Russia export controls and sanctions

Requiring a warrant for backdoor searches is one way to curb surveillance abuse under the Foreign Intelligence Surveillance Act, House Judiciary Committee members were told Friday during a hearing on FISA reauthorization (see 2306130053).

The FBI isn’t “in the business” of moderating social media content or forcing companies to limit speech, Director Christopher Wray told the House Judiciary Committee Wednesday.

Ukraine continues to be a vibrant IT market despite the ongoing war, speakers said Thursday during the Ukraine Recovery Conference, held Wednesday and Thursday in London. Ukraine led the world in digitization even before Russia invaded and continues to do so, being an example for other countries on e-government, they said. It's now the best place for the world's public and private sectors to test digital products, services and hypotheses, said Prime Minister Mykhailo Federov.

Russian cyber hackers exploited several federal agencies through a file transfer vulnerability, Cybersecurity and Infrastructure Security Agency Director Jen Easterly told reporters Thursday. This isn’t a campaign “like SolarWinds that presents a systemic risk to our national security or our nation’s networks,” she said, but CISA is working with the FBI and others to “understand prevalence within federal agencies.” The Department of Energy was reportedly one of the agencies affected. The FTC wasn't hit, an agency official said Friday. The FCC didn’t comment. At this point, CISA believes threat actors are “only stealing information that is being stored on the file transfer application at the precise time that the intrusion occurs,” she said. Based on conversations with the Joint Cyber Defense Collaborative, “these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high value information -- in sum, as we understand it, this attack is largely an opportunistic one,” she said. CISA isn’t aware of the attackers threatening to “extort or release any data stolen from U.S. government agencies.” CISA issued a joint cybersecurity advisory with the FBI June 7, recommending protective measures against Russia’s CL0P Ransomware Gang. The cyber group has been trying to exploit a “vulnerability in Progress Software's managed file transfer solution, known as MOVEit, to steal data from underlying MOVEit Transfer databases,” she said. CISA is working with the FBI, Progress Software and federal partners to understand the extent of the intrusions. “At this time, we are not tracking any significant impacts to the federal civilian executive branch (.gov) enterprise but are continuing to work with our partners on this issue,” said Easterly. House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., and ranking member Frank Pallone, D-N.J., are seeking briefings from DOE and federal officials to understand the “severity of the attack,” they said Friday: “The wide scale nature of this attack underscores the importance of bolstering the ability of industry specific federal agencies to secure America’s critical infrastructure and respond to complex attacks.”

Bipartisan legislation announced Thursday would set certain federal funding and operational bans for drones made in China, Russia, Iran, North Korea, Venezuela and Cuba. Introduced by Senate Intelligence Committee Chairman Mark Warner, D-Va., and Sen. Marsha Blackburn, R-Tenn., the Stemming the Operation of Pernicious and Illicit (STOP Illicit) Drones Act would prohibit the FAA from providing federal funds to companies based in the listed countries. The bill would also bar the FAA and its contractors from “procuring or operating drones produced” in those countries. FCC Commissioner Brendan Carr has drawn agency attention to the issue in the past (see [RefL2110190051]).

Online platforms must do more to counter fake information, European Commission Vice-President Vera Jourova said Monday after meeting with signatories to the voluntary EU code of practice on disinformation. The Russian war in Ukraine opened a new chapter, as disinformation began when Russia annexed Crimea, she said. "This is not business as usual" since Russia is trying to subvert and undermine support for Ukraine and lower citizens' trust in democratic institutions: The code, however, is helping to support Ukraine to win the war. Jourova said she now wants code signers to develop a plan to implement the provisions of the Digital Services Act (DSA) when it takes effect Jan. 1, since there's interplay between the legislation and the code. She said she also expects companies, especially major online platforms, to do more to address Russian and pro-Kremlin disinformation; invest significantly more in fact-checking, particularly in smaller EU countries and in all EU languages; and give researchers better access to data because it's of "strategic importance" to policymakers. Jourova also asked signers to create a separate track to discuss what they plan to do about ChatGPT and similar services, because the current agreement doesn't cover generative AI. Those talks should address how businesses that incorporate generative AI into their service will build necessary safeguards to prevent it from being used by bad actors; and how companies that provide such services can put in place mechanisms to recognize such content and label it for users. Jourova said it's a mistake for Twitter to drop out of the code because doing so will attract attention and supervision from the EU. Moreover, she said, as a very large platform, it will still have to comply with the DSA. The code now has 44 signatories, including Facebook, and YouTube, she noted.

