U.S. District Judge James Cacheris sentenced Romanian national Marcel Lazar to 52 months in prison Thursday for hacking the personal email or social media accounts of former Secretary of State Colin Powell, a former member of the Joint Chiefs of Staff, friends and family of Presidents George H.W. Bush and George W. Bush, and almost 100 other American citizens, DOJ said. Lazar, better known as Guccifer, pleaded guilty in May to one count each of aggravated identity theft and unauthorized access to a protected computer, Justice said in a news release. Lazar revealed Democratic presidential nominee Hillary Clinton’s controversial use of a private email account during her time a secretary of state via his hacking of Clinton adviser Sidney Blumenthal’s email account. Lazar also leaked photos of George W. Bush’s paintings and publicly released his victims’ personal information, DOJ said. Lazar was sentenced in the Eastern District of Virginia.

Harman is launching hardware even as it emphasizes connectivity at the IFA consumer electronics conference in Berlin. “Software is replacing hardware” in the audio space, said Michael Mauser, president-lifestyle audio, who said demand is rapidly increasing for connected audio devices in the home, car and on-the-go. Bluetooth and Wi-Fi are “replacing wires,” he said. New user interfaces, Mauser said, are replacing displays and remote controls. Harman announced Google Cast as its wireless multiroom audio solution and Siri and Google Now for voice control of some of its products. Jurjen Amsterdam, Harman senior category manager-home systems, Europe, Middle East and Africa, demo'd a smartphone connecting via Spotify app to the cloud and selecting music to play, and said he then “can switch off the phone, I can kill the app, I can play the game, I can leave the house."

The internet industry continues to support the Internet Assigned Numbers Authority transition because it “aligns the interests of internet users, prevents capture by any one stakeholder group or government such as China or Russia, and lays the foundation for a stable and secure internet,” said Internet Association CEO Michael Beckerman in response to questions. Sen. Marco Rubio, R-Fla, had sent follow-up questions about Beckerman’s testimony during a May Senate Commerce Committee hearing on the IANA transition. Rubio backed delaying the IANA transition during the hearing, in which Beckerman and several others strongly backed going forward with the transition as planned for Oct. 1 (see 1605240067). Beckerman responded to Rubio’s concerns about ICANN’s commitment to mitigate Domain Name System abuse via contract enforcement, saying IA “firmly supports the ability of ICANN to enforce its contracts with registries and registrars.” It's in IA’s interest “to prevent abusive behavior in” the DNS, Beckerman said: “Because the ICANN community is now empowered to challenge action or inaction by the [ICANN board] and is developing additional accountability mechanisms” via the Cross Community Working Group on Enhancing ICANN Accountability’s, work on a second set of accountability mechanism changes will make it “possible to ensure that the Board is exercising oversight that results in ICANN’s proper execution of its enforcement role according to ICANN’s bylaws.” Beckerman also said aspects of a set of changes to ICANN’s accountability mechanisms for the IANA transition preserved the entity's ability to enforce its existing contracts: “ICANN has a narrow technical remit and, as ICANN CEO Göran Marby recently pledged, does not have the authority or capability to ‘interpret or enforce laws regulating websites or website content.’”

ICANN General Counsel John Jeffrey disputed former Wall Street Journal publisher Gordon Crovitz's criticisms of the Internet Assigned Numbers Authority changeover, saying in a letter to the editor released Thursday that ICANN “is not, and never has been exempted from” U.S. antitrust laws. Crovitz wrote in a column that ICANN had an “antitrust exemption.” Crovitz’s column “disregards the diligent work of the ICANN Community, including U.S. businesses, academia, technical experts, end users and civil society, who developed a plan for the transition that specifically ensures the role of [the Department of Commerce] is not replaced by another government or intergovernmental organization,” Jeffrey said. If the IANA transition occurs as planned Oct. 1, “ICANN will have no mandate, need or reason to seek to be overseen by another governmental group for protection,” Jeffrey said. Americans for Limited Government, which has been critical of the IANA transition, claimed last week that NTIA “failed to consider the antitrust ramifications” of the transition based on the results of a Freedom of Information Act request. The agency said its review of transition plans didn’t find “any significant competitive issues” (see 1608290047).

