1. Monthly archive
  2. April 2013

April 2013

Cybersecurity Legislation Must Not Violate Americans' Right to Privacy

The White House issued its official response to a We The People petition titled “Stop CISPA (Cyber Intelligence Sharing and Protection Act).”

The White House issued a veto threat for the Cyber Intelligence Sharing and Protection Act (CISPA) on April 16, because the legislation did not fully address our core concerns (especially the protection of privacy). Even though a bill went on to pass the House of Representatives and includes some important improvements over previous versions, this legislation still doesn't adequately address our fundamental concerns. But it's not good enough to just stop things: We've got to work together, with legislators on Capitol Hill, technology experts from the private sector, and engaged advocates like you to advance cybersecurity legislation without compromising privacy.

When it comes to information-sharing, there are three key principles we apply to any legislative proposal:
Does it (1) sufficiently protect privacy and civil liberties,
(2) ensure that a civilian department -- not an intelligence agency -- is the primary point of entry for cybersecurity information sharing, and
(3) provide narrowly tailored liability protections that would allow the private sector to respond to threats (without encouraging reckless behavior).

Here's a bit more detail about each:

  1. It's important that any information shared under a new cybersecurity law must be limited to what's relevant and necessary for cybersecurity purposes. That also means minimizing information that can be used to identify specific individuals. For example, if a utility company is looking for government assistance to respond to a cyber attack, it is unlikely that it needs to share the personal information of its customers, like contact information or energy-use history, with the government.
  2. Cybersecurity legislation needs to preserve the traditional roles for civilian and intelligence agencies that we all understand. Specifically, if legislation authorizes new information sharing between the private sector and the government, then that new information should enter the government through a civilian department rather than an intelligence agency. That doesn't mean breaking the existing mechanisms that already work. For example, victims of cyber crime ought to continue to report those violations to federal law enforcement agencies and public-private information-sharing relationships that already exist should be preserved.
  3. Any new legislation ought to provide legal clarity for companies that follow the rules and appropriately share data with the government. But it should not provide broad immunity for businesses and organizations that act in ways likely to cause damage to third parties or result in the unwarranted disclosure of personal information.

Moving forward, the Obama Administration will continue to advocate vocally for cybersecurity legislation that applies these principles to protect privacy.

President Obama to Name Wheeler to Head FCC

President Barack Obama is expected to soon nominate a former top lobbyist for the cable and wireless industries to lead the Federal Communications Commission, two people familiar with the matter said. [Note: Reuters attributes the news to “a White House official”] Tom Wheeler, a venture capitalist and longtime industry operative, will be tapped to lead the agency that governs the nation's scarce wireless airwaves and regulates telephone networks and indecency on television. President Obama is expected to make the announcement as soon as May 1, an industry official and a person familiar with the situation said. Current FCC Commissioner Mignon Clyburn will act as interim chairman, the industry official said.

Six Revealing Quotes From Obama’s New FCC Nominee, Tom Wheeler

Tom Wheeler, reportedly the nominee to chair the Federal Communications Commission, now faces confirmation by the Senate, but that's perhaps the last place to turn for insight into what the candidate really thinks on tech policy. A far more interesting set of opinions can be found on Wheeler's blog, which he's kept since May 2007.

  1. On network neutrality, Wheeler tried to convince network operators to back the FCC's policy.
  2. Clinging to the comfy economics of scarcity by moving content behind pay walls won’t bring yesterday back. ... The name of the game is how to make money out of abundance, not how to maintain scarcity.
  3. On the privatization of space exploration, Wheeler likened NASA to a telecom monopoly.
  4. On reallocating spectrum more efficiently, he argued for a kind of lightly managed chaos
  5. On Internet privacy, Wheeler proposed entrusting network operators rather than content providers or Web companies themselves.
  6. Wheeler hinted at his favor for 2011's failed AT&T/T-Mobile merger—not because it would've been good for consumers, or for the businesses themselves, but because it would've given the FCC more jurisdiction to regulate mobile broadband.

Groups Already Weighing In on Wheeler Chairmanship

Wheeler for FCC chair? Here’s reaction from public interest groups:

  • "The Federal Communications Commission needs a strong leader -- someone who will use this powerful position to stand up to industry giants and protect the public interest," said Free Press president Craig Aaron. "On paper, Tom Wheeler does not appear to be that person, having headed not one but two major trade associations. But he now has the opportunity to prove his critics wrong, clean up the mess left by his predecessor, and be the public servant we so badly need at the FCC."
  • “He can’t be pigeon-holed,” said Gigi Sohn, president of consumer advocacy group Public Knowledge. “He’s had a wide variety of experiences and has worked with competitive companies as well as incumbents. I truly believe he will be independent and thoughtful…. He's also at a time in life where he's not looking for the next job. (That) will add to his independence."

