Other Developments, Further Reading, and Coming Events (23 June 2021)

Antitrust, Artificial Intelligence, Big Data, Bot, Coming Events, Competition, COVID-19, Cyber Crime, Cybersecurity, Data Flows, Data Protection, data security, DOD, EU, FCC, Further Reading, Other Developments, People's Republic of China, privacy, Privacy Shield, Ransomware, Social Media, Technology, Telecommunications 21 Minutes

Subscribe to my newsletter, The Wavelength, if you want updates on global technology developments four times a week.

Other Developments

  • European Commission (EC) President Ursula von der Leyen and United States (U.S.) President Joe Biden announced the formation of the EU-US Trade and Technology Council (TTC) at the US-EU Summit in Brussels. The EC further explained:
    • The TTC will serve as a forum for the United States and European Union to coordinate approaches to key global trade, economic, and technology issues and to deepen transatlantic trade and economic relations based on shared democratic values.
    • This new Council will meet periodically at political level to steer the cooperation. It will be co-chaired by European Commission Executive Vice-President and EU Competition Commissioner, Margrethe Vestager; European Commission Executive Vice-President and EU Trade Commissioner, Valdis Dombrovskis; US Secretary of State, Antony Blinken; US Secretary of Commerce, Gina Raimondo; and US Trade Representative, Katherine Tai. Other Members of the College and of US Departments will be invited as appropriate, ensuring focused discussions on specific issues in a whole-of-government approach.
    • Main goals of the TTC
      • Expand and deepen bilateral trade and investment
      • Avoid new technical barriers to trade
      • Cooperate on key policies on technology, digital issues and supply chains
      • Support collaborative research
      • Cooperate on the development of compatible and international standards
      • Facilitate cooperation on regulatory policy and enforcement
      • Promote innovation and leadership by EU and US firms
    • Working groups
      • The TTC will initially include the following working groups, which will operationalise the political decisions into deliverables, coordinate the technical work and report to the political level:
      • Technology standards cooperation (including AI and Internet of Things, among other emerging technologies)
      • Climate and green tech
      • Secure supply chains, including semiconductors
      • ICT security and competitiveness
      • Data governance and technology platforms
      • The misuse of technology threatening security and human rights
      • Export controls
      • Investment screening
      • Promoting SME access to and use of digital technologies
      • Global trade challenges
    • In parallel, the EU and the US have set up a Joint Technology Competition Policy Dialogue that will focus on developing common approaches and strengthening the cooperation on competition policy and enforcement in the tech sectors.
  • The United States (U.S.) and the European Union also announced their intention to form a U.S.-EU Joint Technology Competition Policy Dialogue and expressed their interest in continuing to work on a successor to Privacy Shield:
    • In parallel with the Trade and Technology Council (TTC), we intend to establish a U.S.-EU Joint Technology Competition Policy Dialogue that would focus on approaches to competition policy and enforcement, and increased cooperation in the tech sector. To support collaborative research and innovation exchanges, we promote a staff exchange program between our research funding agencies, and we intend to explore the possibility of developing a new research initiative on biotechnology and genomics, with a view to setting common standards. A new implementing arrangement between the EU Joint Research Centre and the U.S. National Institute of Standards and Technologies aims to expand cooperation to new areas. We also resolve to deepen cooperation on cybersecurity information sharing and situational awareness, as well as cybersecurity certification of products and software.
    • We commit to work together to ensure safe, secure, and trusted cross-border data flows that protect consumers and enhance privacy protections, while enabling Transatlantic commerce.  To this end, we plan to continue to work together to strengthen legal certainty in Transatlantic flows of personal data. We also commit to continue cooperation on consumer protection and access to electronic evidence in criminal matters.
  • Senate Intelligence Committee Chair Mark Warner (D-VA) and Ranking Member Marco Rubio (R-FL) along with Senator Susan Collins (R-ME) have floated a draft bill, the “Cyber Incident Notification Act of 2021”, that would change United States (U.S.) law to require critical cyber infrastructure owners and operators and many federal contractors to report actual or potential cybersecurity intrusions within 24 hours of detection to the Cybersecurity and Infrastructure Security Agency (CISA) unless they have a more stringent reporting requirement to another federal agency. CISA would be tasked with promulgating regulations to effectuate the goals of this bill drafted in response to the SolarWinds and Microsoft Exchange hacks.
  • The United Kingdom’s Competition and Markets Authority (CMA) “launched a market study into Apple’s and Google’s mobile ecosystems over concerns they have market power which is harming users and other businesses.” The CMA stated it “is taking a closer look at whether the firms’ effective duopoly over the supply of operating systems (iOS and Android), app stores (App Store and Play Store), and web browsers (Safari and Chrome), could be resulting in consumers losing out across a wide range of areas.” The agency said:
    • The CMA is looking into whether the two firms’ control over mobile ecosystems is stifling competition across a range of digital markets. The CMA is concerned this could lead to reduced innovation across the sector and consumers paying higher prices for devices and apps, or for other goods and services due to higher advertising prices.
    • The study will also examine any effects of the firms’ market power over other businesses – such as app developers – which rely on Apple or Google to market their products to customers via their phones.