Thursday's NTIA workshop on fostering IoT growth will build on comments the agency received in the spring on the strategic role for government in this effort. The 9 a.m.-3 p.m. workshop will have discussions on privacy and security implications and technological barriers for IoT implementation and help provide input for the Commerce Department's upcoming green paper on IoT. Among speakers are former FTC Commissioner Julie Brill, now a Hogan Lovells attorney, Commerce Director-Digital Economy Alan Davidson, Information Technology Industry Council President Dean Garfield, Patent and Trademark Office Deputy Director Russell Slifer and NTIA Administrator Larry Strickling. The webcast event will be held at the PTO office, 600 Dulany St., Alexandria, Virginia. The National Institute of Standards and Technology held a two-day workshop Tuesday and Wednesday on the trustworthiness of IoT and cyber-physical systems. In a blog post Tuesday, the White House Office of Science and Technology Policy said both workshops are part of a larger effort the Obama administration is taking to ensure that innovation, privacy and safety are considered in expanding the IoT market. Other activities include a Department of Homeland Security collaboration with industry to develop a cybersecurity assurance program, two federal interagency working groups' examinations of IoT R&D and a $160 million smart cities initiative to help communities use IoT and other technologies to improve traffic congestion, pollution, crime and other challenges.

LabMD asked FTC commissioners for a stay of the agency's July 28 final order -- which reversed an administrative law judge ruling and found the cancer testing lab liable for unfair data security practices (see 1607290023 and 1608120002) -- pending a court review. LabMD, which filed the stay application Tuesday, said it's warranted because it satisfies four factors. The case "involves several novel bases for decision, all of which invite alternative conclusions" demonstrated by the different conclusions reached by the FTC and ALJ Michael Chappell (see 1511160069), LabMD said. The company said it's likely to succeed on the merits because the FTC order violates due process and isn't supported by evidence. The firm said the order requires it to hire third-party contractors to perform research and other time-consuming tasks involving "substantial compliance costs," which the company has no way to pay. "That is irreparable harm," the company's filing said. The FTC declined comment Wednesday. LabMD CEO Michael Daugherty emailed that the case will have a "greater impact" on other companies than on his own, which "has already been destroyed." He said "when law firms start reporting the power the FTC has to turn hearsay into truth they'll finally start defending their clients instead of kowtowing to government corruption. This stay request is just a necessary steppingstone out of a biased system that is severely broken. If the FTC decision stands you'll be guilty for being hackable even if never hacked. You're only defense will be a kiss for luck and a roll of the dice." LabMD, which the commission said failed to take proper and reasonable security measures on its computer networks and exposed personal data of about 10,000 patients, has 60 days after the order to appeal to a U.S. Court of Appeals.

The National Institute of Standards' Cybersecurity Framework, risk-based guidelines that help organizations identify, implement and enhance cybersecurity, takes a consistent approach with the FTC data security program, said Andrea Arias, an attorney with the commission's Privacy and Identity Protection Division, in a blog post Wednesday. She wrote NIST's framework isn't a checklist or standards but helps organizations assess cybersecurity capabilities and set goals and a plan for improving and maintaining practices. Organizations don't actually comply with framework but assess risk and mitigation, she said. This is where the framework is consistent with the FTC, which tries to determine if a company's data security and processes are reasonable as per its enforcement, she said. "By identifying different risk management practices and defining different levels of implementation, the NIST Framework takes a similar approach to the FTC’s long-standing Section 5 enforcement." She said alleged lapses the FTC challenged in enforcement actions correspond to the framework's five core functions -- identify, protect, detect, respond and recover -- that help companies organize information, enable risk management decisions, address threats and improve protections from learning about previous activities. "As the FTC’s enforcement actions show, companies could have better protected consumers’ information if they had followed fundamental security practices like those highlighted in the Framework," wrote Arias.

