Other Developments, Further Reading, and Coming Events (21 April 2021)

5G, Antitrust, Artificial Intelligence, Big Data, Broadband, CISA, Coming Events, Competition, COVID-19, Cybersecurity, Data Flows, Data Protection, data security, DHS, EDPB, Encryption, EU, Further Reading, GDPR, Misinformation, NSA, Other Developments, People's Republic of China, Section 230, Social Media, Technology, Telecommunications, United States 18 Minutes

Other Developments

  • At the conclusion of their meeting in which they renewed the United States-Japan alliance, President Joe Biden and Prime Minister Suga Yoshihide announced a number of joint initiatives to counter the growing influence of the People’s Republic of China (PRC), some of which pertained to technology. In a statement, the governments explained how they plan to work together:
    • Recognizing that our shared security and prosperity requires new forms of 21st century cooperation, President Biden and Prime Minister Suga have launched a new Competitiveness and Resilience (CoRe) Partnership. Our partnership will ensure that we lead a sustainable, inclusive, healthy, green global economic recovery. It will also generate economic growth guided by open and democratic principles, supported by transparent trade rules and regulations and high labor and environmental standards, and aligned with a low-carbon future. To achieve these goals, the partnership will focus on i) competitiveness and innovation, ii) COVID-19 response, global health, and health security, and iii) climate change, clean energy, and green growth and recovery.
    • The United States and Japan recognize that digital economy and emerging technologies have the potential to transform societies and bring about tremendous economic opportunities. We will collaborate to enhance our countries’ competitiveness, individually and together, by deepening cooperation in research and technology development in life sciences and biotechnology, artificial intelligence, quantum information sciences, and civil space. President Biden and Prime Minister Suga affirmed their commitment to the security and openness of 5th generation (5G) wireless networks and concurred that it is important to rely on trustworthy vendors. The United States and Japan will engage with others through our enhanced Global Digital Connectivity Partnership to catalyze investments and to provide training and capacity building to promote vibrant digital economies. We will also partner on sensitive supply chains, including on semi-conductors, promoting and protecting the critical technologies that are essential to our security and prosperity.
    • The United States and Japan are committed to maintaining and further strengthening our robust bilateral trade relationship while advancing shared interests, including digital trade cooperation, the development of trade policies that support climate change objectives, World Trade Organization (WTO) reform, and promoting inclusive growth in the Indo-Pacific. We will continue to work together bilaterally, as well as within the G7 and the WTO, to address the use of non-market and other unfair trade practices, including violations of intellectual property rights, forced technology transfer, excess capacity issues, and the use of trade distorting industrial subsidies. We reaffirm our commitment to achieving prosperity and maintaining economic order in the Indo-Pacific region while engaging with other like-minded partners.
      • In the fact sheet on CoRe, the White House stated the U.S. and Japan will:
        • Advance secure and open 5Gnetworks, including Open Radio Access Networks (“Open-RAN”), by fostering innovation and by promoting trustworthy vendors and diverse markets.
        • Strengthen competitiveness in the digital field by investing in research, development, testing, and deployment of secure networks and advanced ICT including 5G and next-generation mobile networks (“6G” or “Beyond 5G”). The United States has committed $2.5 billion to this effort, and Japan has committed $2 billion.
        • Build on successful U.S.-Japan cooperation in third-countries and launch a Global Digital Connectivity Partnership to promote secure connectivity and a vibrant digital economy while building the cybersecurity capacity of our partners to address shared threats.
        • Strengthen collaboration and information exchange between U.S. and Japanese ICT experts in global standards development.
        • Cooperate on sensitive supply chains, including semi-conductors, and on the promotion and protection of critical technologies.
        • Advance biotechnology for the global good by focusing on genome sequencing and the principles of openness, transparency, collaboration, and research integrity.
        • Reinforce collaboration and partnerships between research institutions on quantum information science and technology through joint research and exchange of researchers.
  • The White House announced it is winding down the Unified Coordination Groups (UCGs) convened to coordinate United States (U.S.) to the SolarWinds and Microsoft Exchange hacks. In her statement, Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger asserted:
    • Due to the vastly increased patching and reduction in victims, we are standing down the current UCG surge efforts and will be handling further responses through standard incident management procedures. 
    • She further explained:
      • The Biden Administration is undertaking a whole-of-government effort – working closely with Congress, the private sector, and allies and partners around the world – to build back better in new and innovative ways, to modernize our cyber defenses and enhance the nation’s ability to quickly and effectively respond to significant cybersecurity incidents. While this will not be the last major incident, the SolarWinds and Microsoft Exchange UCGs highlight the priority and focus the Administration places on cybersecurity, and at improving incident response for both the U.S. government and the private sector.
    • Neuberger added:
      • The innovations from the Exchange UCG and the lessons learned from these responses will be used to improve future unified, whole of Government responses to significant cyber incidents, including:
        • Integrating private sector partners at the executive and tactical levels. The active private sector involvement resulted in an expedited Microsoft one-click tool to simplify and accelerate victims’ patching and clean-up efforts, and direct sharing of relevant information. This type of partnership sets precedent for future engagements on significant cyber incidents.
        • CISA created and utilized a methodology to track trends in patching and exposed Exchange servers that enabled the UCG to quantify the scope of the incident.
        • Through industry relationships and leveraging legal authorities, the FBI and DOJ quickly identified the scale of the incidents – in the SolarWinds UCG, for example, scoping from a worst case of 16,800 to fewer than 100 targeted exploited nongovernment entities. This enabled focused victim engagement and improved understanding of what the perpetrators targeted from the larger set of exposed entities.
        • NSA and CISA released cybersecurity advisories that detailed adversary techniques and provided mitigation for system owners. NSA also provided guidance to other U.S. military and intelligence organizations, as well as contractors in the defense industrial base. 
  • The European Data Protection Board (EDPB) issued a statement “on international agreements including transfers.” The EDPB explained:
    • As the EDPB/national Supervisory Authorities have been receiving questions about the exchange of personal data between public authorities under existing international agreements in different areas, the EDPB wishes to recall the requirements of Article 96 GDPR and Article 61 Law Enforcement Directive (LED). According to those provisions, all international agreements involving the transfer of personal data to third countries or international organisations which were concluded by the EU Member States prior to 24 May 2016 or 6 May 2016 respectively, and which comply with Union law as applicable prior to that date, shall remain in force until amended, replaced or revoked.
    • The EDPB deems that, in order to ensure that the level of protection of natural persons guaranteed by the GDPR and the LED is not undermined when personal data is transferred outside the Union, consideration should be given to the aim of bringing these agreements in line with the GDPR and LED requirements for data transfers where this is not yet the case.
    • The EDPB therefore invites the Member States to assess and, where necessary, review their international agreements that involve international transfers of personal data, such as those relating to taxation (e.g. to the automatic exchange of personal data for tax purposes), social security, mutual legal assistance, police cooperation, etc. which were concluded prior to 24 May 2016 (for the agreements relevant to the GDPR) or 6 May 2016 (for the agreements relevant to the LED). This review should be done in order to determine whether, while pursuing the important public interests covered by the agreements, further alignment with current Union legislation and case law on data protection, as well as EDPB guidance might be needed.
  • The Council of Europe (Council) issued “a document aimed at governments across Europe…[that] highlights the relevant human rights standards for addressing the issue of “vaccine passports.” The Council explained:
    • The document underlines the importance of stepping up efforts to produce and administer vaccines in an equal manner, in line with the requirements of the Convention on Human Rights and Biomedicine (Oviedo Convention), so that restrictions on individual freedoms can gradually be reviewed as broader immunity is achieved among populations.
    • It also stresses that in the battle against the Covid-19 pandemic, notably in the context of travelling, it is certainly worthwhile taking any steps to harmonise or facilitate the process of certifying that someone is vaccinated, immune or infection-free – provided that personal data are protected and measures to prevent counterfeiting are taken. Member states are invited to take action in line with the Convention for the protection of individuals with regard to automatic processing of personal data, the Convention on the counterfeiting of medical products and similar crimes involving threats to public health (MEDICRIME Convention) and the Convention on cybercrime (Budapest Convention).
    • On the other hand, using such certification or immunisation data for non-medical purposes to grant privileged and exclusive access to rights raises many questions related to respect for human rights and should be considered with caution.
    • The document focuses on four themes:
      • Basis for the obligation of States to provide access to immunisation;
      • Vaccination certificates or “vaccine passports” and their use;
      • Privacy and data protection
      • Security and public health risks.