The International Space Station maneuvered twice in a week to avoid potential orbital debris collisions, NASA said Wednesday. The first episode was March 6 to avoid a projected collision with an Argentinian earth observation satellite, and the second was March 14 to avoid debris from Russia's November 2021 anti-satellite test. NASA said they were ISS' 34th and 35th collision avoidance maneuvers against tracked objects since 1999.

Commenters opposed Stadler Signalling Deutschland’s request at the FCC (see 2304040055) to operate its automatic train protection system in the 100 kHz band at higher power levels than FCC rules allow. Comments were due at the FCC Thursday in docket 23-133. Hellen Systems raised concerns about protecting long-range navigation (Loran) and enhanced-Loran (eLoran) systems. “Stadler’s primary argument in requesting this waiver is that LORAN C, which operates in the 90-110 kHz band, is ‘obsolete’ and therefore no longer needed,” Hellen said: “This, unfortunately, is a gross mischaracterization of the status of LORAN technology and its current place as a compelling radio navigation solution to meet our growing resilient Position, Navigation and Timing (PNT) needs.” ELoran “is very much alive internationally and under serious consideration by multiple departments of the federal government for use domestically” to supplement GPS, the company said. “While the United States terminated its Loran-C system in 2010, interest in using the spectrum for radionavigation remains,” the Resilient Navigation and Timing Foundation said. Russia and Saudi Arabia still operate Loran-C radionavigation systems and eLoran is used in the U.K., China and South Korea, the group said: “The applicant has not made a compelling case that it should no longer be reserved for that purpose, nor that other frequencies are unsuitable and/or unavailable for applicant’s desired purpose.” Continental Electronics also raised Loran concerns. ELoran “remains relevant and is not obsolete,” the company said: “There is government wide and international interest in pursuing its development and deployment.” UrsaNav cited use across the world of Loran technology. “The 90-110 kHz spectrum is internationally reserved,” UrsaNav said: “Although use of Loran is in transition globally, several nations continue to operate Loran-C and/or its successor, Enhanced Loran.” Microchip Technology opposed the waiver, saying use of the band as proposed “could interfere with eLoran signal reception, which would undermine the ability for eLoran to serve as a back-up to GPS for national critical infrastructure and other PNT applications.”

The FCC’s proposals to update the foreign-sponsored content rules (see 2301250067) exceed the agency’s authority, said representatives of NAB, Fox, NBCU, Gray Television and the Multicultural Media, Telecom and Internet Council this week in meetings with aides to Commissioners Nathan Simington and Brendan Carr, according to an ex parte filing posted Thursday in docket 20-299. Requiring broadcasters to obtain certifications from programming lessees is a burden on broadcasters and will clutter the FCC’s online public inspection files with useless documents, the broadcasters said. “We cannot conceive of a single public benefit from littering stations’ online public files with thousands of certifications stating that innumerable local entities -- churches, family-owned businesses, and high school football programs -- are not agents of Russia or China,” the broadcasters said. If the FCC goes forward with the proposals, it should clarify the rule doesn’t apply to ads for commercial products and services, and limit the public file requirement to instances where a lessee is a foreign governmental entity, the broadcasters said. The agency should also exclude religious and local programming from the rules, they said.

Montana is right to try to ban TikTok across the state, but it’s unclear how such a prohibition can be enforced at the state-level, Republican senators told us in interviews last week. Consumer groups and the tech industry condemned the Montana measure as unconstitutional.