Overnight Cybersecurity: Senate Intel encryption bill in final stages
Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you…
THE BIG STORIES:
–I’M WAITING FOR THE MAN: Get ready for a fight. The chairman of the Senate Intelligence Committee told The Hill on Wednesday that a bill to give law enforcement access to encrypted data could come as early as next week. “I’m hopeful,” said Sen. Richard Burr (R-N.C.), who heads the Intel panel. The long-awaited bill — in the works since last fall’s terror attacks in Paris and San Bernardino, Calif. — is expected to force companies to comply with court orders seeking locked communications. The FBI and law enforcement officials have long warned that encryption is making it more difficult to uncover criminal and terrorist plots. Burr has been drafting legislation to address the issue with Sen. Dianne Feinstein (D-Calif.), his committee’s ranking member. Feinstein told The Hill she passed the text along earlier this week to White House chief of staff Denis McDonough. “My hope is since I was the one that gave it to Denis McDonough, they will take a look at it and let us know what they think,” she said. The White House last fall decided to back away from supporting similar legislative options, leading many to believe the administration will not champion the Burr-Feinstein effort. The Senate is scheduled to recess the last two weeks of March, meaning Burr and Feinstein have until March 19 to release their offering before the upper chamber breaks until April 4. When it arrives, the Burr-Feinstein bill will likely become the most controversial salvo in a heated Capitol Hill debate over whether and how Congress should act. The tech community, privacy advocates and a bipartisan contingent of lawmakers are expected to vociferously oppose the measure, which they believe would weaken security and damage America’s economic competitiveness. To read our full piece, click here.
{mosads}–WHAT BACKDOOR?: As expected, senators peppered Attorney General Loretta Lynch on Wednesday with a series of questions on the Apple-FBI feud at a Senate Judiciary Committee hearing. Apple recently rebuffed an FBI court order asking the tech giant to create software that would help unlock an iPhone used by one of the San Bernardino shooters. The company characterized the software as a “backdoor” that could give hackers access to all iPhones. At Wednesday’s hearing, Lynch insisted, “We do not want a backdoor into Apple or anyone else’s technology. What we are asking for is for Apple to comply with a valid court order.” Lynch continued: “We are not asking them to break encryption. We are not asking them to weaken encryption.” Increasingly, lawmakers on both sides of the debate have argued that Congress — not the courts — should settle the issues raised in the Apple-FBI standoff. Lynch on Wednesday said the Justice Department will not be proposing legislation on encryption policy. She demurred when asked by Sen. Lindsey Graham (R-S.C.) whether her department would be willing to draft legislation to achieve its goal of preventing what Lynch termed “warrant-proof” encryption. “I don’t think the department is at a point where we are drafting legislation here,” she said. Graham then pressed his colleagues to offer a bill instead. “Introduce some legislation requiring the technology companies to do what you want the judges to do. I’d like to look at it,” he said. “It’s just not enough to complain. If you think these companies should be required to do this, let’s sit down and see if we can introduce legislation.” To read about Lynch’s comment on backdoors, click here. To read about her comments on legislation, click here.
–WHAT INVESTIGATION?: Lynch also got pointed questions on Wednesday about the FBI’s investigation of Hillary Clinton’s private email server. “We don’t discuss the specifics of any ongoing investigation,” Lynch said in response to repeated queries from Sen. John Cornyn (R-Texas). “With respect to the procedure relating to any specific witness, I would not be able to comment,” Lynch said. Cornyn, the Senate’s No. 2 Republican, pressed Lynch on the Justice Department’s role in granting immunity to Bryan Pagliano, a former Clinton aide who is believed to have set up her “homebrew” email server. News of the Justice Department’s decision last week raised the stakes in the ongoing probe connected to Clinton’s unusual email behavior while she was secretary of State. “If, in fact, this was immunity granted by a court, that had to be done under the auspices and with the approval of the Department of Justice, which you head,” Cornyn, a former judge, told Lynch. The level of Justice Department involvement “would certainly depend on the type of immunity that was granted,” Lynch responded, while refusing to discuss Pagliano’s case. “With respect to Mr. Pagliano or anyone who has been identified as a potential witness in any case, I’m not able to comment on the specifics,” she added. Cornyn has been one of the Senate’s most vocal lawmakers about the investigation connected to Clinton’s server. To read our full piece, click here.
