The private sector must be just as involved as the U.S. government in improving cybersecurity -- particularly when it comes to economic cyberespionage and intellectual property theft, said former Secretary of Homeland Security Michael Chertoff Thursday. Chertoff is now of counsel at Covington & Burling and chairman of the Chertoff Group, which consults with companies on cybersecurity issues. Industry actors can no longer consider increasing their cybersecurity protections a “luxury” -- it’s now a necessary protection of economic growth and profitability, he said at a Covington & Burling-George Washington University Cybersecurity Initiative event. Cybertheft has become the “preferred pathway” for entities to steal intellectual property -- and it’s the most visible cyberthreat the U.S. faces, Chertoff said. Recent studies have confirmed the Obama administration’s position that the pace of economic cyberespionage and intellectual property theft are accelerating, Chertoff said. He said the Commission on the Theft of American Intellectual Property (IP Commission) and others have estimated the theft of U.S. intellectual property is worth up to $300 billion annually.

More objections were raised to a company’s first-of-its-kind parental verification service proposal that would fall under an FTC safe-harbor provision of the Children’s Online Privacy Protection Act rule. Three companies participating in COPPA safe-harbor programs said in separate comments that AssertID’s proposal uses an untested way of verifying the identity of a parent of a child under 13 seeking to register with a website or mobile app. The comments were posted on the agency’s website under file No. P135415 after the comment period ended Friday (http://1.usa.gov/1fcZett). Two privacy groups had also objected to the plan (CD Sept 24 p11). The companies said AssertID’s proposal to check a parent’s social network on Facebook to confirm the parent’s identity covers uncharted territory. An executive at AssertID had no response, and had said the privacy groups’ concerns weren’t based on accurate information. “Given the untested nature of the ConsentID method in practice” and “the secret nature of the formula it employs, much more detailed commentary on the validity or efficacy of the method is effectively precluded,” said Aristotle, one of five FTC-approved safe harbor providers (http://1.usa.gov/16rk8BC). “AssertID has not adequately explained how using Facebook friends can stand in for verification.” Privacy Vaults Online said social verification is a “just developing” area, and the U.S. and EU nations are debating what it is. The FTC shouldn’t “tie its decision to a proprietary method,” said the COPPA safe-harbor provider (http://1.usa.gov/18qcOlQ). The agency and National Strategy for Trusted Identities in Cyberspace “may be called upon to define exactly what social verification is and establish the parameters within which it must operate to meet the NSTIC Guiding Principles and be accepted among the United States’ global trading partners,” said Privacy Vaults. “Choosing a proprietary method at this early stage risks preempting this much larger policy discussion that is taking place on the global stage.” Veratad Technologies doesn’t think AssertID reasonably calculated its primary method, said that online age and verification provider (http://1.usa.gov/1bGxz1M). “This approach to verification is entirely reliant on self-reporting, and may be colloquially described as the ‘I am who I say I am because I said so’ approach."

More objections were raised to a company’s first-of-its-kind parental verification service proposal that would fall under an FTC safe-harbor provision of the Children’s Online Privacy Protection Act rule. Three companies participating in COPPA safe-harbor programs said in separate comments that AssertID’s proposal uses an untested way of verifying the identity of a parent of a child under 13 seeking to register with a website or mobile app. The comments were posted on the agency’s website under file No. P135415 after the comment period ended Friday (http://1.usa.gov/1fcZett). Two privacy groups had also objected to the plan (WID Sept 24 p6). The companies said AssertID’s proposal to check a parent’s social network on Facebook to confirm the parent’s identity covers uncharted territory. An executive at AssertID had no response, and had said the privacy groups’ concerns weren’t based on accurate information. “Given the untested nature of the ConsentID method in practice” and “the secret nature of the formula it employs, much more detailed commentary on the validity or efficacy of the method is effectively precluded,” said Aristotle, one of five FTC-approved safe harbor providers (http://1.usa.gov/16rk8BC). “AssertID has not adequately explained how using Facebook friends can stand in for verification.” Privacy Vaults Online said social verification is a “just developing” area, and the U.S. and EU nations are debating what it is. The FTC shouldn’t “tie its decision to a proprietary method,” said the COPPA safe-harbor provider (http://1.usa.gov/18qcOlQ). The agency and National Strategy for Trusted Identities in Cyberspace “may be called upon to define exactly what social verification is and establish the parameters within which it must operate to meet the NSTIC Guiding Principles and be accepted among the United States’ global trading partners,” said Privacy Vaults. “Choosing a proprietary method at this early stage risks preempting this much larger policy discussion that is taking place on the global stage.” Veratad Technologies doesn’t think AssertID reasonably calculated its primary method, said that online age and verification provider (http://1.usa.gov/1bGxz1M). “This approach to verification is entirely reliant on self-reporting, and may be colloquially described as the ‘I am who I say I am because I said so’ approach."

