Further Reading, Other Developments, and Coming Events (28 October)

Further Reading

  •  “Administration officials alarmed by White House push to fast track lucrative 5G spectrum contract, sources say” By Jake Tapper — CNN. A company with Karl Rove as its lobbyist may be poised to win a no-bid contract with the Department of Defense (DOD) for the commercial use of its highly sought-after mid-band spectrum ideal for 5G. Reportedly, White House Chief of Staff Mark Meadows has been pressing the DOD to hurry the process of making this spectrum available with many Administration officials having reservations about the seeming push to allow one company with little to no experience, Rivada, to have the whole chunk of spectrum. One official claimed if Rivada gets this contract it would be “the biggest handoff of economic power to a single entity in history.” Rove denied the company would accept a sole-source contract. There is strong bipartisan opposition on Capitol Hill, likely fanned by lobbyists from the companies apt to lose out if Rivada secures a winner-takes-all contract. Incidentally, in Jamaica where I live, the United States (U.S.) government has apparently pitched Rivada as a no-cost option to build out the island’s 5G network with Rivada collecting revenue from the operation of the system. The U.S. Ambassador has pitched the deal to Prime Minister Andrew Holness. And, while this could be seen as another U.S. effort to block the People’s Republic of China (PRC), which has done extensive development in Jamaica, it has the appearance of impropriety on the U.S.’ end, at the very least.
  • Remote learning is deepening the divide between rich and poor” By Lucien O. Chauvin and Anthony Faiola — The Washington Post. The digital divide is, if anything, even more pronounced in the Third World where the pandemic and underlying economic and societal conditions threaten to erase anti-poverty gains and the education and future of a generation.
  • Big Tech’s biggest critics are racing to raise money for Biden’s campaign” By Tony Romm — The Washington Post. In the last days of the campaign, a number of “Big Tech” critics are hosting or intensifying fund raising efforts for the Biden Campaign in the hopes of shaping its policies towards Silicon Valley. Those on the left favor dramatic action in a new administration while Biden’s centrist history may argue against significant change. Also, Silicon Valley as a whole has showered donations on the Biden Campaign, which may be a potent counterweight.
  • State, federal antitrust charges against Facebook could come as soon as November, sources say” By Tony Romm — The Washington Post. The Federal Trade Commission (FTC) and a group of state attorneys general may be filing their anti-trust suits as early as next month against Facebook for its dominance of the social messaging market. The suits would likely focus on Facebook’s acquisitions of potential rivals WhatsApp and Instagram.
  • Facebook touts free speech. In Vietnam, it’s aiding in censorship” By David Cloud and Shashank Bengali — Los Angeles Times. Despite Facebook’s talk of supporting free speech in western nations, it apparently complies to pressure from authoritarian regimes like Vietnam’s to block posts and close down accounts of dissidents.

