IEEE launched an initiative to develop consensus standards and a framework for better securing a person's digital identity and improving online trust, said the standards organization in a Thursday news release. The program is seeking academic researchers, policy and legal experts, tech innovators and others to create standards for consumer and patient data. “Identity is a consideration in every business and social transaction,” said program co-chair Greg Adamson, president of the IEEE Society on Social Implications of Technology. “Blockchain technology could be the catalyst to making universal and dignity respecting digital identification systems a reality with its unique ability to retain identities in a secure and immutable manner.”

ICANN plans to implement its full complaints process by mid-July but it will likely “evolve over time as we gain experience and hear from the community and staff about what is and isn’t working,” said Complaints Officer Krista Papac in a Thursday blog post. ICANN hired Papac in March to lead the newly created Complaints Office, which would provide a centralized location for complaints about the organization (see 1703100062). Papac said she's working to finalize the complaints process but the new office’s work will include both resolving issues and collecting data to identify “operational trends that should be improved.” The office “will focus on reviewing verifiable information to ensure recommendations and resolutions are based in fact,” she said. “It will strive to be open and transparent, responsive and accountable to all parties, and to make recommendations that are constructive and actionable. And, above all else, the office will act with the utmost integrity in service of ICANN’s mission.”

Access Now is asking the FTC to investigate sex toy maker Svakom Design USA, alleging its internet-enabled vibrator with an embedded camera can be easily compromised. In a Wednesday news release and complaint, Access Now said Svakom released its "Siime Eye" vibrator in 2016 "with grossly inadequate security" because hackers can access personal data including video feeds. Risk of personal data might "lead to the loss of professional opportunities as well as harassment, severe reputational and emotional impacts, and other substantial privacy impacts," said the complaint. Access Now said the company's failure to provide proper security is both an unfair and deceptive trade practice. The complaint stems from research presented by technologist Ken Munro of U.K.-based Pen Test Partners, which provides vulnerability testing and security services, during a March 30 session at Access Now's RightsCon annual conference in Brussels. In a demonstration, Munro exploited a vulnerability in the Siime Eye software in two minutes, giving him full access to the video feed, the complaint said. It said Svakom provides little guidance in its device instructions to help users reasonably avoid harm. Security experts tried to tell the company about the problem, but it "ignored the notification and took no additional steps to increase the device security," said the complaint. Access Now wants the FTC to investigate and stop the sale of the Siime Eye products and try to recall those that have been sold. It also wants the commission to force Svakom to push security patches and notifications to users and implement a comprehensive privacy and security audit of the company's internet-connected products and services. Svakom and the FTC didn't comment.

Wikipedia founder Jimmy Wales launched a new website aimed at fighting fake news. "We want to make sure that you read fact-based articles that have a real impact in both local and global events. And that stories can be easily verified and improved," said the nonprofit, crowdfunded Wikitribune website launched Tuesday. The site said that news media are "broken" but can be fixed through a "living, breathing tool that'll present accurate information with real evidence." The site said its "100% ad-free" news platform is different from others because articles are written, fact-checked and verified by professional journalists and "community volunteers" and readers can see the sources used. Wikitribune, which is seeking donations to support the initiative, said it will be transparent about all its finances and if it doesn't reach its goal to hire 10 journalists, supporters will be refunded most of their donations. The site lists model/actress Lily Cole, journalist Jeff Jarvis and venture capitalist Guy Kawasaki as advisers, while Wikipedia also names Harvard Law School professor Lawrence Lessig as an adviser.

The Electronic Frontier Foundation asked a federal appeals court to order the return of personal files of client Kyle Goodwin, a sports videographer locked out of his Megaupload.com account after the FBI in 2012 raided and seized the site, seeking evidence of copyright infringement and other crimes (see 1202020109). In a petition filed Monday with the 4th U.S. Circuit Court of Appeals, EFF said in a news release it and Goodwin's other attorneys want the court to issue a writ of mandamus ordering the District Court for the Eastern District of Virginia to give their client access to his data and "create a process" for other lawful account holders to retrieve their information from the cloud-storage provider. "It’s deeply unfair for him to still be in limbo after all this time,” said EFF senior staff attorney Mitch Stoltz. “The legal system must step in and create a pathway for law-abiding users to get their data back.” The petition said Goodwin tried several times to get access to his files through the courts, the latest attempt in October. Five years ago, DOJ charged seven individuals and two corporations with pirating online copyrighted works through Megaupload.com and other related sites. Megaupload founder Kim Dotcom was charged in the case and is fighting extradition from New Zealand where he lives. EFF said as cloud computing becomes even more popular similar cases may arise.