  • A new entity has formed to study and offer solutions to technology problems. The Future of Tech Commission will be co-chaired by former Massachusetts Governor Deval Patrick, former Secretary of Education Margaret Spellings, and Common Sense Media Founder and CEO James Steyer and “will convene leaders and experts from across sectors to inform an inclusive tech policy agenda for the nation and a blueprint of public-private solutions for action at the local, state, and federal levels.” It bears noting that Spellings and Steyer were involved in a similar effort in the Obama Administration, the Leading Education by Advancing Digital (LEAD) Commission that was convened “to answer two key questions: “Why is the adoption of technology in education happening so slowly in the U.S.?” and more importantly, “What can we as a country do about it?”” In their press statement, the Future of Tech Commission claimed the entity was launched after discussions with the White House and the acting Federal Communications Commission (FCC) Chair, which may be a way to name check both the Biden Administration and one of the regulators of technology companies without an explicit endorsement. Nonetheless, the commission explained:
    • While many developments will shape the future of technology, the Commission’s plan will address some of the most urgent tech policy challenges and opportunities facing America’s economy, democracy, and the nation’s children and families. These include protecting the safety of Americans on online platforms, ensuring consumer privacy, fostering market competition, advancing innovation, and promoting digital equity for all Americans.
    • In an effort to ensure the nation’s tech policy agenda represents every corner of America, co-chairs will organize virtual town hall meetings in collaboration with rural and urban communities around the country, including with governors, civil society groups, academics, tech policy experts, business leaders, and entrepreneurs. The co-chairs expect to host the first Town Halls with community partners in Texas, California, and Massachusetts, and they will also convene conversations with voices from the midwest and southeast. In addition, the Commission will conduct interviews with a diverse group of thought leaders and community leaders who want to harness the potential of technology and provide Americans with the safety, transparency, and digital equity they deserve.
    • The Commission aims to capture this unprecedented moment to forge a coordinated tech policy agenda that strengthens basic democratic norms and institutions; improves quality and access to our systems of education, healthcare, transportation, and workforce development; and bolsters the social, emotional, and cognitive development of America’s children. The Commission’s core vision is to generate collaborative, public-private tech policy solutions for the nation’s state and federal leaders.
  • Senate Judiciary Committee Ranking Member Chuck Grassley (R-IA) recently made remarks on the Senate floor revealing his thinking on how Congress and the Biden Administration should approach 47 U.S.C. 230 and anti-trust as they relate to technology companies. He indicated he views Facebook, Twitter, Google, and others as functional public squares that trigger First Amendment protection for people using these platforms. Like other Republicans, Grassley decried the censorship and cancel culture supposedly aimed at conservatives. He also called for a harder look at anti-trust issues, he stopped short of calling for these companies to be broken up. Here are key excerpts of his speech:
    • Many argue that these private companies have their own terms of service and are able to enforce them as they wish. That they’re not covered under the first amendment. Yet these platforms are now the new public square where it’s important that all voices and viewpoints are able to be heard. With the immunities that these companies have and the importance of dialogue on their platforms, arguably they are in effect state actors and therefore first amendment protections should apply to user generated content.
    • When a company has monopoly power, it no longer is constrained by normal market forces. If these platforms had competitors, consumers could choose alternatives when they disagree with terms of service or moderation policies. Right now the only choice consumers have is to take it or leave it.
    • Section 230 appears to compound this problem. Big tech has no competitors and is immune from liability. These companies are unaccountable to their customers, the courts and the government. If not for their monopoly power and Section 230 immunity, these companies might not be involved in the actions and censorship we see today.
    • These platforms are where people communicate online and there are no real alternatives. This innovation has democratized our political system; yet there are people who don’t like that every person is able to get their views out there and they want to interfere with and censor that. We cannot stand for this cancel culture and the interference with free speech.
    • Entrepreneurs want to challenge these big tech companies. Unfortunately the system is rigged against the little guy startup. These companies can remove your website from the internet, delete your app from the app store or permanently ban you from their platform. They can remove competitors or those they disagree with, largely with no recourse.
    • Our antitrust regulators need to take a harder look at the actions of Big Tech. I recently introduced legislation with Senator Klobuchar to increase resources for FTC and DOJ antitrust enforcement. This legislation would provide an immediate boost to their effective competition responsibilities.
