Cybersecurity and Cyberwarfare

Federal Communications Commission General Counsel Thomas Johnson said the agency must “respectfully decline” requests from New York Attorney General Eric Schneiderman as part of the AG’s investigation into the fraudulent use of names on comments in the net neutrality rollback proceeding. Johnson said revealing the logs of IP addresses for some comments raises “significant personal privacy concerns” and could also endanger the security of the commission’s comment system.

International flows of personal information are more significant than ever, but differences in transatlantic data privacy law imperil this data trade. The resulting policy debate has led the EU to set strict limits on transfers of personal data to any non-EU country—including the United States—that lacks sufficient privacy protections. Bridging the transatlantic data divide is therefore a matter of the greatest significance. 

Apparently, the Trump Administration is considering a set of proposals developed by Blackwater founder Erik Prince and a retired CIA officer — with assistance from Oliver North, a key figure in the Iran-Contra scandal — to provide CIA Director Mike Pompeo and the White House with a global, private spy network that would circumvent official U.S. intelligence agencies. The plans have been pitched to the White House as a means of countering “deep state” enemies in the intelligence community seeking to undermine Donald Trump’s presidency.

A panel of Democratic Reps wants to commit $400 million to secure future elections from hackers. That $400 million is what’s left over in appropriated funds from the 2002 Help America Vote Act, which focused on making voting easier for people with disabilities. The money could be used to replace outdated and unsecure voting machines that lack paper receipts for votes, the Democrats’ independent election security task force said in a Nov 20 letter to leaders of the House Appropriations Committee.

[Commentary] A recent wave of cyberattacks—from WannaCry and Equifax to the alleged Russian influence on the US election—has demonstrated how hackers can wreak havoc on our largest institutions. But by focusing only on hackers’ efforts to extort money or mess with our political process, we may have been missing what is potentially an even scarier possibility: data manipulation. Imagine that a major Big Food company gets hacked.

Sen Patrick Leahy (D-VT), joined by six other Sens, introduced comprehensive consumer privacy legislation to protect Americans’ sensitive personal information against cyberattacks and to ensure timely notification and protection when data is breached. Sen Leahy’s Consumer Privacy Protection Act of 2017 would require companies to take preventive steps to defend against cyberattacks and data breaches, and to quickly provide consumers with notice and appropriate protection when a data breach occurs.