For broadcasters and media companies, EU's general data protection regulation can apply even if they lack EU presence but provide services to people there or who use website cookies and other online tracking means to monitor people there, Wilkinson Barker lawyers blogged Friday. It's unclear if regulators will enforce GDPR against companies largely not serving EU citizens, they said. Getting consent for processing an individual's personal data is only the first step in compliance, and lack of adherence can lead to sizable fines, wrote Emilie de Lozier and two colleagues.

Sixty percent of American teens and parents of teens have heard only “a little” or “nothing at all” about the recent Facebook-Cambridge Analytica privacy breach, said a survey from Common Sense and SurveyMonkey Monday (see 1806060067). About 38 percent of each group said they heard “a lot” about the controversy. The poll was of 19,063 adults and 985 teens online May 5-22. Seventy-seven percent of parents and 69 percent of teens said it’s “extremely important” that social media sites ask for permission before sharing or selling personal data.

U.S. robocalls totaled 4.06 billion in May, up 20 percent from April and the third straight monthly record, YouMail said Thursday. It said Americans received 15.2 billion robocalls in the first five months of 2018, a 27 percent increase from the year-ago period, despite government and industry efforts to crack down. "The barrage of robocallers clearly has consumers not answering their phone for unknown numbers, or using apps to block calls, which in turn is causing the robocallers to call even more to try to get through," said CEO Alex Quilici. "It's sad, but the phone call now appears to be in a slow motion death spiral."

Department of Education Federal Commission on School Safety recommendations for improving student safety must include “appropriate privacy protections,” Future of Privacy Forum Director-Education Privacy Project Amelia Vance told the commission Wednesday. Protecting student privacy and equity is important, she said, with schools deploying devices for social media monitoring, video surveillance with police access and visitor monitoring systems. She noted Florida plans to create a database combining data from social media, law enforcement and social services agencies, and Texas plans to scan and analyze social media data and private messages between individuals and groups.

Facebook should have informed Congress of its data-sharing partnerships with Chinese tech companies when CEO Mark Zuckerberg testified (see 1804100054 and 1804110065) in April, House Commerce Committee leadership said Wednesday. “We strongly encourage full transparency from Facebook and the entire tech community,” said Chairman Greg Walden, R-Ore., and ranking member Frank Pallone, D-N.J., noting the committee is waiting for Facebook responses to written questions from April’s hearing. Facebook didn't comment. Sen. Ed Markey, D-Mass., Wednesday called for a Senate Foreign Relations Committee hearing on the Facebook allegations. Citing reporting from The New York Times, Markey raised concerns about Facebook’s relationship with Huawei, “a telecommunications company with close ties to the Chinese Communist Party” that U.S. intelligence identified as a potential security risk. “Although Facebook officials stated that ‘all the information from these integrations with Huawei was stored on the device, not on Huawei’s servers,’ I have serious concerns about the foreign policy implications of American companies providing such information to Chinese companies,” Markey wrote to Chairman Bob Corker, R-Tenn., and ranking member Bob Menendez, D-N.J.

John Thune, R-S.D., and Bill Nelson, D-Fla., challenged Facebook CEO Mark Zuckerberg Tuesday with questions about the latest privacy breach allegations (see 1806040055). The Senate Commerce Committee chairman and ranking member asked Zuckerberg to revisit his congressional testimony (see 1805150053) and provide information on user data control and Facebook partnerships with mobile device makers. The lawmakers noted Zuckerberg hasn't provided answers to written follow-up questions from April’s hearing. Committee members Ed Markey, D-Mass., and Richard Blumenthal, D-Conn., also wrote the CEO asking about the partnerships and potential violations of company policy and the 2011 FTC consent decree. Markey and Zuckerberg cited the recent report alleging Facebook provided access to users’ personal information to dozens of business partners: “These reports further add to Facebook’s track record of opacity around privacy practices and call into question whether Facebook violated its 2011 consent decree.” The company didn’t comment.

Facebook and data-sharing partners like Apple, Amazon, Microsoft and Samsung should prepare to testify so lawmakers can better understand “the entire data collection ecosystem,” said Rep. Frank Pallone, D-N.J., Monday after a New York Times report that Facebook “reached data-sharing partnerships with at least 60 device makers” over the past decade. “It’s deeply concerning that Facebook continues to withhold critical details,” said the House Commerce Committee ranking member. Facebook Vice President-Product Partnerships Ime Archibong said the partnerships let the platform keep pace with technology and ensure access across devices: “These partners signed agreements that prevented people’s Facebook information from being used for any other purpose than to recreate Facebook-like experiences.” Contrary to the Times narrative, “friends’ information, like photos, was only accessible on devices when people made a decision to share their information with those friends,” Archibong wrote, saying Facebook isn't aware of any abuse by partners. Public Knowledge Policy Counsel Allie Bohm asked that the FTC investigate whether the partnerships violated a consent decree. An FTC spokeswoman declined to comment.

U.S. lawmakers should note EU general data protection regulation flaws and avoid replicating the framework in any new American privacy legislation, Competitive Enterprise Institute Regulatory Counsel Ryan Radia and Research Associate Ryan Khurana said Wednesday. The GDPR threatens innovation, reduces competition and stifles job creation, they argued. Meanwhile, at least 28 groups wrote a letter to U.S. tech and industry leaders -- including Facebook, Google, Amazon, Nestle, Walmart and JPMorgan Chase -- urging American companies to adopt GDPR requirements across their platforms. Center for Digital Democracy, Consumer Watchdog, Electronic Privacy Information Center, Media Alliance and Public Citizen were among signers. “We envision a digital economy that safeguards individual privacy, advances fairness and provides equal opportunity for all,” they wrote. “The unfettered collection and use of personal data threatens this future.”

DOJ’s inspector general should open a new investigation into allegedly false claims the FBI made to Congress on encryption policy (see 1804130035), said New America Open Technology Institute Director Kevin Bankston Tuesday. Citing a Washington Post report, the organization said the FBI “consistently claimed” in 2017 it couldn't unlock 7,775 devices, but it recently admitted the number is closer to 1,200. Bankston asked that the FBI “finally drop its misguided crusade to undermine encryption.” Center for Democracy & Technology Director-Freedom, Security and Technology Project Greg Nojeim called for an IG investigation into the “dangerously exaggerated claim.” BSA|The Software Alliance Senior Director-Policy Tommy Ross said government and tech providers should collaborate to improve “law enforcement’s technical capabilities to access the mountains of digital evidence available to them,” instead of narrowly focusing on encryption. DOJ didn't comment.

Amazon’s new facial recognition system, Rekognition, can be used by law enforcement to violate civil liberties and rights, American Civil Liberties Union representatives blogged Tuesday. They said Rekognition can identify as many as 100 people in a single image in real time, producing data that can be cross referenced on databases of tens of millions of faces. The company “has officially entered the surveillance business,” ACLU said, asking Amazon to stop government entities from using the system. Orlando, Florida, and Oregon’s Washington County Sheriff’s Office are among users, the ACLU said. An Amazon spokeswoman said company policy requires that customers comply with the law, and quality of life would be "much worse" if new technology were outlawed because some abuse it: "Imagine if customers couldn’t buy a computer because it was possible to use that computer for illegal purposes?"