The White House highlighted its 2015 cybersecurity efforts Thursday, saying its pace on addressing those issues will continue to increase “as the cyber threat continues to increase in severity and sophistication.” The White House’s retrospective went public amid its joint disclosure with the Office of Personnel Management (OPM) that the OPM data breach revealed in June affected an additional 21.5 million people beyond initial estimates (see 1507090049). The White House said its 2015 cybersecurity efforts include President Barack Obama’s Feb. 13 executive order to encourage cyberthreat information sharing (see 1502130048) and his April 1 executive order authorizing the attorney general and the secretaries of State and Treasury to impose sanctions on foreign-based entities launching cyberattacks against U.S. networks (see 1504010057). More recently, U.S. Chief Information Officer Tony Scott launched a 30-day “Cybersecurity Sprint” in June, ordering federal agencies to review and improve their cybersecurity policies (see 1506150071), the White House said. The Obama administration has also reached cybersecurity-related agreements with Brazil, India, Japan, the U.K. and the Gulf Cooperation Council, the White House said. “Since cybersecurity is about managing risk throughout the entire enterprise over the long-term, not through isolated, one-off actions, the Administration will continue to build on these efforts in the future,” the White House said. Meanwhile, the Department of Commerce said Thursday that the Internet Policy Task Force’s (IPTF) first cybersecurity multistakeholder process will focus on vulnerability research disclosure. The IPTF had been collecting input from industry stakeholders on potential cybersecurity topics it should explore (see 1506010055). The process, which NTIA is set to convene in September, is meant to create common principle and best practices related to security vulnerability information disclosures, said Deputy Assistant Commerce Secretary-Communications and Information Angela Simpson in a blog post. Commerce is urging security researchers, software vendors and other industry stakeholders “interested in a more secure digital ecosystem” to participate in the multistakeholder process, Simpson said.
Netflix Chief Content Officer Ted Sarandos was among those attending a Democratic National Committee fundraiser featuring President Barack Obama in Beverly Hills, California, Thursday at the home of filmmaker Tyler Perry, said White House pool reports. About 250 supporters paid $2,500 to $33,400 each to attend, the reports said. Netflix has been a vocal lobbying force in the net neutrality debates for more than a year and strongly pressured the FCC to reclassify broadband as a Communications Act Title II service, as Obama himself did in November.
The Information Technology Industry Council and Software & Information Industry Association wrote President Barack Obama Monday opposing “any policy actions or measures” by the federal government that would undermine encryption technologies, said an ITI and SIIA news release Tuesday. Citing the role encryption technology plays in protecting consumers’ privacy and data security, ITI and SIIA asked Obama in their letter to work with the tech industry to “find a pathway forward that ‘preserves security, privacy, and innovation,'” the release said. Policies that mandate weakened encryption standards to allow for government access are impractical and “compromise the security” of technology products and services, “rendering them more vulnerable to attacks,” the letter said. Consumer trust would be eroded, it said. “The U.S. policy position on encryption will send a signal to the rest of the world,” the letter said. “Should the U.S. government require companies to weaken encryption technology, such requirements will legitimize similar efforts by foreign governments,” which would “threaten the global marketplace as well as deprive individuals of certain liberties,” the letter said. ITI and SIIA recognize the issue of encryption is “extremely complex” and has implications domestically and internationally, the letter said. The release said they seek an open dialogue with the administration on encryption policies.
The White House sent a message Thursday saying FCC Commissioner Jessica Rosenworcel's renomination for a five-year commissioner term was sent to the Senate, following an earlier message Wednesday announcing the administration’s intent to do so. "Jessica Rosenworcel, of the District of Columbia, to be a Member of the Federal Communications Commission for a term of five years from July 1, 2015. (Reappointment)," the renomination said. Earlier Thursday, a Senate aide had told us that the Senate hadn't received any formal renomination paperwork. Rosenworcel, a Democrat, is expected to face a hearing eventually (see 1505210047). Her term expires June 30, and she’s empowered as a commissioner through the end of next year even without Senate action. Industry groups applauded the news, from the American Cable Association to CEA to NTCA.
