Other Developments, Further Reading, and Coming Events (16 April 2021)

Other Developments

  • The United Kingdom launched its Digital Markets Unit (DMU) that will “will oversee plans to give consumers more choice and control over their data, promote online competition and crack down on unfair practices which can often leave businesses and consumers with less choice and more expensive goods and services” according to its press release. The DMU is the Johnson government’s response to increased concerns about concentration and market power, especially in the technology sector. The press release touting this development asserted “[a] tough new regulator to help make sure tech giants such as Facebook and Google cannot exploit their market dominance to crowd out competition and stifle innovation online has launched.” The DMU will be housed in the Competition and Markets Authority (CMA), the current agency charged with antitrust and competition issues across the British economy. However, 10 Downing Street is vowing to move legislation through Parliament this year to give the DMU the powers it needs to combat the negative effects of tech giants. The government added:
    • The government has asked it to begin looking at how codes of conduct could work in practice to govern the relationship between digital platforms and groups such as small businesses which rely on them to advertise or use their services to reach their customers. It will take a sector neutral approach in examining the role of platforms across a range of digital markets, with a view to promoting competition
    • The Digital Secretary has asked it to work with the communications regulator Ofcom to look specifically at how a code would govern the relationships between platforms and content providers such as news publishers, including to ensure they are as fair and reasonable as possible.
    • This would pave the way for the future rules of the road and is alongside the wider work being done by the government, following the Cairncross Review and the package of support through the pandemic, to boost the sustainability of the press.
    • The government also released the DMU’s terms of reference, in which it explained “[t]he non-statutory DMU will have the following role:
      • Carrying out preparatory work to implement the statutory regime. For example, building teams with the relevant capabilities and preparing draft guidance (closer to the statutory Digital Markets Unit’s launch and once decisions on the shape of the regime have been taken), to maximise operational readiness of the Digital Markets Unit in time for the implementation of legislation.
      • Supporting and advising government on establishing the statutory regime. Advice will provide key insights to inform decisions about the shape of the regime. The content of this workstream will be agreed in collaboration with government. For example, the government has asked the Unit to begin looking at how codes of conduct could work in practice to govern the relationship between digital platforms and groups such as small businesses which rely on them to advertise or use their services to reach their customers.
      • Evidence-gathering on digital markets. The CMA will continue to use its existing powers, where appropriate, to investigate harm to competition in digital markets. This will ultimately inform the work of the statutory Digital Markets Unit.
      • Engaging stakeholders across industry, academia, other regulators and government. Building close relationships with other experts in the UK and abroad will ensure diverse insights underpin the new regime and will build the foundations for international regulatory coordination. The non-statutory Digital Markets Unit will also work closely with industry to prepare for a smooth transition following legislation.
  • It appears the “Washington Privacy Act” (SB 5062) has stalled in the Washington state House, likely meaning this will be the third year in a row the Washington state legislature fails to pass privacy legislation. The House had scheduled consideration of its version of the bill (see here for more detail and analysis) with a number of amendments filed for consideration, including the “People’s Privacy Act” (HB 1433). The clock may have tolled for this year’s effort as the House wrapped up its legislative work for the year, and all legislation must be passed by 25 April.
  • The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory on vulnerabilities to Fortinet’s VPN devices. The United Kingdom’s National Cyber Security Centre (NCSC) updated its warning on a different but related vulnerability. In their advisory, the FBI and CISA asserted:
    • In March 2021 the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks. APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements, and disinformation campaigns.
  • Senators Lindsey Graham (R-SC) and Tim Scott (R-SC) reintroduced the “State Fix Act” (S.944) “to expand broadband access to underserved rural areas.” In their press release, Graham and Scott asserted their bill will:
    • provide $20 billion for broadband infrastructure utilizing fiber-optic cables, wireless, and 5G technologies;
    • use a reverse auction method to provide top-quality broadband service at the lowest price for the American taxpayer; and
    • base a state’s funding on their unserved (no internet access at all) and a percentage of their underserved (low-quality service) populations to distribute funds to the areas of greatest need like rural America and Opportunity Zones.
