Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Maggie Miller (@magmill95), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).
LOCATION DATA CHECK-IN: Phone companies are trying to reassure the Federal Communications Commission (FCC) that they are no longer sharing their customers’ location data with third parties.
All four major wireless carriers told Democratic FCC Commissioner Jessica Rosenworcel in a series of letters this month that they have ended the practice, which had come under increasing scrutiny from regulators.
Rosenworcel released the letters on Thursday and said she is still seeking answers about the FCC’s investigation into the industry.{mosads}
“I don’t recall consenting to this surveillance when I signed up for wireless service–and I bet neither do you,” Rosenworcel said in a statement. “This is an issue that affects the privacy and security of every American with a wireless phone. It is chilling to think what a black market for this data could mean in the hands of criminals, stalkers, and those who wish to do us harm.”
What the letters say: Verizon, AT&T, Sprint and T-Mobile all told Rosenworcel that, aside from some limited exceptions, they had all ended their partnerships with the location aggregators at the heart of the scandals, which they had promised to do after an outcry over the revelations.
Press reports published over the past year have detailed the ease with which the data can end up in the wrong hands. Motherboard reported earlier this year that it had obtained precise geolocation information of a cell phone after giving a bounty hunter $300 and a phone number.
And The New York Times reported last year that a former sheriff in Mississippi had been using a third-party location aggregator to track people without a warrant, prompting the FCC to launch its investigation.
Pushback on Capitol Hill: But the FCC has remained quiet about its probe and Democratic lawmakers have grown increasingly frustrated with the GOP-led commission as the investigation drags on.
“Today, we still don’t have assurances that these practices have stopped,” Rep. Mike Doyle (D-Pa.) told FCC Chairman Ajit Pai at a hearing on Wednesday. “Since we first heard about this problem, new, even more troubling reports have emerged that data was being sold to bounty hunters and god knows who else. Americans don’t know who had access to this data, who sold this data or whether anyone is going to be held accountable because we’ve heard nothing about it yet from the FCC.”
Pai told lawmakers that he cannot comment on an active investigation.
THE BLUNT TRUTH ON ELECTION SECURITY: Sen. Roy Blunt (R-Mo.), a member of Senate GOP leadership, said Wednesday that the chamber is unlikely to vote on any election security legislation, despite requests from a federal agency for more funding to improve election systems nationwide.
Blunt made the remarks at a Senate Rules Committee hearing where Election Assistance Commission (EAC) officials highlighted what they said is an urgent need for more resources.
His comments were in response to Senate Minority Whip Dick Durbin (D-Ill.) pointedly asking during the hearing whether the Rules Committee, chaired by Blunt, would mark up any election security bills already introduced this Congress.
“At this point I don’t see any likelihood that those bills would get to the floor if we mark them up,” Blunt said.
When Durbin asked why that was the case, Blunt said, “I think the majority leader is of the view that this debate reaches no conclusion. And frankly, I think the extreme nature of H.R. 1 from the House makes it even less likely we are going to have that debate.”
H.R. 1 is a sweeping election reform package that includes language on election security and integrity. Senate Majority Leader Mitch McConnell (R-Ky.) has publicly said he won’t allow a vote on the bill.
FLORIDIANS IN FULL FORCE: A bipartisan House delegation from Florida said Thursday they are pushing the FBI and Department of Homeland Security (DHS) to declassify the names of the two Sunshine State counties that Russia hacked during the 2016 presidential election.
The delegation, led by Florida Reps. Stephanie Murphy (D) and Mike Waltz (R), blasted the government agencies for their lack of transparency, stating that they only received a FBI briefing on Thursday because special counsel Robert Mueller’s report on Russian interference revealed that the bureau was investigating a Moscow-led hack into “at least one” Florida county.
Murphy called this lack of transparency “counterproductive,” arguing that the government’s “drip and drab” release of information about the attack on Florida’s election systems is eroding public confidence in their elections.
“This is an American issue, and the public deserves to know what happened,” Murphy told reporters during a press conference, surrounded by other Florida lawmakers.
GOP Rep. Matt Gaetz (Fla.), a frequent critic of the FBI, took his criticism further, blasting the government agencies for declining to share the information, which they say must be kept secret in order to protect sources and methods, including the identity of the victims affected in the hack.
“The victims are the voters,” Gaetz said.
The House press conference comes two days after Florida Gov. Ron DeSantis (R) revealed that operatives with the GRU, Russia’s intelligence service, successfully gained access to voter data in two counties during the 2016 presidential election.
Read more on what’s next here.
HUAWEI RESPONDS TO COMMERCE BAN: Chinese telecommunications giant Huawei blasted its inclusion in a U.S. trade blacklist on Thursday, asserting that the move is in “no one’s interest” and will hurt American jobs.