  • Possibly in response to the concerns of key Senate stakeholders, the Department of Energy (DOE) named Puesh M. Kumar as the Acting Principal Deputy Assistant Secretary (PDAS) for DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER).” The DOE claimed:
    • With this appointment, DOE is accelerating capacity-building and reinforcing the Department’s commitment to lead energy sector cybersecurity efforts. Mr. Kumar will lead DOE’s mission to address cyber, physical, and natural hazards and threats to the U.S. energy infrastructure. Mr. Kumar has over 15 years of experience in grid modernization, cybersecurity, and emergency response within the energy sector.
    • Last month, the Senate Energy and Natural Resources Committee Chair Joe Manchin (D-WV), Ranking Member John Barasso (R-WY), and other members of the committee wrote Secretary of Energy Jennifer Granholm “to express our support for the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), and for maintaining its current leadership structure.” They urged Granholm “to continue to prioritize cybersecurity by preserving the CESER office and upholding its leadership at the Assistant Secretary level.”
  • The United States Court of Appeals for the Eleventh Circuit ruled against a challenge that a grocery store chain had violated the “Americans with Disabilities Act” by not making its website usable for a customer with a visual disability. The court explained the case:
    • Appellant Winn-Dixie Stores, Inc. (“Winn-Dixie”), a grocery store chain, operates a website for the convenience of its customers but does not offer any sales directly through the site. Appellee Juan Carlos Gil (“Gil”) is a long-time customer with a visual disability who must access websites with screen reader software, which vocalizes the content of the web pages. Unable to access Winn-Dixie’s website with his software, Gil filed suit against Winn-Dixie under Title III of the Americans with Disabilities Act (“ADA”). After a bench trial, the district court found that Winn-Dixie’s website violated the ADA. Gil v. Winn-Dixie Stores, Inc., 257 F. Supp. 3d 1340, 1345 (S.D. Fla. 2017). Winn-Dixie timely appealed.
  • The Facebook Oversight Board upheld a decision by Facebook to take down “specific content that violated the express prohibition on posting caricatures of Black people in the form of blackface, contained in its Hate Speech Community Standard.” The Board summarized the facts of the case:
    • On December 5, 2020, a Facebook user in the Netherlands shared a post including text in Dutch and a 17-second-long video on their timeline. The video showed a young child meeting three adults, one dressed to portray “Sinterklaas” and two portraying “Zwarte Piet,” also referred to as “Black Pete.”
    • The two adults portraying Zwarte Piets had their faces painted black and wore Afro wigs under hats and colorful renaissance-style clothes. All the people in the video appear to be white, including those with their faces painted black. In the video, festive music plays and one Zwarte Piet says to the child, “[l]ook here, and I found your hat. Do you want to put it on? You’ll be looking like an actual Pete!”
    • Facebook removed the post for violating its Hate Speech Community Standard.
    • The Board then detailed its key findings:
      • While Zwarte Piet represents a cultural tradition shared by many Dutch people without apparent racist intent, it includes the use of blackface which is widely recognized as a harmful racial stereotype.
      • Since August 2020, Facebook has explicitly prohibited caricatures of Black people in the form of blackface as part of its Hate Speech Community Standard. As such, the Board found that Facebook made it sufficiently clear to users that content featuring blackface would be removed unless shared to condemn the practice or raise awareness.
      • A majority of the Board saw sufficient evidence of harm to justify removing the content. They argued the content included caricatures that are inextricably linked to negative and racist stereotypes, and are considered by parts of Dutch society to sustain systemic racism in the Netherlands. They took note of documented cases of Black people experiencing racial discrimination and violence in the Netherlands linked to Zwarte Piet. These included reports that during the Sinterklaas festival Black children felt scared and unsafe in their homes and were afraid to go to school.
      • A majority found that allowing such posts to accumulate on Facebook would help create a discriminatory environment for Black people that would be degrading and harassing. They believed that the impacts of blackface justified Facebook’s policy and that removing the content was consistent with the company’s human rights responsibilities.
      • A minority of the Board, however, saw insufficient evidence to directly link this piece of content to the harm supposedly being reduced by removing it. They noted that Facebook’s value of “Voice” specifically protects disagreeable content and that, while blackface is offensive, depictions on Facebook will not always cause harm to others. They also argued that restricting expression based on cumulative harm can be hard to distinguish from attempts to protect people from subjective feelings of offense.
      • The Board found that removing content without providing an adequate explanation could be perceived as unfair by the user. In this regard, it noted that the user was not told that their content was specifically removed under Facebook’s blackface policy.

