The U.S. military should have access to the best technology, and Microsoft will continue bidding on military contracts, while weighing in on ethical debates about autonomous weapons, Microsoft President Brad Smith blogged Friday. Microsoft will advocate for artificial intelligence and other new technologies to be used “responsibly and ethically,” he said. The company recently came under fire internally for bidding on the DOD’s $10 billion Joint Enterprise Defense Infrastructure cloud project. Microsoft employees are free to decline assignments on projects they disagree with, Smith said.

The FTC 4-0-1 finalized a settlement free of financial penalty with Uber Friday over allegations the ride-hailing company “deceived consumers” about privacy and data security practices in two separate cases in 2014 and 2016, the agency announced (see 1804120056). Commissioner Rebecca Kelly Slaughter called for rulemaking and civil penalty authority to deter future bad behavior and agreed with Commissioner Rohit Chopra that the agency should publicly disclose Uber's third-party reviews moving forward. Uber could be “subject to civil penalties if it fails to notify the FTC of certain future incidents involving unauthorized access to consumer information, which includes both driver and rider information,” the FTC said. The agreement requires Uber to implement a “comprehensive privacy program and for 20 years obtain biennial independent, third-party assessments” certified by the commission. Uber previously reached a $148 million settlement with state attorneys general (see 1809260055). An Uber spokesperson cited the previous statement from Chief Legal Officer Tony West, saying the company will “continue to invest in protections to keep our customers and their data safe and secure.” Chopra cited public comments from the World Privacy Forum and the Electronic Privacy Information Center that the agency should make the required audits and assessments public, rather than require access through Freedom of Information Act requests: “Proactive disclosure would be superior, given the public interest in keeping this company in compliance.” Commissioner Christine Wilson recused herself because she didn’t participate when the commission put the matter out for public comment, a spokesperson said.

Google is committed to creating a safe work environment, and inappropriate behavior merits “serious consequences,” CEO Sundar Pichai emailed employees Thursday in response to sexual misconduct claims against Android co-founder Andy Rubin, who resigned in 2014. “We are dead serious about making sure we provide a safe and inclusive workplace,” Pichai wrote. “We want to assure you that we review every single complaint about sexual harassment or inappropriate conduct, we investigate and we take action.” Vice President-People Operations Eileen Naughton co-signed the message. It cites Google terminating 48 people in the past two years for sexual harassment, including 13 employees in senior positions, who didn't receive exit packages.

Some 40 civil and human rights groups recommended policies Thursday for internet platforms to combat “hateful” online activity (see 1810190054). Recommendations include: prohibition of hateful activities; sufficient enforcement personnel; an easy-to-use appeal process; transparency reports; experts to train staff; and independent boards to judge progress. The groups, which included Color of Change, Free Press and the Southern Poverty Law Center, said they will grade platforms on those criteria for the next several months. Google and Facebook are major internet platforms that in the past few months started issuing comprehensive transparency reports for taking down content that violates community guidelines, New America’s Open Technology Institute reported. Community guideline-based decisions made OTI’s list of most common takedown categories. Others were: government and legal content demands; copyright requests; trademark requests; network shutdowns and service interruptions; and right-to-be-forgotten delisting requests. OTI surveyed 24 international and 46 U.S. internet companies and telcos. OTI said 35 “reported on content-related demands and takedowns.” Facebook, Google, Twitter and Microsoft scored well on the transparency report, but Apple, Amazon, AT&T and Verizon didn't. Facebook reported in all but one category: right-to-be-forgotten delisting requests. Google reported in all but the trademark requests category. Microsoft reported in all but trademark requests and network shutdowns and service interruptions. Twitter reported in all but network shutdowns and service interruptions and right-to-be-forgotten delisting requests. Apple, Amazon, AT&T and Verizon reported in one of six categories: government and legal content demands.

ICANN is acting to boost the security of its systems and platforms, blogged CEO Goran Marby Wednesday as the organization was meeting in Barcelona (see 1810220002). The move is the result of a less-than-satisfactory third-party cybersecurity audit and several reports of systems issues, he said. Options under consideration are a "bug bounty" program to reward responsible reporters and hiring additional third-party experts, he wrote.

The FTC is seeking presentations on privacy and security topics at PrivacyCon June 27, the agency announced Wednesday. The agency is soliciting empirical research on IoT, artificial intelligence, virtual reality, consumer costs/benefits of privacy, security incentives for industry and evidence industry is able to provide proper privacy protections. Deadline for submissions is March 15.

The U.S. should follow Europe’s lead and implement a privacy law like the general data protection regulation, Apple CEO Tim Cook said Wednesday in Brussels. The world should celebrate implementation of the GDPR, which showed good policy and political will can “protect the rights of everyone,” he said at the International Conference of Data Protection and Privacy Commissioners. He dismissed rivals’ claims that privacy legislation will stifle innovation, calling that argument “destructive.” The world will “never achieve technology's true potential without the full faith and confidence of the people who use it,” he said, citing a 2010 quote from former Apple CEO Steve Jobs: “Privacy means people know what they're signing up for, in plain language, and repeatedly.” Cook described a modern “data industrial complex,” in which personal data is weaponized against users with “military efficiency.”

Government should help industry demonstrate how artificial intelligence algorithms produce specific results by providing access to government data, Intel Global Privacy Officer David Hoffman and Global Director-Privacy Riccardo Masucci blogged Monday. New legislative efforts on AI technology should support the free flow of data, and increased automation shouldn't mean less privacy, they wrote.

Sen. Ed Markey, D-Mass., and FTC Commissioner Rebecca Kelly Slaughter will speak at the Georgetown Institute for Tech Law & Policy for an event Wednesday focused on the Children's Online Privacy Protection Act. Panelists include Center for Digital Democracy Deputy Director Katharina Kopp, Software & Information Industry Association Director-Education Policy Sara Kloek, ACT|The App Association Executive Director Morgan Reed, Electronic Privacy Information Center Consumer Privacy Counsel Christine Bannan and Common Sense Media Policy Counsel Ariel Fox Johnson.

Communications, financial services and power sectors will soon expand their joint catastrophic cyber incident response plan across all “critical sectors” and eventually incorporate it into the Department of Homeland Security’s National Response Framework, CenturyLink Senior Director-National Security/Emergency Preparedness Kathryn Condello blogged Monday. Certain catastrophic events, like cyber-induced, sustained power outages, need joint resources, she said: “Everyone and everything are connected."