UPDATE ON CYBER POLICY:
–OUR PROBLEMS THREE (PLUS ONE MORE). The American Civil Liberties Union (ACLU) on Wednesday outlined four concerns about recently introduced legislation that would create a national commission to explore how law enforcement could get at secure data without infringing on people’s privacy rights.
The measure, from House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.), has been viewed as a compromise bill that could actually move amid the heated encryption debate on Capitol Hill.
While the Burr-Feinstein efforts have proved divisive, the McCaul-Warner legislation was introduced last week with a plethora of bipartisan co-sponsors, including seven in the upper chamber and 15 in the lower chamber.
But the ACLU is a bit wary of the commission for a few reasons:
-First, its overly broad mission threatens to open up a Pandora’s box of bad ideas.
-Second, the bill grants disturbingly broad subpoena authority to the commission.
-Third, the commission would be redundant.
-Fourth, the commission includes inadequate provisions to ensure that privacy and civil liberties viewpoints will be adequately represented.
Read the full explanation, here.
–COMING SOON. Sens. Gary Peters (D-Mich.) and David Perdue (R-Ga.) on Thursday will introduce a bill that aims to give state and local governments access to the federal resources and tools they need to combat cyber crime.
The so-called State and Local Cyber Protection Act is the upper chamber companion to a bill Rep. Will Hurd (R-Texas) introduced last November.
The legislation, Peters said in a statement, “will help ensure all levels of government are equipped with the best practices and resources to counter cyber threats.”
LIGHTER CLICK:
–POPPIN’ BOTTLES. During his victory speech Tuesday night, GOP presidential front-runner Donald Trump spent considerable time defending various “Trump” branded products. Naturally, that led to some of us thinking, “Where can I get my hands on all of these things?”
We may pull the trigger on a 1.5 liter magnum of Trump Sparking Wine. We’ll see…
In the meantime, enjoy some Yelp reviews of the actual Trump Winery itself.
“Classic Donald. A first class operation…great facilities, great friendly people. What more can you ask for. Join the wine club.” – 5 Stars
“Regardless of anyone’s views on Trump’s politics, there is no disputing this is an elegant winery.” – 4 Stars
“The bad news is that they feel like they want to make us feel bad if we don’t tip the staff.” – 2 Stars
“I had high hopes for this place after The Donald acquired it from Mrs. Kluge. But, alas, the place still reeks of pretentiousness. The only thing has changed is the new merchandise section marked with the ‘Trump Winery’ logo.” – 2 Stars
WHO’S IN THE SPOTLIGHT:
–THE TAXPAYER. Per The Associated Press: “Tax day is a little more than a month away, which means phishing season is in full swing. The IRS says it’s seen a “surge” this year in phishing emails, with thieves baiting special hooks for payroll and human-resources workers in hopes of snagging a company’s entire stash of employee Social Security numbers and other personal information. Meanwhile, tax-season phishing attacks against individuals are also up. Last month, the IRS said it had seen a quadrupling of phishing- and malware-related incidents for this year’s tax season.”
Read on here to find out about what red flags you should be on the lookout for.
A REPORT IN FOCUS:
–CASH RULES EVERYTHING AROUND ME. New research from Gartner shows the world-wide cybersecurity market topped $75 billion in 2015.
Researcher Markets and Markets also predicts that number will rise to $170 billion by 2020.
Read on at Forbes, here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
Americans remain largely split over Apple’s defiance of an FBI court order to unlock an iPhone used by one of the San Bernardino shooters. (The Hill)
An Orlando-based hotel chain is warning its guests that their personal information may have been breached. (The Hill)
A look into the data centers where cyber criminals hide. (Motherboard)
Snapchat and Seagate are just two of the companies duped in tax-fraud scam. (The Associated Press)
ICYMI: Just months after millions of Americans had their fingerprint data stolen by hackers, a pair of researchers found a cheap and easy way to copy them. (The Atlantic)
Government officials just really like using the word “cyber.” (NextGov)
If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..