Hillicon Valley: Google to pay $170M to settle child privacy charges against YouTube | Tech giants huddle with intel officials on election security | Top IT official names China main cyber threat

Hillicon Valley: Google to pay $170M to settle child privacy charges against YouTube | Tech giants huddle with intel officials on election security | Top IT official names China main cyber threat
© Getty Images

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).


RECORD FINE FOR YOUTUBE OVER KIDS' PRIVACY: Google will pay $170 million to settle charges that YouTube made millions of dollars over the years from violating children's privacy laws, the Federal Trade Commission (FTC) and New York's attorney general announced on Wednesday.

The fine is by far the largest ever imposed on a website for violations of the 1998 Children's Online Privacy Protection Act (COPPA), which requires companies to obtain parental consent before collecting data on children under the age of 13. But the settlement also exposed a sharp partisan divide among regulators over how far to go in policing Silicon Valley.


The FTC alleged that YouTube, which is owned by Google, violated COPPA by collecting the personal information of users who watched videos that were clearly directed toward children and then used that data to serve up targeted advertising.

"YouTube touted its popularity with children to prospective corporate clients," FTC Chairman Joseph Simons said in a statement. "Yet when it came to complying with COPPA, the company refused to acknowledge that portions of its platform were clearly directed to kids. There's no excuse for YouTube's violations of the law."

"Google and YouTube knowingly and illegally monitored, tracked, and served targeted ads to young children just to keep advertising dollars rolling in," New York Attorney General Letitia James (D) added in a statement. "These companies put children at risk and abused their power, which is why we are imposing major reforms to their practices and making them pay one of the largest settlements for a privacy matter in U.S. history."

Who gets what: Google and YouTube will pay $136 million to the FTC and the remaining $34 million will go to the New York attorney general's office.

Divided regulators: The FTC approved the settlement in a 3-2 vote along party lines, with both Democrats on the commission dissenting and criticizing what they see as a weak fine and a lack of meaningful constraints on Google and YouTube's business model.

The big picture: The settlement comes as Google and other Silicon Valley giants are facing heightened scrutiny over their handling of user data and their market power. A broad coalition of state attorneys general is reportedly announcing an antitrust investigation into Google next week.

Read more on the record fines here.


RIVAL CLAIMS GOOGLE SHARED DATA: Google is using an opaque system to "leak" personal information about its users to outside companies, according to new research by rival web browser Brave.

Brave's chief policy officer Johnny Ryan on Wednesday accused Google of violating European privacy laws and its own policies with a "workaround" that allows the tech giant to share identifying information about its users with other companies for advertising purposes.

Ryan offered the research as "evidence" for Ireland's data privacy watchdog, which is currently investigating whether Google is violating European law.

"The evidence we have submitted to the Irish Data Protection Commission proves that Google leaked my protected data to an unknown number of companies," Ryan said in a statement. "One cannot know what these companies then did with it, because Google loses control over my data once it was sent. Its policies are no protection."

Google has been using little-understood web pages called "push pages" to share detailed information on users with third-party companies, according to Ryan's research.

The personal data on the push pages, which multiple companies are able to access, "allows companies to pseudonymously identify the person in circumstances where this would not otherwise be possible," Ryan wrote.

"We do not serve personalised ads or send bid requests to bidders without user consent," a Google spokesperson said in a statement to The Hill. 

Read more here.


THE BEST AND THE BRIGHTEST: Facebook, Google and Twitter officials huddled with U.S. intelligence officials in Menlo Park, Calif. on Wednesday to discuss how the companies are working to prevent election meddling ahead of 2020, sources familiar confirmed to The Hill.

The midday meeting at Facebook's headquarters included representatives with the Office of the Director of National Intelligence, the FBI and the Department of Homeland Security.

The meeting is the latest signal that law enforcement is working more closely with tech companies following the 2016 presidential elections, which were marked by new and innovative forms of online interference including coordinated disinformation campaigns.

Since 2016, the companies have worked to develop new tools to stave off foreign and domestic interference in elections, but critics – including from the government – have warned they have a long way to go.

A U.S. intelligence official told The Hill the tech industry invited the intelligence community to participate in the talks.

"[The intelligence community was] there to discuss our shared goal, and that's protecting democracy and elections from those who wish to do us harm," the official said. "Industry has pulled us in ... and we're there in support of FBI and DHS."

An FBI official confirmed the bureau attended the meeting.


