The U.N.’s work in 2015 on the 10-year review of implementation of the World Summit on the Information Society (WSIS) and the Millennium Development Goals (MDG) must include “all stakeholders at the table,” said the Computer & Communications Industry Association, the Information Technology Industry Council, the Software & Information Industry Association and seven other Internet industry groups Monday. The U.N. should align the two reviews “to ensure that the WSIS goals and accompanying measurable targets are fully connected to the outcomes of the MDG review process,” the groups said in a joint letter to the Finish and Tunisian ambassadors to the U.N. The two ambassadors are leading consultations on how to organize the WSIS review. The U.N. should pursue “concrete, measurable targets” for the WSIS review and a “bottom-up-driven review process” that encourages multistakeholder participation, they said (http://bit.ly/1fnHfk0).

Attorney General Eric Holder urged Congress to pass legislation that would create “a strong, national standard” that would require companies to alert consumers when a data breach may have compromised their information. National requirements on data breach notification would aid ongoing law enforcement efforts and “would empower the American people to protect themselves” if they are at a heightened risk of identity theft, Holder said Monday in a video posted on the Justice Department’s website. The law should include an exemption for “harmless” data breaches to “avoid placing unnecessary burdens” on responsible businesses, Holder said (1.usa.gov/1fyydPq). In the wake of recent breaches at Michaels, Neiman Marcus and Target which exposed consumers’ information, Congress has been exploring legislation that would institute rules for data breach customer notification. Bills under consideration include the Personal Data Privacy and Security Act (S-1897), the Data Security Act (S-1927) and the Data Security and Breach Notification Act (S-1976). Senate Commerce Committee Chairman Jay Rockefeller, D-W.Va., said in a statement that S-1976, which he introduced in late January, “would create this strong standard for notification when consumers’ personal information has been compromised. I know my colleagues understand how important it is to act urgently on data security legislation and I hope they work with me to pass this bill.” House Judiciary Committee Chairman Bob Goodlatte, R-Va., said in a statement that he welcomes Holder “to the discussion on how to address this growing problem.” House Judiciary has been studying its own data breach proposals and has been collecting input through hearings and other consultations that analyze the issue “from various perspectives,” Goodlatte said. House Commerce Trade Subcommittee Chairman Lee Terry, R-Neb., said in a statement that Holder should concentrate on prosecuting “hacktivists,” saying “Congress does the hard work of drafting legislation through the committee process and not the Administration through weekly addresses on You Tube.” Terry said he has been calling for a federal data breach notification standard for months and plans to explore the issue again during a subcommittee hearing on the FTC set for Friday.

The European Commission announced a list of cloud security certification schemes. One obstacle to uptake of cloud computing is worry about the security of systems in the cloud, Digital Agenda Commissioner Neelie Kroes wrote on her blog Monday (bit.ly/eadjGs). Although cloud computing can make systems safer, there are still valid questions about whether data will stay confidential and available and maintain their integrity, she said. Many of the concerns can be resolved by proper certification mechanisms that are transparent and customer-centered, she said. Such systems can’t offer a 100-percent guarantee, but do provide a framework to assess and mitigate risks. There are certification services on the market for network and information security, and some are relevant to the cloud, Kroes said. As part of its cloud strategy, the EC worked with the European Network and Information Security Agency (ENISA) and industry to learn how existing certification systems could help potential cloud users decide how secure different solutions are, she said. There are now several certification schemes for the cloud (bit.ly/1hKhEn5), all vetted by ENISA, Kroes said. This is just the first step and more certification systems will be added, she said.

Strict enforcement of existing European data protection laws is crucial for restoring trust between the EU and U.S., said European Data Protection Supervisor (EDPS) Peter Hustinx Friday. His opinion (bit.ly/1jjAj6w) responded to European Commission statements on rebuilding trust in EU-U.S. data flows and on the functioning of the safe harbor agreement that allows European companies to send personal data to the U.S. In addition, the EDPS said, reformed EU data protection rules should require clarity and consistency in addressing issues such as prerequisites for data transfers, processing of personal information for law enforcement purposes and conflicts of international law. He urged quick progress to thwart attempts by political and economic interests to narrow fundamental privacy rights. Hustinx stressed that massive monitoring of communications violates EU data protection and fundamental rights measures. Any exceptions to those rights for national security purposes should only be permitted if they are strictly necessary, proportionate and in line with European case law, he said. In addition to existing legislation, stronger laws and agreements are needed in the future to restore confidence that has been seriously undermined by various snooping scandals, he said. Other recommendations included: (1) Tighter deadlines for review of safe harbor and followup if any deficiencies remain. (2) Ensuring that current talks on an EU-U.S. “umbrella” agreement for law enforcement cooperation don’t legitimize massive data transfers but comply with existing rules. (3) Working toward more interoperability of national legal privacy frameworks. (4) EC-lead education initiatives on the security of data processed on the Internet in EU institutions and relevant bodies in member countries.

In the last month, more than 500 members have joined the International M2M Council, a recently-formed trade group for Internet of Things companies, said IMC in a Thursday news release (http://on.mktw.net/1eYm6Xp). Individuals from FedEx, Hyundai, Siemens Healthcare, Tata Group and the Defense Department are part of that recent group, IMC said. “There has been a leadership vacuum on a global level,” said IMC Executive Director Keith Kreisher. “Companies looking to deploy IoT business models are hungry for information -- how much will it cost and what are the risks?” IMC plans to also release a new “content library,” with case studies emphasizing the return on investment for deploying IoT technology, IMC said. AT&T and Iridium are among companies IMC has previously said have joined (CD Oct 16 p16).

