Voxx International’s recent $20.2 million purchase of a majority stake in biometric security supplier EyeLock is important to Voxx because the IoT “has made security a critical part of daily life, demanding more efficient means of protecting identities and assets,” Voxx CEO Pat Lavelle said last week on an earnings call. EyeLock boasts a portfolio numbering more than 100 patents, which includes items “with technology that can potentially create the most powerful cybersecurity solution available as well as logical and perimeter access solutions,” Lavelle said. With its acquisition of a controlling interest in EyeLock, Voxx now controls “all of their IP and substantially all of their assets,” he said. “Their technology and business model enables them to scale across multiple markets and there was no doubt in our minds that iris biometrics will be one of, if not the, chosen method for authentication in the future,” he said. By the end of the decade, iris authentication “will become commonplace” for consumers, financial institutions and government and defense contractors, he said. Moreover, automakers and tech companies “may look to integrate iris authentication into routers, switches, set-top boxes, PCs and mobile devices,” he said. “Blue chip partners and global brands” are evaluating or have already adopted EyeLock's iris authentication technology “as a means to improve system and infrastructure security and for embedded technology applications,” he said. EyeLock also is in talks “with leading PC, tablet and laptop makers about embedding their technology in these devices,” he said.

A conservative German data protection authority (DPA) issued a position paper, in German, on the European Court of Justice’s safe harbor ruling (see 1510060001), saying it disagrees with the European Commission’s opinion that alternative data transfer mechanisms may be used in place of safe harbor, a Hunton & Williams blog post said Wednesday. The paper says that a long-term solution would require a significant change in U.S. law and that mechanisms like consent and EU standard contractual clauses must be evaluated in a new way, the post said. “It is unknown whether other German DPAs will concur with the Position Paper,” it said. The post also noted the paper “does not invalidate any prior adequacy decisions made by the [European] Commission.” However, the paper says the DPA is “considering using the power granted to it by Article 4 of Commission decision 201/87/EU of February 5, 2010 to 'prohibit or suspend data flows to third countries in order to protect individuals with regard to the processing of their personal data,' if the data importer is not able to comply with EU data protection law, or if the requirements of Article 13 of the EU Data Protection Directive 95/46/EC are not satisfied.” In the decision, each EU country is granted the right to review these privacy agreements, which is new, said Perkins Cole attorney Janis Kestenbaum, former adviser to FTC Chairwoman Edith Ramirez, during the Computers, Freedom and Privacy 2015 conference Wednesday. Even if the U.S. and EU can agree on a new safe harbor deal, any individual country could say the agreement isn’t good enough, Kestenbaum said. It should be noted that the court’s decision didn’t say there was any wrongful activity done by U.S. companies or by the U.S. government, said attorney Alan Raul, founder of Sidley Austin's Privacy, Data Security and Information Law practice. What the opinion says is that the EC didn’t adequately assess the adequacy of the U.S. government surveillance system, Raul said. Passage of legislation reforming the Electronic Communications Privacy Act and the Judicial Redress Act are crucial to a new safe harbor agreement, but may not be enough, said TechFreedom President Berin Szoka. Raul and Szoka said the Europeans don’t understand the U.S. privacy and data protection system or how active the FTC is in this arena. Kestenbaum said the EC likely is less concerned than the courts are and said it’s the EC that will be at the table negotiating for a new deal.

Identity thieves can use a child’s personal information, like a Social Security number, to get a job, tax refund, open bank and credit card accounts, apply for a loan or rent a place to live, FTC Consumer Education Specialist Nicole Fleming wrote in a blog post Wednesday. In the event a child’s information is involved in a breach, check to see the child has a credit report, Fleming said. “Children shouldn’t have credit reports -- unless someone is using their information for fraud.” Some states allow a parent or guardian to place a freeze making it more difficult for someone to use a Social Security number to open new accounts, Fleming said. “Even if you aren’t aware of any problems, it’s a good idea to check your child’s credit history when he or she turns 16,” Fleming said. “That gives you time to fix any unexpected problems -- before your child applies for a loan, an apartment, or insurance.”

