Regulating data privacy “makes a lot of sense,” and Silicon Valley should keep an open dialogue with Congress and the federal government, Microsoft founder Bill Gates said on Fox News Sunday. There’s nothing inappropriate about officials talking to big tech companies, he said, citing regrets about addressing Microsoft investigations in the 1990s. “I was naive,” he said. “I didn’t have an office in Washington, D.C. ... and even bragged about it. I later came to regret that. I’m sure these guys are learning better than I did that they need to come back here and start a dialogue.” Gates was asked about the backlash against big tech and criticism that companies don’t properly protect consumer data.

The National Institute of Standards and Technology extended comments for developing a privacy framework (see 1809050043) from Dec. 31 to Jan. 14.

Facebook discovered an application programming interface bug that let third parties access as many as 6.8 million users’ photos, some not officially posted online, the platform announced Friday. The Facebook Login bug allowed unauthorized access Sept. 13-25 on as many as 1,500 applications built by 876 developers. The company will launch tools “early next week” to help inform affected users. “We will be working with those developers to delete the photos from impacted users,” Facebook said.

Allowing political bias to influence Google Search results, as alleged by Republican lawmakers on the House Judiciary Committee Tuesday (see 1812110053), would be a poor business decision, American Enterprise Institute Policy Analyst James Pethokoukis blogged in a Thursday blast email. Alienating one political group would drive away users and harm profits, he said Wednesday, criticizing Republicans for their lack of understanding of the platform: “GOPers seem to have scant understanding of how Google’s search technology works.” The committee didn’t comment.

The Chinese government was behind the recently disclosed Marriott data breach (see 1812040036) affecting up to 500 million guests, Secretary of State Mike Pompeo told Fox News Wednesday. Pompeo, citing Chinese cyberattacks, espionage and influence operations in the U.S., said “that’s right” when asked if China was responsible for Marriott's breach.

Classic film subscription VOD services struggle to find an online audience, and the best route might be through bundles, nScreenMedia's Colin Dixon blogged Monday. The failures of FilmStruck and Fandor point to challenges for spring launch of The Criterion Channel SVOD service, he said. Criterion also could be a test of the bundling approach, because alongside its stand-alone Criterion Channel, its film content will be available in WarnerMedia's service to debut in Q4 2019, the analyst said. Criterion didn't comment.

Less than 30 percent of Americans think government should ban political bias from online platforms, and 19 percent would support a ban if it would limit free speech, the Information Technology and Innovation Foundation reported Monday. Silicon Valley should take concrete, self-governing steps to limit censorship of conservative and Christian views, National Religious Broadcasters wrote Facebook, Google, Twitter and Apple Monday. If not, Congress should review Communications Decency Act Section 230 safe harbors for platforms, NRB said. The Internet Association didn’t comment.

FTC Commissioner Rebecca Kelly Slaughter and Consumer Protection Bureau Director Andrew Smith will speak at the agency’s policy hearings Tuesday and Wednesday. The hearings at the FTC Constitution Center Auditorium will focus on data security and breaches.

Google-Plus suffered a second privacy breach impacting as many as 52.5 million users, the platform confirmed Monday (see 1810100066). Information exposed included name, email address, occupation and age.

California’s data privacy law differs from the EU’s due to the former’s focus on transparency obligations and limitations for the sale of personal information, the Future of Privacy Forum and DataGuidance reported Friday. The California Consumer Privacy Act requires companies to include a homepage link allowing users to opt out of selling personal data.