Facebook should stop “intimidating WhatsApp users to accept extended data collection,” 28 advocacy groups wrote the company Friday. Led by Public Citizen, they claim the platform is manipulating users into accepting weakened privacy policies, which were to have taken effect Saturday (see 2105030058). Electronic Privacy Information Center, Fight for the Future, Access Now and Center for Digital Democracy signed. The intended business model “relies on extended data integration between WhatsApp and Facebook to benefit its own bottom line at the expense of user privacy,” they wrote. Facebook didn't comment.
A Colorado privacy bill is going to the Senate. The Appropriations Committee voted 7-0 Friday for SB-190. This “appears to be an even more business-friendly version” of Virginia’s law, Husch Blackwell lawyers blogged Wednesday.
UL debuted a COVID-19 vaccination tracker as U.S. “return-to-work programs gear up,” it said Thursday: The service's software tools are especially for companies that plan to return employees to the office but lack “software solutions in place to support regulatory and healthcare compliance.”
EU lawmakers should approve the U.K.'s data protection regime, said 16 tech and business groups Wednesday. They said the European Commission's proposed "adequacy decision" recognizes the country's privacy rules provide sufficient safeguards under the general data protection regulation. The Civil Liberties Committee urged the EC this week to revisit the decision to "bring it in line with EU court rulings and the opinions of the EU privacy supervisor." Legislative concerns included that U.K. law allows for bulk data access without suspicion of crime, and for bulk data retention, which the European Court of Justice says is inconsistent with GDPR rights, and that U.K. data-sharing agreements with the U.S. raise the possibility of Europeans' information being shared despite recent ECJ rulings that U.S. bulk data access is incompatible with the regulation. The draft resolution comes up for vote in plenary May 20. The industry groups said the European Parliament should support the decision because the "negative consequences of an interruption in data flows would be substantial" to U.K. and EU businesses since the EU is Britain's main trading partner. Signatories include the Information Technology Industry Council, Computer and Communications Industry Association and U.S. Chamber of Commerce.
Legislation introduced Tuesday would prohibit online platforms from collecting personal data from anyone ages 13-15 without user consent. Introduced by Sens. Ed Markey, D-Mass., and Bill Cassidy, R-La., the Children and Teens’ Online Privacy Protection Act would update the Children’s Online Privacy Protection Act, letting users delete personal information collected from kids and teens. It would establish such a digital marketing bill of rights.
The Secure Telephone Identity Governance Authority revised its service provider code token access policy to be effective immediately, the advisory group announced Monday. Service providers without access to phone numbers may "immediately pursue the certificate necessary to participate" in secure telephone identity revisited and signature-based handling of asserted information using tokens caller ID authentication so long as they are listed in the robocall mitigation database, said an FCC Wireline Bureau public notice (see 2104200042).
The FTC 4-0 finalized its nonmonetary settlement with a photo app that allegedly “deceived consumers” about face scanning technology and retention of user photos and video (see 2101110027), the agency announced Friday. Everalbum allegedly failed to delete photos and videos from deactivated accounts when it promised to remove the content. It faces $43,280 fines for future violations and is required to delete content from deactivated accounts. Everalbum is "excited to move forward" with a "mindful tone," said a spokesperson. "We take our role as face recognition technology provider very seriously, and are committed to the ethical development and use of this important technology" in accordance with company principles and guidance.
The FBI should provide details on why it continues to “abuse” warrantless surveillance authority under Foreign Intelligence Surveillance Act Section 702, House Judiciary Committee ranking member Jim Jordan, R-Ohio, and Rep. Andy Biggs, R-Ariz., wrote the agency Tuesday. They cited a recently declassified Foreign Intelligence Surveillance Court memorandum opinion from November 2020 “detailing the FBI’s ‘apparent widespread violations.’” Jordan and Biggs demanded detailed accounts about every instance since December 2019 the agency used Section 702 powers “for purposes unrelated to national security.” They asked for how the agency is responding to the opinion. The bureau confirmed receipt of the letter.
As the FCC considers tougher secure telephone identity revisited (Stir) and signature-based handling of asserted information using tokens (Shaken) rules (see 2104290082), major carriers said they’re protecting customers from unwanted calls, in filings mostly posted Monday in docket 17-59. Banking and other groups warned that rules should ensure calls customers want still get through, in response to the Governmental Affairs Bureau request for input for its second call blocking report. "Customers are harmed when their banks’ outbound calling numbers are mislabeled, or calls from those numbers are blocked, because they may not receive lawful calls affecting their financial health,” the American Banking Association said: “It is critical for customers that these calls be completed without delay.” Incompas heard reports that call blocking is being used “on a more regular basis to block or divert legitimate traffic,” and said it “repeatedly raised concerns that call blocking could be used to erect barriers to competition and discriminate against competitive providers and their legitimate use cases.” Industry is “making great progress protecting consumers from unwanted robocalls” but “robocallers continuously deploy new tactics,” Verizon said: The company is seeing “a concerning increase in a new ‘dual seizure’ technique that bad actors use to efficiently insert millions of messages daily into nonconsenting consumers’ voice mailboxes without the calls ever causing the consumers’ devices to ring.” T-Mobile had a drop in robocalls a year ago, possibly because the pandemic closed some call centers. “Once calls resumed, new scams targeting subscribers purporting to relate to COVID-19 testing, vaccinations, unemployment insurance and stimulus checks arose,” T-Mobile said, noting its call blocking tools help. FCC efforts “have empowered AT&T to better protect its network and customers from illegal and unwanted robocalls,” the company said: “AT&T blocks illegal robocalls consistent with the Commission’s orders and has integrated the STIR/SHAKEN verification results into its call blocking analysis.” NCTA noted major cable operators adopted Stir/Shaken. “Policy advancements, industry investments in call authentication, blocking and labeling, and traceback, and aggressive law enforcement collectively are impacting the landscape,” said USTelecom: “No single initiative alone will solve the problem of illegal and unwanted robocalls, but each step makes an incremental difference.”
Carrier call blocking can pose challenges to smaller credit unions “that lack the resources to track down calling data or to hire third parties to help mitigate blocking of their legitimate calls,” the Credit Union National Association told the FCC in docket 17-59. Comments were due Friday on the second staff report on call blocking (see 2104130047. Call-blocking tools are “important components of our products and continue to provide millions of consumers with effective call authentication and blocking tools" free, Google said: They "have been available at least since 2019 and do not require use of third-party applications.” Cable operators have “invested substantial time and resources into developing and implementing call blocking solutions,” NCTA said.