LabMD asked FTC commissioners for a stay of the agency's July 28 final order -- which reversed an administrative law judge ruling and found the cancer testing lab liable for unfair data security practices (see 1607290023 and 1608120002) -- pending a court review. LabMD, which filed the stay application Tuesday, said it's warranted because it satisfies four factors. The case "involves several novel bases for decision, all of which invite alternative conclusions" demonstrated by the different conclusions reached by the FTC and ALJ Michael Chappell (see 1511160069), LabMD said. The company said it's likely to succeed on the merits because the FTC order violates due process and isn't supported by evidence. The firm said the order requires it to hire third-party contractors to perform research and other time-consuming tasks involving "substantial compliance costs," which the company has no way to pay. "That is irreparable harm," the company's filing said. The FTC declined comment Wednesday. LabMD CEO Michael Daugherty emailed that the case will have a "greater impact" on other companies than on his own, which "has already been destroyed." He said "when law firms start reporting the power the FTC has to turn hearsay into truth they'll finally start defending their clients instead of kowtowing to government corruption. This stay request is just a necessary steppingstone out of a biased system that is severely broken. If the FTC decision stands you'll be guilty for being hackable even if never hacked. You're only defense will be a kiss for luck and a roll of the dice." LabMD, which the commission said failed to take proper and reasonable security measures on its computer networks and exposed personal data of about 10,000 patients, has 60 days after the order to appeal to a U.S. Court of Appeals.

The National Institute of Standards' Cybersecurity Framework, risk-based guidelines that help organizations identify, implement and enhance cybersecurity, takes a consistent approach with the FTC data security program, said Andrea Arias, an attorney with the commission's Privacy and Identity Protection Division, in a blog post Wednesday. She wrote NIST's framework isn't a checklist or standards but helps organizations assess cybersecurity capabilities and set goals and a plan for improving and maintaining practices. Organizations don't actually comply with framework but assess risk and mitigation, she said. This is where the framework is consistent with the FTC, which tries to determine if a company's data security and processes are reasonable as per its enforcement, she said. "By identifying different risk management practices and defining different levels of implementation, the NIST Framework takes a similar approach to the FTC’s long-standing Section 5 enforcement." She said alleged lapses the FTC challenged in enforcement actions correspond to the framework's five core functions -- identify, protect, detect, respond and recover -- that help companies organize information, enable risk management decisions, address threats and improve protections from learning about previous activities. "As the FTC’s enforcement actions show, companies could have better protected consumers’ information if they had followed fundamental security practices like those highlighted in the Framework," wrote Arias.

NTIA’s response to a Freedom of Information Act request on its analysis of ICANN’s Internet Assigned Numbers Authority (IANA) transition-related plans indicates the agency “failed to consider the antitrust ramifications” of the transition before it signed off on ICANN’s plans in June (see 1606090067), said Americans for Limited Government President Rick Manning in a statement Friday. ALG, a vocal IANA transition critic, filed a FOIA request in June for NTIA records on any legal or policy notice of the transition plans “concerning antitrust issues” that could occur post-transition. NTIA “found no records responsive” to ALG’s request, Chief Counsel Kathy Smith said in a letter released Friday. NTIA noted in a transition FAQ that its review of ICANN’s plans, which included input from the DOJ, “did not identify any significant competitive issues relating to the proposed transition.” U.S. competition laws would still apply to ICANN and its Public Technical Identifiers subsidiary’s administration of the IANA functions post-transition “to the same extent as those laws now apply to other private entities, and thus these laws can serve to discourage ICANN and its constituent groups from engaging in anticompetitive conduct that would harm Internet users,” NTIA said. The agency’s failure to consider antitrust issues in its analysis “is simply stunning,” Manning said. He said that President Bill Clinton’s administration explored the possible antitrust issues involved in an IANA transition in 1998, “yet somehow the politically blinded Obama Administration missed the obvious point that ICANN loses its anti-trust shield should the government relinquish control over the property to them. This, even as NTIA has in essence been preparing to create a global monopoly over the Internet’s domain name system.” Sen. Ted Cruz, R-Texas, and two other GOP lawmakers jointly urged DOJ’s Antitrust Division earlier this month to do a competition review of ICANN’s proposed extension of Verisign’s current .com registry agreement through 2024 before the transition (see 1608150052). Congress “has no choice but to deny” President Barack Obama’s “attempt to giveaway [sic] the Internet governance functions through any means necessary including filing suit over the Executive Branch’s abrogation of Congress’ Article One power of the purse,” Manning said. “NTIA was so busy figuring out how it would turn over the Internet domain name system, apparently nobody stopped to ask if it could legally create such a monopoly.” ALG was among 25 groups that jointly asked Congress to file suit against NTIA to enforce and extend an existing rider in the Department of Commerce's budget that prohibits the use of federal funding on the transition. An extension of the funding ban rider through FY 2017 would effectively delay the transition another year (see 1608110062). NTIA didn't comment.

The Electronic Privacy Information Center and the Center for Digital Democracy said Monday they filed a complaint with the FTC over WhatsApp's recent announcement it will share some user information, mainly phone numbers, with Facebook, as expected (see 1608250027). "This reversal contradicts WhatsApp’s previous promises to users that their personal information would not be disclosed and would not be used for marketing purposes," said EPIC in a blog post. It said the messaging service's "change in business practices is unlawful and the FTC is obligated to act." WhatsApp said users could choose to not share that information, but several privacy advocates still questioned whether that's true. The service, which is owned by Facebook, didn't comment.