Other Developments

  • The Presidency of the Council of the European Union (EU), currently held by Germany, released “Conclusions on the Charter of Fundamental Rights in the Context of Artificial Intelligence and Digital Change,” which laid out the EU’s views on how to develop and deploy artificial intelligence (AI).
    • The Presidency stated:
      • The COVID-19 pandemic has shown more clearly than ever that Europe must achieve digital sovereignty in order to be able to act with self-determination in the digital sphere and to foster the resilience of the European Union. We therefore want to work together on European responses for digital technologies, such as artificial intelligence (AI). We want to ensure that the design, development, deployment and use of new technologies uphold and promote our common values and the fundamental rights guaranteed by the EU Charter of Fundamental Rights (hereinafter ‘the Charter’), while increasing our competitiveness and prosperity. High levels of IT security must be maintained within a framework that is open to innovation.
      • We are committed to the responsible and human-centric design, development, deployment, use and evaluation of AI. We should harness the potential of this key technology in promoting economic recovery in all sectors in a spirit of European solidarity, uphold and promote fundamental rights, democracy and the rule of law and maintain high legal and ethical standards.
  • A United States’ (U.S.) Defense Science Board (DSB) Task Force published the executive summary of its “Final Report on Counter Autonomy,” “a strategic assessment of U.S. counter autonomy capabilities today and 30 years from now across all domains (land, sea, undersea, air, space, and cyberspace).” The DSB is an advisory body of the Department of Defense (DOD) that has proven influential in shaping DOD and U.S. policy. The Task Force stated:
    • The Task Force found a heavy focus across the whole-of-government on fielding U.S. autonomous systems with very little attention given to countering autonomous systems deployed by adversaries. One major exception is the U.S. government’s many programs focused on the counter unmanned aerial system (c-UAS) mission. Although c-UAS is critical to ensuring the safety and security of U.S. forces, allies, and the homeland, the DOD must adopt a broader view of counter autonomy or it will not be prepared to effectively defeat future adversary systems.
    • Like the introduction of cyberspace, the growth of autonomy and artificial intelligence (AI) will bring new capability to the public and private sector, but it will also introduce vulnerabilities to current and future capabilities. Therefore, the Task Force felt it necessary to not only develop recommendations aimed at counter autonomy but also counter-counter autonomy. The integrity of each component used to develop a physical or digital autonomous capability must be considered across the entire lifecycle of a system to maintain confidence in its efficacy and reliability.
    • The Task Force has provided a series of recommendations that, if implemented, will effectively aid the DOD and the wider U.S. government in developing a full-scope counter autonomy capability, strengthen U.S. autonomous systems, and result in a more resilient and lethal force.
    • The Task Force made these recommendations:
      • Recommendation 1: Leadership
        • The Under Secretary of Defense, Research and Engineering (USD(R&E)) create a single senior focal point for counter autonomy separate from autonomy leadership but of equal authority to ensure independent thinking
        • USD(R&E) champion a DOD-wide autonomy/counter autonomy community modeled on the existing low observable/counter low observable (LO/CLO) community
      • Recommendation 2: Capability and Operational Development
        • C. Military Departments (Secretaries) charter the following in order to develop robust fielded counter autonomy capabilities
        • Assess, fund, and deploy modifications needed to existing conventional capabilities
        • Create a robust Opposing force (OPFOR) that mimics adversary autonomy
        • Establish multi-domain Counter autonomy (CA) Red Teams
        • Develop CA requirements, concepts, and Tactics, techniques, and procedures (TTPs)/ Concept of operations (CONOPS)
        • D. Direct Service labs and DARPA to create CA
      • R&D Recommendation 3: Intelligence
        • Sensitive content – N/A
      • Recommendation 4: Assurance
        • Under Secretary of Defense for Acquisition and Sustainment (USD(A&S)) establish and enforce AI-enabled autonomous system resilience guidelines to mitigate AI-specific vulnerabilities
        • Developmental test and evaluation (DT&E)/ Operational test and evaluation (OT&E) establish testing and evaluation guidance for development, fielding and sustainment to assure resilience of AI-enabled autonomous systems against counter autonomy attack over lifecycle
      • Recommendation 5: Policy
        • The Office of the Under Secretary of Defense for Policy (OUSD(P)) develop policy to provide appropriate defense of U.S. autonomous weapon systems, support autonomy exports, and ensure safety and security of imports
      • Recommendation 6: Talent
        • The Office of the Secretary of Defense (OSD) and Military Departments significantly expand autonomy/AI talent through aggressive recruiting, hiring, career path, and retention actions:
        • −  Upskill talent with AI skills through incentives and innovative methods such as free or affordable online training (e.g., edX, Coursera, Udacity)
        • −  Military Departments establish, promote, and incentivize autonomy/AI career paths for civilian and military personnel
        • o Service Academies, including Air Force Institute of Technology and Naval Postgraduate School, include counter autonomy in curriculum and research
        • −  Expand the use of innovative staffing (e.g., IPA, HQE, SMART), and build a national talent pipeline at the graduate level with focused DOD funding
        • −  Fully leverage Section 1107(c) Direct Hiring Authority and request Congress authorize the limitation be raised from 5 percent to 10 percent of the workforce
        • Defense Counterintelligence and Security Agency (DCSA) accelerate clearance adjudication for candidates with critical skills (AI/machine learning (ML), robotics, cyber, etc.)
  • The Center for a New American Security (CNAS), a center-left Washington, D.C. national security think tank that may prove as influential in a Biden Administration as it did during the Obama Administration, released “Common Code: An Alliance Framework for Democratic Technology Policy,” that argued for the most technologically advanced democracies to band together and cooperate so that democratic ideals and principles will inform the development of the coming technology. CNAS explained that “[t]he Technology Alliance project and this report were made possible by a grant from Schmidt Futures,” a philanthropic venture started and funded by former Google and Alphabet CEO Eric Schmidt. CNAS stated:
