FTC Chairwoman Edith Ramirez will be the opening speaker at the agency’s first Start with Security conference, to be held next month and focus on the challenges startups and developers face in creating secure applications, an FTC news release said Wednesday. Experts that built security programs at high-growth startups including Dropbox, Etsy, Pinterest and Twitter will “provide startups and developers with practical guidance on integrating security into their application development lifecycles,” it said. FTC Chief Technologist Ashkan Soltani will partake in a “fireside chat” on security issues, and panels are slated on how startups can build a culture of security, how to effectively model threats, train developers, ensure secure coding practices, scale security testing, and respond to hackers who find bugs in products, and embracing security features as a key part of products, the agency said. The event is from 10 a.m. until 4 p.m., Sept. 9, at the University of California Hastings College of the Law in San Francisco. The free event is open to the public. The second Start with Security event is Nov. 5 in Austin.

Google made its new Wi-Fi router, OnHub, available for pre-order, the company said in a blog post Tuesday. The cylindrical router contains internal antennas, automatically adjusts to avoid network interference and allows users to prioritize devices and choose which receive the fastest speed, Google said. OnHub can be managed through a mobile app available on Android and iOS devices, which displays bandwidth and network diagnostic data, the release said. Google said the router can be pre-ordered for $199.99 from the Google Store, Amazon and other retailers, and will be made available in stores in the coming weeks.

The Interactive Advertising Bureau’s Technology Laboratory seeks comment through Sept. 18 on its upgrade to the IAB Display Creative Guidelines, an IAB release said Monday. “The updates were developed by the IAB Display Creative Working Group, in response to ongoing IAB exploration of the benefits of HTML5 technology,” the release said. “The revised guidelines include major changes to key specs for the IAB Universal Ad Package (UAP) and IAB Display and Mobile Rising Stars, which address issues such as file weights and packaging for optimal load performance when HTML5 is deployed,” it said. “Other ad units, rich media guidance, and the display creative glossary of terminology have been reworked as well,” it said. "For years, the 'IAB Display Creative Guidelines' have served as a critical foundation for digital marketing, and this timely update gives us yet another step up the ladder to conversion,” said IAB Technology and Ad Operations Senior Vice President Scott Cunningham. “HTML5 is rapidly becoming the go-to for creating captivating ads that work across multiple screens,” said AOL Premium Experiences Platforms Director of Production Services Aaron Wood, who co-chairs the IAB Display Creative Working Group. IAB Tech Lab members AOL, Celtra, Crisp Media and PointRoll contributed ad units for the initial specification tests before taking the updated "IAB Display Creative Guidelines" to comment, and AOL provided a test environment and analysis during the examination phase, the release said. The IAB HTML5 for Digital Advertising Guidance Working Group is developing a revised "HTML5 For Digital Advertising Guide," which will “directly support the updated ‘IAB Display Creative Guidelines’ with actionable insights and recommendations for using HTML5 effectively in display ad creative,” it said. The guide is expected to be released this fall.

Windstream is joining the HP PartnerOne Program to provide hosting services over the HP Helion and infrastructure platforms, a release said Tuesday. Windstream said HP PartnerOne will allow it to offer HP customers new options and next-generation technology "for running their businesses securely and cost-effectively in the cloud," including private cloud storage options, backup and recovery services, and "replication as a service: automated critical business information storage and data base survivability."

Spotify is rolling out an updated terms and conditions of use and privacy policy to customers during the next few weeks, the company said Monday. “We want to be as open and transparent as possible when it comes to how we describe our business, how we work with advertisers, what information we collect, and what we do with it,” Spotify said about the changes. The company also wants to ensure it's “up-to-date with all the latest features we are offering.” Some of the changes in the privacy policy include: an expansion of the Information We Collect section to include technical data like cookies, device information and network information; notice that customer permission will be requested to collect information from new sources like an address book, location and sensor data from mobile devices; and clarity was added regarding how Spotify shares data with marketing and advertising partners.

Most people haven't installed security software on personal devices, strengthened their Wi-Fi passwords or changed their passwords more frequently, despite the recent increase in reported cyberattacks, said a national survey by Wakefield Research, commissioned by Citrix. The July 6-13 survey of more than 1,000 U.S. adults was done online and by email invitation.

The FTC “wants to know” about consumers’ privacy-related complaints against companies, it said Friday, noting in a blog post that its new Complaint Assistant website will make it easier for consumers to report complaints. The Complaint Assistant site is meant for complaints about issues like unauthorized collection of consumers’ information and unauthorized disclosure of a consumer’s location on social media, the FTC said.

The Department of Defense and the Department ​of Veterans Affairs failed to meet an October 2014 deadline to certify the healthcare data in their systems complied with national data standards and were computable in real time, the GAO said in a report released Thursday. Both departments should also establish additional outcome-oriented metrics to ensure each can assess and report on the status of their interoperability-related activities and determine improvement areas, the report said. It said the departments don't appear likely to meet the Dec. 31, 2016, deadline to deploy electronic health record software and ensure full standards-based interoperability.

The federal government should do more to coordinate federal employees’ participation in the development of international cybersecurity standards, said the National Institute of Standards and Technology-led International Cybersecurity Standards Working Group (ICSWG) in a draft report. The working group released the report to comply with the 2014 Cybersecurity Enhancement Act, which in part required NIST to coordinate with other federal agencies on interagency coordination on cybersecurity standards development (see 1412120066). Improving U.S. government employees’ participation in international cybersecurity standards development will promote U.S. cybersecurity interests and promote U.S. critical infrastructure’s resiliency, said the draft report that was released Tuesday. The U.S. cybersecurity standards system relies on private sector-run standards development organizations, which stands in contrast to government-driven standards bodies in other nations, the working group said. U.S. objectives in developing international cybersecurity standards include ensuring that the federal government’s own standard and assessment tools are technically sound, along with enhancing U.S. national and economic security, ICSWG said.

U.S. companies will likely need to comply with the EU “right to be forgotten” even if it’s never enshrined in U.S. law, privacy lawyers said Wednesday during a Bloomberg BNA webinar. The EU right to be forgotten policy, enshrined in a 2014 European Court of Justice ruling (see 1412160022) and in the European Parliament and Commission’s proposed general approach on data protection reform (see 1506150001), has long been a source of concern for U.S. companies already at “loggerheads” with the EU on other issues, said Kramer Levin Internet and privacy lawyer Kevin Moss. Many of those companies already operate in EU member nations, where governments would argue that U.S. companies are subject to their data protection laws, Dentons lawyer Andy Roth said. “Europe and Silicon Valley are on a collision course.” U.S. companies may face similar difficulties elsewhere on the right to be forgotten, because “a lot of the world is moving closer to the EU model,” Roth said. It would be difficult to codify an EU-style right to be forgotten into U.S. law, given differing interpretations of the right to privacy, Cohen & Gresser lawyer Karen Bromberg said. U.S. courts recognize a right to privacy within the Fourth Amendment and in other case law, but arguments citing the First Amendment tend to “trump” those claims, she said. The publication of a person’s criminal history, one of several issues often cited in arguments favoring the right to be forgotten, is explicitly protected under the First Amendment, Bromberg said.