NTIA’s response to a Freedom of Information Act request on its analysis of ICANN’s Internet Assigned Numbers Authority (IANA) transition-related plans indicates the agency “failed to consider the antitrust ramifications” of the transition before it signed off on ICANN’s plans in June (see 1606090067), said Americans for Limited Government President Rick Manning in a statement Friday. ALG, a vocal IANA transition critic, filed a FOIA request in June for NTIA records on any legal or policy notice of the transition plans “concerning antitrust issues” that could occur post-transition. NTIA “found no records responsive” to ALG’s request, Chief Counsel Kathy Smith said in a letter released Friday. NTIA noted in a transition FAQ that its review of ICANN’s plans, which included input from the DOJ, “did not identify any significant competitive issues relating to the proposed transition.” U.S. competition laws would still apply to ICANN and its Public Technical Identifiers subsidiary’s administration of the IANA functions post-transition “to the same extent as those laws now apply to other private entities, and thus these laws can serve to discourage ICANN and its constituent groups from engaging in anticompetitive conduct that would harm Internet users,” NTIA said. The agency’s failure to consider antitrust issues in its analysis “is simply stunning,” Manning said. He said that President Bill Clinton’s administration explored the possible antitrust issues involved in an IANA transition in 1998, “yet somehow the politically blinded Obama Administration missed the obvious point that ICANN loses its anti-trust shield should the government relinquish control over the property to them. This, even as NTIA has in essence been preparing to create a global monopoly over the Internet’s domain name system.” Sen. Ted Cruz, R-Texas, and two other GOP lawmakers jointly urged DOJ’s Antitrust Division earlier this month to do a competition review of ICANN’s proposed extension of Verisign’s current .com registry agreement through 2024 before the transition (see 1608150052). Congress “has no choice but to deny” President Barack Obama’s “attempt to giveaway [sic] the Internet governance functions through any means necessary including filing suit over the Executive Branch’s abrogation of Congress’ Article One power of the purse,” Manning said. “NTIA was so busy figuring out how it would turn over the Internet domain name system, apparently nobody stopped to ask if it could legally create such a monopoly.” ALG was among 25 groups that jointly asked Congress to file suit against NTIA to enforce and extend an existing rider in the Department of Commerce's budget that prohibits the use of federal funding on the transition. An extension of the funding ban rider through FY 2017 would effectively delay the transition another year (see 1608110062). NTIA didn't comment.

The Electronic Privacy Information Center and the Center for Digital Democracy said Monday they filed a complaint with the FTC over WhatsApp's recent announcement it will share some user information, mainly phone numbers, with Facebook, as expected (see 1608250027). "This reversal contradicts WhatsApp’s previous promises to users that their personal information would not be disclosed and would not be used for marketing purposes," said EPIC in a blog post. It said the messaging service's "change in business practices is unlawful and the FTC is obligated to act." WhatsApp said users could choose to not share that information, but several privacy advocates still questioned whether that's true. The service, which is owned by Facebook, didn't comment.

The Federal Aviation Administration "forecasts there could be as many as 600,000 unmanned aircraft used commercially" over the next year now that a new small drone rule took effect Monday, said FAA Administrator Michael Huerta during a Monday news conference. The rule allows drones less than 55 pounds to fly in sparsely populated areas up to 400 feet high and up to 100 miles per hour during daylight hours. It also requires those flying drones to take a written test for certification. Huerta said the rule also includes a provision to allow people to request waivers so they can operate outside parameters such as beyond the visual line of sight and over people. He said 76 such waiver requests were received Monday. CNN said in a Monday news release that the FAA granted the news organization a waiver to "operate the Fotokite Pro, a tethered platform that weighs less than two pounds, over uncovered people who are not directly participating in the [unmanned aerial systems] operation." Huerta also said the FAA will distribute privacy guidelines developed by an NTIA multistakeholder group (see 1605190007) to all operators during the registration process and to pilots during their certification process, and issue new guidance to local and state governments, but he didn't provide any details. Huerta said "in excess of 530,000" people have registered since the process went live in December. The Electronic Privacy Information Center is suing the agency for not developing privacy rules (see 1608260020). In a statement, Doug Johnson, CTA vice president-technology, said that if the government "continues to embrace drone technology policy that balances safety and innovation, by 2025 our country will reach one million drone flights per day." CTA predicts 2.4 million drones will be sold in the U.S. this year, up 112 percent from last year.