Litigation and regulation surrounding privacy and cybersecurity is continuously developing, both within the government and the private sector. This digest summarizes the most notable events in privacy and cybersecurity this week.
EPIC asks FTC and Attorney General to Deal with Always-On Devices
The Electronic Privacy Information Center, a D.C.-based privacy group, sent a letter to Attorney General Loretta Lynch and Federal Trade Commission (FTC) Chairwoman Edith Ramirez. The letter recommends an industry-wide investigation and educational outreach program regarding the audiovisual recording of devices that by nature are “always-on” in order to provide on-demand security surveillance and voice-activated controls among other things.
Auto Alliance Announces ISAC for the Automotive Sector
The Auto Alliance, whose members include BMW, Fiat Chrysler, Ford, GM, Mazda, Mercedes-Benz, Toyota, Volkswagen, and Volvo announced the launch of an Information Sharing and Analysis Center (ISAC) to serve as a centralized repository and data sharing center for cybersecurity intelligence and analysis. The companies intend to share cyber threat information and vulnerabilities in order to reduce risk for all members of the Alliance and their customers.
W3C Do-Not-Track Proposal Published for Comment
The World Wide Web Consortium (W3C) published tentative do-not-track standards for comment. The standards, which were four years in the making, call for ad networks to honor the “do-not-track” requests of internet users who do not wish to have their data collected for online advertising purposes. The standards would apply to cross-site tracking, retargeting, and interest-based advertising. The group will accept comments on the proposed standards over the next three months.
NTIA Schedules Unmanned Aircraft Best Practice Multistakeholder Meetings
The U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) announced the meeting schedule for the multistakeholder process to address privacy, transparency, and accountability issues associated with commercial and private use of unmanned aircraft systems. The meetings will be held on August 3, September 24, October 21, and November 20, 2015.
New German Critical Infrastructure Cybersecurity Law
Essential service providers in Germany have two years to comply with a new cybersecurity law or face stiff fines. The new law pushes critical infrastructure companies to implement minimum security practices, achieve certification to cybersecurity standards, and receive clearance from the Federal Office for Information Security (BSI).