Hillicon Valley: Senate Intel report urges action to prevent 2020 Russian meddling | Republicans warn Microsoft of ‘urgent’ Huawei threat | Court rules FBI surveillance violated Americans’ rights
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Emily Birnbaum (@birnbaum_e). And a warm welcome to the newest member of the tech team, Chris Mills Rodrigo (@chrisismills), who’s joining the beat as Harper Neidig goes on to become The Hill’s new courts reporter.
SENATE INTEL’S NEW RUSSIA REPORT: The Senate Intelligence Committee on Tuesday recommended a set of sweeping steps for Congress, President Trump and social media companies to take to prevent Russian disinformation efforts from impairing the 2020 elections.
In a bipartisan report, the panel said Congress should consider legislation to increase the transparency of political advertisements on social media. It also called on social media companies to improve efforts to notify users of exposure to disinformation, three years after Russian actors directed by the Kremlin interfered in the 2016 presidential election.
{mosads}”This challenge requires an integrated approach that brings together the public and private sectors,” the committee wrote. “This approach must be rooted in protecting democratic values, including freedom of speech and the right to privacy. The Federal government, civil society, and the private sector, including social media and technology companies, each have an important role to play in deterring and defending against foreign influence operations that target the United States.”
The report is the second volume to be released as part of the committee’s two-year investigation into Russia’s interference in the 2016 election. The first volume, released in July, focused on Russian efforts to interfere in U.S. voting infrastructure.
The panel recommended Tuesday that the Trump administration “reinforce with the public the danger of attempted foreign interference in the 2020 election,” such as establishing an interagency task force to monitor foreign use of social media to spread disinformation.
The committee’s recommendations come after months of intense partisan debate over how to address election security vulnerabilities, with the House passing multiple sweeping election security and reforms bills, and Senate Majority Leader Mitch McConnell (R-Ky.) blocking them in the Senate, citing concerns around federalizing elections.
The new report underscored many of the findings from former special counsel Robert Mueller that he detailed in his own report released earlier this year, including that Russian actors were directed by the Kremlin to help Trump win the 2016 election.
HUAWEI WARNINGS: Five Republican senators sent a letter to Microsoft on Tuesday stressing that Chinese telecommunications giant Huawei poses a “real and urgent” threat after an executive at the American tech giant complained the U.S. hasn’t been open about why Huawei was blacklisted.
The letter from GOP Sens. Tom Cotton (Ark.), Marco Rubio (Fla.), Rick Scott (Fla.), Josh Hawley (Mo.) and Mike Braun (Ind.) to Microsoft President and Chief Legal Officer Brad Smith details several allegations of “espionage activities” and “technology theft and economic warfare.”
President Trump in May directed the Commerce Department to place Huawei on its “Entity List.” U.S. companies are forbidden from doing business with firms on the list, but the government has granted Huawei multiple “general temporary licenses” since.
The U.S. has long considered Huawei a national security threat because of its deep connections to the Chinese government.
Smith last month in an interview with Bloomberg Businessweek said that Microsoft has asked U.S. regulators to explain the decision to blacklist Huawei multiple times.
“Oftentimes, what we get in response is, ‘Well, if you knew what we knew, you would agree with us,'” Smith said. “And our answer is, ‘Great, show us what you know so we can decide for ourselves. That’s the way this country works.'”
IRANIAN THREATS: A recent hacking attempt by Iran targeting a U.S. presidential campaign highlighted the vulnerability of email accounts heading into the 2020 elections.
Microsoft revealed last week that it had tracked an Iranian group named “Phosphorus” attempting to access the email accounts of an unnamed presidential campaign, along with accounts tied to journalists and former and current U.S. officials.
While the group compromised only four accounts, it identified 2,700 accounts for targeting and attacked 241 of them. The accounts associated with the unnamed presidential campaign, which Reuters identified as the Trump campaign, were not successfully compromised.
The Trump campaign told The Hill they had “no indication that any of our campaign infrastructure was targeted.”
Tom Kellermann, who served on a presidential cybersecurity commission during the Obama administration, said campaigns should ensure “modern cybersecurity technologies” are being used to insulate endpoints, and that “websites and mobile apps should be tested for vulnerabilities and hardened accordingly.”
But even if campaigns take those steps, Kellermann said, rising tensions between the U.S. and Iran could lead to attacks on other aspects of campaigns and elections.
“Iran has dramatically increased their capability sets, and the number of attacks against the U.S. over the last year,” said Kellerman, who’s now chief cybersecurity officer for the firm Carbon Black, adding that Iran’s cyber “capabilities have been dramatically improved thanks to transfers from Russia.”