    • Technological leadership by the world’s major liberal-democratic nations will be essential to safeguarding democratic institutions, norms, and values, and will contribute to global peace and prosperity. A unified approach by like-minded nations also is needed to counteract growing investments in and deployments of emerging technologies by authoritarian, revisionist powers.
    • Many have made the case for such a grouping, most notably the United Kingdom’s recent call for a “Democracy 10” to tackle 5G and other technology issues. Similarly, former U.S. government officials have advocated for the creation of a “Tech 10.” Despite this interest in a new coordination mechanism for multilateral technology policy, the work needed to create it has been elusive.
    • CNAS explained:
      • This document lays out what that alliance framework should look like, the opening chapter of a new, multilateral techno-democratic statecraft strategy for the 21st century. It answers the key questions needed to move from concept to an actionable blueprint necessary to tackle the 21st century technology competition:
        • What countries should be members of the technology alliance, and why?
        • Should the alliance be able to collaborate with non-members, and why?
        • Should the alliance grow, and how?
        • How should the alliance be organized and structured?
        • What is the ideal voting system?
        • How should the alliance engage with stakeholders from industry and civil society?
        • What is the best meeting structure and frequency?
      • After detailing recommendations for creating the technology alliance itself, the blueprint addresses the new organization’s top priorities, areas where the project leads identified both a common code between the proposed member countries and an urgent need for improved coordination:
        • Restructure supply chains with a focus on security and diversity
        • Safeguard competitive technological advantages with tailored multilateral export controls and by curbing unwanted technology transfers
        • Fund and build secure digital infrastructure by creating new investment mechanisms
        • Craft standards and norms for a beneficial technology future.
      • The technology alliance’s longer-term agenda should include efforts to:
        • Pursue joint R&D
        • Engage in technology forecasting
        • Focus on data flows
        • Promote technology interoperability
        • Counter disinformation and other illiberal uses of technology
        • Maximize human capital.
  • The National Institute of Standards and Technology (NIST) published a notice in the Federal Register inviting “organizations to provide products and technical expertise to support and demonstrate security platforms for the Zero Trust Cybersecurity: Implementing a Zero Trust Architecture project.” NIST explained this “is the initial step for the National Cybersecurity Center of Excellence (NCCoE) in collaborating with technology companies to address cybersecurity challenges identified under the Zero Trust Cybersecurity: Implementing a Zero Trust Architecture project.” NIST explained:
    • Since late 2018, NIST and NCCoE cybersecurity researchers have had the opportunity to work closely with the Federal Chief Information Officer (CIO) Council, federal agencies, and industry to address the challenges and opportunities for implementing zero trust architectures across U.S. government networks. This work resulted in publication of NIST Special Publication (SP) 800-207, Zero Trust Architecture
    • In November 2019, the NCCoE and the Federal CIO Council cohosted a Zero Trust Architecture Technical Exchange Meeting that brought together zero trust vendors and practitioners from government and industry to share successes, best practices, and lessons learned in implementing zero trust in the federal government and the commercial sector.
    • The NCCoE project builds on this body of knowledge as we seek to build out and document an example zero trust architecture that aligns to the concepts and principles in NIST SP 800-207 and using commercially available products.
  • The United States (U.S.) Department of Homeland Security’s (DHS) Office of the Inspector General (OIG) evaluated DHS’ information security for FY 2019 and found serious problems. The OIG “reviewed DHS’ information security program for compliance with Federal Information Security Modernization Act requirements.” The OIG found serious deficiencies with the Cybersecurity and Infrastructure Security Agency, ostensibly the entity in the U.S. government charged with helping civilian agencies secure and defend their networks. The OIG found:
    • DHS’ information security program was not effective for FY 2019 because the Department earned a maturity rating of “Ad Hoc” (Level 1) in three of five functions, compared to last year’s higher overall rating of “Managed and Measurable” (Level 4). We rated DHS’ information security program according to five functions outlined in the 2019 reporting instructions:
      • Identify: DHS received a Level 1 rating because it did not have an effective strategy or department-wide approach to manage risks for all of its systems.
      • Protect: DHS achieved Level 4 as it was rated Level 4 in three of the four domains essential to this function.
      • Detect: DHS received a Level 1 rating due to the lack of a comprehensive strategy and organization-wide continuous monitoring approach to address all requirements and activities at each organizational tier.
      • Respond: DHS received a Level 1 rating because the Coast Guard had not reported its cybersecurity incidents to DHS since 2012.
      • Recover: DHS received Level 3 because it had not made progress since prior years [REDACTED]
    • According to FY 2019 reporting metrics, our independent contractor rated component information security programs effective for Customs and Border Protection (CBP) and Immigration and Customs Enforcement (ICE) as both components achieved the targeted “Level 4 – Managed and Measurable” or higher in four of five functions. The Cybersecurity and Infrastructure Security Agency (CISA) overall information security program was not effective because it achieved “Level 1 – Ad-hoc,” which is below the targeted Level 4 in three of five functions. Because the Department performs several security functions on CISA’s behalf, CISA has not yet developed component specific policies, procedures, and business processes as required by DHS policy.

Coming Events

  • On 29 October, the Federal Trade Commission (FTC) will hold a seminar titled “Green Lights & Red Flags: FTC Rules of the Road for Business workshop” that “will bring together Ohio business owners and marketing executives with national and state legal experts to provide practical insights to business and legal professionals about how established consumer protection principles apply in today’s fast-paced marketplace.”
  • On 10 November, the Senate Commerce, Science, and Transportation Committee will hold a hearing to consider nominations, including Nathan Simington’s to be a Member of the Federal Communications Commission.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Image by Computerizer from Pixabay

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s