  • Federal Communications Commission (FCC) acting Chair Jessica Rosenworcel unveiled her proposal to make available more spectrum for commercial space activities. She asserted her plan “would bolster the U.S. commercial space industry by improving access to spectrum needed for successful rocket launches.” Rosenworcel stated “[c]urrently, the frequencies used to support space launches are allocated exclusively for federal agency uses, and private space travel and satellite launch companies request temporary authority from the FCC for each launch.” Rosenworcel explained:
    • Commercial space launches today must apply for and receive Special Temporary Authority on from the FCC on an ad-hoc basis to share the federal spectrum during the launch. The proposed Report and Order circulated today would, if adopted, add a non-federal, secondary allocation in the 2200-2290 MHz band. This new allocation would limit use of the band to transmissions from space launch vehicles during pre-launch testing and space launch operations.
    • This proposal is a key step in providing certainty and predictability for commercial space launches. To that end, this proposal also includes a Further Notice of Proposed Rulemaking to move toward establishing the necessary technical and service rules to support a more consistent licensing process.
  • The House Judiciary Committee held a markup and reported out its “Final Report on Investigation of Competition in Digital Markets,” a necessary procedural step for the report to become a report of the House. Republicans offered three amendments, none of which were adopted:
  • none of your business (NOYB) filed a complaint alleging violations of the ePrivacy Directive with France’s Commission Nationale de l’Informatique et des Libertés against Google for its Android Advertising Identifier (AAID). In its press release, noyb claimed:
    • The somewhat hidden ID allows Google and all apps on the phone to track a user and combine information about online and mobile behaviour. While these trackers clearly require the users’ consent (as known from “cookie banners”), Google neglects this legal requirement. noyb therefore filed a complaint against Google’s tracking code AAID.
    • Tracking without user consent. Google’s software creates the AAID without the user’s knowledge or consent. The identification number functions like a license plate that uniquely identifies the phone of a user and can be shared among companies. After its creation, Google and third parties (e.g. applications providers and advertisers) can access the AAID to track users’ behaviour, elaborate consumption preferences and provide personalised advertising. Such tracking is strictly regulated by the EU “Cookie Law” (Article 5(3) of the e-Privacy Directive) and requires the users’ informed and unambiguous consent.
    • No tracking? No chance! Google not only installs the AAID without consent but it also denies Android user’s the option of deleting it. As we have proven in our previous complaint filed in Austria, users can merely “reset” the ID and are forced to generate a new tracking ID to replace the existing one. This neither deletes the data that was collected before, nor stops tracking going forward.
    • Next steps. Since this complaint is based on the e-Privacy directive, the French authority can directly make a decision, without the need for cooperation with other EU Data Protection Authorities as under GDPR. Should the authority adhere to the complainant’s interpretation, the amount of the sanction could be substantial. This complaint is part of a larger project aimed at removing hidden tracking identifiers from the mobile environment. A few months ago, we filed similar complaints against the other market leader, Apple, for similar reasons.
  • The Foundation for Market Information Research (SOMI), a Dutch entity, has filed a claim with Ireland’s Data Protection Commission (DPC) alleging that TikTok is violating the General Data Protection Regulation (GDPR). TikTok is already being investigated by the United Kingdom, France, and Italy on similar grounds. SOMI is making the case that TikTok knows there are users below the age of 13 using its app, and consent for children of this age must be provided by parents. Moreover, SOMI asserted there are clear and present risks as a number of under children under the age of 13 have attempted TikTok challenges and have died. SOMI also asserts that TikTok is transferring personal data out of the European Union in violation of the GDPR. SOMI is urging the DPC to act swiftly.
  • Microsoft announced it won a $21.9 billion contract with the Army “on the production phase of the Integrated Visual Augmentation System (IVAS) program as it moves from rapid prototyping to production and rapid fielding.” Microsoft stated:
    • The IVAS headset, based on HoloLens and augmented by Microsoft Azure cloud services, delivers a platform that will keep Soldiers safer and make them more effective. The program delivers enhanced situational awareness, enabling information sharing and decision-making in a variety of scenarios. Microsoft has worked closely with the U.S. Army over the past two years, and together we pioneered Soldier Centered Design to enable rapid prototyping for a product to provide Soldiers with the tools and capabilities necessary to achieve their mission.

