisions to the Cross Community Working Group on Enhancing ICANN Accountability’s (CCWG-Accountability) proposed ICANN accountability mechanism changes, Mondini said. CCWG-Accountability hasn’t reached consensus on whether to propose amending ICANN’s bylaws to require the ICANN board to find a “mutually acceptable solution” when the Governmental Advisory Committee provides advice that’s supported by GAC member consensus. CCWG-Accountability is also grappling with a proposal from Brazil and several other GAC members to resurrect a 2014 proposal to amend the ICANN bylaws to require two-thirds of the ICANN board to vote to be able to reject consensus GAC advice (see 1511160047).

Thirty-one ICANN users’ credentials were used for gaining unauthorized access to new generic top-level domain (gTLD) applicants’ and operators’ contact information via ICANN’s new gTLD applicant and Global Domains Division portals, ICANN said Thursday. ICANN temporarily took both portals offline in late February to investigate unauthorized data exposures on the portals. Information from 29 registry operators was exposed via unauthorized access, though ICANN noted that information “was accessed inadvertently.” The “exposed registry contact information does not appear to contain sensitive personally identifiable information,” ICANN said. “Each of the affected parties has been notified of the data exposure.” ICANN said it took necessary steps to prevent similar types of data exposures from occurring in the future and “continues to deploy security-based updates on a regular basis as part of a broader, multiyear effort to harden all of ICANN's digital services.”

Mark Zuckerberg and his wife, Priscilla Chan, are giving $20 million to EducationSuperHighway to help the organization reach its goal of connecting all U.S. classrooms to the Internet at the FCC's 100 kbps per student goal, said the Facebook CEO in a post on his Facebook page. Because the Internet is critical for personalized learning, Zuckerberg said, it's important to get every school connected. While most schools are connected to the Internet, fewer than half have high-speed broadband, he said. "This means most students can't use personalized learning software that helps them learn content they're interested in, at their own pace and in a style customized to them," the post said. "And it means teachers can't access many of the resources available online." EducationSuperHighway didn't comment.

The Department of Homeland Security managed to strengthen its cybersecurity capabilities over the course of FY 2015 but failed to comply with multiple important information security requirements, said DHS’ Office of Inspector General in a report released Thursday. “Without addressing these deficiencies, the Department cannot ensure that its systems are properly secured to protect sensitive information stored and processed in them,” said the OIG. In particular, DHS failed to “include its classified system information as part of its information security scorecard” or as part of its Federal Information Security Modernization Act (FISMA) compliance submissions to the Office of Management and Budget, the OIG said. Some DHS agencies and offices “did not maintain their information security programs on a year-round, continuous basis” and the department’s enterprise management systems “lacked input validation controls to ensure accurate data was entered into the system,” the OIG said. DHS agreed with most recommendations from the OIG but said it didn’t concur with a recommendation that DHS strengthen its FISMA reporting process to ensure its classified system data was included on its FISMA compliance submissions to OMB. FISMA compliance reporting requirements for FY 2015 “do not require the submission of agency classified system data,” with a separate scorecard being used to report that information in case such scorecards need to be made classified documents, DHS said.

When shopping for tech products for the holidays, “remember that Black Friday savings don't have to stop at checkout,” said Noah Horowitz, senior scientist at the Natural Resources Defense Council, Thursday in a blog post. “When you buy the most energy efficient devices on the market -- and adjust the settings to avoid unnecessary energy waste once you bring your new toys home -- you can enjoy year-round savings on your electric bills,” said Horowitz, who wrote NRDC’s new report that said Ultra HD TVs with high dynamic range have the potential to consume 50 percent more power than basic Ultra HD TVs without the HDR capability (see 1511180067) and 1511190025). “We have 3.8 billion electronic devices installed in homes across the country,” and collectively they use $22 billion worth of electricity a year, enough to match the output of 67 large power plants, he said. “Many of these devices, like always-on set-top boxes or gaming consoles, can rack up energy costs even when no one's using them -- an average of $165 dollars every year per household.”