“Iranians come in third place of the axis of evil in cyber, they don’t have as many hackers as the Chinese and Russians do, but they have a handful of very elite crews who have benefited dramatically from Russian tech transfer,” Kellermann said.
FISA REVELATIONS: The secretive Foreign Intelligence Surveillance Court (FISC) ruled last year that some FBI surveillance violated the targets’ constitutional rights, the intelligence community revealed Tuesday.
The ruling, a rare loss for the government on surveillance matters, found that the FBI may have violated the law, as well as constitutional protections against unreasonable searches, as it searched through databases connected to its warrantless communications surveillance program.
Judge James Boasberg, who sits on the Foreign Intelligence Surveillance Court, found last year that the FBI’s efforts to query the sensitive databases and purge unnecessary results were “inconsistent with statutory minimization requirements and the requirements of the Fourth Amendment.”
The ruling identified tens of thousands of improper FBI searches of intelligence databases in 2017 and 2018, according to the ruling, which found these searches may have been used to vet personnel and cooperating sources.
It also found that the FBI was not properly identifying and documenting which searches were connected to people in the U.S.
Federal law allows use of the database only to search for evidence of crimes or for foreign intelligence data and requires an account of how many searches pertain to U.S. persons.
The ruling found improper use of the database by individuals, including at least one FBI contractor who searched an intelligence database for information on himself, relatives and other personnel.
Boasberg, who was appointed to the bench by former President Obama, wrote that the Trump administration failed to persuasively argue that the FBI would not be able to properly tackle national security threats if the program was altered to better protect citizen privacy.
Read more on the court ruling here.
“HOW’D THAT HAPPEN?”: Twitter on Tuesday disclosed that it “inadvertently” misused users’ phone numbers and email addresses for ad targeting purposes, even though users gave that information to Twitter to boost their account security.
The disclosure – which apparently comes a month after it was resolved by Twitter – is only the latest instance in which a tech company has used phone numbers for advertising purposes. Earlier this year, the Federal Trade Commission (FTC) said Facebook is “prohibited” from using phone numbers obtained for security purposes for advertising as part of the agency’s record-shattering $5 billion settlement with the company.
On Tuesday, Twitter said it is revealing the misuse in “an effort to be transparent.”
“We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware,” Twitter wrote in a blog post.
The company said it had “addressed” the issue as of September 17 but did not reveal when it became aware phone numbers and email addresses were being misused.
Users offered the sensitive personal information for safety and security purposes like two-factor authentication.
DING DONG DITCH: A group of more than 30 civil rights groups on Tuesday signed an open letter calling on lawmakers to cut partnerships between Amazon’s Ring doorbell surveillance systems and local police.
The letter raised concerns about the video feed recorded by the doorbell and its camera being used by law enforcement for unwarranted surveillance and facial recognition searches, which opponents say can exacerbate racial discrimination.
The letter followed an August Washington Post report which found Ring partnered with more than 400 local police forces to give law enforcement access to homeowners’ footage.
“These partnerships pose a serious threat to civil rights and liberties, especially for black and brown communities already targeted and surveilled by law enforcement,” the letter reads.
The groups — including RAICES, the Center for Human Rights and Privacy as well as the Color of Change — are demanding that local, state and federal lawmakers begin to regulate the rapidly growing surveillance network to curb law enforcement’s access to users’ cameras.
“With no oversight and accountability, Amazon’s technology creates a seamless and easily automated experience for police to request and access footage without a warrant, and then store it indefinitely,” they wrote.
BLACKLISTED: The U.S. is moving to blacklist several Chinese firms behind facial recognition technology that officials say Beijing is using against China’s Muslim minorities.
The Commerce Department on Monday applied to put the firms on its Entity List of companies that act against American foreign policy interests, under which U.S. companies would be prohibited from selling them technology without government approval.
“Specifically, these entities have been implicated in human rights violations and abuses in the implementation of China’s campaign of repression, mass arbitrary detention, and high-technology surveillance against Uighurs, Kazakhs, and other members of Muslim minority groups” in Xinjiang, the Commerce Department said in a notice published Monday.
The firms in question include video surveillance company Hikvision and Chinese AI firms Sense Time, Megvii and iFlytek.
The move comes on the same day Chinese and U.S. negotiators commenced preparations for high-level trade negotiations between Beijing and Washington set to begin Thursday, according to Bloomberg.
ANTITRUST TEAM-UP: About 40 state attorneys general will participate in an antitrust investigation of Facebook led by New York Attorney General Letitia James (D), The Washington Post reported on Monday, citing three people familiar with the matter.
In September, James had announced an investigation with seven other states and the District of Columbia into whether the social media giant has “endangered consumer data, reduced the quality of consumers’ choices, or increased the price of advertising.”
The three people who spoke to the Post said the larger inquiry is still confidential, and that New York could enlist further states before the probe is formally announced.
