YouTube users will soon be able to automatically delete their search and viewing histories, Google announced Wednesday. The company rolled out some sweeping privacy-related changes for various Google platforms, including Maps, which will now allow users to operate in an incognito mode similar to a Chrome feature. Assistant users will soon be able to delete voice recording data, as well.

The National Institute of Standards and Technology seeks comment by Nov. 1 on a draft document for IoT product security, said the agency Wednesday: “The report details open-source research, a hands-on review and a security features analysis of several commonly purchased IoT consumer home devices.”

Commissioners Christine Wilson and Noah Phillips and FTC officials will speak at an Oct. 7 children’s online privacy workshop (see 1907170063), the agency said Tuesday. Division of Privacy & Identity Protection Associate Director Maneesha Mithal, DPIP attorney Jim Trilling and ACT | The App Association President Morgan Reed also speak. Topics include the scope of the Children’s Online Privacy Protection Act, the state of children’s privacy and persistent identifiers.

Website users must give specific consent to storage of their cookies, the European Court of Justice ruled Tuesday. The decision arose from a challenge by the Federation of German Consumer Organizations to a pre-ticked checkbox, used by Planet49 in connection with online promotional games, by which users looking to participate consented to such storage. The cookies were used to collect information to advertise Planet49's partner products. ECJ ruled that under previous EU privacy law and the current general data protection regulation, consent required isn't valid if storage of information or access to information already stored in a user's terminal equipment is permitted via a pre-checked box which the user must deselect to refuse consent. That decision isn't affected by whether the information shared or accessed is personal data, because EU law seeks to protect users from any interference with their private life, such as from hidden identifiers and similar devices that enter users' terminals without their knowledge. "Consent or be tracked is not an option," said European Digital Rights Policy Head of Policy Diego Naranjo. EU governments should now move ahead with legislating on the practice and finalize the e-privacy regulation that complements GDPR, he said. Planet49 didn't comment.

FCC Chairman Ajit Pai drew attention to a “heartbreaking” New York Times report that the amount of online child sex abuse material doubled 2017-2018. “Very hard but important reading,” Pai tweeted Monday. Sen. Josh Hawley, R-Mo., said, “This is sickening.”

CalAmp CEO Michael Burdiek “would anticipate” his company’s new Sprint IoT “strategic partnership” agreement will “survive” T-Mobile/Sprint, he said on a fiscal Q2 call Thursday “There would be no reason for it not to.” CalAmp will supply Sprint “intelligent telematics” devices and “device-as-a-service” (DaaS) subscription services. It's a telematics “resell arrangement,” and will “expand Sprint's broad range of connected car, fleet and asset management services,” said Burdiek. Sprint “was really keen” on the DaaS program, “because they see it as a way to lower friction for customer adoption” of telematics services, he said.

Dunkin’ Donuts failed to tell nearly 20,000 customers their accounts were compromised in a 2015 cyberattack, alleged New York Attorney General Letitia James (D) in a lawsuit Thursday. Tens of thousands of dollars from customer “DD” card accounts were stolen after the company failed to take reasonable safeguards to protect the data, said James. The company didn’t notify the customers or reset their accounts to end unauthorized access, she alleged. The company didn't investigate, which would have helped “it determine which other accounts had been compromised, what customer information had been acquired, and whether customer funds had been stolen,” she said. The company didn’t comment.

The FTC sued the owner of Match.com Wednesday, alleging it “used fake love interest” ads to trick hundreds of thousands of users into buying subscriptions. Match.com owner Match Group also owns Tinder, OKCupid, Plenty of Fish and other dating services. “Match.com conned people into paying for subscriptions via messages the company knew were from scammers,” said Consumer Protection Bureau Director Andrew Smith. Match users can create free accounts, but a paid subscription is required to reply to messages. Match called the allegations “completely meritless.” The agency “misrepresented internal emails and relied on cherry-picked data to make outrageous claims and we intend to vigorously defend ourselves against these claims in court,” it said.

The U.S. and Japan reached two agreements to “rebalance trade,” said the White House Wednesday. One of the deals “includes robust commitments on digital trade, which will greatly expand commerce across our modern industries,” it said. A second calls for Japan to open its markets to about $7 billion in U.S. agricultural exports, it said. Talks will continue “in the months ahead” toward a “final, comprehensive trade deal,” it said. Tech groups welcomed the digital trade accord. Along with the digital and e-commerce rules in the U.S.-Mexico-Canada Agreement on free trade, "this agreement with Japan now makes the two strongest trade agreements in U.S. history for digital trade and cross-border data flows," said CTA. "At a time when every company is essentially a tech company, it’s critical to have a new standard for global rules that ensures American innovation can thrive across borders.” Japan is America’s fourth-largest digital trading partner, “and this agreement enshrines key rules of the road from our shared digital framework,” said the Internet Association: “Digital trade benefits businesses of all sizes in every sector, and this agreement will only grow the $38 billion in digital trade between our two countries.” The “first-stage” U.S.-Japan agreement on digital trade is “a positive step toward solidifying international norms that ensure that global markets remain fair, open, and competitive in the modern economy,” said the Information Technology Industry Council. A future comprehensive U.S.-Japan trade agreement "would help to partially fill the void left by the U.S. withdrawal from the Trans-Pacific Partnership," said the Computer & Communications Industry Association.

BlackBerry’s recent announcement of an intelligent-vehicles partnership with Jaguar Land Rover (JLR) “demonstrates our thought leadership in the automotive software market,” said BlackBerry CEO John Chen on a fiscal Q2 call Tuesday. BlackBerry agreed to supply the automaker with “cybersecurity consulting” services through the artificial intelligence-based security capability it acquired when it bought Cylance for $1.4 billion (see 1811160024). The JLR partnership gives BlackBerry “the opportunity to provide the first cybersecurity platform for the auto market,” said Chen. “JLR is the first to collaborate with us.” BlackBerry is working with others in the automotive industry, and the potential for additional collaborations “looks promising,” he said. The company plans to demonstrate the “combined” BlackBerry/Cylance cybersecurity solution at CES, he said. “We have a great opportunity to gain share in this $11-billion-plus end-point security market currently led by legacy antivirus vendors. The collective market share for all the next-generation end-point security players, which includes Cylance, is currently less than 10 percent, so there’s lots of room to grow there."