Spotify introduced a new global parental leave policy that allows all full-time employees to take up to six months of leave with full pay, the company said in a news release Thursday. Spotify said the six months of leave can be taken until the child's third birthday, and all employees who had children in 2013 are also eligible for the benefit. Mothers and fathers can split leave into separate periods, the release said, and employees transitioning back to work from parental leave will be able to work from home on part-time schedules within the first month of their return.

As online holiday deals for tech products heat up, many Americans are expected to buy such gear during Black Friday Week starting next Monday and lasting through Cyber Monday a week later. The Consumer Technology Association expects 91 million Americans plan to buy tech or tech accessories during Black Friday Week, as more consumers shop online and via mobile devices during the Thanksgiving week, CTA said. Some 37 percent of U.S. adults plan to buy technology products during Black Friday shopping week, and videogame consoles rank at the top of the list (31 percent), up from fifth place last year, CTA said Wednesday. TVs hold the second spot again in 2015 at 26 percent; tablets (24 percent), slipped to third from No. 1 in 2013 and 2014; laptops (24 percent); smartphones (22 percent); and in last place after other items are smartwatches (4 percent). Amazon jumped the gun on Black Friday week, announcing eight days of holiday deals that begin Friday. Shoring up its mobile business, Amazon will introduce deals available only through the Amazon Mobile Shopping App for Android, iOS and Fire OS. Total holiday sales from Amazon’s mobile shopping app doubled in the U.S. last year, led by Black Friday, the company said.

Hispanics continued to lag behind other ethnic groups in Internet use in 2013, the NTIA said in a blog post Tuesday. Hispanic online use was 61 percent, trailing non-Hispanic whites (75.4 percent), Asian-Americans (75.3 percent) and African-Americans (64 percent), NTIA said, citing a Census Bureau July 2013 survey. Hispanics did narrow the gap some from 2011, when their Internet use was 54.4 percent, while overall, Internet use by Americans edged up from 69.7 percent to 71.4 percent from 2011 to 2013. “Language barriers and citizenship considerations may be associated with differing levels of Internet use and help explain this dimension of the digital divide,” said John Morris, associate administrator-NTIA Office of Policy Analysis and Development, saying the Hispanic population is on average younger than other groups. “Low Internet use in the Hispanic community continues to be a major concern, although adoption is growing more rapidly for this group than the country as a whole.”

The ACLU said it filed a lawsuit Tuesday against the Department of Justice to “uncover” what a conferenced cybersecurity information sharing bill “will actually authorize" under DOJ interpretation of the bill. The House and Senate are in the process of conferencing the House-passed Protecting Cyber Networks Act (HR-1560) and the Senate-passed Cybersecurity Information Sharing Act (S-754). The ACLU’s lawsuit, filed in U.S. District Court in the Southern District of New York, seeks “timely disclosure” under the Freedom of Information Act of a 2003 legal opinion from Justice’s Office of Legal Counsel (OLC) interpreting “common commercial service agreements.” The ACLU said it’s concerned the opinion could result in a dangerous interpretation of a conferenced information sharing bill. Although the ACLU, other privacy groups and tech sector stakeholders opposed S-754 in the lead-up to that bill’s passage in October (see 1510280057), its controversial provisions “may pale in comparison to what the bill allows when read in conjunction” with the OLC opinion, the ACLU said in a blog post. “Before our lawmakers expand the government’s surveillance authority under the guise of cybersecurity legislation, shouldn’t we -- and the legislators themselves -- know what the real consequences will be?” DOJ didn't immediately comment.

Administrative Law Judge Michael Chappell dismissed the FTC's case against LabMD. He said Friday that the agency failed to prove that the medical testing company's previous data breach potentially harmed consumers (see 1509180062). "At best, complaint counsel has proven the 'possibility' of harm, but not any 'probability' or likelihood of harm," Chappell wrote in his decision. "Fundamental fairness dictates that demonstrating actual or likely substantial consumer injury ... requires proof of more than the hypothetical or theoretical harm that has been submitted by the government in this case." Jessica Rich, director of the FTC’s consumer protection bureau, in an emailed statement said, "Commission staff is disappointed in the ruling issued by the administrative law judge in this case. We are considering what next steps may be appropriate."