The firm pushed back after the Commerce Department announced on Wednesday night that it had added Huawei to its “Entity List,” essentially barring the company from buying components from American companies without U.S. government approval.
“Huawei is against the decision,” the Chinese telecom firm said in a statement. “This decision is in no one’s interest. It will do significant economic harm to the American companies with which Huawei does business, affect tens of thousands of American jobs, and disrupt the current collaboration and mutual trust that exist on the global supply chain.”
Huawei added that it will “seek remedies” and a “resolution” immediately.
What the ban means: Huawei’s inclusion on the Entity List means it will be difficult for the company — which is the largest telecom equipment provider in the world — to sell some of its products.
Companies and individuals are placed on the list when the U.S. government determines they could pose a national security risk.
U.S. suppliers will now have to apply for licenses to provide the Chinese company with components for its equipment.
Huawei has pushed back aggressively against claims that it is subject to the whims of the Chinese government. Senior executives with Huawei told The Hill this week that it would “welcome” the U.S. banning use of technology deemed a national security risk.
The Commerce Department said it has determined there is a “reasonable basis” to conclude that Huawei poses a risk to U.S. networks.
In the Senate: Lawmakers on Capitol Hill have applauded the Commerce Department’s move as well as Trump’s executive order on Wednesday declaring a “national emergency” that allows his administration to block foreign tech companies deemed a national security threat from business in the U.S.
Sen. Marco Rubio (R-Fla.), a member of the Senate Intelligence Committee, said in a statement that “many still have not realized the significance of adding Huawei” to the Commerce Department list.
“U.S. firms will now need a license to export to Huawei & there is a presumption of denial,” Rubio tweeted. “Very soon Huawei will lose access to important components like chips, antennae & phone operating systems.”
Sen. Roger Wicker (R-Miss.), the chairman of the Senate Commerce Committee, said he has spoken to Commerce Secretary Wilbur Ross to express his “full support for the administration’s decision to include Huawei on the Bureau of Industry and Security Entity List.”
“This is a necessary step to prevent the use of communications equipment that poses a threat to the United States,” Wicker said in a statement. “As chairman of the Senate Commerce Committee, I stand ready to work with the administration and stakeholders to protect our national security and win the race to 5G.”
Read more about Huawei’s long week here.
SELF-DRIVING CARS PULLING UP: Senate Commerce Committee Chairman Roger Wicker (R-Miss.) announced Thursday that his panel plans to “deal with autonomous vehicles” during this Congress, and that he will specifically push for previously failed legislation that would create a federal framework for the safety and security of self-driving cars.
“We are also going to deal with autonomous vehicles, the AV START Act, and the way we think about how people and goods are transported around the country,” Wicker said during a speech at the U.S. Chamber of Commerce. “Congress got close on this last year… we will see how far we get this time, there are wrinkles that need to be ironed out, but I think we can get there.”
The Mississippi Republican said his main motivation in pushing for the bill was the potential for self-driving cars to “save thousands of lives around the country” due to computer systems, and not humans, being in control.
Senate Majority Whip John Thune (S.D.) was the primary Republican sponsor of the AV START during the last Congress, when he also served as the chairman of the Senate Commerce Committee. Thune told The Hill last week that “we are planning to reintroduce it” soon, though he did not offer a firm date.
BREAKING THE PACT: The White House on Wednesday declined to join a global call to fight online terror, citing concerns about freedom of speech but in the process stoking a new controversy over its response to extremism.
The move drew condemnation from lawmakers on Capitol Hill who have been calling for tech giants to rein in the scourge of potentially radicalizing material on their platforms in the wake of the livestreamed attacks on worshippers at two mosques in Christchurch, New Zealand, in March.
“It’s disappointing that once again the White House wants to put the U.S. at odds with our allies in establishing reasonable global internet norms,” Sen. Mark Warner (D-Va.), a vocal tech industry critic, told The Hill in a statement.
The White House’s decision to opt out puts the U.S. at odds with France, Canada, the European Union and the rest of the 17 countries that signed on to the so-called Christchurch Call, the largest-ever international campaign against online extremism and terrorist content to date.
Facebook, Google, Twitter and YouTube — all American companies — also signed on to the nonbinding pledge, which was unveiled at a summit with global leaders in Paris on Wednesday.
The Christchurch Call asks the top social media companies to step up their efforts to investigate and remove toxic online content from their platforms, urging them to commit to share more information about online terrorism with government authorities and study whether their algorithms push users toward extreme content.