Further Reading

  • The FCC wants you to test your internet speeds with its new app” By Makena Kelly — The Verge. The Federal Communications Commission (FCC) has released an app people can use to test the speed of their broadband that would also help the agency compile these data to get a better picture of broadband speeds across the United States (U.S.) At present the FCC relies on self-reported data from internet service providers, and critics of this system and experts have pointed out these data are often not accurate.
  • Republicans prepping smaller counteroffer to Biden’s infrastructure plan” By Sam Mintz — Politico. Senate Republicans are preparing a counteroffer to the White House’s “American Jobs Plan,” President Joe Biden’s $2 trillion infrastructure package Democrats are preparing to enact with or without Republican votes. Senate Republicans, as led by Senate Environment and Public Works Committee Ranking Member Shelley Moore Capito (R-WV), are said to crafting an $800 billion package that would focus on what they call traditional infrastructure (i.e., roads, highways, transit, and the like). Undoubtedly, this package will not roll back parts of the 2017 Republican tax cut package in order to offset the costs of the new spending.
  • Twitter will share how race and politics shape its algorithms” By Anna Kramer — Protocol. Twitter shared “the work we’ve been doing to improve our machine learning (ML) algorithms within Twitter, and our path forward through a company-wide initiative called Responsible ML.” The company will allegedly study ML and its algorithms to adjust how it serves up content to users, with a focus on possible biases regarding race, gender, and political ideologies. This seems to be part of the social media platform’s push to empower users to tailor their experiences, which likely dovetails with the Silicon Valley ethos of giving people choices in some instances over their online consumption. On the other hand, this may be another means of dodging responsibility for content others post and how extremist and inflammatory material get promoted.
  • The FBI wanted to unlock the San Bernardino shooter’s iPhone. It turned to a little-known Australian firm.” By Ellen Nakashima and Reed Albergotti — The Washington Post. This article reconstructs the backstory of the Federal Bureau of Investigation (FBI) vs. Apple battle over the San Bernardino terrorist shooter’s iPhone in 2016. After Apple refused to help the FBI in its efforts to unlock the encrypted phone, the FBI took Apple to court to compel its assistance. The legal fight fizzled a few months later after the FBI accessed the phone. It turns out an Australian white hat hacking firm, Azimuth, provided the FBI the means to circumvent Apple’s default encryption and methods to defeat brute force password attacks. The FBI was disappointed its case was mooted because the agency was hoping for a precedent that would require tech companies to help defeat encryption, and Apple has litigated against one of the key hackers who started a new firm, Corellium. A federal court threw out a significant portion of a suit Apple brought against Corellium over its practices of operating and selling virtual versions of the iOS. Apple is continuing its suit on different grounds (i.e., Corellium violated the Digital Millenium Copyright Act).
  • There’s a Big Gap in Our Cyber Defenses. Here’s How to Close It.” By Glenn Gerstell — Politico. A former National Security Agency General Counsel makes the case for new limited authority for the Federal Bureau of Investigation (FBI) to monitor incursions into domestic networks by possibly malevolent foreign actors of the sort that allowed Russian hackers to launch the SolarWinds attack. Gerstell argues this new authority would square with Fourth Amendment exceptions and would enable the federal government to better see and track foreign activity on networks run by Amazon, Microsoft, and others. Civil libertarians will likely take issue with his analysis and his characterization of the risks, especially the claim that most attacks take advantage of software and hardware deficiencies and are not based on zero-day exploits.