Sen. Ron Wyden, D-Ore., will be interviewed by Internet Association President Michael Beckerman in a live-streamed event Tuesday at 6 p.m. EDT. An IA spokesman said issues likely to be discussed include Section 230 of the Communications Decency Act, copyright and digital trade, in addition to questions from online viewers. The event is billed as a fundraiser for Wyden, who was re-elected last year to his fourth full Senate term.

The FTC approved a final consent order with Redwood City, California-based Turn, which settled with the agency in December over allegations that it deceived consumers by tracking them online and through mobile apps even after they tried to opt out (see 1612200035), the commission said in a Friday news release. Commissioners voted 2-0 to approve the order. It bars the company, which helps sellers target digital advertisements to consumers, "from misrepresenting the extent of its online tracking or the ability of users to limit or control the company’s use of their data." Turn also must offer an "effective opt-out" for customers that don't want their data used for such ads and put a "prominent" link on its home page that leads to a disclosure explaining what data is collected and used for ads, the agency added. The FTC alleged the company's privacy policy informed consumers they could block ads, but "used unique identifiers to track tens of millions of Verizon Wireless customers, even after they blocked or deleted cookies from websites."

Section 702 of the Foreign Intelligence Surveillance Act, which allows U.S. government agencies to target foreigners overseas involved in investigations, sweeps up Americans’ communications in a manner that “is in no way accidental or inadvertent,” said the American Civil Liberties Union in a Friday blog post. ACLU staff attorney Ashley Gorski said her organization released more than a dozen Section 702-related documents received from several intelligence agencies through a Freedom of Information Act (FOIA) lawsuit. “The new documents underscore many of our concerns with surveillance conducted under this law, which violates our core constitutional rights to privacy, freedom of expression, and freedom of association,” she wrote. Section 702 will sunset at the end of the year unless reauthorized (see 1702280014). One of the FOIA documents obtained, said Gorski, is an amicus brief filed by former government prosecutor Amy Jeffress with the Foreign Intelligence Surveillance Court (FISC) in 2015, when it was considering surveillance reforms. Gorski explained that Section 702 allows the government to target any foreigner abroad to gather intelligence and the 90,000 different individuals and groups that were targeted didn’t have to have a connection to criminal activity or terrorism. Intelligence agencies also conduct back-door searches of Americans from the hundreds of millions of communications annually collected through Section 702 surveillance, alleged Gorski. Citing Jeffress’ brief, Gorski said the FBI’s back-door searches are “particularly troubling, as the agency routinely conducts these searches in ordinary criminal investigations that are unrelated to national security.” She said the FISC rejected Jeffress’ contention the FBI searches are unlawful, while the government argued the searches are essential for national security. Gorski said Americans shouldn’t rely on the government to restrict itself on privacy and free expression and urged Congress to rein in the program. Several lawmakers have pressed the Office of the Director of National Intelligence for the number of Americans whose communications are intercepted annually through Section 702 (see 1704070041). DOJ didn't comment.

About 17 percent of incidents in which personally identifiable information (PII) is compromised occur without any malicious intent from those responsible, meaning it's likely human error, said a report released Thursday by the Center for Identity at the University of Texas at Austin. "Vulnerabilities caused by human error are frequently exploited by opportunistic hackers and fraudsters," said the 2017 Identity Theft Assessment and Prediction Report, which analyzed a database of about 5,000 incidents that occurred between 2000 and 2016. In another finding, the report said only 0.36 percent of incidents "spanned the whole U.S.," as did the 2013 Target data breach (see 1312200034), meaning most of the cases are "confined to a local geographic region or victim profile." The report said California had the highest number of incidents in which PII was compromised (476) followed by Florida (309), New York (303) and Texas (244). The report also said the impact of emotional distress to victims "is consistently higher than" financial and property losses and one-third of incidents were perpetrated "solely" by insiders such as company employees and family members.

The FTC "to date" has brought more than 130 spam and spyware cases, more than 120 cases targeting illegal telemarketing to those on the Do Not Call registry, more than 100 Fair Credit Reporting Act actions, about 60 data security, and 50-plus consumer privacy actions, said Thomas Pahl, the agency's acting director-Bureau of Consumer Protection, in a Thursday blog post. He said the commission also has logged nearly 30 cases involving Gramm-Leach-Bliley Act violations and 20 actions enforcing the Children's Online Privacy Protection Act. Pahl wrote the agency's enforcement involved brick-and-mortar cases and all aspects of the online ecosystem, "including social networks, search engines, ad networks, online retailers, mobile apps, device manufacturers, and participants in the Internet of Things (IoT) marketplace." The post outlined the agency's broad jurisdiction "as diverse as retail, advertising, credit reporting, health, financial, tech hardware, software, mobile, and social media," enforcement actions and work on providing guidance to industry.