Hillicon Valley: Lawmakers eye ban on Chinese surveillance cameras | DOJ walks back link between fraud case, OPM breach | GOP senators question Google on Gmail data | FCC under pressure to delay Sinclair merger review

Hillicon Valley: Lawmakers eye ban on Chinese surveillance cameras | DOJ walks back link between fraud case, OPM breach | GOP senators question Google on Gmail data | FCC under pressure to delay Sinclair merger review
© iStock

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Morgan Chalfant (@mchalfant16), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland).

 

LAWMAKERS EYE BAN ON CHINESE CAMERAS: Congress is weighing a ban on federal agencies using video surveillance equipment from two large Chinese companies, the latest sign of concerns about foreign espionage among lawmakers.

It's part of a broader trend. Across the government, the U.S. is moving away from foreign state-owned tech companies to prevent cyber spying. But one of the companies named in the proposed ban is pushing back. Hikvision argues that the legislation -- written into the House version of the annual defense authorization bill -- is a knee-jerk response to an anti-Chinese "Red Scare."

ADVERTISEMENT

"To my knowledge, and to my understanding, I've got a gut feeling that if we are not a Chinese company, this wouldn't be an issue at all," said Jeffrey He, president of Hikvision's independent U.S. subsidiary, in an interview with The Hill.  "It's very difficult to prove ourselves not guilty of providing back doors to Chinese government or any source."

Indeed, unlike firms like ZTE or the Russian-owned Kaspersky, it's a much more open question whether Hikvision products are pinging home to China.

Hikvision's U.S.-based business touts its compliance with American laws. It worked with the Department of Homeland Security to patch a security vulnerability it uncovered in May 2017. It also recently opened a transparency center in California to allow law enforcement to view the source code for its products.

Its cameras have been purchased through middlemen for use on a U.S. military base, the American Embassy in Afghanistan and in a police department in Memphis, Tenn. Chris Nickelson, a Missouri-based contractor, touted Hikvision's products as top-quality cameras with "world-class" support. Nickelson argues that a ban on Hikvision products would actually harm small American businesses like his.

To read more of our piece, click here.

 

CORRECTING THE RECORD: The Department of Justice now says that an identity fraud case may not be linked to the massive Office of Personnel Management (OPM) breach after all, saying a press release prematurely implied a connection between the two.

Stephen Boyd, the Justice Department's assistant attorney general for legislative affairs, was responding to questions from Sen. Mark WarnerMark Robert WarnerSenate Dems rip Trump after Putin news conference Trump and Putin should be talking about cyber weapons and social media instead of nuclear weapons The Hill's Morning Report — Trump, Putin meet under cloud of Mueller’s Russia indictments MORE (D-Va.) about a press release issued last month by the U.S. District Court for the Eastern District of Virginia announcing that a Maryland woman had pleaded guilty to identity theft charges.

The background: The initial release stated that the woman participated in a scheme to use data from the OPM breach to obtain fraudulent loans through Virginia-based Langley Federal Credit Union. However, officials later revised the release to remove references to the OPM breach, spurring questions as to why.

What they're saying now: In a letter to Warner on Monday, Boyd wrote that, while several victims of the scheme reported also being victims of the OPM breach, federal investigators have not yet found a definitive link between the fraud case and the OPM breach.

"A number of the victims of this scheme identified themselves to the Department of Justice as victims of the OPM data breach," Boyd wrote. "However, at present, the investigation has not determined precisely how their identity information used in this case was obtained and whether it can, in fact, be sourced directly to the OPM data breach. Because the victims in this case had other things in common in terms of employment and location, it is possible that their data came from another common source."

We explain here.

 

TOP SENATE REPUBLICANS QUESTION GOOGLE: A trio of top Senate Republicans are demanding answers from Google's parent company after The Wall Street Journal reported that app developers have been abusing their access to users' Gmail accounts.

GOP Sens. John ThuneJohn Randolph ThuneGOP senators introduce resolution endorsing ICE The real reason Scott Pruitt is gone: Putting a key voting bloc at risk Hillicon Valley: Lawmakers eye ban on Chinese surveillance cameras | DOJ walks back link between fraud case, OPM breach | GOP senators question Google on Gmail data | FCC under pressure to delay Sinclair merger review MORE (S.D.), chair of the Senate Commerce Committee, Roger WickerRoger Frederick WickerGOP senators introduce resolution endorsing ICE Hillicon Valley: Lawmakers eye ban on Chinese surveillance cameras | DOJ walks back link between fraud case, OPM breach | GOP senators question Google on Gmail data | FCC under pressure to delay Sinclair merger review Top Senate Republicans question Google over Gmail data practices MORE (Miss.) and Jerry MoranGerald (Jerry) MoranThis week: GOP mulls vote on ‘abolish ICE’ legislation Hillicon Valley: Lawmakers eye ban on Chinese surveillance cameras | DOJ walks back link between fraud case, OPM breach | GOP senators question Google on Gmail data | FCC under pressure to delay Sinclair merger review Top Senate Republicans question Google over Gmail data practices MORE (Kan.) sent a letter to Alphabet CEO and Google co-founder Larry Page on Tuesday with a list of questions about the company's data management.

