Overnight Cybersecurity: Lawmakers close to finalizing Apple-approved encryption bill

Overnight Cybersecurity: Lawmakers close to finalizing Apple-approved encryption bill
© Getty Images

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you...

THE BIG STORIES:

--AN APPLE-APPROVED BILL: Two lawmakers will reveal more details about a major encryption bill on Wednesday amid a renewed debate over what role Congress should play in regulating encryption standards. The long-awaited measure, from House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark WarnerMark Robert WarnerNSA spying program overcomes key Senate hurdle Dem lawmaker wants briefing on major chip vulnerabilities Week ahead: Tech giants to testify on extremist content MORE (D-Va.), would establish a national commission to figure out how police can get at encrypted data without endangering Americans' privacy. The bill, which is expected to actually drop sometime next week, is intended to cut through the heated rhetoric that has defined the encryption debate in the wake of the terror attacks in Paris and San Bernardino, Calif. Apple's recent decision to rebuff a court order seeking help unlocking an iPhone belonging to one of the San Bernardino shooters has only upped the ante in the long-running feud between the tech community and law enforcement. Apple has said that the Warner-McCaul efforts are the one legislative path they support, and have vowed to participate on the commission if the bill is passed. To read more about what to expect Wednesday, click here. To read up on what we know about the bill so far, click here.

ADVERTISEMENT
--DEJA VU ALL OVER AGAIN?: The Justice Department is pursuing about a dozen undisclosed court orders to force Apple to help authorities access locked iPhones, in addition to the high-profile case involving the phone of one of the San Bernardino shooters. In at least some cases, the government wants to use an 18th-century law called the All Writs Act to compel Apple to disable a key security feature, the report said. The other cases reportedly do not involve terrorism. Many of them also involve older Apple operating systems, which have fewer security barriers that authorities have to overcome. A letter filed by prosecutors in a case over a locked iPhone in New York also indicates that there are other cases in which the government has obtained similar court orders, but it doesn't go into more detail. "In most of the cases, rather than challenge the orders in court, Apple simply deferred complying with them, without seeking appropriate judicial relief," the prosecutors wrote. The revelation appears to bolster critics' charges that compliance with the order involving Syed Farook's phone would set a dangerous precedent by broadening the scope of the All Writs Act. The 1789 law allows federal judges to compel others to help the government perform its duties so long as requests are not "unduly burdensome." To read our full piece, click here.

--OUT OF BOUNDS: State Department staffers are not allowed to use private servers for official classified business, Secretary John KerryJohn Forbes KerryFeehery: Oprah Dem presidential bid unlikely Dem hopefuls flock to Iowa Change in Iran will only come from its people — not the United States MORE told the Senate on Tuesday. "In today's world, given all that we've learned and what we understand about the vulnerability of our system, we don't do that, no," Kerry said while testifying in a Senate Foreign Relations Committee hearing. The remark, which came in response to a question from Sen. Ron JohnsonRonald (Ron) Harold JohnsonGOP senators eager for Romney to join them The House needs to help patients from being victimized by antiquated technology Comey’s original Clinton memo released, cites possible violations MORE (R-Wis.), serves as an orchestrated Republican jab at Democratic presidential candidate Hillary ClintonHillary Diane Rodham ClintonIntel Dem decries White House 'gag order' after Bannon testimony 'Total free-for-all' as Bannon clashes with Intel members Mellman: On Political Authenticity (Part 2) MORE, whose exclusive use of a private server and email account while secretary of State has roiled GOP critics in Washington. Republicans have for months hammered Clinton on her email arrangement, which some critics claim should lead to criminal charges for mishandling classified information. A video clip of Tuesday's exchange in the Senate was distributed by the Republican National Committee. Johnson faces a tight reelection bid in Wisconsin. To read our full piece, click here.

 

UPDATE ON CYBER POLICY:

--KEEP ON PUSHING. Senate Intelligence Committee leaders met Monday to discuss legislation that could require companies to unlock phones under court order.

The meeting was part of a months-long push from Sens. Richard BurrRichard Mauze BurrNSA spying program overcomes key Senate hurdle Senate Intel chairman: No need for committee to interview Bannon McConnell: Russia probe must stay bipartisan to be credible MORE (R-N.C.) and Dianne FeinsteinDianne Emiel FeinsteinDHS chief takes heat over Trump furor NSA spying program overcomes key Senate hurdle Democrats will need to explain if they shut government down over illegal immigration MORE (D-Calif.) -- the Intelligence committee's leaders -- to offer a bill that gives law enforcement better access to encrypted data.

