Internet-connected toys may spy on children, said consumer and privacy groups in an FTC complaint Monday against Genesis Toys and its voice-recognition vendor partner Nuance Communications. Dolls known as My Friend Cayla and i-Que Intelligent Robot collect and use personal information from children in violation of the Children’s Online Privacy Protection Act and FTC rules prohibiting unfair and deceptive practices, alleged the complaint by the Electronic Privacy Information Center, Consumers Union, Center for Digital Democracy and Campaign for a Commercial-Free Childhood. The companies "unfairly and deceptively collect, use, and disclose audio files of children’s voices without providing adequate notice or obtaining verified parental consent,” the complaint said. Genesis failed to take reasonable security measures to prevent unauthorized Bluetooth connections with the toys, opening the door for strangers to eavesdrop on kids, it said. The toy company didn’t adequately disclose privacy dangers on packaging or in terms of service, the complaint said. The groups filed the complaint as part of a coordinated, trans-Atlantic legal action with groups in Europe, said Campaign for a Commercial-Free Childhood in a Tuesday news release. Nuance hasn't received an inquiry from the FTC or other privacy authority, but when it does, it will respond appropriately, the company said in a blog post Tuesday. "Nuance takes data privacy seriously," it said. "Our policy is that we don’t use or sell voice data for marketing or advertising purposes." After learning about the concerns through media, the company said it "validated that we have adhered to our policy with respect to the voice data collected through the toys referred to in the complaint ... Nuance does not share voice data collected from or on behalf of any of our customers with any of our other customers." Genesis didn’t comment.

The Commission on Enhancing National Cybersecurity is to publicly release a full version Friday of its recommendations to the White House on actions the private and public sectors can take over the next decade to improve cyber defenses and raise cyber awareness, the commission said Thursday. CENC officially delivered its recommendations to President Barack Obama Thursday as directed in the White House's February Cybersecurity National Action Plan (see 1602090068). CENC has “distilled all their findings into a series of recommendations to the new administration across six imperatives,” the commission said in a media advisory. “Each imperative addresses a different aspect of cybersecurity.” Obama is expected to release his response to the recommendations Friday at 2:30 p.m. CENC is to publish the recommendations at 3 p.m. Suggestions are expected to include a continued focus on the use of voluntary cybersecurity standards and instituting incentives to encourage private sector cybersecurity improvements. CENC also considered recommending the White House create a special assistant to the president on cybersecurity issues who would have the same rank as the national security adviser. The commission may recommend the White House set up a public-private “consortium” to advise the president on cybersecurity issues. The body also considered seeking creation of a labeling system for electronic devices along the lines of nutrition labels on packaged foods that would indicate how a particular device complies with cybersecurity standards (see 1611220065).

The Department of Commerce’s Digital Economy Board of Advisors (DEBA), formed about a year ago to encourage growth in the digital economy and promote internet policy (see 1511240034 and 1605160058), scheduled a Dec. 15 public meeting, said a notice in Tuesday's Federal Register. A detailed agenda will be posted before the meeting. DEBA's activities include collecting and analyzing the free flow of information on the internet, including policies that may curb cross-border information flows, providing advice on policy issues like increasing broadband capacity and enhancing cybersecurity and privacy, promoting new technologies and understanding the impact of the internet on job growth and the economy. The 8:30 a.m.-noon meeting will be at 1401 Constitution Ave. NW.

The Broadband Internet Technical Advisory Group has released guidelines and recommendations aimed at helping consumer IoT manufacturers and other providers improve device privacy and security. Tuesday's BITAG report said consumers face threats from any internet-connected device, but the IoT is "unique" because it usually involves nontechnical or uninterested consumers who lack the expertise to evaluate privacy and security for such devices. The report said IoT threats potentially increase with the lack of incentives from manufacturers to develop and deploy software updates after initial product sales, difficulty in providing updates over a network, devices with limited resources and constrained user interfaces, and products that may ship with malware. To address insecure communications, data leaks, malware and service disruption, the group said IoT devices should be shipped with "reasonably" current software and have a way to receive automated and secure software updates. It said devices should use strong authentication and encryption with their configurations tested and hardened. The report recommended a privacy policy be included and easy to find and understand and industry should develop a cybersecurity program with a "Secure IoT Device" logo on retail packaging. Stakeholders, manufacturers and retailers should provide privacy policies, bug reporting systems and secure software programs, and support devices across their lifespans, BITAG said.

