The International Trade Commission began a Tariff Act Section 337 investigation into allegations that imports of Hytera two-way radio equipment infringe patents held by Motorola Solutions, the ITC said. “The products at issue in the investigation are ‘push-to-talk’ radio devices and related support devices such as repeaters, base stations, and dispatch stations.” The commission said Friday it will consider issuing a limited exclusion order and cease and desist orders banning import and sale of infringing products. Hytera "will defend itself against these allegations, and we are fully confident that we will prevail," the company said on its website. Motorola sees Hytera’s trade practices as "both unscrupulous and unlawful," said General Counsel Mark Hacker in a Friday news release.

Civil liberties groups praised the reported end of an NSA warrantless wiretapping program that collected Americans' emails and texts sent and received from people overseas that mentioned foreign surveillance targets. The New York Times Friday reported the agency made the change to comply with special rules the Foreign Intelligence Surveillance Court imposed in 2011 to protect Americans' privacy. Michelle Richardson, Center for Democracy & Technology deputy director-Freedom, Security and Technology Project, said in a news release the content of people's emails and texts contain "incredibly" personal data. "NSA should never have been vacuuming up all of these communications, many of which involved Americans, without a warrant," she said. Neema Singh Guliani, legislative counsel with the American Civil Liberties Union, said in a statement that the development shows lawmakers need to change Section 702 of the Foreign Intelligence Surveillance Act that she and other critics, including CDT, said illegally sweeps up information about Americans even though 702 is supposed to target only foreigners overseas. The program sunsets at the end of 2017 unless reauthorized by Congress. "While the NSA’s policy change will curb some of the most egregious abuses under the statute, it is at best a partial fix," Guliani said. Congress has been trying to find out for a long time how many Americans are swept up through 702 (see 1704070041). The NSA didn't immediately comment.

Tech groups generally hailed President Donald Trump’s executive order for its clause urging federal agencies to recommend “reforms to help ensure that H-1B visas are awarded to the most-skilled or highest-paid petition beneficiaries.” The Entertainment Software Association thinks an “expansive H1-B visa program, free of abuse, will drive technological advancements and allow brilliant innovators from around the world to strengthen the growing American economy,” ESA said in a Wednesday statement. ESA encourages the White House and federal agencies “to emphasize these goals as they look at potential reform,” it said. “ESA will strongly advocate for policies that energize and expand growth opportunities for our nation’s world-leading technology sector.” CTA President Gary Shapiro thinks Trump “has rightfully brought attention to the abuses in the H-1B tech worker visa program, demonstrating the need for administrative and legislative reform to this important program,” he said in a Tuesday statement. “Our country needs a new approach to skilled immigration -- one based on merit and not a random lottery, an idea shared by President Trump. Congress must take the lead by passing reforms that keep our system fair, effective and efficient. There is bipartisan support to crack down on abusers who are outsourcing American jobs, but Congress must also advance meaningful reforms that recognize the critical role highly skilled foreign workers play in growing our economy, creating American jobs and maintaining our nation's competitiveness.” H1-B immigrants “turbocharge U.S. innovation and create jobs,” said Dean Garfield, CEO of the Information Technology Industry Council, in a Tuesday statement. “We need to recognize the value H-1B employees contribute through their ingenuity to our innovation ecosystem -- they help innovate and grow America’s tech economy,” said Garfield. He cited estimates that half the 87 startup companies valued at more than $1 billion in the U.S. “were founded by at least one immigrant, many of whom first came to the country on H-1B visas, and each of these companies now employs on average 760 U.S. workers,” he said.

If an American company self-certifies with the EU-U.S. Privacy Shield, ​it can be sued for not living up to the principles established under the trans-Atlantic data transfer program, said the FTC in a blog post giving advice about compliance. The commission will pursue enforcement actions for misleading consumers about the participation in the framework or other international certification programs like it did under the old safe harbor agreement, wrote Guilherme Roschke, counsel-International Consumer Protection, and Hugh Stevenson, deputy director, Office of International Affairs. They said Thursday that companies should be careful about adopting a template or industry sample to create a privacy policy and make sure all of the framework's requirements are covered. "You're making promises you need to keep," they wrote, adding firms constantly must reassess their practices, review their privacy policies and check that their certifications don't lapse. "The FTC has sued companies that failed to maintain their annual certification, but still claimed to participate," they added. The Department of Commerce said Wednesday the Swiss-U.S. Privacy Shield framework started to accept applications (see 1704130005).

