The U.S. Court of Appeals for the 11th Circuit Thursday affirmed a lower court denying LabMD’s motion to dismiss an FTC decision that the cancer testing lab is liable for unfair data security practices. The lower court didn't abuse its discretion in limiting the scope of discovery in the case, the ruling said. Commissioners last year voted 3-0 to find the company liable for unfair data security practices (see 1603080005), after an in-house administrative law judge dismissed the case against the company. It contended that cybersecurity firm Tiversa did the digital equivalent of breaking and entering by finding the data breach, downloading stolen patient information, and trying to get the firm's business.

NTIA is developing policy recommendation to fight the rise in botnets, to be presented in a report to be delivered to the president in January, Evelyn Remaley, deputy associate administrator, said on a Practising Law Institute panel Thursday. IoT vulnerabilities have the attention of global businesses and governments, Remaley said: “We’re trying to get ahead of this but not stop innovation.” Response to global cybersecurity threats demands continuing commitment to the multistakeholder process, providing flexible options for industry and government, the panel heard. “We’re at an inflection point,” said Wilkinson Barker attorney Clete Johnson, an architect of National Institute of Standards and Technology's Cybersecurity Framework. Large-scale data breaches like at Equifax, growth in the number of distributed denial of service attacks fueled by botnets (see 1711210047), and increasing vulnerabilities in IoT devices are threats, he said. "We should be trying to increase the quality and security of IoT devices, and build security in at the outset of production,” said Eric Wenger, Cisco cybersecurity and privacy director-global government affairs. Cybersecurity is the only domain “where we ask companies to secure themselves,” said Kiersten Todt, Cyber Readiness Institute managing director. “We continue to use traditional frameworks and shoehorn them into a new landscape.” Todt, who worked in the Obama administration’s cybersecurity commission, said one of the “greatest risks” to national security is the amount of data stored after it’s outdated with no clear deletion procedures. “As America grapples with its cybersecurity challenges, it’s important to note that Europe has taken a different approach on privacy and cybersecurity standards," said Rudy Brioche, Comcast vice president-global public and policy counsel. Wenger said the rise of competing legal security and privacy standards isn't helpful to companies working globally, which is why global multistakeholder work is critical. Other PLI news: 1712070063 and 1712070047.

Policymakers should adopt a technologically neutral stance on blockchain innovation and ensure strong privacy protections, said a Software & Information Industry Association paper Wednesday. SIIA plans a Jan. 18 panel with the Congressional Blockchain Caucus.

The holiday season produced $65.15 billion in digital revenue Nov. 1 to Dec. 5, growth of 14.7 percent over the year-ago period, Adobe Digital Insights emailed Wednesday. Each day generated over $1 billion in online revenue, and Adobe is sticking with its prediction that 2017 will set an online record of $107.4 billion, making it the first year to cross $100 billion. Mobile shopping remains strong, with 49 percent of visits (40 percent from smartphones and 9 percent from tablets) and 32 percent of revenue (22 percent smartphones, 10 percent tablets). Post-Thanksgiving weekend, top electronics include Apple AirPods and iPads; Dell, Lenovo and HP laptops; Amazon Fire TV; and Samsung tablets, Adobe said. The best deals were during the Thanksgiving shopping weekend, but good deals remain on TVs, with prices down 15 percent since Oct. 1, computers (down 13 percent) and toys (down 15 percent), said the tracking company.

Smart TV and streaming media player manufacturers are focusing on user experience as device sales flatten, Parks Associates said Tuesday. Some 45 percent of U.S. broadband households have a smart TV, the most-used platform in U.S. households for accessing online video content. Eleven percent of such households have a “strong intention” to buy a 4K Ultra HD TV this holiday season, said analyst Jennifer Kent. New partnerships among device manufacturers focus on ways to “improve or refresh” the smart TV's user interface “to make the device easy to use and a single point of content in the living room,” Kent said. “Voice recognition and control are enabling entertainment equipment manufacturers to improve the user experience,” said analyst Dina Abdelrazik.

Tech companies trying to appease European regulators should "combat censorship creep," said a Cato Institute analysis released Tuesday by University of Maryland law professor and privacy expert Danielle Keats Citron. By pressuring Silicon Valley to take a more aggressive policy on suppressing extreme speech from platforms, EU regulators "have effectively set the rules for free expression across the globe," Citron said. The result could be removal of a wide array of protected speech, including political criticism and newsworthy content. Rigorous accountability and detailed reports on governmental efforts to censor hate speech can help curb government efforts to censor disfavored viewpoints, Citron said.

Facebook previewed a kids messaging app to mixed reviews Monday. The stand-alone app, Messenger Kids, can be controlled from a parent's Facebook account and would let children video chat. Common Sense Media CEO James Steyer said the service lacks "clear policies about data collection" and opens questions of platform trustworthiness. The Center for Digital Democracy blogged guarded support, saying "additional safeguards are necessary to protect young people from powerful new forms of commercial surveillance in the Big Data and Internet-of-things era."

The Supreme Court sees the "challenge" in reconstructing the third-party legal doctrine when deciding the legality of cellphone location data in Carpenter v. U.S. (see 1711290043), Verizon General Counsel Craig Silliman blogged Monday. "If they decide that the third party doctrine does not apply, they must explain how to draw a workable line," said Silliman, saying justices "remarked about the difficulties in drawing lines" on when searches should be allowable. Verizon plans a Feb. 15 panel.

Amazon announced Alexa for Business Thursday. Solution and/or software providers include Creston, Polycom RingCentral, Salesforce, ServiceNow, Splunk and SuccessFactors. Companies can customize skills that integrate with IT applications and office systems, said Amazon.

GAO released a trio of reports Thursday critical of agencies' tech policy-related practices, calling for the Equal Employment Opportunity Commission and the Department of Labor’s Office of Federal Contract Compliance Programs to take further steps to enforce equal employment opportunity and affirmative action in the sector. The report, sought by Rep. Bobby Scott, D-Va., found EEOC and Labor made progress in enforcing those goals but need to go further. GAO reported the percentage of Hispanic workers in tech remains low and that of black employees hasn't risen in a “statistically significant” way. The report recommended the OFCCP require more specific placement goals for racial minorities and women by qualifying contractors. “Without taking steps to address these issues, OFCCP may miss opportunities to hold contractors responsible for complying with affirmative action and nondiscrimination requirements,” the report said. EEOC neither agreed nor disagreed with the recommendations, and OFCCP said there need to be regulatory changes for it to push further improvements. The Department of Transportation should “develop a comprehensive plan to better manage departmental initiatives related to automated vehicles,” said another report. The department has made some progress in this area, including issuing voluntary guidance in September that suggests a framework for industry-led safety testing, the report said: Without a comprehensive plan, “it is unclear whether DOT’s efforts are adequately tackling automated vehicle challenges.” DOT agreed with the recommendation. Meanwhile, DOD should update its cyber incident coordination training and maintain a list of officials trained in the National Incident Management System, said in a third report. That's necessary given President Donald Trump's decision to elevate the U.S. Cyber Command to a unified combatant command, GAO said. It will help DOD as it continues to plan how to support civil authorities in responding to cyber incidents, the report said.