T-Mobile to close MetroPCS deal

T-Mobile USA, the country's fourth-largest cellphone carrier, is set to complete its acquisition of MetroPCS after the stock market closes on April 30. No immediate changes are expected for customers of either company. However, T-Mobile plans to shut down MetroPCS's network over two years, which means MetroPCS phones will eventually stop working. T-Mobile will use the space freed up on the airwaves to boost its own coverage and data speeds.

NIST Reworks Cyber Guidelines for the Hacking Era

The National Institute of Standards and Technology has rewritten federal cybersecurity standards for the first time in nearly a decade to address evolving smartphone vulnerabilities and foreign manipulation of the supply chain, among other new threats.

The 457-page government computer security bible, officially called "SP (Special Publication) 800-53," was last revised in 2005. That was long before the rise of advanced persistent threats -- infiltrations that play off human failings to linger in systems until finding sensitive data. Agencies are not required to follow all the specifications, but rather choose among the protections that suit their operational environments, such as space in the case of NASA. To protect critical computer parts, the compendium recommends sometimes withholding the ultimate purpose of a technology from contractors by "using blind or filtered buys." Agencies also should offer incentives to vendors that provide transparency into their processes and security practices, or vet the processes of subcontractors. NIST broaches the controversial approach to "restrict purchases from specific suppliers or countries," which U.S. technology firms, even those who have been hacked, say might slow installations. The new guidelines also cover the challenges of web-based or cloud software, insider threats and privacy controls.

The Part Of The Internet You Don’t See Lets Machines Talk To Each Other—And Will Change The World

The "industrial Internet" is the idea of connecting millions of machines--railroad cars, wind turbines, MRI scanners, you name it--to a network, extending today’s connectivity to factories, hospitals, buildings, and much else.

According to Jon Bruner it is "machines becoming nodes on pervasive networks that use open protocols." And, to many others, it is as a big a deal as the Internet itself: essentially completing a job that’s only half-finished with web sites, email, Twitter, and so on. "The same changes in software and networks that brought about decades of Silicon Valley innovation are now reordering the machines around us," Bruner, an editor at O’Reilly Media, says. For a sense of what these changes might mean, take a look at Bruner’s excellent (and free) recent report. He writes about how the industrial Internet might improve efficiency and system visibility (allowing managers, for example, to understand their power supplies, as well as what’s happening in the factory). He explores some possible problems, notably around security. And he runs through dozens of examples of how it could affect particular industries.

Verizon CTO: Future Services Will be Based on Four Key Platforms

Future Verizon services will be built on one of four “foundational platforms,” said Verizon Chief Technology Officer Tony Melone, addressing attendees at Genband Perspectives13 in Orlando. Those four platforms, he said, include the company’s 4G LTE network, FiOS, data centers operated under the Terremark name and the company’s global IP backbone.

Verizon’s LTE network now reaches 90% of the U.S. population and will match the company’s 3G footprint before year-end, Melone said. Also on tap for this year are LTE deployments in the AWS band. The company engineers its LTE network for an average of 12 Mbps under “loaded” conditions, he added. Melone also noted that Verizon currently spends about $16 billion a year on spectrum. Upcoming goals for the company’s wireless network include deploying voice over LTE and rich communications services (RCS). But Melone hastened to add that “We will be aggressive but we will also be smart.” Building a nationwide wireless network based on voice over IP is “not trivial,” Melone said, adding that the company will begin delivering such services over that network later this year or early next year.

A Change in the FCC's Broadcast Foreign Ownership Rules In the Near Future?

Two weeks ago, comments were filed in the Federal Communications Commission’s proceeding examining whether to adopt a more relaxed view of the foreign ownership provisions of the Communications Act.

While the Communications Act limits foreign ownership in communications licensees to 20% (or 25% of a licensee holding company), the Act also allows the FCC to allow greater foreign ownership if it would not adversely affect the public interest. In areas other than broadcasting, the FCC has routinely allowed ownership of more than 25% of a communications licensee, but the limit has been strictly enforced in the broadcasting world. Many of the comments filed in response to the FCC’s request made exactly that point - that in a multimedia world, why should a wireless company or a cable programmer be allowed to be foreign owned, while a competing broadcaster can't have foreign investors holding more than 25% of its equity? In what is perhaps a telling indication of where the FCC is going, the statements of three FCC Commissioners, in connection with a recent FCC decision to further streamline the approval process for alien ownership in excess of the 25% limitations in FCC-regulated areas other than broadcasting, suggested that the relaxation of the limits should also be extended to broadcasting.

Internet Society Panel Focuses on Rural and Low-Income Broadband Access

The Internet Society held a panel discussion on the state of competition in the U.S. broadband market. The discussion was informative, and the audience offered some great questions as well. Some highlights from the event…

  • All panelists seemed to agree that there’s still a problem in America with low-income families lacking service. Various proposals were mentioned, including a school lunch-like program for low-income families with children, or making the Lifeline program technology-neutral and thus able to cover broadband or mobile service.
  • In addition to the low-income access problem, the panelists also acknowledged that rural access remains scant in some parts of the US.

© 1994-2024 Benton Institute for Broadband & Society. All Rights Reserved.