The Information Technology Industry Council and Software & Information Industry Association wrote President Barack Obama Monday opposing “any policy actions or measures” by the federal government that would undermine encryption technologies, said an ITI and SIIA news release Tuesday. Citing the role encryption technology plays in protecting consumers’ privacy and data security, ITI and SIIA asked Obama in their letter to work with the tech industry to “find a pathway forward that ‘preserves security, privacy, and innovation,'” the release said. Policies that mandate weakened encryption standards to allow for government access are impractical and “compromise the security” of technology products and services, “rendering them more vulnerable to attacks,” the letter said. Consumer trust would be eroded, it said. “The U.S. policy position on encryption will send a signal to the rest of the world,” the letter said. “Should the U.S. government require companies to weaken encryption technology, such requirements will legitimize similar efforts by foreign governments,” which would “threaten the global marketplace as well as deprive individuals of certain liberties,” the letter said. ITI and SIIA recognize the issue of encryption is “extremely complex” and has implications domestically and internationally, the letter said. The release said they seek an open dialogue with the administration on encryption policies.
The Department of Homeland Security Science and Technology Directorate (S&T) Cyber Security Division has made it a top priority to develop tools to prevent criminals from using malicious software and is ready to demonstrate its new malware detection technologies at the Transition to Practice Technology Demonstration Day for Investors, Integrators and IT Companies in Santa Clara, California, Tuesday, an S&T blog post said. One of the technologies S&T developed is the Federated Malware Analysis System (FMAS), which is a CSD-funded technology that counters the strengths of a malware attacker by clustering malware behaviors into “families” so it’s easier to detect, the post said. “Our aim is to work with our private sector partners to protect the nation’s critical infrastructure systems and commercial marketplace,” S&T Cyber Security Division Director Douglas Maughan said. “Showcasing and, most importantly, transitioning these technologies into the commercial market will be impactful to all organizations engaged in securing cyberspace and protecting various organizations such as government, public utilities and healthcare,” Maughan said. “We know these solutions can impact the cyber landscape that the Department is working to protect,” said S&T Cyber Security Division Transition to Practice Program Manager Michael Pozmantier.
Two years ago, on June 5, National Security Agency contractor Edward Snowden’s revelations about the agency's bulk data collection program were reported in The Guardian. In an email sent out on behalf of the American Civil Liberties Union Friday, Snowden said there has been much progress on privacy in the past two years, but “the right to privacy remains under attack.” Surveillance of private phone calls under the Patriot Act is ending, but many other programs have yet to be revised, Snowden said. “We needed to push back and challenge the lawmakers who defend these programs,” because a “vote in favor of mass surveillance is a vote in favor of illegal and ineffective violations of the right to privacy for all Americans,” he said. “As I said on Reddit last month, arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”
“Bottom line is that the USA Freedom Act protects Americans’ civil liberties and enhances our national security,” said House Judiciary Committee Chairman Bob Goodlatte, R-Va., in a column on his website Friday. “In addition to ending the bulk collection of data by the federal government, the USA Freedom Act increases the transparency of the government’s intelligence-gathering programs by making more information available to the American public,” Goodlatte said. “It requires the declassification of all significant court opinions, mandates the Attorney General and the Director of National Intelligence provide the public with detailed information about how they use national security authorities, and provides technology companies with a range of options for describing how they respond to national security orders,” he said. “While this new law preserves key intelligence-gathering authorities, it replaces the NSA’s current, unlawful program with a new, targeted call detail records program." USA Freedom doesn’t stop the bulk collection of phone or email content authorized under Section 702 of the Foreign Intelligence Surveillance Act (FISA) or fiber taps authorized by executive order 12333, former NSA intelligence official-turned-whistleblower William Binney told us. There are 80 to 100 taps on fiber cables in the lower 48 states and they're not solely along the coasts, so they can’t be just for foreigners, Binney said. Metadata collected from Section 215 of the Patriot Act was used to fill in the content gaps, he said. Following an article in The New York Times and ProPublica Thursday that said the NSA conducted warrantless surveillance on Americans’ international Internet traffic to search for malicious attacks, the Center for Democracy & Technology in a news release Friday called the NSA’s expanded role in battling cyberattacks troubling. Leaked documents show that the NSA is using Section 702 of FISA “in a far broader manner than previously understood,” CDT said. “By using Section 702 to collect information directly from main Internet cables in the U.S., the NSA is sweeping up communications of Americans, including those who have been victimized by cyber attacks,” it said. “The NSA sees surveillance as the flipside of cybersecurity,” said CDT Freedom, Security and Technology Project Director Greg Nojeim. “Being the victim of a cyber attack should not be a reason for the NSA to collect your communications and mine them for intelligence purposes,” Nojeim said. "The backdoor search loophole in Section 702 of FISA is a far bigger problem than we thought,” he said, especially since “collection under Section 702 gets the actual content of communications.”
