President Barack Obama signed off Tuesday on a presidential policy directive clarifying federal government agencies’ responsibilities for responding to a cyberattack, including making the Office of the Director of National Intelligence responsible for leading intelligence support in response to the attack. The directive delegates the DOJ to take the lead in law enforcement activities related to a cyberattack, while the Department of Homeland Security will aid in mitigating the attack. The White House’s release of the directive came amid the fallout over WikiLeaks’ release of controversial Democratic National Committee emails believed to have been harvested from DNC servers during a 2015 hacking incident. The White House emphasized Tuesday that its planning for the directive significantly predated the DNC hacking incident. The White House’s directive directs the Cyber Response Group within the National Security Council to coordinate development and implementation of U.S. government policies in response to cyberattacks. The CRG or the larger NSC can form a cyber unified coordination group (CUCG) as the “primary method” of coordinating among federal agencies in response to “significant” cyber incidents, Obama said in the directive. The CUCG normally will include the Department of Homeland Security and other lead federal agencies for threat response and support, but also will include the FCC and other sector-specific agencies depending on the nature of the incident, the directive said. The FCC also would be called upon to participate in CRG activities when “its inclusion is warranted by the circumstances and to the extent the [FCC] determines such participation is consistent with its statutory authority and legal obligations,” an annex to the directive said. The White House directive also set up a five-level framework for rating cyber incidents. Level 1 attacks are “unlikely to affect public health, national security” or other U.S. interests, while a Level 5 incident “poses an imminent threat to wide-scale critical infrastructure services, national government or to the lives” of U.S. citizens, the directive said.

​The impending arrival of Bluetooth 5 and its technical enhancements will help boost Bluetooth-enabled device shipments to more than 5 billion units in 2021, ABI Research said in a Monday report. Bluetooth 5, coming late 2016 or early 2017, will include “significantly increased” range, speed and broadcast messaging capacity, said the Bluetooth Special Interest Group in a June announcement. With Bluetooth 5, the platform “will extend beyond cable replacements and smartphones to branch out into the wider IoT landscape and result in the development of larger scale networks that no longer rely on the smartphone as a hub,” ABI said. “Bluetooth is evolving from a smartphone and personal area network solution to a scalable, low-power wireless networking technology,” it said. “This development will unlock growth in beacons, home automation, building automation, lighting, and other smart city applications over the next decade and beyond.” By 2021, smartphones still will be 40 percent of Bluetooth product shipments, but that will be down 12 percent in volume share from 2015, it said.

General Motors' $500 million February investment in Lyft for speeding commercialization of autonomous vehicles (see 1601040068) “is accomplishing everything we set out for it to do,” GM CEO Mary Barra said on an earnings call. “We are very committed to being among the leaders or leading in autonomous technology.” GM's March buy of autonomous-vehicle innovator Cruise Automation also “was a big piece of that," Barra said of that $581 million acquisition. GM “recognized early that the fastest way to get the technology into customers' hands, and to really learn and be driven by what customer expectations are, is to get it into a ride-sharing fleet and get it out there,” Barra said Thursday. “We're demonstrating different behavior with how we're getting the technology and the innovation and the technological advancements we've done into the marketplace more quickly. ... That's something I focus on every day.”

More than half the world’s population doesn't use the internet, despite falling prices for information and communications technology, ITU said in a Friday news release about its 2016 ICT Facts & Figures report. About 3.9 billion of 7.4 billion people don’t use the internet, the ITU said. There are 2.5 billion internet users in developing countries, more than the 1 billion users in developed countries. But developed countries have higher internet penetration, it said. About 81 percent in developed countries use the Internet compared with 40 percent in the developing nations, it said. The report also said 2G mobile networks cover about 95 percent of the global population, and 4G LTE networks cover 53 percent. The number of mobile-broadband subscriptions has grown at double-digit rates in developing countries to reach a penetration rate of nearly 41 percent, but overall mobile-broadband growth has slowed, it said. The ITU predicted the total number of mobile-broadband subscriptions globally will hit 3.6 billion by year-end. Mobile broadband is cheaper than fixed, said ITU, with the average price of fixed more than twice as high as the average price of mobile, it said. “Global interconnectedness is rapidly expanding, however more needs to be done to bridge the digital divide and bring the more than half of the global population not using the Internet into the digital economy,” said Secretary-General Houlin Zhao.

Dun & Bradstreet is partnering with the Trustworthy Accountability Group to help the anti-fraud initiative (see 1605230010) verify the identities of buyers, sellers and intermediaries in the digital advertising supply chain. "With Dun & Bradstreet data, TAG can feel confident that only legitimate business entities are approved to participate in the TAG Registry," said Dun & Bradstreet CEO Bob Carrigan in a news release. "Supporting TAG in its efforts to bring transparency to online advertising aligns with Dun & Bradstreet's mission of uncovering truth from data to reveal a business' best -- or riskiest -- relationships." TAG was formed two years ago by the American Association of Advertising Agencies, Association of National Advertisers and Interactive Advertising Bureau in part to combat digital ad piracy and copyright infringement. Dun & Bradstreet will vet the identities of companies applying to be "TAG Registered" by matching their information such as address, contact emails and names, tax ID and other fields. After TAG does a final check of companies forwarded by Dun & Bradstreet, approved companies get a unique identifier "that can be appended to digital ads, and shared with advertising partners to verify the legitimacy and reputation of the business," it said. The issue has come under more scrutiny, with two Democratic senators urging the FTC to get more involved in understanding and fighting fraudulent digital ads (see 1607110016).