The Broadband Opportunity Council got only a handful of questions Wednesday during a webinar designed to answer broad queries as it seeks public input on barriers hampering broadband deployment. The council was established March 23 by President Barack Obama and is led by the Departments of Agriculture and Commerce, through the Rural Utilities Service and NTIA. “The plan is to make sure that we develop a national broadband expansion plan,” said Keith Adams, assistant administrator at RUS, who spoke during the webinar. “We must use the unique opportunity to collectively join in with the president’s broadband mission and deliver unprecedented impact.” The council already is taking a close look at all federal programs that support broadband “or have the potential to promote broadband services via any type of modifications to rules or regulations,” he said. The council is seeking recommendations from agencies for executive actions and will prepare a final report to the president in August, he said. “We want to make sure that we’re getting all kinds of information from industry, from state, local governments, from anybody who has a stake in understanding how we can provide broadband,” Adams said. The council wants “firsthand feedback on the current issues,” said Douglas Kinkoph, acting associate administrator over the NTIA Office of Telecommunications and Information Applications. “We want to solicit new, bold ideas,” he said. “We’re open to all ideas and issues that you are experiencing.” Comments should cover adoption and deployment issues, Kinkoph said. “It’s important to be specific in regards to the programs, rules, agencies, obstacles and opportunities.” Commenters should avoid addressing issues already before the FCC, such as net neutrality or intercarrier compensation, he said. The council said in a May 6 notice it's seeking comment on: “(i) Ways the federal government can promote best practices, modernize outdated regulations, promote coordination, and offer more services online; (ii) identification of regulatory barriers to broadband deployment, competition, and adoption; (iii) ways to promote public and private investment in broadband; (iv) ways to promote broadband adoption; (v) issues related to state, local, and tribal governments; (vi) issues related to vulnerable communities and communities with limited or no broadband; (vii) issues specific to rural areas; and (viii) ways to measure broadband availability, adoption, and speed.” Comments are due June 10.
Nearly 150 privacy and human rights organizations, technology companies, trade associations and individual security and policy experts sent a joint letter to the White House Tuesday, defending Americans’ right to use strong encryption to protect their data and opposing the mandatory “backdoor” idea that would allow the government to access encrypted data. The debate over encryption was sparked by Apple’s announcement that new iPhones would be encrypted by default, the groups said. In response to law enforcement and intelligence officials, including FBI Director James Comey, who say Congress should legislate government access to encrypted devices, the letter said strong encryption is the “cornerstone of the modern information economy’s security.” It “protects billions of people every day against countless threats -- be they street criminals trying to steal our phones and laptops, computer criminals trying to defraud us, corporate spies trying to obtain our companies’ most valuable trade secrets, repressive governments trying to stifle dissent, or foreign intelligence agencies trying to compromise our and our allies’ most sensitive national security secrets.” They urged President Barack Obama to “reject” any proposal that would require U.S. companies to deliberately weaken the security of their products and to “focus on developing policies that will promote rather than undermine the wide adoption of strong encryption technology." Adobe, Apple, the Center for Democracy & Technology, Cisco, CEA, Electronic Frontier Foundation, Facebook, Google, Hewlett-Packard, Internet Association, Microsoft and New America Foundation’s Open Technology Institute were among the signees. “The President has been letting his top intelligence and law enforcement officials criticize companies for making their devices more secure, and letting them suggest that Congress should pass anti-encryption, pro-backdoor legislation,” even though “encryption backdoors are bad for privacy, bad for security, bad for human rights, and bad for business,” New America’s Cybersecurity Initiative co-Director Kevin Bankston said in a news release. “Even the White House Review Group on Intelligence and Communications Technologies has joined with most leading security experts to agree that strong encryption of data is necessary to protect against hacking and other computer fraud and abuse,” said Computer & Communications Industry Association President Ed Black in a news release.
The White House is "aware" of Sen. John Thune’s concerns, National Security Council spokesperson Mark Stroh told us in response to South Dakota Republican's letter (see 1505040039). “While we will not comment further on details of the [Executive Office of the President] activity we have previously publicly disclosed and briefed to the Hill, we have consistently supported timely notification in the event of data breaches, consistent with existing federal policy,” Stroh said. “It is White House practice to act consistent with this policy and its security considerations that are necessary to protect Federal networks,” he said.
