More than 500 companies are now listed as self-certified under the EU-U.S. Privacy Shield framework, as of Tuesday. Commerce Secretary Penny Pritzker tweeted about the milestone and said more than 1,000 applications are being processed. The trans-Atlantic data transfer agreement was signed earlier this year to better safeguard personal information of European citizens, replacing the safe harbor framework invalidated by the EU high court a year ago. But Privacy Shield is still expected to face legal challenges in Europe (see 1609150023). Self-certification began in August and some said sign-ups may slow now that an incentive -- giving companies extra time to ensure their third-party vendors get the same data protection level required in the framework -- has passed (see 1610030008).

DOJ asked the 2nd U.S. Circuit Court of Appeals to grant a panel rehearing or rehearing en banc in its effort to force Microsoft to turn over a customer's emails stored in Ireland (see 1610120014). In a filing Thursday, the department said the three-judge panel "erroneously concluded" that enforcing the warrant was an "impermissible extraterritorial application" (see 1607140071). DOJ said the panel noted that the focus of Section 2703 of the Stored Communications Act, which is part of the Electronic Communications Privacy Act, "was the privacy of stored communications, and not disclosure to the government." But the department said the "clear purpose" of the section "is to outline the circumstances in which a customer's privacy interest in the content of their emails must yield to the Government's interests in obtaining those emails through disclosure by the service provider." The department also said the 2nd Circuit's opinion has "created a regime where electronic communication service providers -- private, for-profit businesses answerable only to their shareholders -- can thwart legitimate and important criminal and national security investigations, while providing no offsetting, principled privacy protections."

Facebook, Google, Pacific Light Data Communications and TE SubCom plan to partner on a trans-Pacific submarine cable connecting Hong Kong and Los Angeles directly for the first time, said a release Wednesday from TE Connectivity, the parent of TE SubCom. The undersea cable is scheduled for commercial launch in summer 2018. Facebook and Google confirmed their participation.

Latin American and Caribbean Internet Addresses Registry’s (LACNIC) Doctor IPv6 program aims to spread awareness and adoption of the IPv6 transition within Latin American and Caribbean nations, said LACNIC Research and Development Director Alejandro Acosta in an ICANN Q&A. The Doctor IPv6 program answers community members’ questions about IPv6 via a podcast, Acosta said. Internet penetration in Latin America and the Caribbean is 50-55 percent, so the “right way to reach the other 45-50% is to do it with IPv6,” Acosta said: ISPs "that do not implement IPv6 are in danger of losing customers. Countries that do not implement IPv6 are in risk of getting isolated.”

Developing countries should accede to the World Trade Organization Information Technology Agreement expansion to drive innovation and broaden international commerce, said a post to the Intel blog Thursday. “In the long term, ITA empowers the formation of a global [information and communication technology] supply chain as participating countries benefit both from cheaper imports of components and materials, as well as from exporting finalized products.” An expansion of the agreement covering additional products worth about $1.3 trillion per year was completed at the WTO Nairobi Ministerial Conference in December (see 1512160046).

Governments that shut down internet applications and services cost countries $2.4 billion in gross domestic product from July 1 last year to June 30 this year, Brookings Institution said. In a paper Thursday, Brookings Center for Technology Innovation Founding Director Darrell West estimated the GDP impact of 81 short-term shutdowns in 19 countries. “In recent years, a number of countries have blocked particular applications, shut down specific services (e.g. instant messaging and voice over internet protocol calling), turned off mobile telecommunications services, or disrupted the entire internet,” he wrote. “Economic losses include $968 million in India, $465 million in Saudi Arabia, $320 million in Morocco, $209 million in Iraq, $116 million in Brazil, $72 million in the Republic of the Congo, $69 million in Pakistan, $69 million in Bangladesh, $48 million in Syria, $35 million in Turkey, and $20 million in Algeria.” West said he considered reductions in economic activity but not tax losses or drops in investor, business and consumer confidence.

