As part of Saturday's Data Privacy Day, the Information Technology Industry Council released 10 principles on privacy and security, freedom of expression and openness for policymakers globally. ITI President Dean Garfield said in a Friday news release the controversy over encryption and counterterrorism has deteriorated into a "simplistic debate of security versus privacy," which he called a "false choice." The principles ask policymakers to: prioritize privacy and security; promote encryption and other robust cybersecurity and data protection methods; respect privacy and free expression as essential values; support policies and practices to enable trust in the tech sector; foster collaboration among private and public stakeholders; increase technical expertise within governments; and help governments investigate crimes that require access to electronic evidence in other countries.

More than 60 civil liberties, industry and privacy groups and tech companies are urging House Judiciary Committee Chairman Bob Goodlatte, R-Va., and ranking member John Conyers, D-Mich., to advance the Email Privacy Act, which closes a loophole that gives law enforcement agencies access to people's emails without a warrant after 180 days. In a Monday letter, the coalition -- which includes the Center for Democracy & Technology, Computer & Communications Industry Association, Electronic Frontier Foundation, Facebook, Google and U.S. Chamber of Commerce -- said HR-387 (see 1701090017), which would update the 1986 Electronic Communications Privacy Act, not only ends the 180-day rule but also rejects DOJ's "interpretation of ECPA that the act of opening an email removes it from warrant protection." The bill's passage would ratify a 6th U.S. Circuit Court of Appeals decision that email content is protected by the Fourth Amendment (see 1511300009) and the government needs a probable cause warrant, the letter said. It also reflects current DOJ and FBI practices, the groups added. Last year, the House unanimously approved an identical bill that died in the Senate Judiciary Committee (see 1606090007). The bill doesn't include everything the coalition wanted, but it said the groups are pleased that civil agencies -- such as the SEC -- that wanted to be exempted from the legislation don't get a carve out (see 1512030036). The committee should advance it without any amendments that would weaken protections, the letter said.

Facebook revamped a tutorial aimed at helping users better understand and enhance their privacy and security on its website. In a Thursday news release, the company said the "Privacy Basics" site, which provides 32 interactive guides in 44 languages, can help users quickly find information about privacy topics such as who can see their photos, comments and friends, plus tips and tools like managing privacy settings, advertising and security. "This is part of Facebook’s overall effort to make sure you have all the information you need to share what you want with only the people you want to see it," said Facebook. The improvements are part of the annual Data Privacy Day, on Saturday. In a separate announcement, Facebook said it also improved which videos will be presented on the site's news feed based on viewer engagement. Product Manager Abhishek Bapna and Research Scientist Seyoung Park wrote in a blog post the company will consider "percent completion" of a video. "If you watch most or all of a video, that tells us that you found the video to be compelling -- and we know that completing a longer video is a bigger commitment than completing a shorter one," they wrote. They said they don't expect significant changes in distribution, but longer videos may get a slight bump while shorter videos a slight decrease. The change will be rolled out over the next few weeks.

The Electronic Privacy Information Center filed a Freedom of Information Act lawsuit Thursday against the Office of the Director of National Intelligence (ODNI), in a push for publication of U.S. intelligence agencies’ classified report on Russia’s involvement the hacking of IT systems aimed at influencing the 2016 presidential election. The intelligence agencies released an unclassified version of the report earlier this month (see 1701060060). EPIC filed in U.S. District Court in Washington, D.C. "There is an urgent need to make available to the public the Complete ODNI Assessment to fully assess the Russian interference with the 2016 Presidential election and to prevent future attacks in democratic institutions,” EPIC said in its complaint (in Pacer). EPIC said it filed a FOIA request with ODNI Jan. 9, which the office needed to respond to within the required 10 days. ODNI didn’t comment.

The Future of Privacy Forum and National Automobile Dealers Association released a guide Thursday aimed at helping consumers understand the kinds of personal information collected by vehicles with newer technologies. It's "a critical step in communicating to consumers the importance of privacy in the connected car, as well as the benefits that car data can provide,” said FPF CEO Jules Polonetsky in a news release. NADA President Peter Welch said many consumers aren't aware their connected car is continually collecting personal data. Most cars already have event data recorders and on-board diagnostic ports that collect technical data about vehicles. Newer technologies on vehicles may: track location and destination information; gather data about road or weather conditions and traffic or record information about vehicle occupants through cameras, mics and sensors; use biometrics to identify drivers; and provide third-party music or phone apps, which may collect data, the guide said. It said almost all automakers follow industry privacy practices, which became effective with 2017 model vehicles. Auto associations including Alliance of Automobile Manufacturers and Global Automakers also are supporting the guide, the release said.