The California State Senate approved Democratic Sen. Mark Leno-sponsored SB-178, which modernizes California’s privacy laws to keep up with emerging technologies, in a 39-0 vote Wednesday, a Leno news release said. The bill, also known as the California Electronic Communications Privacy Act (Cal-ECPA), “protects Californians against warrantless government access to private electronic communications such as emails, text messages and GPS data that are stored in the cloud and on smartphones, tablets, laptops and other digital devices,” it said. “For what logical reason should a handwritten letter stored in a desk drawer enjoy more protection from warrantless government surveillance than an email sent to a colleague or a text message to a loved one?” Leno said. The bill was co-sponsored by Republican Sen. Joel Anderson and supported by more than a dozen tech companies including Apple, Facebook, Google and Twitter, the release said. California Executive Director of the Internet Association Robert Callahan said it’s time to update laws because Californians expect their inboxes to have the same safeguards as their mailboxes. The bill was backed by the American Civil Liberties Union, Electronic Frontier Foundation and the California Newspaper Publishers Association, it said. “Californians should be able to use smartphones, email, social networks and any other modern technology without worrying about whether their personal lives will remain private,” said Chris Conley, policy attorney with the ACLU of Northern California. “Especially after revelations of warrantless mass surveillance by the NSA, California needs to catch up with other states across the nation, including Texas and Maine, which have already updated their privacy laws for the modern digital world,” Conley said. “CalECPA is a comprehensive digital privacy bill that is consistent with the strong protections provided in the California Constitution,” said EFF Activist Adi Kamdar. “As technology increasingly becomes a part of our everyday lives, it is crucial to update state laws pertaining to electronic devices, emails, texts and more,” he said. The bill will be heard in the Assembly this summer, the release said.
Rep. Suzan DelBene, D-Wash., wrote a letter to FBI Director James Comey Thursday “demanding explanations to recent [news] reports that the agency used aircraft for secret surveillance missions over several U.S. cities,” including Baltimore, Boston, Chicago, Dallas, Houston, Minneapolis, Phoenix, Seattle and in southern California, a news release said. “Some of these aircraft were reported to be equipped with advanced surveillance devices that can pick up data from thousands of cell phones and capture high-definition images,” the letter said. “The possibility that that these surveillance activities are being approved without clear guidelines or judicial oversight to protect Americans from warrantless intrusions of their privacy is highly concerning,” the letter said. Reps. Ted Deutch, D-Fla.; Zoe Lofgren, D-Calif.; David Cicilline, D-R.I.; Hakeem Jeffries, D-N.Y.; John Conyers, D-Mich.; Cedric Richmond, D-La.; Judy Chu, D-Calif.; Scott Peters, D-Calif.; Karen Bass, D-Calif.; Chris Van Hollen, D-Md.; Steve Cohen, D-Tenn.; Jerrold Nadler, D-N.Y.; Hank Johnson, D-Ga.; John Yarmuth, D-Ky.; and Sheila Jackson Lee, D-Texas, joined DelBene in signing the letter to Comey. The lawmakers asked Comey for a briefing on the program and for answers to questions to be answered before June 26. Questions include: Under what legal theory did Justice Department lawyers approve the creation and use of fake companies to hide the government’s link to these aircrafts? Under what circumstances are warrants sought for these surveillance operations? How many warrants have been sought and how many were obtained in the past year for use of cell-cite stimulators or comparable devices? What is the agency’s privacy policy for surveillance by piloted aircraft equipped with high-tech cameras and cellphone tracking devices? What surveillance technologies or devices are the aircraft equipped with? What safeguards are in place to protect the civil liberties of those who aren't subjects of an investigation? What's done with extraneous data captured by these surveillance activities? And, are there limits on the duration of surveillance activities? A spokesman for the FBI was unable to confirm receipt of the letter, but an FBI news release Thursday addressed the issue, saying the FBI “routinely uses aviation assets in support of predicated investigations targeting specific individuals and, when requested and appropriate, in support of state and local law enforcement.” The release said contrary to media reports, the “FBI’s aviation program is not classified,” and some of the FBI’s aircraft are registered covertly because “overt registration would put our aircraft and operations at risk of compromise.” The Department of Justice oversees covert registration, which is done in full compliance with the Attorney General Guidelines and the FBI’s domestic Investigations and Operations Guide for undercover operations, the release said. “The FAA is fully aware and supportive of this practice,” the release said. The aircraft are not equipped, designed or used for bulk collection activities or mass surveillance, and “are not routinely equipped with cell site simulators,” the release said. Lawfully protected First Amendment activity is not monitored, it said. FBI Deputy Director Mark Giuliano said the planes are used to follow terrorists, spies and serious criminals. “We have an obligation to follow those people who want to hurt our country and its citizens, and we will continue to do so.”