Only 42 percent of consumers who responded to an Intel Security survey said they take proper measures to ensure their connected devices’ cybersecurity. Consumers are aware it’s important to secure their devices but 47 percent of respondents indicated they were unsure whether they were taking the correct cybersecurity measures, Intel said Sunday. OnePoll queried 9,800 consumers at Intel’s request for the survey. There's increased interest from Capitol Hill on connected devices’ cybersecurity. Two House Commerce Committee subcommittees sought a potential middle ground last week on addressing IoT cybersecurity in response to last month's distributed denial of service attacks against Dyn (see 1610210056, 1610260067 and 1611160051), which Oracle is now buying (see 1611210047). “Unsurprisingly, connected devices remain high on holiday wish lists this year,” said Intel Security Chief Consumer Security Evangelist Gary Davis in a news release. “What is alarming is that consumers remain unaware of what behaviors pose a security risk when it comes to new devices.” Consumers “are often eager to use their new gadget as soon as they get it and forgo ensuring that their device is properly secured,” Davis said. “Cybercriminals could use this lack of attention as an inroad to gather personal consumer data, exposing consumers to malware or identity theft or even use unsecured devices to launch DDoS attacks as in the recent Dyn attack.”

The IoT, network densification and 5G “will not be economic or practical without the convergence and coexistence of licensed and unlicensed technologies,” the London-based Wireless Broadband Alliance (WBA) said in a Friday report. “Ultimately, success will depend on unlicensed technologies working in conjunction with licensed networks, enabling new performance levels and flexibility for service providers of all kinds.” A survey the group conducted found nearly 80 percent of respondents believe they will deploy next-generation Wi-Fi by 2020, “driven by the need to improve quality of experience (QoE), reduce churn, and provide seamless access between Wi-Fi networks, and between Wi-Fi and licensed networks,” WBA said.

The Department of Homeland Security issued IoT security principles aimed at helping manufacturers and other stakeholders make better decisions about how they develop, build, implement and use such technologies and systems. “The growing dependency on network-connected technologies is outpacing the means to secure them,” said DHS Secretary Jeh Johnson in a Tuesday news release. "Securing the Internet of Things has become a matter of homeland security." The DHS principles emphasize integration of security measures at the design phase, vulnerabilities management, use of tested security practices, prioritization of security measures based on potential disruptions or failures, greater transparency across the IoT ecosystem, and consideration of what should be connected to the internet and what shouldn't. Wednesday, CTA issued an IoT white paper (see 1611160017).

NTIA issued a smart-city toolkit for local officials and citizen groups as a guide for building public-private partnerships. The toolkit includes “what to look for in a partner, assessing each partner's contribution, and guidance on how to structure the most fruitful partnership agreements,” NTIA said in a blog post Wednesday. NTIA said it drew from the agency’s experience on the Broadband Technology Opportunities Program.

President-elect Donald Trump was sent advice from the Information Technology and Innovation Foundation about how his administration can boost competitiveness, innovation and productivity in 2017. ITIF proposed 36 policies that can be achieved via executive authority and legislation in a 14-page open memo to Trump, the group said in a Wednesday news release. President Robert Atkinson said it means going beyond "outdated" economic theories and addressing "quarterly capitalism." He said it proposed "relatively easy, bipartisan steps" that Trump can take. For example, ITIF said Trump should create a digital infrastructure council of federal agency representatives to discuss how artificial intelligence, data analytics and the IoT can improve power grids, roads, water systems and other infrastructure. The group said that the Department of Agriculture's rural broadband support mechanisms should be updated and that access, permitting and leasing of federal land for fiber and wireless network buildouts should be streamlined.

The world will see 550 million 5G subscriptions in 2022, Ericsson reported Tuesday. North America “will lead the way” with a quarter of mobile subscriptions for 5G service, Ericsson said. Asia Pacific “will be the second fastest growing region for 5G subscriptions, with 10 percent of all subscriptions being 5G in 2022,” the report said. The company forecasts that 19 billion connected devices will be in use that year, with 18 billion of those tied to the IoT. "Almost 90 percent of smartphone subscriptions are on 3G and 4G networks today and standardized 5G networks are expected to be available in 2020,” said Ulf Ewaldsson, chief strategy and technology officer. “We are already seeing a great interest among operators in launching pre-standard 5G networks. " He said 5G will accelerate the digital transformation in many industries, enabling new use cases in areas such as IoT, automation, transport and big data. Ericsson also announced it partnered with SK Telecom and BMW on an advanced 5G outdoor mobility trial, including the first multi-vehicular 5G trials. Tests were conducted at a test track in South Korea, Ericsson said in a news release. They showed that 5G supports vehicle-to-vehicle connections that require "low latency and consistent high bi-directional throughput,” Ericsson said. “Today's demonstration of 5G-based connected car technologies marks the very first step towards achieving fully autonomous driving in the upcoming era of 5G,” said SK Telecom Chief Technology Officer Alex Jinsung Choi.