A Boca Raton, Florida, man pleaded guilty to operating a spam email business, A Whole Lot of Nothing, and profiting from the hacking of email accounts, the DOJ said Thursday. Timothy Livingston, 31, faces up to 10 years in prison on multiple counts of fraud and aggravated identity theft, DOJ said. He's to be sentenced Jan. 27, Justice said. Livingston agreed to pay back more than $1.3 million gained through the spam business since 2011 and forfeit two cars he bought with the revenue, DOJ said. Livingston’s customers included insurance companies and illegal online pharmacies that wanted to send mass advertising emails, Justice said. Livingston admitted in a New Jersey federal court that he hacked into individual email accounts and utilized corporate mail servers to further his spam campaigns.

DMA is renaming itself the Data & Marketing Association, it said on the eve of its 100th anniversary. DMA -- which had stood for Direct Marketing Association -- said it used member feedback and market analysis, plus input from the DMA board, leadership team and OgilvyOne Worldwide to decide on the new name and branding. DMA CEO Tom Benton said: “These steps reaffirm that DMA represents the entire marketing ecosystem of brand marketers, agencies, media companies, data companies and tech companies and is uniquely positioned to protect marketers’ ability to responsibly access, exchange and refine data to improve lives and to grow the U.S. Economy.” DMA also announced the election of new officers and board members: Chairman Michael McLaren, Merkle; Vice Chairwoman Jennifer Barrett Glasgow, Acxiom; Secretary Steve Wagner, Experian; Treasurer Steve Froehlich, ALSAC/St. Jude Children’s Research Hospital; and new board members Kevin Akeroyd, Cision; Luci Rainey, Comcast; and Cory Treffiletti, Oracle Data Cloud.

The Computer & Communications Industry Association identified data localization, internet censorship and other restrictions on online content as significant barriers to digital trade in comments Thursday to the Office of the U.S. Trade Representative. USTR sought comments on trade barriers as it prepared its national trade estimate (NTE) report. “The Internet has been the single biggest component of the cross-border trade in services, with many of those services facilitating the international goods trade as well,” CCIA said in its filing in docket 2016-0007. "These developments call for maintaining and expanding the NTE’s focus on digital trade barriers." Traditional trade and non-tariff barriers "such as onerous customs procedures and duties for small shipments, postal policies, housing rental and taxi regulations, and outdated financial services regulations should also receive continued attention from USTR," CCIA said.

Five telemarketing companies and three individuals were accused by the FTC of a "worthless money-making" scheme using a purported link to Amazon and a "phony" grants program that bilked debt-laden consumers, seniors and veterans, said the commission in a Friday news release. The commission voted 3-0 to approve the complaint and the U.S. District Court for the District of Arizona, at the FTC's request, issued a temporary restraining order against the defendants, stopping their operation. The defendants, charged with violating the FTC Act and Telemarketing Sales Rule, are Blue Saguaro Marketing, MarketingWays.com, Max Results Marketing, Oro Canyon Marketing, Paramount Business Services. Individuals named are Stephanie Bateluna, Stacey Vela and Carl Morris Jr. The FTC alleged the telemarketers falsely told consumers they represented Amazon.com and would develop a website for hundreds and thousands of dollars and link it to Amazon. The defendants claimed consumers would "earn thousands of dollars every month in commissions for sales via the website" and also falsely offered to advertise such websites, the commission said. The defendants also claimed to represent the government, offering to help consumers get government and corporate grants within 90 days for paying down debt or medical costs if consumers gave thousands of dollars up front, said the FTC. But it said consumers received no money from the schemes and defendants ignored complaints and provided no refunds. Phone numbers called for a couple of the companies, which were based in Arizona or Nevada, were either busy or no longer in operation. A woman who answered an Arizona number linked to Stephanie Bateluna said no one by that name lived there. Numbers for other companies and individuals couldn't be found.

Yahoo should "understand, communicate and address all aspects" of the 2014 breach of 500 million of the company's user accounts and its email scanning activities (see 1609280050 and 1610200053), said the EU body of data protection commissioners in a letter Friday to Yahoo CEO Marissa Mayer. It also sent a separate letter the previous day to WhatsApp about changes to its privacy policy and terms of service that would permit user data sharing with parent Facebook. Both letters were signed by the Article 29 Working Party Chairman Isabelle Falque-Pierrotin, who heads France's data protection authority. She said Yahoo also needs to fully cooperate in providing to the DPA commissioners information about the breach, people affected and measures taken. They also asked for information about Yahoo's cooperation with the U.S. government in scanning customer emails, which Falque-Pierrotin called "concerning," questioning whether it's legally justifiable (see 1610050038). "We are aware of the letter from the Article 29 Data Protection Working Party and will work to respond as appropriate," emailed a Yahoo spokesman. In the letter to WhatsApp CEO Jan Koum, Falque-Pierrotin said the messaging service's intent to share information with "Facebook family of companies" for advertising, marketing and other purposes is "in contradiction with previous public statements" of both companies (see 1608250027 and 1609070022). The change created "great uncertainty among users and non-users of the service," the group said, and it has "serious concerns" about the way the updated terms of service and privacy policy were given to users. Among other matters, Falque-Pierrotin said WhatsApp needs to provide information about the data collected, where from and who it's shared with so the commissioners can understand whether the data processing complies with EU rules. It also urged WhatsApp "not to proceed with the sharing of users' data until the appropriate legal protections can be assured." Facebook didn't comment.