A Twitter spokesperson said the company welcomes "the opportunity to spend time with our peer companies and the government agencies tasked with protecting the integrity of the 2020 election."

Read more on the meeting here.


ELECTION SECURITY, PLEASE: A progressive advocacy group plans to spend over $100,000 on a nationwide campaign to pressure Senate Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellThis week: House kicks off public phase of impeachment inquiry Progressive veterans group launches campaign labeling Trump as a 'national security threat' GOP senators plan to tune out impeachment week MORE (R-Ky.) and other Senate Republicans to pass a funding bill that includes $600 million for increased election security.

Stand Up America announced the campaign -- which will involve buying digital ads, a billboard near McConnell's Kentucky office and other organizing tools to urge Senate Republicans to approve election security funding -- on Wednesday.

The billboard will label McConnell "Moscow Mitch," and urge Kentuckians to put pressure on him to allow a vote on an appropriations bill for the next fiscal year that includes $600 million in election security funds.

The campaign will involve the mobilization of over 2.4 million people nationwide and will run throughout September.

It will also target 10 other top Republicans senators by texting constituents in those states to urge them to push for action on election security.

The senators targeted by these text messages will include Sen. Roy BluntRoy Dean BluntGOP senators plan to tune out impeachment week Eleven GOP senators sign open letter backing Sessions's comeback bid Trump encounters GOP resistance to investigating Hunter Biden MORE (R-Mo.), the chairman of the Senate Rules Committee with jurisdiction over election security, and Sen. John KennedyJohn Neely KennedyMORE (R-La.), the chairman of the Senate Appropriations subcommittee with jurisdiction over the portion of the budget for 2020 that involves election security funds. 

Read more here.


CHINESE CYBER THREATS: A top IT government official on Wednesday said China poses the biggest cyber threat to the U.S.

Speaking at a cybersecurity summit, Federal Chief Information Security Officer (CISO) Grant Schneider said China has the "capacity and the capability and the intent" to work against the U.S. in cyberspace more so than other countries.

China is "an adversary that has displayed their intent, has clear means to get into and attack our critical infrastructure systems, our government systems, you name it, both from an intellectual property theft point of view, as well as an espionage point of view," Schneider said at the 10th annual Billington Cybersecurity Summit in Washington.

He added that American dependence on information technology systems only compounds the potential security vulnerabilities that countries like China could exploit and emphasized that threats to networks have evolved.

"It's really the nation-state actor, and the one particular nation state with the capacity and the capability, and the intent is really the one that concerns me the most," Schneider said.

Read more here.


NEW DAY, NEW BILL: Reps. John RatcliffeJohn Lee RatcliffeDocuments show Ukraine knew by August that aid was being withheld: NYT Five takeaways from US envoy's explosive testimony GOP searches for impeachment boogeyman MORE (R-Texas) and Ro KhannaRohit (Ro) KhannaOvernight Health Care: CDC links vitamin E oil to vaping illnesses | White House calls Pelosi drug price plan 'unworkable' | Dem offers bill for state-based 'Medicare for All' Justice Democrats official denies that progressives struggle with electability Progressive House Democrat unveils bill to allow state-based 'Medicare for All' MORE (D-Calif.) will introduce a bill this week intended to modernize a Department of Homeland Security (DHS) program that ensures the cybersecurity of federal agencies.

The Advancing Cybersecurity Diagnostics and Mitigation Act would formally codify the department's Continuous Diagnostics and Mitigation (CDM) program, which provides tools and services to federal agencies to increase cybersecurity.

The bill would also require DHS to develop a strategy to ensure that the CDM program is able to adjust to evolving cyber threats and would require the DHS secretary to make the CDM program available for state, local and tribal governments.

The legislation is the House version of a Senate bill introduced in July by Sens. John CornynJohn CornynFalling investment revives attacks against Trump's tax cuts GOP senators plan to tune out impeachment week The Hill's 12:30 Report: Trump says Dems shouldn't hold public hearings MORE (R-Texas) and Maggie HassanMargaret (Maggie) HassanHillicon Valley: Facebook launches 'News Tab' | Senate passes bill to take on 'deepfakes' | Schumer outlines vision for electric cars Senate passes legislation to combat 'deepfake' videos Hillicon Valley: Senators seek national security review of TikTok | TikTok denies claims of Chinese government influence | CNN chief rips Facebook policy on political ads | Dem questions DHS' handling of personal data MORE (D-N.H.), which has not yet seen action. It has been referred to the Senate Homeland Security and Governmental Affairs Committee.