Microsoft launched a transparency website that merges its existing transparency reports, including the Law Enforcement Requests Report and U.S. National Security Orders Report, with a new report that details requests Microsoft receives to remove online content from its Bing search engine, Microsoft Deputy General Counsel John Frank wrote in a blog post Wednesday. The new Content Removal Requests Report “illustrates how Microsoft strives to comply with local and intellectual property laws while adhering to our commitment to transparency and free expression,” Frank said. He said Microsoft has established a general set of guidelines to cover the different types of online content removal requests, from copyright to right to be forgotten, by requiring the requests be made in writing; communicating to users that the content has been removed from search results; and limiting content removal to specific markets, except in the case of copyright requests where content is removed globally, Frank said. Microsoft’s Transparency Hub “will continue to evolve” as the company gathers information on other topics and seeks to provide customers with a better understanding of how Microsoft works, Frank said.

The co-chairmen of ICANN's Cross Community Working Group on Enhancing ICANN's Accountability (CCWG-Accountability) reported Wednesday that there continues to be “some disagreement” among the group's members on how to proceed on several key proposed changes to ICANN's accountability mechanisms ahead of ICANN's planned meeting in Dublin, which is set to run from Saturday through Oct. 22. Areas of disagreement center on proposals for a mechanism for enforcing proposed new ICANN community powers and a proposal to amend ICANN's bylaws to require the ICANN board to find a “mutually acceptable solution” when the Governmental Advisory Committee provides advice that’s supported by GAC member consensus, the CCWG-Accountability co-chairmen said in a blog post. Those issues were among several that remained unresolved following CCWG-Accountability's two-day meeting last month in Los Angeles (see 1509280056) and subsequent teleconferences. A significant number of other provisions in the CCWG-Accountability proposal also need further revisions “but we are confident that these refinements can be provided shortly to meet stakeholder expectations,” the group's co-chairmen said. CCWG-Accountability is investigating whether a two-phase plan for implementing “community empowerment” would be feasible, as such a plan “could help accommodate” concerns with the existing proposal, the co-chairmen said. CCWG-Accountability is “committed to make great strides during the Dublin meeting,” the co-chairmen said. “We are aware that the finalization of our recommendations is the last missing piece in the IANA Stewardship Transition puzzle and we take this responsibility very seriously.”

Nonprofit domain names .org, .ngo and .ong are continuing to gain traction worldwide, the Public Interest Registry (PIR) said in reports on the three domains. The .org domain remains the third-largest top-level domain, with more than 130,000 additional registrations in the last 12 months and registrants renewing their .org registrations at a rate of 73.7 percent annually, PIR said. International registrations on the domain demonstrated “steady growth,” with countries in Asia continuing to increase their share of the registration pool, PIR said. More than 2,300 .ngo and .ong domain bundles were registered globally between the domains' launch in early May and June 30, PIR said. “The continuous growth of the .org domain, and the early adoption of the .ngo and .ong domains is a clear indication that organizations and individuals around the world understand the need for global collaboration and collective empowerment to successfully serve the public interest,” PIR CEO Brian Cute said in a news release.

It’s clear that Internet TV “is becoming increasingly mainstream and traditional media companies are adjusting to the shift from linear to on-demand viewing,” Netflix CEO Reed Hastings and Chief Financial Officer David Wells said Wednesday in their quarterly letter to shareholders. “It is a great time to be a creator of content because studios make content to sell content (not to withhold it) and there are new bidders for their product,” they said. Some studios “will choose to license content” to subscription-based VOD (SVOD) services like "Hulu, Amazon Prime Instant Video and Netflix,” but “others may not,” they said. “We have a lot of content to select from.” The “competitive landscape remains vibrant” as Netflix competes with many forms of entertainment for consumers’ leisure time, they said. SVOD services “continue to evolve,” and they remain “active bidders for content, in addition to all the cable networks around the world,” they said. “Linear networks that embrace on demand and Internet delivery as we have, will become more valuable and will experience renewed growth (like HBO Now), while those that do not will lose relevancy,” they said. “The secular shift to on-demand consumption is best described as ‘consumers evolving vs. old habits’ rather than ‘Netflix vs. traditional media.’ We’re all racing to fulfill consumer desires.”

