The FTC extended the deadline for its decision on the proposed verifiable parental consent method that Riyo submitted for approval under the Children’s Online Privacy Protection Rule (see 1508040025), an agency news release said Friday. The new deadline is Nov. 18, it said. The extension was made at the company’s request, and commissioners unanimously agreed, it said.

“After a second review of the European Court of Justice's (ECJ) judgment (see 1510060001), it will be very hard to come up with a solution that addresses all problems identified by the Court, given the U.S. position,” said Max Schrems, whose questions about the U.S. government’s access to his Facebook data prompted a review of safe harbor, in a post for the International Association of Privacy Professionals’ Privacy Perspectives blog Thursday. “While all issues brought up by the ECJ could be solved in theory, the U.S. government will very likely not be able or willing to limit surveillance laws to an extent that they comply with all requirements of the Charter of Fundamental Rights (CFR) in respect to the right to privacy,” Schrems said. “The attempt to enact a Judicial Redress Act and the proposed 'Umbrella Agreement' show that the two sides can only reach agreement for very limited safeguards, that are far from what the ECJ now requires.” A new agreement will have to include much stricter restrictions on businesses, Schrems said. U.S. businesses that comply with surveillance by U.S. authorities like the Prism program, which according to documents shared by former NSA contractor Edward Snowden include AOL, Apple, Facebook, Google, Microsoft and Yahoo, “may require serious reorganization,” Schrems said.

President Barack Obama and Pakistani Prime Minister Nawaz Sharif “affirmed that international cooperation is essential to make cyberspace secure and stable,” the White House said Thursday. “Both leaders endorsed the consensus report of the 2015 UN Group of Governmental Experts in the Field of Information and Telecommunications in the Context of International Security.” Obama and Sharif also pledged to continue to engage and discuss on cyber issues as part of the U.S.-Pakistan Strategic Dialogue, it said.

Apple released several security updates to address critical vulnerabilities in multiple Apple products, a U.S. Computer Emergency Readiness Team alert said Wednesday. Updates are available for, among others, iTunes 12.3.1 for Windows 7 and later, Apple Watch, Apple Watch Sport, Apple Watch Hermes, iPhones 4s and later, iPod touch 5th generation and later, and iPad 2 and later, the alert said. Exploitation of the vulnerabilities may allow a remote attacker to take control of an affected system, it said.

The FTC and National Credit Union Administration will host a live Twitter chat to discuss cybersecurity tips and ways to protect information Thursday at 11 a.m., said FTC Consumer and Business Education Counsel Carol Kando-Pineda in a blog post Tuesday. “Join the conversation at #NCUAChat,” or submit questions beforehand to socialmedia@ncua.gov, Kando-Pineda said.

Operators of an alleged tech support scam agreed to settle allegations that they tricked consumers into paying millions of dollars for technical support services they didn't need and for software that was otherwise free, the FTC said in a news release Tuesday. The FTC filed suit against Pairsys and its owners, Tiya Bhattacharya and Uttam Saha. It alleged they cold-called consumers pretending to be representatives of Facebook or Microsoft, bought deceptive online advertisements that led consumers to believe they were a legitimate technical support company, and engaged in high-pressure sales pitches to consumers to give the company remote access to their computers allegedly to repair dangerous malware and viruses last year, the release said. “The scammers would then pressure consumers into paying for computer security or technical support services, usually at a cost of $149 to $249, though in some cases the defendants charged as much as $600.” Under the settlement, Bhattacharya and Saha “are required to turn over multiple real estate properties as well as the contents of numerous bank accounts, and to give up the leases on two luxury cars,” and are banned from selling any technical support services to consumers, participating in telemarketing, misrepresenting goods or services to consumers, and from collecting money for any technical support services, the release said. The commission vote approving the stipulated order was 5-0, it said. The order was filed in and entered by the U.S. District Court for the Northern District of New York.

FTC Consumer Protection Bureau Director Jessica Rich will speak at the agency’s Oct. 30 workshop on online lead generation, a commission news release said Monday. “Lead generators identify or cultivate consumer interest in a product or service, and sell the consumer ‘lead’ information to third parties.” The workshop will feature presentations and panels with industry representatives, consumer groups, law enforcement agencies and others on the consumer protection issues raised by the lead generation industry, it said. The workshop begins at 8:30 a.m. in the Constitution Center Auditorium in Washington, it said. A full list of panelists and an agenda is on the FTC website.

Internet marketplace platforms like Airbnb and eBay don’t need their own special regulations to address concerns such as competition, privacy and employment opportunities, said an Information Technology and Innovation Foundation report, an ITIF news release said Monday. “Regulators already have the authority to address these and other possible harms,” the release said. “Where we once had town-square bazaars and village matchmakers we now have Internet platforms like Etsy and Tinder,” said ITIF Senior Fellow Joseph Kennedy, who wrote the report. “Online marketplaces are growing quickly because the Internet reduces costs, scales easily, and is available anywhere, any time,” ITIF said. “It is important for policymakers to recognize that some Internet platforms have significant market share only because by doing so they maximize value for consumers,” the release said. “Are we better off with three different ‘Facebooks’ or ‘Twitters’ or just one? Clearly in these cases one large network is better than three smaller ones,” said ITIF President Robert Atkinson. “When looking at antitrust issues, market share has traditionally been the most important indicator of abuse,” Atkinson said. “But for Internet platforms, we can no longer use this old lens. Larger market share is usually a reflection of superior total economic and consumer value for networks.” ITIF said Internet platforms pose no bigger privacy risk than traditional platforms and “there is no need for special privacy policies applying just to platforms.”

The Electronic Frontier Foundation will urge the 9th U.S. Circuit Court of Appeals to order the U.S. government to disclose information about its role in facilitating exports of American-made surveillance tools to foreign nations, during a hearing Wednesday at 12:45 p.m. PDT at Stanford Law School, an EFF news release said Monday. The hearing is part of a Freedom of Information Act lawsuit against the Commerce Department, “which denied a request seeking disclosure of export applications for surveillance technologies,” the release said. The Commerce Department has argued it could withhold the documents, citing a 1979 law that expired in 2001, EFF said. A federal judge agreed with EFF in July 2013 and ordered the records be disclosed, but the government appealed the decision, it said. During Wednesday’s hearing, EFF Staff Attorney Mark Rumold will argue that dead laws can’t be used to keep information from the public, the release said.

Mozilla released Firefox 41.0.2 to address a security vulnerability that may allow a remote attacker to obtain sensitive information from an affected system, said a Thursday alert from the U.S. Computer Emergency Readiness Team. US-CERT also issued an alert Thursday saying Apple released security updates for Keynote, Pages and Numbers for OS and for iOS to address multiple vulnerabilities that may allow a remote attacker to take control of an affected system.