The Irish High Court referred a case against Facebook's use of standard contractual clauses (SCCs) to the European Court of Justice, as expected (see 1702060029). The Irish court said in a Tuesday executive summary of the judgment that the Irish data protection commissioner (DPC) "raised well-founded concerns." Many companies use SCCs to transfer data abroad. Austrian privacy attorney Max Schrems, who challenged adequacy of the safe harbor agreement that led to EU-U.S. Privacy Shield, initially brought a similar complaint against SCCs to the Irish DPC in 2013. In the summary (provided by Schrems), the Irish High Court said the Privacy Shield's U.S. State Department ombudsperson didn't eliminate DPC concerns that SCCs provided inadequate protection. The ECJ must decide, said the Irish court, whether DPC authority to suspend or ban a data transfer to a company in a third country "is sufficient to secure the validity of the SCC Decisions." The judgment said only the ECJ can provide such "uniformity in the application" and "resolve the potential for inconsistent applications." A Facebook spokeswoman said the "ruling will have no immediate impact on the people or businesses who use our services. However it is essential that the [ECJ] now considers the extensive evidence demonstrating the robust protections in place under Standard Contractual Clauses and US law, before it makes any decision that may endanger the transfer of data across the Atlantic and around the globe.” SCCs are essential for thousands of companies, she said. Schrems welcomed the ruling: "Facebook seems to have lost in every argument.” BSA|The Software Alliance and the Electronic Privacy Information Center also commented.

The U.S. Trade Representative office received more than four dozen comments on its investigation into the Chinese government's tech transfer, IP and innovation policies and practices, which many filers said put U.S. companies and others at a disadvantage (see 1708150039). Comments were filed last week. The interagency Section 301 committee plans a 9:30 a.m. hearing Oct. 10 at 400 E St. SW, with post-hearing rebuttal comments due Oct. 20. BSA|The Software Alliance said the Chinese government's IP-related and market access policies and practices prevent foreign businesses from operating there "efficiently, or at all" and fail to protect IP and trade secrets. It said barriers are "particularly acute" in telecom and IT industries such as cloud computing, cross-border data flows, requirements for disclosing a company source code, and enterprise standards. The Telecommunications Industry Association said China's drive to boost its domestic industry is "accompanied by a more concerning attempt to undermine and shrink the role of U.S. and other foreign technology firms." TIA worries more security rules to vet foreign tech may disadvantage U.S. exporters selling to China's markets and could set a precedent for other countries. The Information Technology and Innovation Foundation said Chinese policies: "induce forced" tech and IP transfer across many advanced-technology industries; engage in state-directed foreign direct investment and mergers and acquisition that targets foreign enterprises as part of an effort to move China 'up the value chain' in those sectors; and coordinate cyber-based IP and technology theft. CompTIA said China's aggressive implementation and use of technical standards to support industries like the ICT sector creates major interoperability issues, lack adequate safeguards to protect IP, and are developed without sufficient transparency and participation rights for foreign companies. It wants the USTR to encourage the Chinese government to adapt tech-neutral policies and allow the market to choose technology and standards. China has taken positive steps to amend civil law to make clear trade secrets are subject to civil IP protection, but the American Bar Association Section of IP Law said it's "a significant problem." The ABA said "enforcement measures are inadequate, penalties are weak, bad faith registrations are a problem, and systemic counterfeiting and widespread piracy still needs to be addressed," including stronger copyright protections and damage awards for patent infringement.