FCC Commissioner Ajit Pai will vote against an NPRM seeking comment on eliminating the UHF discount on TV station ownership at the commission’s open meeting Thursday, a spokesman for his office told us. The item will likely still be approved on the strength of votes from Commissioner Jessica Rosenworcel and acting Chairwoman Mignon Clyburn, said an FCC official. Neither commissioner’s office commented.

The FCC is set up to take up at its Thursday open meeting proposed rules requiring wireless carriers to make public a list of towers that are taken out of service during emergencies, though the item could still be pulled from the agenda. The NPRM was first circulated this summer, with CTIA asking instead that the commission issue a notice of inquiry preliminary to proposing rules (CD Aug 1 p2). The NPRM from the Public Safety Bureau is separate from the commission’s pending follow-up order on superstorm Sandy-related 911 call center outages. Consumers Union originally requested that the FCC require carriers to publish tower outage data.

Sen. Ted Cruz, R-Texas, continued an hours-long speech on the Senate floor on Sept. 25 in support of a House-passed continuing resolution (CR) that would strip the Affordable Care Act of funding, while leading Senate Democrats criticized the move as fueling economic peril. The Republican-majority House passed on Sept. 10 a CR that would provide government appropriations through Dec. 15 (see 13092031). Senate Majority Leader Harry Reid, D-Nev., encouraged Congress to pass a continuing resolution (CR) that retains health care appropriations before the Fiscal Year 2014 outset on Oct. 1, saying a government shutdown would cost the economy $30 billion a week (here). The Senate may vote on a CR in the coming days that must be sent back to the House for passage before Oct. 1 in order to avoid government shutdown.

ORLANDO, Fla. -- Cyberattacks are increasingly being directed at specific individuals, security experts said at the CompTel convention on Tuesday. Individuals with specific access rights -- such as network operation center technicians with privileges to configure the network -- “are probably our most active target,” said Level 3 Chief Technology Officer Jack Waters. “They don’t attack our salespeople, they attack our technical folks.”

ORLANDO -- Cyberattacks are increasingly being directed at specific individuals, security experts said at the CompTel convention on Tuesday. Individuals with specific access rights -- such as network operation center technicians with privileges to configure the network -- “are probably our most active target,” said Level 3 Chief Technology Officer Jack Waters. “They don’t attack our salespeople, they attack our technical folks.”

The FCC sought comment on an issue raised by Verizon related to the company’s buy of the 45 percent of Verizon Wireless owned by Vodafone. Verizon asked the commission to issue a declaratory ruling “it would not serve the public interest to prohibit a widely dispersed body of shareholders from holding aggregate foreign ownership in Verizon in excess of the 25 percent benchmark in section 310(b)(4)” of the Communications Act. Verizon said the agreement with Vodafone includes Verizon shares being distributed to the U.K.-based company’s shareholders, the public notice said. “Verizon explains that the share distribution may increase the aggregate percentage of Verizon shares held by non-U.S. investors from the current approximately 8.24 percent to an estimated aggregate 24.3-25.3 percent,” the notice said (http://bit.ly/1aZH7SP). “Verizon states that, because it is publicly traded and widely held, the percentage of foreign ownership will necessarily vary somewhat over time as shares are traded on the open market.” Comments are due Oct. 18, replies Nov. 1.

The U.S. export business community currently sells more goods overseas than throughout history partially because of stabilized health care costs produced by the Affordable Care Act, President Barack Obama said on Sept. 19 during a ceremony to appoint seven new members to the administration’s Export Council (see 13091915). Obama also urged lawmakers to pass Trade Promotion Authority legislation.