Rep. Bennie Thompson (D-Miss.), the chairman of the House Homeland Security Committee — which has been pressing tech companies over the issue of online terrorist content — told The Hill that he believes the White House’s decision stems from a reluctance to crack down on right-wing extremists.
“I’m not surprised,” Thompson said. “They’ve demonstrated that … anything remotely related to right-wing terrorism, they’re just reluctant to be critical.”
Read more on the fallout here.
TO CATCH A THIEF: An international cybercrime network that used malware to steal an estimated $100 million from victims in the United States and Europe has been dismantled by the cooperation of the U.S. and multiple European countries, the Justice Department announced Thursday.
A federal grand jury in Pennsylvania formally indicted 10 members of the GozNym cybercrime network for conspiracy to infect victims’ computers with GozNym malware. This malware captured online banking credentials, which the group used to steal money from victims’ bank accounts. The Justice Department estimated the malware infected “tens of thousands” of computers worldwide.
The case involved what the Justice Department described as “unprecedented initiation of criminal prosecutions” against the defendants involved in the case, who live in Russia, Georgia, Ukraine, Moldova and Bulgaria. The U.S. government cooperated with Georgia, Ukraine, Moldova, Germany, Bulgaria, Europol and Eurojust to bring charges.
Five of the defendants named in the indictment are Russian nationals who “remain fugitives from justice,” according to the Justice Department. However, those that live in the countries other than Russia are being prosecuted in their respective countries.
BALTIMORE GETTING BACK ON ITS CYBER FEET: Baltimore City Council President Brandon Scott announced the creation of a Committee on Cybersecurity and Emergency Preparedness on Thursday, as the city works to restore the systems taken down by a debilitating ransomware attack last week.
“This cyber attack against Baltimore City government is a crisis of the utmost urgency,” Scott said. “That is why I will convene a select committee, co-chaired by Councilman Eric Costello and Councilman Isaac ‘Yitzy’ Schleifer, to examine the City’s coordination of cybersecurity efforts, including the Administration’s response to the cybersecurity attack and testimony from cybersecurity experts.”
A type of ransomware known as “RobinHood” took down several of the city’s services last week, including some of the capabilities of the Baltimore City Department of Transportation, the Department of Public Works, and the Department of Finance. The city is also currently unable to send or receive email.
“[T]he good news is that City services including Public Safety (Baltimore Police Department, Baltimore City Fire Department, 911), Water Services Operations, and Public Works currently operate without interruption despite this threat,” Scott said.
However, he cautioned that the “bad news is that we don’t know when this threat will end or who is perpetrating this attack on our city and the services that we provide to the people of our city and region.”
TOOLING AROUND: The White House on Wednesday launched a tool that allows people to report possible “political bias” by social media companies, an issue that President Trump and top Republicans have hammered for months, accusing the largest tech platforms of censoring right-wing voices.
The reporting tool prompts users to “share [their] story with President Trump” if they suspect they were removed or reported on social media because of “political bias.”
“SOCIAL MEDIA PLATFORMS should advance FREEDOM OF SPEECH,” the website reads. “Yet too many Americans have seen their accounts suspended, banned, or fraudulently reported for unclear ‘violations’ of user policies.”
The form asks for the respondent’s first and last name, zip code, phone number, and whether they are a citizen. Once they fill out that information, the tool asks what happened to their social media account, whether a specific post was involved and on which platform (Facebook, Instagram, Twitter, YouTube or “other”) it occurred. The tool also provides a space to attach screenshots.
Industry watchers raise concerns: Digital rights group Public Knowledge in a statement called the effort “misguided,” saying the more “pressing” issues around online speech include “misinformation, propaganda, hate speech, terrorist content, and harassment online.”
“This misguided effort by the White House raises serious constitutional questions and could hamper the ability of platforms to moderate their platforms and take down such content,” John Bergmayer, senior counsel at Public Knowledge, said in the statement.
And Michael Beckerman, president and CEO of tech industry trade group the Internet Association, in a statement said Internet platforms depend on a “broad user base regardless of party affiliation or political perspectives” to succeed and grow.
“IA member company platforms don’t have a political ideology or political bias, and it would make no business sense for companies to stifle the speech of half – or any significant portion – their customers,” Beckerman said.
A LIGHTER CLICK: This makes us feel good about our Password123.
NOTABLE LINKS FROM AROUND THE WEB:
Facebook has struggled to hire talent since the Cambridge Analytica scandal, per recruiters at the company. (CNBC)
Google boosting its transcription app game, which is music to every reporters’ ear. (The Verge)
Russian bots rigged reality TV competition in favor of Russian millionaire’s daughter. (BBC News)
Sprint says company will launch 5G at end of May in four U.S. cities. (Venture Beat)