Cogent is beefing up legal spending as it prepares to go to court over ISP interconnection problems, CEO David Schaeffer said Thursday in a conference call on earnings results. Despite "active discussions ... we believe there's at least a couple [parties] that it appears possible that we may have to file litigation" on, Schaeffer said. "Hopefully ... they may understand the strength of our argument and come to the table. While we continue to remain hopeful that we will not have to file any litigation, we have prepared briefs and motions for litigation against several parties that have been unwilling to upgrade their interconnection capacity as required under the open Internet order." The "three problematic ISPs" are CenturyLink, Deutsche Telekom and Time Warner Cable, he said. While as much as 18 percent of Cogent's traffic at one time suffered interconnection problems with a variety of ISPs -- particularly AT&T, Comcast and Verizon -- "the largest three ISPs in the U.S. have understood this, understood their obligation under the law and have been good corporate citizens and opened up interconnections," Schaeffer said. Today, about 8 percent of Cogent's aggregate traffic is with providers experiencing congestion, he said. He has griped before about the likes of CenturyLink and TWC (see 1505010033). Those companies had no comment right away Thursday.

User names, email addresses and encrypted passwords for users of ICANN’s website were "obtained" at some point in the past week via “unauthorized access to an external service provider,” ICANN said Wednesday. The data breach didn’t expose information related to the Internet Assigned Numbers Authority (IANA) functions or ICANN financial information, ICANN said. “There is no evidence that any profile accounts were accessed or that any internal ICANN systems were accessed without authorization,” it said. ICANN hasn't sought a law enforcement investigation of the breach but its own inquiry is "ongoing," a spokesman said. The nonprofit said it’s requiring all users to reset their passwords and cautioned them to also reset passwords for other websites if they are the same as the one they used on ICANN’s website. ICANN previously was the target of other data breaches, including a November spear phishing attack that affected its centralized zone data system (CZDS), which contained names, email addresses, phone numbers and other information of CZDS users. That breach also affected ICANN’s Governmental Advisory Committee members-only wiki website (see 1412170037).

The Electronic Frontier Foundation released a browser extension, Privacy Badger 1.0, that blocks “some of the sneakiest trackers that try to spy on” an individual’s Web browsing habits, an EFF news release said Thursday. More than 250,000 users installed the Privacy Badger during alpha and beta releases, it said. The new extension “includes blocking of certain kinds of super-cookies and browser fingerprinting -- the latest ways that some parts of the online tracking industry try to follow Internet users from site to site,” it said. Users can sometimes see evidence that they are being tracked by advertisers and other third-parties online with ads that “follow you around the Web that seem to reflect your past browsing history,” said EFF Staff Technologist Cooper Quintin, the lead developer of Privacy Badger. The app will spot many trackers “following you without your permission, and will block them or screen out the cookies that do their dirty work,” Quintin said. The browser extension works in tandem with EFF’s new Do Not Track policy, the group said. Users can set the DNT flag or install privacy badger to signal they want to opt-out of online tracking, the release said. “Privacy Badger won’t block third-party services that promise to honor all DNT requests,” it said. “It’s time to put users back in control and stop surreptitious intrusive Internet data collection,” said EFF chief computer scientist Peter Eckersley, leader of the DNT project.

The global market for facial recognition technology is predicted to reach $2.67 billion by 2022, said a report by Transparency Market Research, a news release said Wednesday. There's increased demand for surveillance systems by civil and government agencies, particularly as the number of crimes and terrorist activities rise, the release said. Facial recognition has been accepted by the entertainment industry and is used extensively in consumer electronics, which is part of what is fueling the demand for the technology, it said. Because it has better accuracy “in terms of identifying facial features,” 3D facial recognition technology is expected to comprise most facial recognition technology sales, the release said. Government is expected to be the biggest user of facial recognition technology, followed by retail outlets, it said.

The Electronic Frontier Foundation asked the 9th U.S. Circuit Court of Appeals whether the purpose of the Fourth Amendment on searches and seizures is “violated when the government copies and searches in bulk the communications passing through the Internet’s key domestic junctions, without a warrant and without probable cause or any showing of individualized suspicion,” EFF Staff Attorney Andrew Crocker wrote in a blog post Tuesday. Tuesday's clarification request is part of an appeal in EFF’s Jewel v. NSA, which was filed in 2008 on behalf of San Francisco resident Carolyn Jewel and other Bay Area AT&T customers over the telco routing copies of Internet traffic to a secret room [at AT&T’s Folsom Street facility] in San Francisco that was controlled by the NSA, Crocker said. In February, a federal district court judge ruled EFF hadn’t introduced enough evidence to support its clients’ standing that the government’s “reliance on secret evidence” was unconstitutional, Crocker said. “As our brief makes clear, Jewel is based entirely on public evidence, including the government’s extensive admissions contained in the public court files and in a report by the Privacy and Civil Liberties Oversight Board,” he said. “For more than a decade, the NSA has been conducting a dragnet invasion of millions of Americans’ privacy by setting up a system that copies and continuously sifts through their online activities,” said EFF Executive Director Cindy Cohn. “While this program of mass surveillance may have once been a secret, the government has now fully admitted that it copies communications wholesale from the Internet backbone and searches the full content of them,” Cohn said. “The Founders were clear that the core purpose of the Fourth Amendment is to protect Americans against the kind of indiscriminate rummaging through their private communications that is occurring as part of Upstream,” a government surveillance program, said EFF Special Counsel Richard Wiebe.