A Department of Homeland Security rule that would collect "social media handles, aliases, associated identifiable information, and search results" on immigrants, including permanent residents and naturalized U.S. citizens, would chill free speech, said Center for Democracy & Technology CEO Nuala O'Connor Wednesday. DHS last week published a proposed rule, which takes effect Oct. 18, to expand collection of information on immigrants including social media data. O'Connor, a former DHS chief privacy officer, called the practice an "affront to basic human dignity" of individuals and families who would be subject to "overbroad and overly invasive rules." She said it would have a "chilling effect on online speech" and make it "impossible for immigrants to have pseudonymous internet identities, or to speak online without fear of government retribution." American Civil Liberties Union National Political Director Faiz Shakir said Tuesday DHS' "collect-it-all approach is ineffective to protect national security." A department spokeswoman said Wednesday the rule modifying the current records collection isn't new policy. "DHS, in its law-enforcement and immigration-process capacity, has and continues to monitor publicly available social media to protect the homeland," she said. "In an effort to be transparent, to comply with existing regulations, and due to updates in the electronic immigration system, DHS decided to update its corresponding Privacy Act system of records." The department is complying with administrative requirements of the act, she said.

There's a "marked increase" in organizations indicating their use or intention to use Privacy Shield from last year, blogged International Association of Privacy Professionals Publications Director Sam Pfeifle, summarizing early returns of the global IAPP-EY Privacy Governance Survey of 548 organizations. Last week, the EU and U.S. did an inaugural review of the framework, with a report coming out in October (see 1709210011) that could influence how the agreement may be changed. More than 2,500 organizations are self-certified under Privacy Shield, according to an International Trade Administration-hosted website. Pfeifle said 47 percent of organizations that say they will transfer personal data from the EU will use the trans-Atlantic data sharing framework, up from 34 percent in 2016 (see 1609150023). Sixty-seven percent of companies with fewer than 5,000 employees say they want to use Privacy Shield. Eighty-eight percent will use standard contractual clauses, up from 80 percent last year. Pfeifle noted that mechanism is being challenged in a European court (see 1607060009). He said the report will be released at IAPP's San Diego conference Oct. 16-18.

The International Trade Commission seeks comment by Oct. 20 on a general exclusion order banning imports of mobile device holders infringing patents held by Nite Ize, which requested the underlying Tariff Act Section 337 investigation. The company alleged lesser-known companies with names like Shenzhen Topworld Technology in the U.S. and China import and sell mobile device holders that copy its Steelie line used to hold mobile phones, tablets and other devices in a hands-free orientation, often attached to vehicle dashboards, said ITC in Friday's Federal Register. Shenzhen Topworld didn't comment.

Rob Strayer started work earlier this week as deputy assistant secretary of state-cybersecurity and international communications and information policy, and U.S. coordinator for international communications (CIC) and information policy, as expected (see 1708220059), the Computer & Communications Industry Association and two communications sector lobbyists separately confirmed. Strayer entered the role with foreign policy experience via his previous role as legislative director and general counsel to Senate Foreign Relations Committee Chairman Bob Corker, R-Tenn., and cyber policy experience in a past role as director of the Bipartisan Policy Center’s Homeland Security Project. Strayer's appointment to an expanded DAS role appears to confirm earlier concerns that State's Office of Coordinator for Cyber Issues could be absorbed into another departmental office (see 1708030009), one industry lobbyist said. Strayer's expanded role gives him authority over cyber and international telecom policy issues, but it's unclear whether the cyber issues office was absorbed into the CIC office, a lobbyist said. The White House, State and Corker's office didn't comment. Strayer acknowledged his move to State in a Monday tweet, but didn't disclose his role. Strayer moved to State without any formal White House announcement because President Donald Trump's administration is “still working through” whether to also nominate him at the level of an ambassador, as other presidents have done in naming past CICs, a telecom lobbyist said. The CIC role doesn't require Senate approval but all ambassadors go through the nominations process via Senate Foreign Relations. Nomination of the CIC as a U.S. ambassador can be important since the person in that role often has led the U.S. delegation to ITU conferences, the telecom lobbyist said. Strayer's appointment “is strategically important to ensure the U.S. has a strong voice at the table as key negotiations take place on issues from trade to tech policy, which impact the growth of the fastest growing sector of the U.S. economy at home and abroad,” said CCIA President Ed Black. “Given the importance of his portfolio, we hope that the Deputy Assistant Secretary receives an Ambassadorship to aid him in advocating.”