Key quote: "While we recognize that third party email apps need access to Gmail data to provide various services, and that users consent to much of this access, the full scope of the use of email content and the ease with which developer employees may be able to read personal emails are likely not well understood by most consumers," they wrote.

"Furthermore, though no allegations of misuse of personal email data akin to the Cambridge Analytica case have surfaced, the reported lack of oversight from Google to ensure that Gmail data is properly safeguarded is cause for concern."

According to the Journal story from last week, employees at one firm read 8,000 unredacted emails from users to help build their program.

Read more here.

 

A SCOTUS UPDATE: President TrumpDonald John TrumpShocking summit with Putin caps off Trump’s turbulent Europe trip GOP lambasts Trump over performance in Helsinki Trump stuns the world at Putin summit MORE on Monday evening tapped Brett Kavanaugh as his nominee to replace Justice Anthony Kennedy on the Supreme Court, setting up a fierce confirmation battle as he seeks to cement conservative control of the nation's highest court.

As we observed yesterday, Kavanaugh has received some attention for his 2015 opinion defending the NSA's now-defunct bulk phone data collection program, arguing that it was consistent with the Fourth Amendment. Congress passed legislation the same year to end the program in an effort to rein in the spy agency's surveillance efforts following the Edward Snowden leaks.

Kavanaugh's confirmation process is likely to be closely watched by privacy and civil liberties advocates. Jake Laperruque, senior counsel at the Constitution Project, told The Hill that the opinion raised questions and "some alarms" in regards to Kavanaugh's stance on surveillance issues. Laperruque said he'd like to see senators press Trump's nominee on his views on the third-party doctrine, as well as his argument that the government had demonstrated a "special need" to prevent terrorism in seizing the phone records.

More on the nomination here.

 

Net neutrality advocates may watch closely too: There's no immediate or even foreseeable plans for net neutrality to hit the Supreme Court, but Kavanaugh does have a record of opposing it. Unlike, privacy issues though, Republican politicians tend to fall more in line on opposing net neutrality regulations and it's likely the case that any nominee will have similar chops on that issue.

 

WHAT'S GOING ON?: A pair of top Democrats in the House Energy and Commerce Committee is asking Federal Communications Commission Chairman Ajit Pai not to roll back his agency's role in addressing consumer complaints.

Energy and Commerce ranking member Rep. Frank Pallone Jr.Frank Joseph PalloneTop Dems urge Trump officials to reverse suspension of ObamaCare payments FCC passes controversial rule changing how it handles consumer complaints Overnight Health Care: Dem demands details on Trump-Pfizer pricing deal | Why both sides agree nominee could shift high court to right on abortion | DEA gets more powers to limit opioid production MORE (D-N.J.), and Communications and Technology Subcommittee ranking member Rep. Mike DoyleMichael (Mike) F. DoyleFCC passes controversial rule changing how it handles consumer complaints Hillicon Valley: Lawmakers eye ban on Chinese surveillance cameras | DOJ walks back link between fraud case, OPM breach | GOP senators question Google on Gmail data | FCC under pressure to delay Sinclair merger review House Dems worry FCC move to 'streamline' complaints will hurt consumers MORE (D-Pa.) both say in a letter to Pai that the proposed move would give consumers less recourse in bringing concerns with communications companies to light.

But: The FCC says that's bunk. The agency in a statement refuted Pallone and Doyle's letter saying that's outright wrong and based on a misinterpretation of the actual order.

Read more here.

 

ANTI-SINCLAIR PETITION GROWS: A growing number of groups are urging the Federal Communications Commission (FCC) to delay its review of Sinclair Broadcast Group's merger with Tribune Media, while a court weighs a recent agency move that would ease the deal's approval.

The organizations joining the effort include the National Hispanic Media Coalition, the conservative outlet Newsmax and the telecom trade group NTCA -- The Rural Broadband Association.

The groups joined a petition first filed in June by Public Knowledge and Common Cause to the FCC. That petition asked the agency to hold off on the Sinclair-Tribune proceeding while the D.C. Circuit Court of Appeals reviews the FCC's order allowing broadcasters to buy up more local television stations.

Last year, the Republican-controlled FCC voted to reinstate what's known as the UHF discount, which counts ultra-high frequency broadcast stations as half of other stations when determining if broadcasters are in line with media ownership limits. Broadcasters are currently capped at serving 39 percent of households.

Read more here.

 

YIKES: A cybersecurity firm says the hacking group that stole some Ticketmaster customers' credit card information this year actually carried out a far more extensive digital credit card-skimming campaign than initially reported. 

The threat group known as Magecart targeted more than 800 e-commerce sites around the world between February 2017 and June 2018, RiskIQ reported Tuesday in a blog post.