About 12 million domain names were added to the internet during Q1, up 3.8 percent from Q4 2015, domain registry Verisign said Tuesday in a report. The additional 12 million domains in Q1 brought the total number of registered domains to 326.4 million, including 126.6 million domains using the .com top-level domain and 15.9 million using .net, Verisign said. The domain registry said it processed 10 million new domain registrations on the .com and .net TLDs in Q1, up from 8.7 million domain registrations during the same period in 2015. Meanwhile, ICANN said in a report Tuesday that domain registrations using generic TLDs grew by 7.3 percent year-over-year between 2014 and 2015.

Overseas content theft or pirate websites, which expose consumers to malware and other serious risks potentially leading to identity theft, financial loss and ransomware, rely on legitimate North American companies to operate, said a Digital Citizens Alliance study released Wednesday. In collaboration with cybersecurity firm RiskIQ, the study further examined research done in December that found consumers are 28 times more likely to be exposed to malware on content theft sites, which lure users seeking free movies, TV shows and music. The study said hosting and content delivery network companies aren't doing anything illegal and compared them to a landlord renting to a drug dealer who does business from an apartment. "But just like that landlord, more often than not these companies either look the other way or just don't want to know," the study said. It added such companies are contributing to the threat of computer infections and other consumer risks. “Given that our research shows that 12 million Americans are exposed to malware through content theft websites, we are approaching a cyber epidemic that poses serious concerns about the long-term security of Americans’ computers,” said Digital Citizens Executive Director Tom Galvin in a news release. The study said government authorities can ask hosting and content delivery companies whether they "knowingly" help such pirate sites. Agencies like the FTC or state attorneys general can help raise consumer awareness about visiting pirate sites, it said. The group's advisory board includes employees of a national union, Association for Competitive Technology, i-Safe and National Consumers League, its website said.

Congress.gov, the Copyright Office’s website and other Library of Congress-hosted websites continued to experience intermittent outages at our deadline Tuesday after a distributed denial-of-service attack against LOC’s IT infrastructure. An LOC spokeswoman confirmed Tuesday that the DDOS attack began Sunday morning and is affecting LOC’s websites, online services and employees’ access to email. LOC announced the DDOS attack in a tweet Monday. LOC is “working to maintain access to its online services while ensuring security,” emailed a spokeswoman. GAO and Congress have highlighted deficiencies in the LOC IT program in recent years (see 1503310046 and 1509080058), and new Librarian of Congress Carla Hayden said IT modernization will be one of her top priorities (see 1604200053).

Google received more than 40,000 global law enforcement requests for user data in the second half of 2015, a 35 percent jump from the same six-month period during the prior year, the company said in an updated transparency report. The company said it provided some data on about 64 percent of the requests, roughly the same number over the past several periods. For all of 2015, Google received more than 76,000 data requests, about 23 percent more than in 2014. Google said more than 81,000 users/accounts were specified in the July-December data requests for 2015. That figure, Monday's report said, is "over-inclusive" and doesn't reflect unique users/accounts because it might include, for example, the same Gmail account listed in several different requests or the company might get a request for a nonexistent account. Google said it "decided it is better to err on the side of a greater number." U.S. law enforcement agencies made more than 12,500 user data requests for the second half of 2015, or about 25 percent more than the same period in 2014, with Google providing some data on about 79 percent of those requests, the report said. The U.S. made the most requests, with Germany ranking second with almost 7,500, the company said. Of the U.S. requests, more than 7,200 were subpoenas, more than 3,700 were search warrants, while about 1,000 were for other court orders, said the report.

Mobile apps by Sega and iTriage allowed third parties to collect and use consumers’ precise location for third-party ads without notifying users or obtaining their consent, said the Advertising Self-Regulatory Council in a Thursday news release. The Sega game, Sonic Runners, also raised issues under the Children’s Online Privacy Protection Act, which says no personal information may be collected from children under 13 without obtaining parental consent. While the game used an age gate to meet COPPA, the gate didn’t function properly, ASRC said. Sega and iTriage cooperated with ASRC’s Online Interest-Based Advertising Accountability Program, pledging to comply with Digital Advertising Alliance standards in current and future apps. After Sega was notified about the problems, the video game company removed Sonic Runners from app stores and removed all third-party ads before offering it to the public again, while also pushing a mandatory update to all current users, ASRC said. Later this month, Sega will shut down Sonic Runners forever, said the company’s website. The Aetna-owned iTriage committed to stop using location data for ads and agreed to add real-time notice of data collection and use with links to an opt-out mechanism on its app and the iTriage and Aetna websites. They also pledged to be transparent and give users a choice to participate if they decide to allow third-party use of personal directory data or healthcare data for interest-based ads, ASRC said. “Today’s decisions are a win for both consumers and advertisers,” said Genie Barton, director of the Accountability Program.