A Republican bill aimed at alleged social media censorship in Ohio passed the House “informally” Monday, meaning the speaker is holding the bill on the House calendar. Introduced by Rep. Scott Wiggam (R), HB 441 would allow social media users to sue platforms for viewpoint discrimination, similar to laws passed in Texas and Florida (see 2203080071). Wiggam has “every intention of seeing this bill get through the House,” an aide told us Tuesday. The bill, which has no Democratic sponsors, also passed informally in June.
Elon Musk’s leadership at Twitter will differ from his previous business ventures because he’s now operating in the heavily unregulated realm of social media, former FCC Chairman Tom Wheeler wrote Monday. A visiting fellow at the Brookings Institution, Wheeler said Musk is "now outside the rules-based worlds in which he has flourished." Musk, “who made his money in businesses governed by hard science and regulation” now must navigate a “messy reality where companies make money by selling advertisements to users attracted by virtually unbridled outrage, conflict, and misinformation,” Wheeler said.
FCC Commissioner Brendan Carr drew attention Monday to a bipartisan House Commerce Committee letter questioning why Apple and Google allow TikTok on their app stores. Carr has repeatedly cited national security and data security concerns about the popular Chinese social media app (see 2210210072). He cited letters from last week signed by House Consumer Protection Subcommittee Chair Jan Schakowsky, D-Ill., and ranking member Gus Bilirakis, R-Fla. “Turning a blind eye to an application that permits such surveillance endangers Americans, specifically the overwhelming number of teenagers that use TikTok,” Carr quoted from their letter in his tweet Monday.
Elon Musk’s “policy intentions” at Twitter “could significantly harm the Latine community by dismantling necessary safeguards against hate speech and disinformation,” National Hispanic Media Coalition CEO Brenda Castillo said Monday. NHMC is concerned Twitter’s content moderation council will include people who “actively promote hate and disinformation,” Castillo said, arguing staff cuts will mean less content moderation. She raised concerns about Musk’s reported plans to reinstate former President Donald Trump on the platform.
Chegg failed to establish basic security measures, exposing sensitive data of about 40 million customers and employees, the FTC alleged Monday in a proposed complaint against the education technology company. The commission voted 4-0 to issue a complaint against Chegg, saying the company failed to fix data security problems despite experiencing four breaches since 2017. The agency didn’t issue a fine against the company, but Chegg faces civil penalties of $46,517 for each subsequent violation. The company stored personal data on the cloud in plain text and used weak, outdated encryption standards to protect user passwords until at least 2018, the FTC said. Despite three phishing attacks, the company didn’t implement a written security policy until January, the FTC said. The company must implement multifactor authentication and establish a comprehensive data security program documenting how it collects data and when to delete it. Attorneys for Chegg didn’t comment.
The Biden administration’s IoT labeling program will help consumers gauge the level of security for internet-connected devices across sectors, Anne Neuberger, deputy national security adviser for cyber and emerging technology, said Thursday. The White House anticipates a program rollout in the spring, she said. Data shows consumers are willing to pay more for security, she said during a Center for Strategic and International Studies event: Consumers value security, but they can’t make a “security decision” because when they buy products like smart TVs, there’s no way to compare the security features. The U.S. needs to make sure it harmonizes regulations across sectors because companies operate across the economy, said National Cyber Director Chris Inglis. They discussed cybersecurity issues at large. Neuberger urged companies not to pay ransoms for ransomware attacks. While it helps the company being attacked, it incentivizes the continued illegal activity, she said.
Passwords continue to be the leading cause of businesses’ cyber breaches, said Consolidated Communications Wednesday, saying 81% of breaches are caused by weak or stolen passwords. Employees’ “faulty memories” lead most people to reuse passwords across platforms, the company said, which “creates an ideal scenario for hackers.” Once hackers penetrate a network, “new forms of attack are making them harder to detect than ever before.” The company encourages proactive network management, a strong firewall and zero-trust network security policies.
Public Knowledge helped launch a coalition of public interest advocates Tuesday, with the goal of making the internet work “better for everyone.” Other organizing partners in the Movement for a Better Internet are the Creative Commons, the Niskanen Center, the Wikimedia Foundation, the Internet Archive, Derechos Digitales and the Association for Progressive Communications. The internet is “fraught” with “misinformation and manipulation; deceptive privacy practices; and all-powerful, unaccountable gatekeepers,” PK Senior Policy Analyst Lisa Macpherson said. “By joining the movement, we can ensure an internet shaped by our shared public interest values -- an internet that puts people and communities first.”
The U.S. is seeking the extradition of a Ukrainian national who allegedly led an international malware campaign that infected millions of computers globally, DOJ said Tuesday, announcing an indictment for crimes associated with Raccoon Infostealer. According to DOJ, Mark Sokolovsky, 26, leased access to the malware for $200 per month. Customers used Raccoon Infostealer to collect personal and financial information from victims’ devices. Sokolovsky, who's being held in the Netherlands on a U.S. extradition request, faces "20 years in prison for the wire fraud and money laundering offenses, five years for the conspiracy to commit computer fraud charge, and a mandatory consecutive two-year term for the aggravated identity theft offense."
Academics make up the entire roster of panelists for the FTC’s Nov. 1 PrivacyCon, the agency announced with its final agenda Tuesday. FTC Chair Lina Khan and Chief Technology Officer Stephanie Nguyen will give opening remarks. Academic panels will follow from 9:25 a.m. to 5 p.m. on consumer surveillance, automated decision-making, children’s privacy, devices, augmented reality, dark patterns and adtech.