European Justice Commissioner Vera Jourová "stressed the importance of a robust and trustworthy annual review [of the Privacy Shield], given the concerns of European stakeholders" to Commerce Secretary Wilbur Ross, said a European Commission spokesman in a statement Monday. Acting FTC Chairman Maureen Ohlhausen and representatives of European data protection in Washington also attended the launch of the EU-U.S. Privacy Shield review was also attended. The EC spokesman said Jourová emphasized the review should show how U.S. commitments are being met, that the underlying U.S. legal framework remains in place and oversight mechanisms, namely the State Department ombudsperson, are functional. Experts said the review may find faults within the framework, but expect the agreement to be maintained (see 1708210043). Jourová and Ross plan to meet Wednesday to discuss how the review went and areas to address or if more information is needed to complete it, the EC spokesman said. Jourová, he said, plans to issue a report in the second half of October. In a statement, Jourová said the meeting with Ross was "good and honest ... I am glad to be reassured that America First doesn't mean America only." Commerce didn't comment and the White House said last week the U.S.'s commitment "cannot be stronger." The Computer & Communications Industry Association and U.S. Council for International Business joined others (see 1709150024) supporting the agreement and review. USCIB said the framework is promoting stronger protections of people's personal data and is an effective mechanism for certification by small- and medium-sized businesses. It said longevity of the agreement is important. Nearly 2,500 businesses are certified under the agreement, according to the Privacy Shield website.

Tech groups are watching the first review of the Privacy Shield U.S.-EU trans-Atlantic data sharing pact, hoping for the agreement to continue, as others expect will occur (see 1708210043). A positive joint review would "strengthen trust among all industry sectors and citizens on both sides of the Atlantic," BSA|The Software Alliance said Thursday. "It will provide businesses with the legal certainty they need ... and will help further increase the number of Privacy Shield-certified companies." Software & Information Industry Association Vice President-Public Policy Mark MacCarthy said SIIA will "continue to help the U.S. and EU delegations in any way possible to make the review a success.” The review is Monday and Tuesday.

U.K. Secretary of State for Culture, Media and Sport Karen Bradley is referring Fox's planned buy of Sky to the Competition and Markets Authority for a full, six-month investigation, she said in a statement Thursday to Parliament. The CMA investigation is to be on media plurality and genuine commitment to broadcasting standards grounds, she said. She said she received letters from Sky and Fox confirming they disagreed with her announcement Tuesday that she likely would refer the deal (see 1709120010) and that CMA will provide a recommendation on whether to allow the transaction, including possible conditions. Fox in a statement said it "look[s] forward to engaging constructively with the CMA, as independent authority, and hope that the findings of this process will be respected by the Secretary of State." It still hopes to close on Sky by the end of June.

​President Donald Trump signed an executive order Wednesday blocking Canyon Bridge Fund’s $1.3 billion acquisition of Lattice Semiconductor, supplier of smart connectivity products for Ultra HD and other applications, on national security grounds, said the White House. Canyon Bridge is a private equity fund with investors that include China Venture Capital Fund Corp., which is “owned by Chinese state-owned entities that manages industrial investments and venture capital,” said a White House statement. Trump blocked the sale under 1950's Defense Production Act, which authorizes the president to “suspend or prohibit certain acquisitions that result in foreign control of a United States business if he concludes, among other things, that there is credible evidence that the foreign interest exercising control might take action that threatens to impair the national security of the United States,” said the White House. Cited national security risks include “the potential transfer of intellectual property to the foreign acquirer,” the importance of semiconductor “supply chain integrity” to the U.S. government and the fact that the U.S. government buys Lattice products. Lattice representatives didn’t comment. The company's 8-K filing Sept. 1 at the SEC said the Committee on Foreign Investment in the United States would recommend to Trump that he should block the deal. “Lattice remains of the view that the proposed transaction does not raise any national security concerns that cannot be addressed by the comprehensive mitigation measures that Lattice and Canyon Bridge have proposed to implement,” the company said then.