"I think it is coming along," Feinstein told reporters on Tuesday. "It's not easy, because some people want it much more complicated than it needs to be."

"We're trying to think through the whole thing and whether we can do something that is organic that changes to reflect the changes in technology," Burr said a few hours later. "That might not be what we can do. But we're attempting to work through that."

Burr and Feinstein have been working on their legislation since shortly after Paris and San Bernardino. But the recent Apple-FBI spat has led to renewed calls for the pair to move on the bill.

To read our full piece, click here.

To watch The Impressions perform the classic song, "Keep on Pushing," click here.

 

LIGHTER CLICK:

--Sean Penn, the self-described "single most technologically illiterate man left standing" will be the keynote speaker at a major cybersecurity conference.

Here's a flashback from Penn's divisive interview with Mexican drug lord El Chapo.

"At 55 years old, I've never learned to use a laptop. Do they still make laptops? No fucking idea!"

Here's the rest of that interview.

Here's info on the conference, which also includes notable speakers like Attorney General Loretta Lynch.

 

A FEATURE IN FOCUS:

--THIS ONE TIME, AT BAND CAMP. Researchers have repeatedly pointed to Iran as a burgeoning cyber power, an assessment underscored by the 2013 hack of a dam in New York.

So what's it like to be a hacker in Iran? The chief intelligence officer of the cyber intelligence firm Treadstone 71 takes a look.

Read on, here.

 

WHO'S IN THE SPOTLIGHT:

--BILL GATES. The Microsoft founder on Tuesday split from other tech industry leaders in not directly supporting Apple's refusal to help the government unlock the iPhone used by one of the San Bernardino shooters.

Gates told The Financial Times that the government is not seeking a "back door" to the iPhone, as Apple CEO Tim Cook and digital rights advocates have argued.

"This is a specific case where the government is asking for access to information," Gates said. "They are not asking for some general thing, they are asking for a particular case."

"It is no different than [the question of] should anybody ever have been able to tell the phone company to get information, should anybody be able to get at bank records," he added.

Gates later clarified that his remarks were not necessarily backing the FBI's court order.

"That doesn't state my view on this," he told Bloomberg TV. "I'm hoping now we can have a discussion."

"I do believe there are sets of safeguards where the government shouldn't have to be completely blind," he added, saying the issue will ultimately be settled in the courts and in Congress.

To read our full piece, click here.

 

A LOOK AHEAD:

WEDNESDAY:

--The Atlantic Council will host a discussion on the cybersecurity of medical devices at 4:00 p.m.

--The Bipartisan Policy Center will hold an event at 12 p.m. on solutions to the "going dark" phenomenon. House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.) will offer more details about their upcoming bill that would establish a national commission to figure out how police can get at encrypted data without endangering Americans' privacy.

--The Council on Foreign Relations (CFR) will hold an event at 6 p.m. to discuss the new book, "The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age," by Adam Segal, a Chinese cyber policy expert and senior fellow at CFR.

THURSDAY:

--The House Intelligence Committee will hold a hearing at 9 a.m. to examine worldwide threats. Top intelligence officials will testify, including Director of National Intelligence James Clapper, CIA Director James Brennan and FBI Director James Comey.

--The House Oversight Committee will hold a hearing at 10 a.m. on the Obama administration's proposal to overhaul the security clearance process, which includes handing over security of the network to the Defense Department.

--The House Homeland Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies will hold a hearing at 2 p.m. on emerging cyber threats from China, Russia, North Korea and Iran.

FRIDAY

--This.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Rep. Ted Lieu (D-Calif.) is pressing FBI Director James Comey to withdraw a court order directing Apple to unlock an iPhone used by one of the San Bernardino shooters. (The Hill)

The FBI has issued a warning about pro-Islamic State hackers carrying out cyberattacks on the U.S., but notes that most of the attacks are relatively unsophisticated. (Motherboard)

The cybersecurity industry, once one of the hottest targets for venture capitalists, is grappling with a funding slump that has forced some startups to sell or cut spending. (Reuters)

An attack against Russian bank employees highlights the threat against financial institutions. (CSO Online)

Digital privacy activists planned some 30 rallies at Apple Stores nationwide on Tuesday to deliver a message to the FBI: "Don't break our phones." (The Christian Science Monitor)

If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A