Coming Events

  • On 21 April, the Senate Judiciary Committee’s Intellectual Property Subcommittee will hold a hearing titled “Improving Access and Inclusivity in the Patent System: Unleashing America’s Economic Engine.”
  • The Senate Judiciary Committee’s Competition Policy, Antitrust, and Consumer Rights Subcommittee will hold a hearing titled “Antitrust Applied: Examining Competition in App Stores” on 21 April.
  • The House Energy and Commerce Committee’s Communications and Technology Subcommittee will hold a hearing titled “Leading the Wireless Future: Securing American Network Technology” on 21 April.
  • On 21 April, the Senate Armed Services Committee’s Personnel Subcommittee will hold a hearing “on the current and future cyber workforce of the Department of Defense and the military services.”
  • On 21 April, the Senate Armed Services Committee’s Emerging Threats and Capabilities Subcommittee will hold a hearing “on science and technology, technology maturation, and technology transition activities.”
  • The Federal Communications Commission (FCC) will hold an open meeting on 22 April with this draft agenda:
    • Text-to-988. The Commission will consider a Further Notice of Proposed Rulemaking to increase the effectiveness of the National Suicide Prevention Lifeline by proposing to require covered text providers to support text messaging to 988. (WC Docket No. 18-336)
    • Commercial Space Launch Operations. The Commission will consider a Report and Order and Further Notice of Proposed Rulemaking that would adopt a new spectrum allocation for commercial space launch operations and seek comment on additional allocations and service rules. (ET Docket No. 13-115)
    • Wireless Microphones. The Commission will consider a Notice of Proposed Rulemaking that proposes to revise the technical rules for Part 74 low-power auxiliary station (LPAS) devices to permit a recently developed, and more efficient, type of wireless microphone system. (RM-11821; ET Docket No. 21-115)
    • Improving 911 Reliability. The Commission will consider a Third Notice of Proposed Rulemaking to promote public safety by ensuring that 911 call centers and consumers receive timely and useful notifications of disruptions to 911 service. (PS Docket Nos. 13-75, 15-80; ET Docket No. 04-35
    • Concluding the 800 MHz Band Reconfiguration. The Commission will consider an Order to conclude its 800 MHz rebanding program due to the successful fulfillment of this public safety mandate. (WT Docket No. 02-55)
    • Enhancing Transparency of Foreign Government-Sponsored Programming. The Commission will consider a Report and Order to require clear disclosures for broadcast programming that is sponsored, paid for, or furnished by a foreign government or its representative. (MB Docket No. 20-299)
    • Imposing Application Cap in Upcoming NCE FM Filing Window. The Commission will consider a Public Notice to impose a limit of ten applications filed by any party in the upcoming 2021 filing window for new noncommercial educational FM stations. (MB Docket No. 20-343)
    • Enforcement Bureau Action. The Commission will consider an enforcement action.
  • On 29 April, the Commerce, Science, and Transportation Committee will consider the nomination of Eric Lander to be Director of the Office of Science and Technology Policy (OSTP).
  • The Federal Trade Commission (FTC) will hold a workshop titled “Bringing Dark Patterns to Light” on 29 April.
  • The Department of Commerce’s National Telecommunications and Information Administration (NTIA) will hold “a virtual meeting of a multistakeholder process on promoting software component transparency” on 29 April.
  • On 27 July, the Federal Trade Commission (FTC) will hold PrivacyCon 2021.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2021. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Photo by David Edelstein on Unsplash

Published by Michael Kans

An attorney who specializes in technology policy, law, and politics with other areas of expertise.

Published

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s