Microsoft had more than 31,000 law enforcement requests for more than 52,000 users between July and December 2014, said a company blog post Friday. Microsoft disclosed the “subscriber” or “transactional data” for more than 73 percent of those requests, it said. The U.S. generated more than 5,400 requests. Microsoft said it received between 19,000 and 19,999 Foreign Intelligence Surveillance Act orders for content that affected accounts between January and June 2014. The orders have a six-month reporting delay, it said. “While we saw little change from the proceeding period in the overall number of law enforcement and government requests for Microsoft customer data, the world around us continues to change,” it said. “In the 14 months since the government agreed to greater transparency for reporting national security orders, we’ve seen new threats emerge around the globe,” said Microsoft, which reaffirmed its support of the Electronic Communications Privacy Act and USA Freedom Act (see 1409220038).
Uber released a new code of conduct that included the creation of a safety advisory board, a company blog post said Wednesday. Uber rides are “tracked by GPS,” which allows it to “provide law enforcement with very specific details about trip activity for their investigations,” it said. That partnership also extends to the tracking of contagious diseases like Ebola, it said. Uber is also rolling out an SOS button for international users to contact law enforcement, it said.
The FCC’s “erratic” recent history with broadband reporting could have consequences for the national broadband map, NCTA said in a blog post Wednesday. It pointed to the agency’s shift from defining broadband as 4/1 Mbps to 25/3 Mbps as evidence of the commission’s lack of consistency in broadband reporting. “Inconsistent and spotty reporting using an ever-shifting set of metrics is hardly conducive to sound analysis,” NCTA said. It challenged FCC credibility in broadband reporting. “Under Section 706, the FCC has an interest in highlighting problems rather than successes because the statute gives the FCC authority to take immediate action if it reaches a negative finding in its annual report,” NCTA said. The open Internet order and the new Broadband Opportunities Council “mark a new level of government involvement in the operation of the broadband marketplace,” NCTA said. The White House created the council to spur broadband investment and adoption, it said Monday (see 1503230064).“With increased government oversight and participation comes an increased responsibility for government to be a resource for factual and impartial data.”
Consumers soon will be able to watch Amazon Fire TV on the go and get the Fire TV Stick in the U.K. and Germany, the company said in a news release Tuesday. The free software updates to both Fire TV and the Fire TV Stick will be delivered over the air in the coming weeks. The devices will start shipping in the U.K. and Germany April 15, Amazon said. Other updates include letting consumers connect USB mass storage devices to the Amazon Fire TV, captive portal support that lets owners connect to their devices over Wi-Fi when not home and support for Bluetooth headphones, Amazon said.
A cloud network security company started Tuesday. ProtectWise, with employees who used to work at IBM and McAfee, said it differs in that it deploys a virtual camera in the cloud to deliver “unlimited retention” of network data, which can be analyzed years later to “uncover threats that were previously unknown using the latest intelligence.” It allows a replay to detect threats or breaches as intelligence is updated, said CEO Scott Chasin in an interview last week. It’s a “time machine for threat detection,” he said. The average time between a breach occurring and being detected is about 205 days, the company said in a news release Tuesday. “The era of prevention is coming to a close, and visibility and detection are now more important than ever for all organizations to focus on,” the company said. The camera in the cloud “passively records” everything it sees, but companies can control what data is shared and analyzed, said Chief Technology Officer Gene Stevens. If a customer discovers an attack, ProtectWise automatically will look for similar breaches in real time and retrospectively, he said. The firm recognizes that “companies are suffering from alarm fatigue,” Stevens said, pointing to a 2015 Ponemon Institute survey saying the average enterprise receives almost 17,000 malware alerts weekly. Of those, 19 percent are reliable and 4 percent are investigated. ProtectWise has received more than $17 million in financing from Arsenal Venture Partners, Crosslink Capital, Paladin Capital Group and Trinity Ventures. The company has “more than a dozen” clients in industries such as technology, financial services, healthcare, and media and entertainment, including Universal Music Group, the company said in a news release Tuesday.
Consumer confidence toward the overall economy and technology spending both fell in March, said CEA Tuesday. The CEA Index of Consumer Expectations (ICE), which measures consumer expectations about the U.S. economy as a whole, slipped 2.8 points from February to 178.4, and the Index of Consumer Technology Expectations (ICTE) dropped 5.4 points, said CEA. “While consumer confidence is down slightly from last month, U.S. economic growth continues to sustain above-trend growth,” said Shawn DuBravac, CEA chief economist. This month’s ICE remains higher year over year for the month of March since the CEA Index began tracking in 2007, said the association in a news release.
“One of the most common motivations for hacking is the theft of financial information,” the Department of Justice wrote in blog post Friday. It’s now a crime to sell “access devices” such as credit card numbers, and the government can prosecute offenders located outside of the U.S. as long as the card number involved was issued by an American company and the government can prove an “article” used to commit the offense moved through the U.S. or that the criminal held his or her illicit profit in an American bank, DOJ said. These “requirements have proved increasingly unworkable in practice,” Justice said. When digital data is stolen, it’s not clear what “article” could be involved, the DOJ said, which is why it has proposed an amendment to the Personal Data Notification & Protection Act that “would strike the unnecessary language in the current statute.” The proposed amendment would let DOJ “prosecute anyone possessing or trafficking in credit card numbers with intent to defraud if the credit cards were issued by a United States financial institution, regardless of where the possession or trafficking takes place,” Justice said. “This kind of jurisdiction over conduct that occurs abroad is fully consistent with international norms and other criminal laws aimed at protecting Americans from economic harm.”
The FTC is hiring technologists to staff its newly formed Office of Technology Research and Investigation (OTRI), which was created to “expand the FTC’s capacity to protect consumers in an age of rapid technological innovation,” wrote FTC Chief Technologist Ashkan Soltani in a blog post Monday. In its hundred years, the commission has protected consumers as new technologies, from movies and radio to smartphones and connected cars, emerged, Soltani said. “When smart phones began to become ubiquitous, the FTC’s Bureau of Consumer Protection created a Mobile Technology Unit” (MTU) to highlight “consumer protection challenges posed by mobile technologies,” and developed tools and techniques to protect consumers, Soltani said. The OTRI is the successor to the MTU and will tackle "an even broader array of investigative research on technology issues involving all facets of the FTC’s consumer protection mission, including privacy, data security, connected cars, smart homes, algorithmic transparency, emerging payment methods, big data, and the Internet of Things,” he said. New positions the FTC announced include a technology policy research fellowship, research coordinator and technology research internship program, Soltani said. The FTC’s tech blog, traditionally reserved for posts from the agency’s chief technologist, soon will expand to allow posts from “invited FTC staff, including members of OTRI,” who will guest blog about technical research findings and technology-related issues affecting consumers, he said.
Cybersecurity problems are the most pressing issue facing the Internet, said an Internet Society survey. ISOC's survey, released Monday, had 801 responses from the society's six regions. Eight-six percent of respondents said they were ISOC members, and 86 percent said cybersecurity is the most critical issue facing the Internet. Seventy-five percent said making Internet governance “easier to understand” was “extremely” or “very important.”
NTIA published the Internet Policy Task Force’s request for comment on possible cybersecurity issues that the IPTF should explore. The IPTF has said it’s seeking out topics that largely veer away from securing critical infrastructure, a topic that’s been the focus of other cybersecurity efforts like the National Institute of Standards and Technology’s Cybersecurity Framework (see 1503160059). Comments are due 5 p.m. May 18, NTIA said in a Thursday notice in the Federal Register.