Further Reading

Coming Events

  • The House Oversight and Reform Committee’s Government Operations Subcommittee will hold a hearing to assess agency compliance with the Federal Information Technology Acquisition Reform Act (FITARA) on 16 April.
  • On 20 April, the Senate Commerce, Science, and Transportation Committee will hold a hearing titled “Strengthening the Federal Trade Commission’s (FTC) Authority to Protect Consumers” with the four FTC commissioners.
  • The House Agriculture Committee will hold a hearing titled “Rural Broadband – Examining Internet Connectivity Needs and Opportunities in Rural America” on 20 April.
  • On 21 April, the Senate Judiciary Committee’s Intellectual Property Subcommittee will hold a hearing titled “Improving Access and Inclusivity in the Patent System: Unleashing America’s Economic Engine.”
  • The Senate Judiciary Committee’s Competition Policy, Antitrust, and Consumer Rights Subcommittee will hold a hearing titled “Antitrust Applied: Examining Competition in App Stores” on 21 April.
  • The House Energy and Commerce Committee’s Communications and Technology Subcommittee will hold a hearing titled “Leading the Wireless Future: Securing American Network Technology” on 21 April.
  • On 21 April, the Senate Armed Services Committee’s Personnel Subcommittee will hold a hearing “on the current and future cyber workforce of the Department of Defense and the military services.”
  • On 21 April, the Senate Armed Services Committee’s Emerging Threats and Capabilities Subcommittee will hold a hearing “on science and technology, technology maturation, and technology transition activities.”
  • The Federal Communications Commission (FCC) will hold an open meeting on 22 April with this draft agenda:
    • Text-to-988. The Commission will consider a Further Notice of Proposed Rulemaking to increase the effectiveness of the National Suicide Prevention Lifeline by proposing to require covered text providers to support text messaging to 988. (WC Docket No. 18-336)
    • Commercial Space Launch Operations. The Commission will consider a Report and Order and Further Notice of Proposed Rulemaking that would adopt a new spectrum allocation for commercial space launch operations and seek comment on additional allocations and service rules. (ET Docket No. 13-115)
    • Wireless Microphones. The Commission will consider a Notice of Proposed Rulemaking that proposes to revise the technical rules for Part 74 low-power auxiliary station (LPAS) devices to permit a recently developed, and more efficient, type of wireless microphone system. (RM-11821; ET Docket No. 21-115)
    • Improving 911 Reliability. The Commission will consider a Third Notice of Proposed Rulemaking to promote public safety by ensuring that 911 call centers and consumers receive timely and useful notifications of disruptions to 911 service. (PS Docket Nos. 13-75, 15-80; ET Docket No. 04-35
    • Concluding the 800 MHz Band Reconfiguration. The Commission will consider an Order to conclude its 800 MHz rebanding program due to the successful fulfillment of this public safety mandate. (WT Docket No. 02-55)
    • Enhancing Transparency of Foreign Government-Sponsored Programming. The Commission will consider a Report and Order to require clear disclosures for broadcast programming that is sponsored, paid for, or furnished by a foreign government or its representative. (MB Docket No. 20-299)
    • Imposing Application Cap in Upcoming NCE FM Filing Window. The Commission will consider a Public Notice to impose a limit of ten applications filed by any party in the upcoming 2021 filing window for new noncommercial educational FM stations. (MB Docket No. 20-343)
    • Enforcement Bureau Action. The Commission will consider an enforcement action.
  • On 29 April, the Commerce, Science, and Transportation Committee will consider the nomination of Eric Lander to be Director of the Office of Science and Technology Policy (OSTP).
  • The Federal Trade Commission (FTC) will hold a workshop titled “Bringing Dark Patterns to Light” on 29 April.
  • The Department of Commerce’s National Telecommunications and Information Administration (NTIA) will hold “a virtual meeting of a multistakeholder process on promoting software component transparency” on 29 April.
  • On 27 July, the Federal Trade Commission (FTC) will hold PrivacyCon 2021.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2021. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Photo by Ilnur Kalimullin on Unsplash

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s