IBM is plugging $200 million, out of a $3 billion global investment, into the worldwide headquarters for its Watson IoT business in Munich, it said in a news release. The investment is in response to growing demand from customers looking to incorporate IoT and artificial intelligence technologies, it said Monday. The HQ will be home to cognitive IoT Collaboratories, described as hands-on industry labs where clients and partners work with 1,000 IBM researchers, engineers, developers and business experts on automotive, electronics, manufacturing, healthcare and insurance. The goal is to apply new concepts and technologies; build IoT solutions; develop and test new business models, solutions and services; and “push the boundaries of what is possible with IoT,” said IBM.

The Commerce Department is studying economic impacts of cross-border data flows driven by the internet, NTIA said in a Friday blog post. NTIA and the Economics Statistics Administration also released a report, Measuring the Value of Cross-Border Data Flows. “These data flows are happening and we know they are having an increasingly significant effect on the economy,” NTIA said. “Solid statistical foundations for measuring the economic impact of cross-border data flows do not currently exist.” The report highlights ongoing efforts to measure data flows, including a Bureau of Economic Analysis project to refine measurement of services that can be traded using information and communication technologies. BEA and NTIA also started a three-year study to define industries and commodities comprising the digital economy so it can estimate contribution to Gross Domestic Product. Next steps for the department: (1) Improve coverage and quality of government statistics on the service sector; (2) develop standard nomenclature and definitions for concepts on cross-border data flows; (3) better understand how firms use data flows and their economic value; (4) develop improved and consistent macro-economic statistics to measure the value of the data flows and the digital economy, including impact to GDP; (5) continue dialog between the department and industry to facilitate data sharing; and (6) continue collaboration between Commerce and international organizations to spread the metrics.

The U.S. Court of Appeals for the D.C. Circuit denied a request for en banc reconsideration of Weinstein v. Iran, in which a three-judge panel ruled in August that country code top-level domains (ccTLDs) can’t be garnished as assets in a lawsuit judgment (see 1608020055). The family of Ira Weinstein had sought garnishment of Iran's .ir ccTLD as compensation for his death in a 1996 terrorist attack attributed to Iran, and other families in cases consolidated with Weinstein sought garnishment of the ccTLDs of North Korea and Syria. The families jointly sought the en banc hearing. The D.C. Circuit denied the request in a one-sentence order (in Pacer), saying no member of the court favored an en banc hearing. Supreme Court nominee Merrick Garland, who remains the D.C. Circuit's chief judge, didn't participate in the denial decision.

Many companies remain wary about using the EU-U.S. Privacy Shield and are relying more on other trans-Atlantic data transfer mechanisms such as standard contractual clauses, said the International Association of Privacy Professionals in its second annual survey, sponsored by EY, released Thursday. "While 50 percent of all companies that transferred personal data between the EU and U.S. in the past used Safe Harbor, just 34 percent say they intend to use Privacy Shield in the future," IAPP said. More than 4,400 U.S. companies used the old safe harbor arrangement before it was invalidated by the European Court of Justice (ECJ) in October (see 1510090023). The Department of Commerce opened the self-certification process for Privacy Shield, which was agreed to earlier this year, Aug. 1 with 196 companies -- including Akamai, Microsoft, Oracle, Salesforce and Workday -- approved as of Thursday (see 1608050007). IAPP said more than 80 percent of companies surveyed said they’re relying on standard contractual clauses, which is currently being challenged in ECJ (see 1607060009). IAPP said companies may be "hesitant" to use Privacy Shield since it might be legally challenged. Another mechanism called binding corporate rules is more of an option for larger companies, the survey found. Fifty-three percent of companies with more than 75,000 employees see it as a "viable solution," compared with 8 percent of companies with fewer than 5,000 employees. IAPP surveyed more than 600 privacy professionals -- 63 percent working for U.S. companies, 19 percent for European organizations and 10 percent for Canadian firms -- across the financial services, government, healthcare and pharma, professional services and technology and telecom sectors. IAPP said more than half polled expected privacy budgets to grow, and 72 percent said the topic is a board-level concern.