The FTC is committed to using its “full scope” of authorities to protect consumers’ location, health and sensitive data, the agency said in a blog Monday. The announcement follows an executive order from President Joe Biden aimed at combating “digital surveillance” in the wake of the overturning of Roe v. Wade (see 2207080060). The FTC will “vigorously enforce” the law, and past enforcement provides a “roadmap” for infractions involving location and health data, said FTC Division of Privacy and Identity Protection acting Associate Director Kristin Cohen. Cohen warned companies against deceptive acts involving promises to anonymize consumer data. The agency doesn’t “tolerate companies that over-collect, indefinitely retain, or misuse consumer data,” Cohen said, citing federal and state law.

President Joe Biden issued an executive order Friday meant to combat “digital surveillance” and protect data privacy for reproductive health care services. Citing the overturning of Roe v. Wade, Biden directed FTC Chair Lina Khan to explore steps to “protect consumers’ privacy when seeking information about and provision of reproductive health care services.” He ordered Health and Human Services Secretary Xavier Becerra to consult with Attorney General Merrick Garland and Khan on options for addressing “deceptive or fraudulent practices, including online, and protect access to accurate information.” House Oversight Chair Carolyn Maloney, D-N.Y., applauded the EO. Maloney announced a health data privacy probe on Friday with House Consumer Policy Subcommittee Chair Raja Krishnamoorthi, D-Ill., and Rep. Sara Jacobs, D-Calif. They sent letters to five data broker companies and five personal health app companies “requesting information and documents regarding the collection and sale of personal reproductive health data.” Location data “collected by mobile phones may be used to locate people seeking care at clinics, and search and chat history referring to clinics or medication create digital bread crumbs revealing interest in an abortion,” they wrote.

DOJ’s Justice Management Division lacks staff to effectively manage its cyber supply chain risk management (C-SCRM) program, the Office of Inspector General reported Thursday. Lack of “personnel resources” resulted in “widespread noncompliance, outdated guidance, inadequate threat assessments, and insufficient mitigation and monitoring actions,” OIG said. The division needs to “provide communication, outreach, and training to Department components and develop procedures to periodically assess their efforts,” OIG concluded. The FBI’s C-SCRM program is “more modern,” but millions of dollars in IT goods might not have gotten proper inspection based on cyber requirements, OIG said. The office recommended the Drug Enforcement Administration develop its own C-SCRM program, as required by an intelligence community directive.

U.S. cyber victims shouldn’t make ransomware payments, the FBI, Cybersecurity and Infrastructure Security Agency and Treasury Department said Wednesday in an advisory on Maui ransomware, a common North Korean state-sponsored cyberthreat. Paying ransom doesn’t “guarantee files and records will be recovered and may pose sanctions risks,” the agencies said. U.S. companies should “adopt and improve cybersecurity practices and report ransomware attacks to, and fully cooperate with, law enforcement,” the agencies said.

The Biden administration urged a court Friday not to grant expedited discovery to Missouri and Louisiana in their suit claiming the administration colluded with social media platforms to censor and suppress truthful information (see 2205050056). In its response at the U.S. District Court for Western Louisiana (case 3:22-cv-01213-TAD-KDM), the administration said it plans to file a motion to dismiss. Don't allow states to take discovery before defendants can respond to the complaint, it said. "The Court must first address whether it has jurisdiction before this matter may proceed at all. … Expedited discovery is rare, and is authorized only when a party shows that it has a pressing need.” States “make little effort to show that they will suffer irreparable harm (or in fact any harm) absent expedited discovery.” It would go against federal civil procedure rules to require the U.S. defendants "to respond to an unspecified number of interrogatories and document requests, and potentially prepare for depositions, on a compressed timeline,” it said. Missouri and Louisiana seek a "a sweeping preliminary injunction that would have the perverse effect of suppressing public officials’ speech on matters of public concern,” and multiple courts including the D.C. Circuit U.S. Court of Appeals dismissed similar claims “for lack of subject-matter jurisdiction,” the administration said. “Although social media companies have been taking action against what they have deemed to be misinformation for years -- since before this Administration began,” plaintiffs here and in other cases insist “that the actions they were subject to were attributable … to certain comments made by Government officials about the harms of misinformation.” But courts “uniformly dismissed those challenges, concluding that the plaintiffs lacked Article III standing because their allegations did not show that the challenged actions were caused by any Government actor rather than the independent judgments of social media companies.”

Deputy Attorney General Lisa Monaco met Thursday with retail CEOs at the Retail Industry Leaders Association (RILA) annual summit in Washington, where she cautioned them to be “mindful” about the “blended threat” of sophisticated "cyber-criminal groups" and "nation-state actors" forming “alliances of convenience,” said a DOJ readout Friday. She encouraged retailers to bolster their cyber defenses and "proactively develop" relationships with their local FBI field offices, it said. Monaco also addressed “organized retail crime” with the CEOs, including how U.S. attorneys across the country are bringing federal charges to punish and thwart “aggravated retail theft,” said DOJ. Retailers "appreciated the opportunity to discuss a number of high priority issues with Deputy AG Monaco, including cybersecurity," emailed RILA President Brian Dodge. "We appreciate the department’s attention to organized retail crime and the role they are playing investigating and prosecuting large cases," he said. RILA represents Best Buy, Target, Walmart and other big-box retailers.

The federal government charged six defendants in four separate criminal cases for their alleged involvement in cryptocurrency fraud, DOJ said Thursday. They were charged in cases involving “the largest known Non-Fungible Token (NFT) scheme charged to date, a fraudulent investment fund that purportedly traded on cryptocurrency exchanges, a global Ponzi scheme involving the sale of unregistered crypto securities, and a fraudulent initial coin offering,” DOJ said. The Justice Department joined with the FBI and Department of Homeland Security in the enforcement action.

Napster Music’s newly published Litepaper V1 outlines plans to apply Web3 technology to its existing business and “millions of users,” it said Wednesday. The company created a new entity, Napster Innovation Foundation, to issue "$NAPSTER tokens using the Algorand blockchain protocol to streamline its existing platform functionality" and create new options for monetization. "We’re entering the streaming-plus era of music," said Napster interim CEO Emmy Lovell, saying streaming music is "one of the few scaled business sectors where adoption of blockchain tech actually makes immediate sense for everyone." Web3 has a chance to “deepen, extend and improve the music ecosystem," she said. Napster 3.0 will launch as a decentralized, music-first ecosystem benefiting fans, music makers and rights holders, said the company.

Google should clarify search results that steer individuals looking for abortion services to anti-abortion clinics, New York Attorney General Letitia James (D) wrote the company Wednesday. Google Maps fails to distinguish between abortion clinics and crisis pregnancy centers, she said: The latter don’t offer abortion services, often don’t have medical professionals, and try to dissuade people from having abortions. It’s important to clarify the distinction due to the Supreme Court’s overturning of Roe v. Wade, she wrote.

Wi-Fi fraud is among the most common summer scams consumers need to look out for, warned U.S. Attorney Dena King of the Western District of North Carolina in tips Wednesday. During the summer, many people are on the go, and with more and more businesses, restaurants and venues offering free Wi-Fi access, “it is easy to become a victim” of Wi-Fi fraud, she said. Fraudsters typically use what appears to be legitimate free Wi-Fi “to dupe users into connecting to networks that can steal their information,” said King. Free Wi-Fi networks "are generally unsecured," she said. "To the extent possible, avoid using them altogether, but definitely avoid using them to transmit sensitive information or conduct financial transactions.” Summer is a popular time “for scammers to maximize their profits by preying on consumers trying to save money on a good summer deal,” she said.