Twitter’s 8 percent workforce reduction, announced to employees in a letter and in an 8-K SEC filing Tuesday, had been rumored in tweets going back to Friday. CNBC reported companywide layoffs in the week ahead as Jack Dorsey moved from interim to permanent CEO. Twitter said in the 8-K that the board voted Monday to cut 336 members of its global workforce as part of a plan “to organize around the Company’s top product priorities and drive efficiencies throughout the Company.” Twitter plans to reinvest savings in its most important priorities to drive growth, it said. Severance costs are expected to run between $10 million and $20 million, with restructuring expenses estimated to be $5 million to $15 million. In the employee letter, Dorsey said the restructuring would put the company “on a stronger path to grow.” Dorsey referred to a “streamlined roadmap” for Periscope, Twitter and Vine and a focus on experiences expected to have the greatest impact. One of those experiences, Moments, launched last week with “a great beginning” giving a “bold peek into the future of how people will see what’s going on in the world,” Dorsey said. Cuts will affect product and engineering teams the most, he said. Engineering will remain the biggest percentage of the workforce but will "move much faster with a smaller and nimbler team," Dorsey said. Twitter users commented on the news, led by Dorsey, whose Twitter handle is Jack: “Made some tough but necessary decisions that enable Twitter to move with greater focus and reinvest in our growth.” Anita B. wondered if the social media upward trend is “slowing down.” Jischinger observed: #twitterlayoffs not trending.” B_Meson pointed to Dorsey’s promise in his letter to “give it to you straight” rather than using corporate speak while following with the term “streamlined.” Predictable Twitter humor ensued: Zach Zimmerman said: “We’re limited to 129 characters now.”

The FBI issued an alert Thursday warning consumers and merchants that the new microchip-enabled credit cards are still susceptible to fraud. Instead of relying on a magnetic strip to store data, the new EMV (EuroPay, MasterCard, Visa) chip cards “verify the card’s authenticity by the cardholder’s personal identification number (PIN)” and “transmit transaction data between the merchant and the issuing bank with a special code that is unique to each individual transaction,” the alert said. EMV cards provide more security than traditional magnetic strip cards, but are still vulnerable to fraud, the alert said. “EMV cards can be counterfeited using stolen card data obtained from the black market,” it said. The data on the magnetic strip of an EMV card can be stolen if the point-of-service terminal is infected with data-capturing malware, and the chip won’t stop stolen or counterfeit credit cards from being used for online or telephone purchases, it said.

California Gov. Jerry Brown (D) signed the California Electronic Privacy Communications Act (CalECPA SB-178) into law Thursday. The bill “protects Californians against warrantless law enforcement access to private electronic communications such as emails, text messages and GPS data that are stored in the cloud and on smart phones, tablets, laptops and other digital devices,” said one of the bill’s author’s, state Sen. Mark Leno (D), in a news release. CalECPA has support from Silicon Valley’s major tech companies, including Apple, Facebook, Google and Twitter, which have “seen a dramatic rise in requests from law enforcement for consumer data in recent years,” the release said. “Google has seen a 180 percent jump in law enforcement demands for consumer data in the past five years,” it said. “Last year, AT&T received 64,000 demands -- a 70 percent increase in a single year,” it said. “Verizon reports that only one-third of its requests had a warrant, and last year Twitter and Tumblr received more demands from California than any other state,” the release said. American Civil Liberties Union Technology & Civil Liberties Policy Director Nicole Ozer called Brown’s decision to sign the legislation into law a “landmark win for digital privacy,” in an ACLU news release. California now joins Maine, Texas, Utah and Virginia in updating privacy laws for the digital age, Leno's news release said. The ACLU hopes California’s legislation is used as a “model for the rest of the nation in protecting our digital privacy rights,” Ozer said. The Electronic Frontier Foundation and Center for Democracy & Technology also released statements supporting Brown’s decision to sign the legislation.