The Internet of Things may be in its infancy, but the U.S. government has been gearing up to determine what the proper federal role should be, both for encouraging and for regulating the use of IoT technology. Two recent developments have underscored the government's interest in IoT. On the regulatory front, the CPSC has launched an initiative to determine a framework for regulation.

The House Committee on Energy and Commerce has written Alphabet CEO Larry Page and Apple CEO Tim Cook demanding information on their companies' practices with regard to third-party access, audio and location data collection. "This is a huge issue," said Consumer Watchdog's John Simpson. "People are becoming aware of how much data about them is being sucked up by their smartphones."

Facebook and Google have manipulated users into sharing data using so-called "dark patterns," according to a report from the Norwegian Consumer Council. The practices nudged users toward accepting privacy options that favored the tech companies rather than themselves, the NCC found. Facebook and Google have no intention of providing users with an actual choice, the NCC has claimed.

The healthcare industry has been moving toward medical equipment connectivity to speed up data entry and recording, as well as improve data accuracy. At the same time, there has been a shift toward incorporating consumer mobile devices, including wearables. "The demand for connected devices has increased rapidly in recent years," noted Leon Lerman, CEO of Cynerio.

The expanding world of Internet commerce likely will generate a corresponding expansion of data breaches, resulting in more e-commerce businesses becoming the targets of consumer class action lawsuits. Breach litigation has become more prevalent as a result of a perceptible legal trend favoring consumers. Courts have tended to allow lawsuits based on a lower threshold for establishing injury.

Health services vendors have been partnering with various organizations to gain a foothold in the cloud and to test out their solutions. One of the cloud's major selling points is security -- but it is not as safe as it's made out to be. Google Cloud "recently announced a significant expansion in HIPAA compliance across our portfolio of cloud products," noted Google Cloud's Joe Corkery.

"It's only a few times in the history of the U.S. and in specific domains do you have the opportunity to make decisions and have a lasting effect on that domain," said Circadence VP Keenan Skelly. "In terms of information cybersecurity, we're right in the middle of it right now. We're just figuring out what global norms should be."

A flaw in certain electronic hotel door locks could allow hackers to access guest rooms and other secure locations at millions of properties around the world, F-Secure researchers have discovered. Software updates were issued to fix the flaw in the smart locks after F-Secure notified and worked with the manufacturer over the past year. The researchers had found a way to make a master key.

Mobile device makers and telecom service providers need to make significant privacy protection improvements for their customers, says the FTC. Its recent report could become the basis for agency enforcement actions -- not only for smartphones, but also for other mobile devices. "The report is a clear signal to the industry to focus on this issue," said Gerard Stegmaier, a partner at Reed Smith.

Google has said it will stop serving ads for cryptocurrencies and related content in June. The ban includes, but is not limited to, initial coin offerings, cryptocurrency exchanges, cryptocurrency wallets and cryptocurrency trading advice. Google also will bar aggregators and affiliates from serving ads for cryptocurrencies and related content. Facebook adopted a similar policy earlier this year.

Americans have been targeted on social media by Russian agents on a mission to harvest personal information. The agents pretended to work for organizations promoting African-American businesses as a ruse to obtain personal information from black business owners during the 2016 presidential election campaign. Using names like "BlackMattersUS," the agents set up hundreds of social media accounts.

Amazon has agreed to buy Ring for $1 billion, the companies have disclosed. Ring users already could use the Echo Show to see and hear visitors at the front door. The deal means Ring can further its "mission to reduce crime in neighborhoods by providing effective yet affordable home security tools to our neighbors that make a positive impact on our homes, our communities and the world," Ring said.

The Walt Disney Company's recent decision to purchase major assets of 21st Century Fox in a transaction valued at $52 billion underscores the huge potential for distributing information and entertainment via the Internet. The deal will allow the company to improve its direct-to-consumer offerings, Disney said when it disclosed the transaction early last month.

Given how many big names have fallen over the last few weeks due to sexual misconduct, abuse and harassment, you'd think I'd name 2017 as the year of power abuse. However, while I know a lot of folks think the issue is dying down, I don't see that at all. There are entire industries that have yet to be hit by this, and Congress hasn't even finished cleaning house or putting in place rules to prevent this activity.

ExpressVPN on Tuesday launched a suite of open source tools that let users test for vulnerabilities that can compromise privacy and security in virtual private networks. Released under an open source MIT License, they are the first-ever public tools to allow automated testing for leaks on VPNs, the company said. The tools are written primarily in Python, and available for download on Github.