"According to Ticketmaster's official statement, the breach impacted the following websites: Ticketmaster International, Ticketmaster UK, GETMEIN! and TicketWeb," the firm writes. "However, we found evidence the skimmer was active on a broader range of Ticketmaster websites including Ireland, Turkey, and New Zealand among others."

RiskIQ says Magecart targeted the payment information entered into forms on Ticketmaster's various websites. They obtained the information by hacking the third-party supplier working with the ticket sales company, Inbenta.

RiskIQ, which has been tracking Magecart since 2015, said the cyber hackers placed digital skimmers -- devices that steal credit card data -- on Ticketmaster websites after compromising Inbenta. 

Read more here.

 

MORE MALWARE: Sonicwall is out with its updated Cyber Threat Report released Tuesday, which warns that there is a spike in malware attacks -- noting that they have recorded more than 5.99 billion total malware attacks in the first six months of 2018. This is a 102% jump, the cybersecurity firm says. Read the full report here.

 

CHINA HIKES TARIFFS ON U.S. OPTICAL FIBER PRODUCTS: China is raising "anti-dumping tariff rates" for some U.S. optical fiber products.

The new rates for dispersion unshifted single-mode optical fiber will be between 33.3 percent and 78.2 percent and will go into effect on Wednesday, according to a statement from China's commerce ministry.

That could be a significant hike for U.S. companies, who previously saw rates between 4.7 percent and 18.6 percent, according to Reuters.

 

CHAMBER TACKLES AI: On Tuesday, the Chamber of Commerce hosted tech industry leaders for an event, the AI Summit: Investing in Innovation and Tomorrow's Workforce. The Hill's Wyatt Schiff has the break down.

Panelists, including David Cox, director of the MIT-IBM Watson AI Lab; Elsa Kania, adjunct fellow at the Center for a New American Security; and James Kurose, assistant director for artificial intelligence in the US Office of Science and Technology Policy (OSTP), weighed in on the state of artificial intelligence technology in the U.S. and how to keep American companies competitive with overseas rivals, in particular from China.

The discussion primarily focused on developing AI in the U.S. and bolstering the "pipeline" from top engineering schools to tech companies.

The panelists said that government, academia and industry needed to work closer together to make progress.

"We must invest in the best and the brightest," said Kurose.

Cox worried that when the government allocates resources to AI technology, they don't always see results as quickly as they like. But he saw a role for government to boost ties between academia and industry.

"Everybody needs to keep moving, mechanization has and will continue to change industry," Cox said.

"AI will affect every industry."

 

ON TAP FOR TOMORROW:  

The House Judiciary Committee has issued a subpoena seeking to compel former FBI agent Lisa Page to testify behind closed doors by Wednesday at 10 a.m., according to Hill sources. Page's lawyer on Monday, however, pushed back about her appearance, stating that the details of her testimony on the Hill are still being hammered out. It is unclear whether she will show or not... BUT President Trump also appears to be hearing whispers about the status of her appearance, tweeting Tuesday: "I am on Air Force One flying to NATO and hear reports that the FBI lovers, Peter Strzok and Lisa Page are getting cold feet on testifying about the Rigged Witch Hunt headed by 13 Angry Democrats and people that worked for Obama for 8 years. Total disgrace!"

The Economic Innovation Group, the Governor's Woods Foundation and The Atlantic's Steve Clemons are hosting the 8th Annual Summit on the Economy starting at 8:30 a.m.

The Senate Rules and Administration Committee is holding a committee hearing titled: "Election Security Preparations: Federal and Vendor Perspectives" slated for Wednesday at 10:30 a.m. Top officials from the U.S. Election Assistance Commission and DHS will be testifying.

The House Homeland Security Committee is also holding a hearing on election security, this one focusing on the Department of Homeland Security's efforts to secure U.S. voting systems from cyber sabotage. It starts at 10:30 a.m.

The House Energy and Commerce Committee is holding a hearing on protecting customer proprietary network information in the modern digital age at 10:15 a.m.

The Senate Commerce Committee has scheduled a hearing to examine "lessons learned" from the Spectre and Meltdown computer chip flaws at 10 a.m.

 

A LIGHTER TWITTER CLICK: Who are you, Phillip?

 

TECH & THAI LINK: One interesting perspective on Tesla's Elon Musk inserting himself into the Thai rescue mission.

 

NOTABLE LINKS FROM AROUND THE WEB:

A Japanese man who became the first sentenced for using the Coinhive Javascript library for malicious reasons made $45. Bleeping Computer

Democratic campaigns were targeted in distributed denial-of-service attacks. (CyberScoop)

Israeli firm eyes a moon landing. (Associated Press)

The memories hiding in my data dump. (The New York Times)

Michael Flynn has a new gig. (The Wall Street Journal)

Trump's SCOTUS nominee is a major opponent of net neutrality. (Motherboard)

Apple's new update thwarts phone-cracking tools used by law enforcement. (The Verge)

"GOP senators tell contradictory stories about Moscow trip." (The Daily Beast)