“Strong end-user privacy and security controls, such as device encryption and firmware passwords, not only protect personal information from unwanted access -- they can also make it easier to recover lost or stolen devices,” wrote FTC Chief Technologist Ashkan Soltani in a blog post Thursday. Soltani said that during a family trip to the West Coast last month, his personal laptop was stolen from a rental car. “I backup regularly and always enable disk encryption” to protect the information stored on the hard-disk from “unwanted access” with the exception of that by very sophisticated adversaries, he said. “I had also set a firmware password, which is an end-user control that essentially prevents the machine from being booted up or reset without knowing the password.” A few weeks later, he received an email from Apple reminding him of an upcoming visit to an Apple tech at an Apple Genius Bar and realized the thief likely needed help unlocking the computer. He notified law enforcement and Apple. Soltani received a call from Apple notifying him it was working with law enforcement to return the computer to him. The moral of the story is “strong end-user controls like device encryption and firmware passwords not only protect sensitive info stored on the device, they also prevent criminals from utilizing stolen property,” Soltani said. “The more devices feature strong end-user controls, the less likely thieves can profit from their theft on the open market.”

Best Buy will expand sales of the Apple Watch to all its 1,050 big-box stores and to 30 of its Best Buy Mobile stores by the end of September, CEO Hubert Joly said on an earnings call. Best Buy has been working with Apple to update the 740 stores-within-a-store that were launched in 2007 to include new and larger Apple displays for iPhones, MacBook computers and iPads, Joly said Tuesday. The Apple Watch went on sale earlier this month at BestBuy.com and in more than 100 brick-and-mortar Best Buy stores, he said. Just as the iPhone 6 launch “was certainly a traffic driver” for Best Buy, the retailer also is “thrilled to have a new traffic driver this year, something very iconic,” Chief Financial Officer Sharon McCollam said of the Apple Watch. It’s “very notable” that 89 percent of the U.S. population lives in states “where one of our online competitors, headquartered in Seattle, now collects the sales tax,” Joly said in obvious reference to Amazon. Three years ago, that proportion was less than half, he said. Joly has been a strong advocate of e-commerce taxation changes on the grounds that online-only retailers that aren't compelled to collect sales tax have, as a consequence, a strong competitive advantage over retailers that run physical stores.

First-ever U.N. Special Rapporteur on Privacy Joseph Cannataci doesn’t use Facebook or Twitter because he believes in privacy, he said in an interview with The Guardian Monday. “We have a number of corporations that have set up a business model that is bringing in hundreds of thousands of millions of euros and dollars every year and they didn’t ask anybody’s permission,” he said. “Unfortunately, the vast bulk of people sign their rights away without knowing or thinking too much about it.” Technology is presented as ever-developing, not as being controlling, but as confirmed in documents released by former NSA-contractor Edward Snowden, technology has ever-developing sinister capabilities that have “gone out of control,” Cannataci said.

Twitter’s decision to no longer allow accountability projects to track deleted tweets (see 1506040057) from politicians and public officials is a “disappointing move,” wrote Electronic Frontier Foundation Director-Copyright Activism Parker Higgins in a blog post Wednesday. “Politicians will frequently use the platform to take a stance or react to an issue, and in many cases news reporters -- who might have previously called for comment, or quoted from a press statement -- will embed the tweet directly,” Higgins said. “Twitter has gone to great lengths to defend free speech in the past.” While no one is arguing that Twitter is legally obligated to make deleted tweets available, the company’s recent compliance with “bogus” Digital Millennium Copyright Act takedown notices (see 1508250054) is disappointing, he said. The new restrictions will be felt more by transparency groups than advertisers and individuals monitoring deleted tweets, because the organizations are “blocked by policy from ‘surfacing’ them,” Higgins said.

The ICANN board is preparing comments on the Cross Community Working Group on Enhancing ICANN Accountability’s (CCWG-Accountability) revised proposal for changes to ICANN’s accountability mechanisms, ICANN Chairman Steve Crocker said Wednesday in a blog post. CCWG-Accountability released its revised ICANN accountability proposal earlier this month for public comment. Comments are due Sept. 12 (see 1508040058). ICANN board members and staff have been meeting in Washington “to further consider the CCWG proposal and commence a review of an impact analysis from ICANN's external counsel,” Crocker said. The board plans to release its impact analysis on the CCWG-Accountability proposal comments forum and plans a teleconference with the working group next week to “help inform the Board's development of its comments,” he said. CCWG-Accountability should also hold a public meeting in Los Angeles in late September on the proposal “to continue the dialogue” with the ICANN board, Crocker said.