A popular technique used by website operators to observe the keystrokes, mouse movements and scrolling behavior of visitors on Web pages is fraught with risk. The technique offered by a number of service providers uses scripts to capture the activity of a visitor on a Web page, store it on the provider's servers, and play it back on demand for a website's operators.

If you are like many, when you saw this headline you likely were surprised BlackBerry was still around. As BlackBerry phones left the market, the company fell out of sight. However, behind the scenes it has been moving into industries like automotive. Also, it remains the leading vendor providing mobile security to our politicians, military personnel and major corporations.

Billions of voice-activated IoT devices may be subject to external attack due to BlueBorne vulnerabilities, Armis revealed. Hackers could exploit BlueBorne to mount an airborne attack, using Bluetooth to spread malware and access critical data, including sensitive personal information. More than 20 million Amazon Echo and Google Home smart speakers could have been impacted by the flaws.

Amazon has begun shipping its latest smart home product, a security camera that works with its Alexa personal assistant and Echo speakers. The Amazon Cloud Cam allows customers to live-stream activity inside their home 24/7. It features 1080p full HD resolution, two-way audio for communicating with family members or pets, night vision technology, and sophisticated identification algorithms.

At least 145 million Americans were impacted by a data breach at Equifax that netted thieves personal information such as names, addresses, birthdates, Social Security Numbers and driver's license numbers. That pales in comparison to the earlier Yahoo breaches, which affected more than 1 billion accounts. However, those incidents may be just the tip of a very large iceberg.

A three-pronged banking malware campaign has been infecting Android phones since the beginning of this year, according to Proofpoint. Attackers have been stealing credentials, planting the Marcher banking Trojan on phones, and nicking credit card information. So far, they have targeted customers of BankAustria, Raiffeisen Meine Bank and Sparkasse, but the campaign could spread beyond Vienna.

In a rare move, the U.S. Federal Trade Commission on Thursday confirmed that it has opened an investigation into the data breach at Equifax that compromised the sensitive personal information of 143 million U.S. consumers. The FTC announcement came less than a week after Equifax revealed that an unknown party had gained access to names, addresses, Social Security Numbers and other data belonging to nearly half the U.S. population.

The Apache Software Foundation has responded to accusations that the massive data breach Equifax disclosed last week resulted from a flaw in Apache's open source code. One of the largest financial data breaches in U.S. history, it exposed names, addresses, Social Security Numbers, birth dates, driver's license numbers and other sensitive information belonging to 143 million U.S. consumers.

DoNotPay, an AI-based chatbot app created to help fight parking tickets in the UK, now addresses roughly 1,000 consumer concerns and is available throughout the U.S. as well as across the pond. The app's creator, Stanford student Joshua Browder, announced the expansion last week. Powered by IBM Watson, DoNotPay has about 1,000 bots capable of tackling a variety of legal and service issues.

When one side or the other in a political debate refused to accept a decision, it used to be simply annoying, but lately it has become dangerous to business and to the economy. The current administration's wants "to jettison the Obama administration's net neutrality rules, which were intended to safeguard free expression online," Steve Lohrmarch wrote last week.

Protecting the data in electronic health records did not start with the advent of HIPAA, as many people think. Protecting health records has been a critical requirement in the healthcare space since the computers became a fixture in hospitals. However, HIPAA added public reports of fines issued for covered entities' failure to properly protect data contained within EHRs.

When the Department of Labor issued its fiduciary rule last year, it set financial advisers, insurers and agents into a mad scramble to meet an implementation deadline. The rule elevates all financial professionals who work with retirement plans or provide retirement planning advice to the level of a fiduciary, or someone bound legally and ethically to meet the standards of that status.

The Financial Protection Bureau has come under increasing fire from Republican lawmakers who now have the Trump administration to back their efforts. Long-time critic Rep. Jeb Hensarling, R.-Texas, who chairs the House Financial Services Committee, compared the bureau to a tyranny in a recent interview. Hensarling reportedly is preparing legislation to enact CFPB reforms.

Even though D-Link expressly promised that many of its wireless devices had the highest level of security available, the FTC last month filed a lawsuit that alleges otherwise. The FTC filing includes copies of online marketing materials and technical specifications for D-Link's products, and flatly declares that "thousands of Defendants' routers and cameras have been vulnerable to attacks."

The European Commission on Thursday announced three separate investigations into online pricing and other sales practices that may have breached EU antitrust rules. The EC investigations will assess whether consumers were able to enjoy cross-border choice when it came to buying video games and consumer electronics, and making hotel accommodations online.