Online privacy

On Nov 6, Americans will choose the lawmakers who will try to hammer out privacy rules for major tech players like Google, Facebook and Amazon. Democrats are poised to take the House majority — and want strict privacy controls. Lots of things can — and do — change after elections: Committees get new leaders with new priorities; Other members shift as lawmakers jockey for a preferred spot somewhere else; Policymakers get overtaken by news events, shifting their plans.

While there is now a growing consensus among the tech industry, regulatory advocates, and policymakers on the need for comprehensive privacy legislation, a blueprint proposed in President Barack Obama’s 2012 Consumer Privacy Bill of Rights proved unsuccessful. Had Congress taken up legislation in 2012, it may have forestalled the egregious regulations the European Union and California adopted. In any case, the principles agreed on today generally align with those proposed in 2012.

A Q&A with Federal Communications Commission Chairman Ajit Pai. 

The tech industry could face a reckoning on privacy if a blue wave puts the House in Democrats' hands. It’s the one issue that seems to offer the richest opportunity for legislating if Democrats flip the chamber, coming amid pressure over the tech industry's growing pile of privacy scandals. “There will be a tug of war on this,” said Rep. Peter Welch (D-VT).

Britain's Information Commissioner has slapped Facebook with a fine of $644,000 — the maximum possible — for its behavior in the Cambridge Analytica scandal. The ICO's investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly by giving app developers access to their information without informed consent. The fine was the maximum allowed under the law at the time the breach occurred.

Sen Catherine Cortez Masto (D-NV) joined Sen Amy Klobuchar (D-MN) in sending a letter to Google’s CEO, Sundar Pichai, expressing serious concerns about reports that Google waited six months before notifying the public of a data breach that exposed the private information of nearly 500,000 users participating in the Google+ social media network.

Google will start showcasing privacy mechanisms directly within search, so you can review and delete your activity log without having to navigate to another screen, learn what data Google collects about you, and more easily find relevant granular privacy controls. Google says it will take similar steps for greater transparency across some of its other products as well. Google calls the new feature Your Data, and has experimented with offering information about data privacy in different formats like video, illustrations, and text.

Apple CEO Tim Cook endorsed tough privacy laws for both Europe and the US and renewed the technology giant's commitment to protecting personal data, which he warned was being “weaponized” against users. Cook applauded European Union authorities for bringing in a strict new data privacy law in May and said the iPhone maker supports a US federal privacy law. “We at Apple are in full support of a comprehensive federal privacy law in the United States,” he said.

Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. The restitution hinges on federal court approval of a settlement filed Oct 22 in a 2-year-old lawsuit seeking to hold Yahoo accountable for digital burglaries that occurred in 2013 and 2014, but weren’t disclosed until 2016.

The House Commerce Committee released a white paper detailing the committee’s investigation and recommendations regarding coordinated vulnerability disclosure (CVD) cybersecurity practices. The committee offers two main recommendations to support public and private sector organizations in their adoption of CVD programs as part of their cybersecurity risk management strategies.