The FTC approved separate final orders with Sentinel Labs, SpyChatter and Vir2us, which settled allegations in February that they falsely participated in the Asia-Pacific Economic Cooperation (APEC) voluntary data-transfer system (see 1702220040), the commission said in a Friday news release. Commissioners voted 2-0 to approve the three orders, which bar the companies "from misrepresenting their participation, membership or certification in any privacy or security program sponsored by a government or self-regulatory or standard-setting organization." The FTC alleged the companies falsely said in their online privacy policies that they participated in the APEC Cross-Border Privacy Rules system when they didn't. The commission also alleged Sentinel Labs "falsely" claimed participation in TRUSTe's privacy program.

The Swiss-U.S. Privacy Shield framework, which outlines the transfer and protection of personal data of Swiss citizens to American companies (see 1701110012) similar to the EU-U.S. Privacy Shield, launched its self-certification process, said Commerce Secretary Wilbur Ross in a Wednesday evening news release. He said the agreement will support U.S. economic growth and called it a "prime example" of the department facilitating data flows and high privacy standards to ensure a strong foundation for the digital economy. Nearly 2,000 companies have self-certified under the EU-U.S. agreement, which opened for business in August. The first review will occur in September and some EU officials have expressed serious concerns about that framework (see 1703310003 and 1704060013).

Customs and Border Protection seized counterfeit mobile phone accessories March 14 at the Charleston seaport that would be worth about $1.1 million if legitimate, the agency said on Tuesday in a news release. CBP said the merchandise, which included phone cases, chargers, cables and headphones, "arrived into the port from China and was destined for upstate South Carolina." Some 38,000 counterfeit power adapters with FCC marking, "signifying they’d been tested in an accredited FCC laboratory and met certain operating standards," were also seized, said CBP. "These were found to be unauthorized markings as well -- a potentially significant safety risk to unwitting consumers."

The SEC won't enforce a rule that requires companies to declare when products aren't conflict mineral free, the Corporation Finance Division said. It follows a U.S. District Court for the District of Columbia ruling that the requirement violates the First Amendment. The SEC will now decide how to implement the Dodd-Frank Act provisions that mandated conflict minerals reporting. "In light of the … regulatory uncertainties, until these issues are resolved, it is difficult to conceive of a circumstance that would counsel in favor of enforcing Item 1.01(c) of Form SD,” Acting SEC Chairman Michael Piwowar said Friday. Last week, a tech group sought reporting changes, at a hearing (see 1704070017).

Chinese “nation-state threat actors” breached the National Foreign Trade Council’s (NFTC’s) website between Feb. 27 and March 1, using a link leading to a remote script that would launch when anyone visited certain pages on the website, Fidelis Cybersecurity said. Fidelis first observed the “inject” on the registration page for an NFTC board meeting in Washington scheduled for March 7, the firm said. The remote script was the “Scanbox framework,” a web reconnaissance tool exclusively known in the research community to have been used by bad actors working with or sponsored by the Chinese government, Fidelis said. It's “highly probable” that the hack targeted private sector players involved in lobbying on U.S. foreign trade policy, the company said. The NFTC didn’t comment.

BSA|The Software Alliance and the Coalition for Responsible Cybersecurity (CRC) praised the U.S. government Friday for working in annual negotiations on implementation of the multinational Wassenaar Arrangement export control rules to clarify and revise language on the export of intrusion software and IP surveillance systems. U.S. officials faced pressure to renegotiate Wassenaar language viewed as having a chilling effect on U.S. cybersecurity firms (see 1507220082, 1507240054 and 1702130031). “Requiring cybersecurity practitioners to obtain export control licenses prior to performing even basic remediation efforts is a recipe for disaster,” said BSA Policy Director Christian Troncoso in a news release. “Unless the Wassenaar Arrangement controls are meaningfully narrowed, network defenders will face significant time delays in their ability to respond to constantly evolving threats.” BSA and CRC also urged Wassenaar signatories to engage with stakeholders to “craft meaningful changes to the controls on 'intrusion software,' take seriously the concerns ... and commit to renegotiating the flawed provisions to ensure that global cybersecurity is not put at risk.”