Rentboy.com CEO Jeffrey Hurant and six other website employees were arrested Tuesday and were to be arraigned in U.S. District Court in Brooklyn, New York, on charges of violating the Travel Act by promoting prostitution, the Department of Justice said. Rentboy.com, which opened in 1997, hosts thousands of paid ads for male escort services. Justice said it also plans to seize $1.4 million from company accounts and was taking steps to shut down the website. Rentboy.com wasn’t accessible at our deadline. The website has disclaimers that say the site is for companionship advertising only not sexual services, but it’s clearly “designed primarily for advertising illegal prostitution,” Justice said. It said subscribers were able to categorize their ads based on what services they’re willing to perform and can link to another website that allows past customers to rate them. “Rentboy.com attempted to present a veneer of legality, when in fact this internet brothel made millions of dollars from the promotion of illegal prostitution,” Acting U.S. Attorney Kelly Currie said in a news release.

Online scammers are looking for people to help them transfer money and stolen goods by claiming to offer work-at-home jobs or pretend to be a romantic partner and then ask for a “favor,” FTC Consumer Education Specialist Bridget Small wrote in a blog post Monday. The goal is to “use your bank account, personal information and address to help them steal money,” Small said. “Bottom line: If someone you don’t know -- and that includes someone you met online -- asks for personal or financial information, don’t respond,” she said. “If they ask you to deposit checks, accept funds or wire money, don’t get involved.” Be alert for job scams, too, she said.

About 70 percent of a tested set of 10,000 domain names in ICANN’s Whois system passed all syntax accuracy requirements included in ICANN’s 2009 registrar accreditation agreement (RAA), ICANN said Monday in a report. ICANN has been developing and testing its Accuracy Reporting System to identify potentially inaccurate Whois contact information and forward that information on to registrars for further action. Ninety-nine percent of all tested email addresses met the 2009 RAA’s syntax requirements, as did 85 percent of tested phone numbers and 79 percent of all postal addresses, ICANN said. All domains are required to meet the 2009 RAA’s syntax accuracy standards, while only domains not grandfathered under the 2013 RAA must meet the 2013 agreement’s stricter syntax accuracy standards. Only 34 percent of the 3,848 tested domain names not grandfathered under the 2013 RAA met all of that RAA’s syntax accuracy requirements, though 97 percent met requirements for email addresses. More than 84 percent of the nongrandfathered 2013 RAA domains met requirements for phone numbers, while 44 percent met requirements for postal addresses. The 2013 RAA’s additional syntax accuracy requirements mainly focused on postal addresses, ICANN said. The organization said it’s planning to issue a report on follow-up efforts to remedy syntax inaccuracies in the tested domain names and is planning to complete an additional round of syntax accuracy testing in November. In a related Whois issue, groups have been battling over whether ICANN should allow registrations that mask domain-name ownership through the use of IP proxy servers (see 1507060059 and 1507170064).

Hulu said its partnerships with LiveRail and Oracle will allow advertisers to deliver data-informed advertising this fall, allowing Hulu to “create new opportunities for advertisers with an automated, seamless, data-driven process ... Hulu will be able to deliver marketers real-time adjustments and give them more control over their campaigns.” Hulu plans to deploy the Oracle Data Management Platform (DMP) and LiveRail’s Video Private Exchange (VPX). Oracle’s DMP will allow advertisers “to personalize their advertising campaigns on Hulu with more rich information about their target audiences to deliver even stronger campaign results,” Hulu said Tuesday. LiveRail’s VPX will allow Hulu “to use LiveRail’s granular level controls to target campaigns with the ability to make real-time decisions on the value of individual impressions, driving campaign effectiveness and results for advertisers and increasing the relevance of ads for their viewers,” Hulu said. “The marketplace has shown that data is overwhelmingly the new currency,” said Hulu Senior Vice President-Advertising Peter Naylor in a blog post.

A lawsuit seeking class-action status was filed against Avid Life Media, parent of Ashley Madison, by “John Doe,” individually and on behalf of all others similarly situated, following the dumping of sensitive personal and financial information users disclosed when creating an account (see 1508200039). The suit was filed Friday in U.S. District Court in Los Angeles. “Doe” is a Los Angeles resident who created an account with Ashley Madison in March 2012, according to court documents. The defendant alleged ALM stores the account information in an “unencrypted format at the database level,” despite identifying itself as “the last truly secure space on the Internet.” Doe alleged the data breach could have been prevented if ALM had “taken the necessary and reasonable precautions to protect its users’ information by, for example, encrypting the data entrusted to it by its users,” the “publicity of this information has created and will continue to create irreparable harm,” and that ALM failed to notify him and others of the breach in a timely manner. Doe seeks “compensatory and punitive damages with interest, attorneys’ fees and costs, and any other and further relief as this Court deems just and proper.” Attorneys for Doe didn’t comment. ALM also didn't comment.