Sen. John Thune, R-S.D., wrote President Barack Obama asking whether the recent data breach on the White House information system compromised Americans’ personally identifiable information (PII), said a Thune news release Sunday. Thune, chairman of the Senate Commerce Committee, wrote in Thursday's letter that the “malicious cyber intrusion on the unclassified computer system of the White House, attributed to Russian hackers,” allowed access to a “great deal of sensitive information such as schedules, policy discussion, and e-mails you sent and received, including exchanges with ambassadors,” and Americans' PII. To enter the White House for an official business meeting, tour or social function, an individual “must submit his or her date of birth, social security number, gender, country of birth, citizenship and place of residence,” Thune said. Since the information is usually emailed, Thune said he was concerned “this recent incident may have exposed the personally identifiable information of many individuals and they may, as yet, be unaware of their vulnerability.” Just "like any entity that handles personally-identifiable information, the White House has a responsibility to notify Americans if the recent, or any future breach, results in a compromise,” said Thune. “If such information has been lost, the White House still has a responsibility to victims even if it believes the hack was perpetrated by foreign spies and not cyber thieves.” Reports of increased attacks on executive branch departments and agencies “raise serious questions” whether they're “adequately prepared to address vulnerabilities and protect sensitive information,” Thune said. He asked the White House to respond to questions by May 15: whether the cyber incident resulted in the access or loss of PII; if yes, whether the White House notified those affected in a manner consistent with Office of Management and Budget policy, the Privacy Act and Obama’s "recommended direction to business entities under [his] data breach notification legislative proposal”; steps the White House took protect against similar incidents; and what policies the White House has to ensure individuals are notified when PII is compromised. The White House had no immediate comment.
Sen. Bernie Sanders, I-Vt., who has been especially outspoken on net neutrality, is seeking the Democratic nomination in the 2016 White House race, he said Thursday. The only other Democratic contender is Hillary Clinton. Sanders backed Communications Act Title II reclassification of broadband. Sanders, ranking member of the Budget Committee, also has expressed the desire to spend billions of dollars on another round of broadband stimulus funding (see 1501280049). Sanders was one of the few lawmakers to have urged federal regulators to block Comcast's now-abandoned buy of Time Warner Cable (see 1504210032).
BSA, the IT Industry Council and the Silicon Valley Leadership Group were among the several tech groups we polled that by and large declined comment on news reports that ex-Hewlett-Packard CEO Carly Fiorina will declare her candidacy for the Republican presidential nomination May 4. The exception was CEA President Gary Shapiro who, when asked his reaction to Fiorina's impending candidacy, emailed us to say he was "initially thrilled as she is from the tech industry, keynoted CES, is a woman and has immersed herself in great charitable endeavors." However, "my enthusiasm waned dramatically as she supports patent trolls and attacked the tech industry for taking on the cause of equal treatment of gays," Shapiro said. "Not wise for any candidate to attack his or her business roots." As HP CEO, Fiorina used her January 2004 CES keynote to describe the introduction of the HP Entertainment Hub as “the central repository and distribution engine for digital content throughout the entire home,” according to a transcript of her speech that's still posted on the HP website. Within five years after being ousted from HP in 2005 (see 0502100150), Fiorina turned more political and ran an unsuccessful campaign as the Republican nominee to unseat Sen. Barbara Boxer, D-Calif. (see 1011040069). In recent years, Fiorina has become an outspoken advocate of conservative causes and chairs the American Conservative Union Foundation. In that role, she took the podium at a March 4 patent reform symposium to blast the Innovation Act as a cure in search of a disease and as a measure that would bolster big companies at the expense of small innovators, according to a transcript posted at IPWatchdog.com. Said Fiorina: “If the Innovation Act were law tomorrow, Thomas Edison would be a Patent Troll. Really? Some of our greatest inventors would be Patent Trolls under this law. Our universities would be patent trolls. We are fixing problems that don’t exist. We are boiling the ocean.” As for Shapiro’s criticism that Fiorina attacked the tech industry for its support of gay rights, that’s a reference to her calling out Apple CEO Tim Cook as a hypocrite in an April 2 Wall Street Journal interview for criticizing Indiana's new Religious Freedom Restoration Act while his company does business in multiple countries that discriminate against their own citizens or are guilty of human rights abuses. In the wake of the uproar over the Indiana law, which Fiorina has defended, Shapiro was among the more than 100 tech leaders who signed their names to a statement urging legislators to add nondiscrimination protections for LGBT people to civil rights laws, the Human Rights Campaign said earlier this month (see 1504070059). Fiorina's representatives didn’t comment on Shapiro’s remarks.