In 2015 more organizations will deal with more security incidents that will lead to an increase in data breaches, ID Experts predicted in December. “Unfortunately, our predictions were very much on target, as 2015 is already the year of the data breach,” ID Experts President Rick Kam wrote in a post Friday: “As companies pay more attention to data breaches, there will be a positive movement toward exchanging lessons learned and best practices.” Kam predicted the rate of data incidents and breaches -- especially in healthcare -- will rise dramatically during the second half of 2015; cross-industry sharing of threats and best practices will increase; and involvement by boards of directors in data privacy and security will increase. A 2015 Mandiant report said it takes an average of 205 days to detect a malware breach, Kam said. As more organizations hire forensic specialists to look for breaches, more breaches will be found, he said. As chip-and-pin security technology is enabled on credit cards, criminals will increasingly target healthcare fraud and identity theft, he said. The public also will start to see the impact criminal exploitation has on healthcare payers like Medicare, Medicaid and private insurers, he said, and attacks will spread to more industries. Attacks on the energy sector may be next, because “state-sponsored attacks will go wherever there’s valuable data to be found,” Kam said.

The White House Tuesday said that President Barack Obama’s TechHire initiative, which seeks to empower Americans with the skills they need for tech jobs through universities and community colleges, “coding bootcamps,” and high-quality online courses, is expanding to 10 new cities and states. Obama’s goal is to bring the initiative to 40 cities and states by year end, and with the addition of 10 new locations, he is halfway to achieving his goal, a White House news release said. The 10 new TechHire locations are Akron; Birmingham; Cincinnati; Lynchburg, Virginia; New Orleans; Oakland; Pittsburgh; San Jose, and the states of Maine and Rhode Island, the release said. More than a dozen major technology companies including Amazon, Box, Microsoft and Xerox announced new actions to ensure diverse recruitment and hiring, the release said.

The FTC is seeking comment on a proposal from Jest8, trading as Riyo, that suggests a method of verifiable parental consent under the Children’s Online Privacy Protection Act (COPPA) should include validating a parent's face against an online presentation of verified photo identification or "Face Match to Verified Photo Identification" (FMVPI), the FTC said in a news release. Under COPPA, certain website operators must post privacy policies, provide notice, and obtain verifiable parental consent prior to collecting, using or disclosing personal information from children under the age of 13. “The proposed FMVPI method provides businesses with more flexibility and effectively ensures that it is a parent providing consent by combining photo identification verification with facial recognition technology via web and mobile devices,” Riyo Director Tom Strange said in a June letter to FTC Secretary Donald Clark. The proposal differs “substantially from existing methods enumerated in Section 312.5(b) [of COPPA] because it uses computer vision technology, algorithms, image forensics and multifactor authentication to validate a parent's identity and provide assurance that the parents' identity credentials are rightfully being used for the provision of [verified parental consent],” the letter said. Riyo’s proposed method protects consumers and empowers parents making decisions about their child’s digital activities “by affording them enhanced obscurity and privacy of their personal information when compared to existing methods,” the letter said. The FTC on Friday sought comment by Sept. 3 on whether the proposed parental consent method is reasonably calculated to ensure the person providing consent is the child’s parent and whether the program “poses a risk to consumers’ information and whether that risk is outweighed by the benefits of the program,” the release said.

The Electronic Frontier Foundation partnered with privacy company Disconnect and a coalition of Internet companies to create a “stronger” Do Not Track (DNT) policy for Web browsing. It better protects users from sites that try to “secretly follow and record” Internet activity and incentivizes advertisers and data collection companies to respect a user’s choice to not be tracked, EFF said in a news release Monday. EFF and Disconnect partnered with the publishing site Medium, analytics service Mixpanel, ad- and tracker-blocking extension AdBlock, and search engine DuckDuckGo, it said. The new DNT setting is not an ad or tracker block, but works in tandem with those technologies, EFF said. “These companies understand that clear and fair practices around analytics and advertising are essential not only for privacy but for the future of online commerce,” said EFF Chief Computer Scientist Peter Eckersley. EFF is pleased so many Web services are committed to give users a “clear opt-out from stealthy online tracking and the exploitation of their reading history,” Eckersley said. “The failure of the ad industry and privacy groups to reach a compromise on DNT has led to a viral surge in ad blocking, massive losses for Internet companies dependent on ad revenue, and increasingly malicious methods of tracking users and surfacing advertisements online,” said Disconnect CEO Casey Oppenheim: “Our hope is that this new DNT approach will protect a consumer’s right to privacy and incentivize advertisers to respect user choice, paving a path that allows privacy and advertising to coexist.”

Nearly a quarter of U.S. broadband households have privacy and security concerns about connected health and fitness tracking devices, said Parks Associates research. But concern over privacy is higher with other connected devices such as door locks (40 percent) and tablets (42 percent), it said. Smartphone security concerns are near the top of the list, with 41 percent of users worried about security or privacy violations, said Parks. "The connected health industries, device manufacturers, and app developers not only need to ensure they have strong security measures in place but also that consumers are aware of the steps they are taking to protect their data,” said Parks analyst Harry Wang. Some 35 percent of consumers worry that their personal health information won't remain confidential if it's online, said Wang. “With high-profile data hacks making big headlines, consumers are expecting companies to take strong security measures to protect them.”