The Federal Aviation Administration "forecasts there could be as many as 600,000 unmanned aircraft used commercially" over the next year now that a new small drone rule took effect Monday, said FAA Administrator Michael Huerta during a Monday news conference. The rule allows drones less than 55 pounds to fly in sparsely populated areas up to 400 feet high and up to 100 miles per hour during daylight hours. It also requires those flying drones to take a written test for certification. Huerta said the rule also includes a provision to allow people to request waivers so they can operate outside parameters such as beyond the visual line of sight and over people. He said 76 such waiver requests were received Monday. CNN said in a Monday news release that the FAA granted the news organization a waiver to "operate the Fotokite Pro, a tethered platform that weighs less than two pounds, over uncovered people who are not directly participating in the [unmanned aerial systems] operation." Huerta also said the FAA will distribute privacy guidelines developed by an NTIA multistakeholder group (see 1605190007) to all operators during the registration process and to pilots during their certification process, and issue new guidance to local and state governments, but he didn't provide any details. Huerta said "in excess of 530,000" people have registered since the process went live in December. The Electronic Privacy Information Center is suing the agency for not developing privacy rules (see 1608260020). In a statement, Doug Johnson, CTA vice president-technology, said that if the government "continues to embrace drone technology policy that balances safety and innovation, by 2025 our country will reach one million drone flights per day." CTA predicts 2.4 million drones will be sold in the U.S. this year, up 112 percent from last year.

Several tech companies signed the White House equal pay pledge on Women’s Equality Day. Tech signatories to the pledge announced Friday included Akamai, Apple, Dropbox, Facebook, IBM, Intel, LinkedIn, MailChimp, Microsoft and MuleSoft. About 50 companies signed the pledge since its launch a year ago.

About 30 percent of respondents in a poll of more than 220 information security professionals who attended the Black Hat hacker conference nearly a month ago said their organizations are prepared for IoT-related security risks, said security company Tripwire in a Thursday news release. Twenty-seven percent said their organizations weren't prepared, 37 percent said their organizations will soon be prepared and 5 percent weren't concerned about IoT security risks, the company's poll found. Fifty-two percent didn't think their organizations accurately tracked the number of IoT devices on their networks, while 34 percent said their organizations did a good job. Plus, 78 percent said they were concerned about IoT devices being "weaponized" in distributed denial-of-service attacks. Only 11 percent ranked DDoS attacks as one of the top two security threats their organization face. Phishing, cyberespionage, ransomware and insider threats were the other risks that were cited more frequently, Tripwire found. About half of the respondents said IoT devices on their networks will increase by at least 30 percent next year.

The “synergy” between Delphi’s “core” intellectual property in “path and motion planning” and Mobileye's “deep reinforcement learning algorithms” will result in a “fast-to-market solution” for autonomous cars, said Amnon Shashua, Mobileye chairman and chief technology officer, on a Tuesday conference call. The call was about the two companies' collaboration to develop what they said will be the first turnkey Society of Automotive Engineers Level 4/5 automated driving system (see 1608230057). Within four months, “a Level 4 demonstration can be conducted on Las Vegas city roads,” as part of a demo planned for January CES, Shashua said. Delphi and Mobileye expect to begin “fleet testing” in 2017, and by 2019, “the system will reach a production-intense state with production of any hardware,” he said. “Given the level of technology required and the amount of integration, on a combined basis, it is hundreds of millions of dollars,” said Delphi CEO Kevin Clark of partnership spending. Mobileye sees this collaboration as “complementary” to its partnership with Intel to bring fully automated driving to BMW vehicles within five years (see 1607010052), Shashua said.

The average North American home has more than seven broadband devices in use every day, said a report from broadband network solutions provider Sandvine based on real network usage. Six percent of households have more than 15 active devices, with smartphones and tablets on fixed Wi-Fi networks accounting for nearly 30 percent of North American fixed access traffic, it said. So-called home roaming generated 9 percent of traffic five years ago, said Sandvine. Laptops and desktop PCs now are less than a quarter of traffic on fixed access networks, it said. Game play traffic on PlayStation 4 consoles is 2.5 percent of the total traffic the console generates, with video streaming (65 percent) and game downloads (25 percent) causing most PS4 bandwidth consumption, said the report. Roku devices, at 10 percent, were the most-used set-top box, followed by Amazon Fire TV (3.9 percent) and Apple TV (3.3 percent), it said. The top-consuming Netflix device (12 percent) on one network was the operator’s branded set-top box that streams over-the-top content, it said.

Mobileye and Delphi Automotive extended their collaboration to develop what they said will be the first turnkey Society of Automotive Engineers Level 4/5 automated driving system. The companies will demonstrate the technology at CES in urban and highway driving, they said in a Tuesday announcement. The program will result in an “end-to-end production-intent fully automated vehicle solution” by 2019 for customers worldwide, said the companies. Mobileye will provide computer vision systems, mapping, localization and machine learning, and Delphi will supply driving software, sensors and systems integration, they said. Teams from both companies will develop the next generation of sensor fusion technology and the next-generation human-like "driving policy," they said. The module combines Ottomatika's driving behavior modeling with Mobileye's reinforcement learning to produce driving capabilities necessary for negotiating with other human drivers and pedestrians in complex urban scenes, they said. Building on an advanced driver assistance systems relationship that began in 2002, the most recent partnership "will accelerate the time to market and enable customers to adopt Level 4/5 automation without the need for huge capital investments,” said Mobileye Chief Technology Officer Amnon Shashua.