Google took down 1.7 billion advertisements that violated its advertising policies in 2016, double the amount from the previous year, the company said in a Wednesday blog post. Google caught more by expanding its policies, including to cover payday loan ads, and by upgrading detection technology. Last year, the enhanced technology found and disabled 112 million “trick-to-click” promotions that often appear as system warnings to deceive customers, Google said. The web firm said it disabled more than 68 million bad ads for healthcare violations in 2016, up from 12.5 million the year before. Google took down 17 million ads for illegal gambling and about 80 million ads that deceived, misled or shocked users, it said. Google said it took down 23,000 “self-clicking” mobile ads that automatically download an app without the user tapping anything. The company removed about 7 million ads that intentionally tried to trick Google’s detection systems and suspended 1,300 accounts that cloaked their ads as news, it said. Google took action against 47,000 sites for promoting weight-loss scams, 15,000 sites for unwanted software and 6,000 sites and 6,000 accounts for advertising counterfeit goods, it said. The company said it disabled 900,000 ads for containing malware.

Cisco’s proposed acquisition of application-performance monitoring company AppDynamics for $3.7 billion would give customers “the instrument to get insight into their applications all the way from the customer down to the code,” said Rowan Trollope, general manager-Cisco’s IoT and applications business group, on an investor call Wednesday. Visibility into the performance of apps running on Cisco’s infrastructure “has never been more critical to running their business,” he said. AppDynamics CEO David Wadhwani said the company’s technology can be deployed across private and public clouds, and enterprises are moving toward hybrid cloud models. Companies need a monitoring system that “sits above all of that for the next generation of IT operation,” he said. AppDynamics technology can give customers unified monitoring across multiple clouds, including public and private environments, he said, and customers can host data in its environment or their own. The data residency offering is critical for regulatory and compliance requirements, Wadhwani said. The company collects “trillions” of metrics for its customers every month. For Cisco, making sense of data can help its customers understand how a networking bottleneck translates to “somebody sitting in the checkout cart with a spinning hourglass,” said Trollope. “Being able to connect those dots hasn’t really been possible.” Cisco has been hearing from customers that they want more access to that kind of data, he said. Trollope envisions a world based on “systems of intelligence,” where “you rely more on automation and you rely more on the machine to make the decisions in real time.” The company with "the most richly aggregated, correlated, real-time data set" will be the one with the platform for the “enterprise of the future,” he said. The deal is expected to close in FY 2017 Q3 subject to customary approvals. Cisco's Q3 ends on April 30. Wadhwani will remain after the deal, with his firm becoming a new software business unit in Cisco's IoT/Applications business reporting to Trollope, Cisco said Tuesday.

Consumers 18-35 are more concerned about their personally identifiable information (PII) than those 36-50, IDC reported Tuesday. Overall, 84 percent of U.S. consumers surveyed expressed concern about their PII security, and 70 percent said they're more concerned than a few years ago. Growing sensitivity to data exposure has consumers “on the verge of making serious changes in their behavior,” said IDC. As technology becomes more integrated in people’s lives, and businesses and governments leverage data to provide services or sell products, individuals can feel "overly connected and may yearn for greater anonymity,” said analyst Sean Pike. “Consumers can exact punishment for data breaches or mishandled data by changing buyer behavior or shifting loyalty.” Executives need to understand the risk their organizations assume when collecting consumer PII, “but also the potential security and compliance solutions available to help manage the collection, processing, and use of sensitive data," he said.

With an installed base of 15 billion IoT devices forecast by 2021, botnets could be an unmanageable cybersecurity risk, Juniper Research reported Monday. The use of botnets to disrupt internet services is a current threat and will be used for more malicious purposes, it said. Attacks such as the ones against Dyn in October (see 1610210056) can be seen as “proof of concepts,” said analyst Steffen Sorrell. “Medium-term, botnets will be used far more creatively -- not only to disrupt services, but also to create a distraction enabling multi-pronged attacks aimed at data theft or physical asset disruption.” Juniper urged IoT device manufacturers to implement security-by-design and said vendors such as Amazon, Google and Samsung should lead efforts to bring together other vendors to establish “security best-practices.” The market is “wide open for challenger cybersecurity vendors,” said the report, saying the industry needs to move beyond traditional signature-based detection methods to address IoT cybersecurity effectively.

“Broadband populists” seek to overregulate the internet through “a series of tactical skirmishes,” the Information Technology and Innovation Foundation reported Monday. Policymakers instead should embrace a private-sector model that’s working, ITIF said. “From net neutrality and zero rating to mergers, broadband populists are using each of these smaller debates as a way of inching toward their broader goal of establishing a heavily regulated utility system or even full-blown government ownership,” President Robert Atkinson, the report’s lead author, said in a news release. “This death-by-a-thousand-cuts strategy distracts policymakers and the public from the real debate we should be having about the type of broadband industry we should have in this country: one where private companies compete to offer the best services using different technologies, or one that is heavily regulated and run by the government.”