FTC Commissioner Maureen Ohlhausen will deliver opening remarks at the FTC’s June 9 workshop on issues raised by the "sharing economy," a news release said Thursday. California Public Utilities Commissioner Catherine Sandoval will make a presentation in the afternoon, it said. “Panels will explore sharing economy platforms, mechanisms for trust in the sharing economy, and various perspectives on the interplay between competition, consumer protection, and regulatory issues,” the release said. “Panelists and speakers will include academics from a number of leading universities, representatives from sharing economy businesses including Uber and Airbnb and self-regulation organizations, and former and current state and local government officials.” The full agenda is on the workshop’s Web page. The workshop begins at 8:45 a.m. at the FTC’s Constitution Center offices in the A, B and C conference rooms located at 400 7th St. SW.
Sunlight Foundation President Christopher Gates decried Twitter’s decision to cut off Twitter API access for the group’s Politwoops website, saying in a blog post Thursday that the action “is a reminder of how the Internet isn’t truly a public square. Our shared conversations are increasingly taking place in privately owned and managed walled gardens, which means that the politics that occur in such conversations are subject to private rules.” Twitter confirmed Wednesday that it won’t “restore Twitter API access” for the Politwoops website, which tracks Tweets that politicians delete. “We strongly support Sunlight’s mission of increasing transparency in politics and using civic tech and open data to hold government accountable to constituents, but preserving deleted Tweets violates our developer agreement,” Twitter said in a statement. “Honoring the expectation of user privacy for all accounts is a priority for us, whether the user is anonymous or a member of Congress.” Sunlight created the Politweeps website “because public communications from public officials should be available to anyone who wants to see them,” Gates said. “The site isn't just about blunders, but rather revealing a more intimate perspective on our politicians and how they communicate with their constituents.” Twitter allowed Politweeps to have Twitter API access in 2012 after Sunlight pledged to “create a human curation workflow to ensure that the site screened out corrected low-value tweets like typos, links and Twitter handles,” Gates said. “We are truly mystified as to what prompted the change of heart, and it's deeply disappointing to see Twitter kill a project they had supported since 2012. … Clearly, something changed -- and we’re not likely to ever know what it was.”
New America released databases on drone regulation and civil use, a news release said Wednesday. The database at drones.newamerica.org is a joint effort of New America’s International Security Program and Open Technology Institute. Until the release of the database, “drone users have not had a single destination with up-to-date information about worldwide drone regulations,” the release said. While regulation of unmanned aerial vehicles changes quickly in some countries, others “lack a clear regulatory regime,” which is why New America created a map to provide “the best available information about the current state of global drone regulation.” The database includes more than 120 civil drone projects to illustrate diverse uses of drones in such areas as disaster responses, mapping efforts and environmental monitoring. Drone users, regulators and interested members of the public can send details of drone-related developments to New America via Web form or email, the release said. “These databases will be a valuable resource both for people seeking to fly drones and for those seeking to understand what drones are capable of accomplishing,” said Peter Bergen, New America director-International Security and Future of War Programs.
The FCC is likely to lose an appeal of its net neutrality rules on First Amendment grounds because the rules are a violation of the rights of ISPs to function as a free press, argued Fred Campbell, executive director of the Center for Boundless Innovation in Technology, in a new paper. “If the FCC had admitted the Internet offers communications capabilities that are functionally equivalent to the printing press, mail carriage, newspaper publishing, over-the-air broadcasting, and cable television combined, it would have been too obvious that classifying broadband Internet service providers as common carriers is unconstitutional,” said Campbell, former chief of the FCC Wireless Bureau. “Like all other means of disseminating mass communications, broadband Internet access is a part of the ‘press’ that the First Amendment protects from common carriage regulation.” The FCC argued in the order that ISPs aren't entitled to freedom of expression, “but its declaration does not meet the straight face test,” Campbell said. To uphold the order, an appeals court would have to hold that “there is no constitutional right to access mass media communications,” Campbell said. “That would make the [FCC declaratory ruling] Second Internet Order a landmark First Amendment case that would be almost certain to garner Supreme Court review. Given the strong preference of lower courts for following Supreme Court precedent when deciding constitutional issues, the FCC is very likely to lose on First Amendment grounds in an initial appeal of the Second Internet Order.”