Ratcliffe, who was briefly nominated by President TrumpDonald John TrumpThis week: House kicks off public phase of impeachment inquiry Impeachment week: Trump probe hits crucial point Judd Gregg: The big, big and bigger problem MORE to be director of national intelligence in July, said in a statement that "as cyber threats continue to increase in frequency and complexity, we must constantly work to enhance our nation's cyber defense capabilities."

Khanna added in a statement that "our government must have the necessary tools to protect Americans against the massive cybersecurity threats of the 21st century. The technology is there: we just have to ensure our agencies have the necessary tools to defend against hackers and cyberthreats. A strong CDM program will be instrumental in that effort."

Read more here.


VERY REASSURING:  A California crash involving a parked fire truck and a Tesla Model S was likely caused by a combination of driver error and Tesla's autopilot design, the National Transportation Safety Board (NTSB) said Wednesday.

In the Culver City, Calif., crash, the autopilot system's design allowed the driver to "disengage from the driving task," the NTSB said Wednesday, after saying the previous day that it had allowed the driver in the crash to spend most of the nearly 14-minute trip with his hands off the wheel.

The NTSB singled out the driver's "inattention and overreliance on" the autopilot system for the January 2018 crash into the fire truck, which was unoccupied. The driver was not injured.

The NTSB ruled that had the driver been paying close attention, "he could have taken evasive action to avoid or mitigate the collision," saying that the system sent him several alerts prompting him to place his hands back on the wheel.

After a 2016 crash in Florida that the NTSB blamed on the autopilot system, it asked Tesla and five other automakers with advanced driver assistance systems -- Volkswagen AG, BWM AG, Daimler AG, Volvo and Nissan -- to improve their applications to better detect levels of driver engagement.

Read more here.


HUAWEI POINTS FINGER AT THE US: Chinese tech giant Huawei has accused the Justice Department of attempting to flip its employees into becoming informants for U.S. prosecutors as the Trump administration pursues legal proceedings against the company and some of its executives.

A company news release blasted U.S. attempts to "coerce" Huawei's employees into serving U.S. interests, adding that attempts to level "unfounded accusations" against the company would be resisted.

"For the past several months, the US government has been leveraging its political and diplomatic influence to lobby other governments to ban Huawei equipment," the news release read. "Furthermore, it has been using every tool at its disposal -- including both judicial and administrative powers, as well as a host of other unscrupulous means -- to disrupt the normal business operations of Huawei and its partners."

Among a list of specific accusations in the news release is a claim that the Trump administration has sent "FBI agents to the homes of Huawei employees and pressur[ed] them to collect information on the company."

The company also accuses the Trump administration of "launching cyber attacks to infiltrate Huawei's intranet and internal information systems."

Huawei did not provide any evidence of cyberattacks.

The Trump administration has had an ongoing battle with the telecom giant amid its growing trade war with China, accusing the tech company and smartphone manufacturer of providing backdoors in its technology for use by Chinese intelligence firms.

Read more here.



Fourteen women are suing the ride-share company Lyft over what they are calling the company's mishandling of a "sexual predator crisis" among its drivers.

A massive unsecured database containing hundreds of millions of phone numbers and other information linked to Facebook accounts was discovered online, TechCrunch reported Wednesday.

Planned Parenthood says it will expand its telemedicine app to all 50 states by the end of 2020, making it easier for women to access birth control and other prescription drugs without visiting a doctor's office.

Porsche announced Wednesday it plans on investing $6.7 billion, or 6 billion euros, through 2022 to develop electric vehicles as it unveiled its first zero-emissions sports car.

The We Company, parent of workspace-sharing firm WeWork, announced Wednesday that it will add a woman to its board after facing backlash to the all-male leadership team that was disclosed last month with its initial public offering (IPO).


LIGHTER CLICK: Try better next time


AN OP-ED TO CHEW ON: 'Honest' political ads: Watch out Drudge, you're next



Viral Chinese app Zao puts your face in place of Leonardo DiCaprio's in 'deepfake' videos. (The Washington Post)

Facebook lays out challenges of letting users take their data to other platforms. (The Wall Street Journal)

Trump didn't create our face recognition nightmare, he's just expanding it. (Motherboard)