James and other attorneys general met Monday with Justice Department and Federal Trade Commission officials to discuss Facebook.
Asked for comment, Facebook referred the Post to a previous statement from Will Castleberry, the company’s vice president for state and local policy, saying the company would “work constructively with state attorneys general and we welcome a conversation with policymakers about the competitive environment in which we operate.”
WHERE’S THAT EMOJI?: Apple iPhone users in Macau and Taiwan discovered this week that they no longer had access to an emoji bearing the image of the Taiwanese flag, considered a controversial symbol on mainland China.
Quartz reported Tuesday that the emoji had vanished from devices operating in two of China’s special administrative regions, a sign of China’s growing animus toward the Taiwanese government which considers Taiwan to be an independent nation separate from China.
No mention of the removal was found in Apple’s most recent iPhone patch notes, and the company did not immediately return a request for comment from The Hill.
An analysis of the change performed by one Twitter user revealed that the change was made through Apple’s keyboard, and was region-locked, allowing those wishing to use the emoji to digitally switch their regions and access the symbol.
BLEEP OUT: Tesla CEO Elon Musk privately called himself a “f—ing idiot” for claiming without evidence that a British cave diver attempting to rescue a Thai soccer team was “a child rapist.”
Court documents obtained by Business Insider revealed Musk said he regretted emailing a BuzzFeed News reporter with the claims.
“I didn’t expect Buzzfeed to publish an off the record email,” Musk wrote in an email to a public relations agent. “My intent was to have them investigate and come to their own conclusions, not publish my email directly. Still, I’m a f—ing idiot.”
“In the past, Buzzfeed has respected emails prefaced with ‘off the record,’ but this time they did not,” he added. “It was still one of the dumbest things I’ve ever done.”
Diver Vernon Unsworth sued Musk for libel and slander last year seeking at least $75,000 in compensatory damages, after Musk publicly accused him of pedophilia.
Q&A: Ahead of Microsoft’s public sector summit on Tuesday, the company’s president of U.S. regulated industries Toni-Townes Whitley sat down for a Q&A with The Hill to discuss government’s changing relationship with the tech sector, the definition of “tech intensity,” and how Microsoft grapples with ethical questions around what to sell to which federal agency. Microsoft over the past year has faced multiple internal and external protests over how its artificial intelligence and cloud-computing products are being used by the defense and law enforcement communities.
Speaking at the Microsoft Government Leaders Summit in Washington, D.C. on Tuesday, Microsoft CEO Satya Nadella framed the company as a ready and willing business partner for government agencies.
From our Q&A with Toni-Townes Whitley….
On Toni’s role… “For the work that I do with the federal, state and local government, a typical day or engagement will include generally meeting with fairly senior officials within federal agencies. … I spend more and more time with mission leaders about, how is that technology going to drive the mission? And then how do they create ethical constructs around which technologies to procure? I do that across defense, intel, civilian and federal as well as the 50 state governments.”
On a “tech intensity” framework for federal agencies … “As government is embedding more technology … each leader has to drive a new form of leadership around the adoption of technology – which is the first component of tech intensity. The second component is around capability, [meaning] the capability that the agency has itself to build digital skills and tools … Then we frame that equation to an exponent of trust. … The simple equation is tech adoption x tech capability to the power of trust.”
On Microsoft’s approach to ethics… “I sit on an AI ethics committee that reports directly up to our CEO [Satya Nadella] and president Brad Smith … We have a very robust decision-making framework that we use to understand the ethical considerations on design, on production, on deployment of the technology that we build, as well as the technology that our partners and others employ. One of our committees that is the most active is the ‘sensitive use’ committee, on which I sit. We have signals of opportunities that we have in the marketplace that come through a full case study review, with recommendations on whether Microsoft will go forward. We follow a decision model that includes the maturity of the technology, the intended use of the technology, the user and the historical pattern of use by that technology – which country, which agency within which country? What is their track record, if you will? Within sensitive use, we look at, does this technology deny access to services? Does this technology infringe on any personal or human rights? Is this technology mature enough to be deployed in the manner it is? How many unknowns are there? We stop projects or we don’t start projects with a concern, if that rises to the level of what’s escalated to our CEO.”
LIGHTER CLICK: A love story for the ages
AN OP-ED TO CHEW ON: Industrial food system is at the heart of biodiversity degradation and climate change.
NOTABLE LINKS FROM AROUND THE WEB:
Texas attorney general, Google’s new competition cop, says everything is ‘on the table.’ (The Washington Post)
U.S. using trade deals to shield tech giants from foreign regulators. (The New York Times)
After Hearthstone player’s ban, Blizzard is in hot water with lawmakers. (The Verge)
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