With consumer trust in artificial intelligence important and issues bound to arise, Information Technology Industry Council CEO Dean Garfield had some advice for lawmakers. "Ask the tough questions," he blogged Thursday, while focusing "on the real risks of real harm, and not solely the 'what-ifs,' because that could cut this technology off at its knees. We must consider what societal benefits we would give up if we were to unnecessarily restrict these technologies." Garfield acknowledged that "with any technology -- especially emerging technologies -- accidents and mistakes can and will likely happen." Industry executives acknowledge much of what Garfield wrote and believe consumer confidence is important, he said.

ICANN filed a motion to dismiss domain name registry Donuts' lawsuit against the organization over the auction of the .web generic top-level domain. Donuts' Ruby Glen subsidiary sued in July in U.S. District Court in Los Angeles. The registry filed an amended complaint in August seeking damages of $22.5 million -- plus interest (see 1608090036). Donuts claims ICANN intentionally failed to adequately investigate what the company believed ahead of the .web auction to be possible changes in the ownership or control of rival bidder Nu Dot Co (see 1607250051 and 1607270027). Nu Dot Co won the .web auction, then Verisign said it funded the purchase with the understanding that control of .web would pass to the .com domain registry (see 1608010008). ICANN claimed in Wednesday's motion to dismiss (in Pacer) that Donuts failed to “set forth a plausible ground” for its claims. Donuts' claims are barred by its “agreement to pursue its claims in ICANN's accountability mechanisms” via the anti-lawsuit covenant placed in all gTLD applications, ICANN said. Donuts also failed to join Nu Dot Co in the suit, “which serves as an independent basis for dismissal,” ICANN said. Donuts sought limited discovery Wednesday from Nu Dot Co and Verisign seeking information that will allow Donuts to facilitate “the full and transparent investigation that is a critical component of any legitimate gTLD delegation process.” Limited discovery also will help resolve questions about Nu Dot Co's “eligibility to participate in the .WEB string contention” and provide Donuts with “information necessary to support a motion for a preliminary injunction to enjoin any assignment of rights in the .WEB gTLD until the resolution of this matter,” Donuts said in its motion (in Pacer).

Nearly three dozen civil society, Islamic, library, privacy and watchdog groups want Director of National Intelligence James Clapper to shed light on the alleged government order forcing Yahoo to scan hundreds of millions of customer emails. Last week, the company asked Clapper to provide clarity on the matter (see 1610190061). The coalition letter, which signatory Electronic Frontier Foundation linked to in a blog post Tuesday, said they "believe such a massive scan ... particularly if it involves the scanning of email content, could violate [the Foreign Intelligence Surveillance Act], the Fourth Amendment, and international human rights law, and has grave implications for privacy." The groups want Clapper to disclose how DNI justified the surveillance, release the FISA court opinion, disclose whether email content was scanned, provide what types of selectors or search terms are allowed under the authority it used and disclose the total number of times, and when, such an order has been issued to a provider. Other signatories include Access Now, the American Civil Liberties Union, Amnesty International, Center for Democracy and Technology, Free Press, New America's Open Technology Institute, R Street Institute and TechFreedom. DNI didn't comment on the coalition letter.

A multistakeholder meeting to promote collaboration on vulnerability research disclosure between security researchers and software and system developers and owners will be held Nov. 7, said NTIA in a Monday news release. The noon-4 p.m. meeting will be at the American Institute of Architects, 1735 New York Ave. NW. The agency held a similar multistakeholder process last week on security upgrades for IoT devices in Austin, Texas (see 1610190051).

Federal prosecutors used a 2014 memo to determine when to open an investigation or charge an individual under the anti-hacking Computer Fraud and Abuse Act (CFAA), said DOJ, releasing the document in a Tuesday blog post. The department said prosecutors must consider several factors "to ensure that charges are brought only in cases that serve a substantial federal interest." Among the factors listed are: sensitivity of an affected computer system or information and the likelihood and extent of damage to a system or unauthorized access of the data; degree of damage to a system or access to data regarding national security, critical infrastructure, public health and safety, market integrity, international relations or other economic and national interests; how it may relate to a larger crime or threat to national security; impact of a crime on victims and others; and whether a defendant knowingly violated restrictions or altered computer data. Justice said prosecutors must consult the Computer Crime and Intellectual Property Section, among others, before bringing CFAA charges. Civil liberties groups are lobbying Congress to revise the 30-year-old statute because they allege government prosecutors are overcriminalizing routine behaviors (see 1609130012). CFAA was invoked in a recent lawsuit by Rep. Mike Honda, D-Calif., in a congressional race against Democratic challenger Ro Khanna (see 1610110003).