Business practices for data security, protecting children and mobile apps were some of the issues updated in the Direct Marketing Association’s 2014 version of its Guidelines for Ethical Business Practices, released Tuesday (http://bit.ly/1cmobQa). The trade association said its new guidelines will take effect in July. DMA Senior Vice President-Compliance Services and General Counsel Senny Boone said in a release: “DMA believes self-regulation is the most effective tool to stave off unnecessary regulation and to keep innovative marketing moving forward to provide relevant, customer-centric marketing for consumers and ensure consumers have choices about their marketing.” DMA has opposed data broker legislation (CD Dec 20 p6). Most recently, the group objected to the Data Act from Senate Commerce Committee Chairman Jay Rockefeller, D-W.Va., and Sen. Ed Markey, D-Mass., which would require that data brokers give consumers access to information collected about them, with the opportunity to correct the data or opt out of collection altogether (http://bit.ly/1fvYzxN).

Websites exclusively posting pirated movies, music and TV programs made nearly a quarter of a billion dollars last year from advertising, said a Digital Citizens Alliance (DCA) report (http://bit.ly/1f9EnXH). The report looked at 596 “content theft sites” profiting “exclusively from advertising dollars by pushing stolen” materials, such as isohunt.com, filestube.com, allmyvideos.net and 4shared.com, said a release from DCA, which describes itself as a “consumer-oriented coalition” aiming to educate the public and policy makers on the online sale of drugs, the digital pirating of creative content and the existence of online scams. Various industries -- health, pharmaceutical and creative -- financially back DCA, but a DCA spokesman told us the list of companies was private. The organization’s report said the 30 largest content theft sites averaged $4.4 million in 2013 profit, with profit margins of 80 to 94 percent. Thirty percent of the large sites carried ads from “premium” brands such as Google, Microsoft, Lego, Whole Foods and Zappos, the report said. “Ad profits are the tip of the iceberg,” said DCA Executive Director Tom Galvin, who also founded 463 Communications, a public relations company that has worked with companies like Skype and Facebook, in the release. “These ad-supported rip-off websites are just a small sample of the sites that are profiting from theft, and with the Internet population growing so quickly we need to address this problem immediately.” DCA commissioned MediaLink, a marketing and advertising advisory firm, to help with the study, which looked at Q3 2013 as the basis for its yearlong profit projections.

Facebook’s launch of video ads is “imminent,” David Lawenda, head-U.S. global marketing solutions, told the Digital Entertainment World conference here in Los Angeles Tuesday. The company has been testing the “premium” video service, in which ads will play automatically as soon as they appear on screen in user news feeds, but without audio unless users opt to hear it. Facebook takes “user sentiment very seriously,” so it wanted to gauge member reactions ahead of the launch, said Lawenda. The company completed the second of three rounds of tests of video ads for the coming Summit Entertainment movie Divergent and, “so far, the results are very positive,” he said. Mobile engagement among Facebook users is “off the charts,” he said. Fifty percent of Facebook revenue is coming from mobile now, he said, predicting mobile adoption among users will continue at a “rapid” pace. International growth is “extremely important” for CBS Interactive, CEO Jim Lanzone said in another panel at the conference. The company has about 250 million users of its content in China alone, he said, calling international a “huge area of growth” for his company. There is, meanwhile, so much digital content available industrywide that viewers don’t have the time to view it all, he said. Viewers must narrow their viewing down to content they need to view and content that’s “super high quality,” making it crucial for companies to produce the highest-quality content possible, he said. Similarly, “you really have to” create an online service that’s “phenomenal” to gain any traction today, said Zander Lurie, executive vice president at Guggenheim Digital Media. CBS Interactive is monetizing online content at the same rate as TV content, Lanzone also said. But it’s important to make sure that it’s measured accurately, he said. The second DEW conference will be Feb. 10-12, 2015, said Mary Dolaher, CEO of IDG World Expo, which organized the conference with Digital Media Wire.

It will be “a while” before all 4K standards, aside from TVs, are finalized, Roy Stewart, vice president-Digital Media Services at Technicolor, predicted Tuesday at the first Digital Entertainment World conference in Los Angeles. As examples, there are still no standards for 4K movies on optical disc or broadcast TV. Technicolor and other technology companies, meanwhile, are under a tremendous amount of pressure to keep costs down, said Stewart. When it comes to multiplatform content in general, markets outside the U.S. face an especially large challenge because international technology standards are more “diverse” than in the U.S., he said. Hurdles for starting a video-streaming distribution business are getting “higher and higher,” said Seung Bak, co-founder and co-CEO of online international TV content distributor DramaFever, on the same panel. Companies must make content available digitally as soon as possible now to prevent consumers from having to find illegal methods of accessing that content, he said.

In setting speed targets for broadband connections to schools and libraries, the FCC should ensure that its goals are not “quickly outdated,” ISP Sunesys told officials from the Wireline Bureau and the Office of Strategic Planning Monday, an ex parte filing said (http://bit.ly/1aVSFu0). “In approximately five years 100 Mbps may be viewed as 56 kbps is today,” Sunesys said, saying it already delivers at least 1 Gbps to every school district or library it connects to, and some of its customers are already requesting 10 Gbps. Sunesys discussed the “future-proof benefits of fiber,” and recommended the FCC allow five-year contracts under the E-rate program, as well as encourage consortium applications for high-speed broadband.