    • This study is part of a broader programme of CMA work, which includes establishing a new pro-competition regulatory regime for digital markets through the Digital Markets Unit. As the CMA works with the Government on these proposals, the CMA will continue to use its existing powers to their fullest extent in order to examine and protect competition in these areas.
    • The CMA has been investigating Apple’s App Store and Google’s Privacy Sandbox proposals over competition concerns. While both examine issues falling within the scope of this study, the CMA’s work into mobile ecosystems is much broader. The CMA will adopt a joined-up approach across all these related cases, to ensure the best outcomes for consumers and other businesses.
    • Market studies can make recommendations to government or other bodies, and issue guidance to businesses and consumers as needed, among other options.
    • Views are welcomed on any of the issues raised in the statement of scope by 26 July and the CMA is also keen to hear from app developers, via its questionnaire, by the same date. The CMA has 12 months to conclude the study.
  • The United States Securities and Exchange Commission (SEC) “settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information” per the agency’s press release. The Sec stated:
    • According to the SEC’s order, on the morning of May 24, 2019, a cybersecurity journalist notified First American of a vulnerability with its application for sharing document images that exposed over 800 million images dating back to 2003, including images containing sensitive personal data such as social security numbers and financial information.  In response, according to the order, First American issued a press statement on the evening of May 24, 2019, and furnished a Form 8-K to the Commission on May 28, 2019.  However, according to the order, First American’s senior executives responsible for these public statements were not apprised of certain information that was relevant to their assessment of the company’s disclosure response to the vulnerability and the magnitude of the resulting risk.  In particular, the order finds that First American’s senior executives were not informed that the company’s information security personnel had identified the vulnerability several months earlier, but had failed to remediate it in accordance with the company’s policies.  The order finds that First American failed to maintain disclosure controls and procedures designed to ensure that all available, relevant information concerning the vulnerability was analyzed for disclosure in the company’s public reports filed with the Commission. 
    • The SEC’s order charges First American with violating Rule 13a-15(a) of the Exchange Act.  Without admitting or denying the SEC’s findings, First American agreed to a cease-and-desist order and to pay a $487,616 penalty.
  • Senators Ed Markey (D-MA), Jeff Merkley (D-OR), Bernie Sanders (I-VT), Elizabeth Warren (D-MA), and Ron Wyden (D-Ore.) and Representatives Pramila Jayapal (D-WA), Ayanna Pressley (D-MA) and Rashida Tlaib (D-MI) “reintroduced bicameral legislation to stop government use of biometric technology, including facial recognition tools.” They asserted “[t]he “Facial Recognition and Biometric Technology Moratorium Act”responds to reports that hundreds of local, state, and federal entities, including law enforcement agencies, have used unregulated facial recognition technologies and research showing that that roughly half of U.S. adults are already in facial recognition databases.” They claimed the bill would:
    • Place a prohibition on the use of facial recognition technology by federal entities, which can only be lifted with an act of Congress;
    • Place a prohibition on the use of other biometric technologies, including voice recognition, gate recognition, and recognition of other immutable physical characteristics, by federal entities, which can only be lifted with an act of Congress;
    • Condition federal grant funding to state and local entities, including law enforcement, on those entities enacting their own moratoria on the use of facial recognition and biometric technology;
    • Prohibit the use of federal dollars for biometric surveillance systems;
    • Prohibit the use of information collected via biometric technology in violation of the Act in any judicial proceedings;
    • Provide a private right of action for individuals whose biometric data is used in violation of the Act and allow for enforcement by state Attorneys General; and
    • Allow states and localities to enact their own laws regarding the use of facial recognition and biometric technologies.
  • The European Union (EU) announced the enactment of its EU Digital COVID Certificate. The EU explained:
    • EU Digital COVID Certificate
      • The aim of the EU Digital COVID Certificate is to facilitate safe and free movement inside the EU during the COVID-19 pandemic. All Europeans have the right to free movement, also without the certificate, but the certificate will facilitate travel, exempting holders from restrictions like quarantine.
      • The EU Digital COVID Certificate will be accessible for everyone and it will:
      • cover COVID-19 vaccination, test and recovery;
      • be free of charge and available in all EU languages;
      • be available in a digital and paper-based format;
      • be secure and include a digitally signed QR code;
      • Member States shall refrain from imposing additional travel restrictions on the holders of an EU Digital COVID Certificate, unless they are necessary and proportionate to safeguard public health.
      • In addition, the Commission committed to mobilising €100 million under the Emergency Support Instrument to support Member States in providing affordable tests.
      • The Regulation will apply for 12 months as of 1 July 2021.
    • Background
      • On 17 March 2021, the European Commission presented a proposal to create an EU COVID Certificate to facilitate the safe free movement of citizens within the EU during the pandemic. On 20 May, co-legislators reached a provisional agreement. On 1 June, the technical backbone of the systems, the EU gateway, went live. The gateway allows the verification of the security features contained in the QR codes.
      • Following the official signature today, the Regulation will enter into application on 1 July, with a phasing-in period of six weeks for the issuance of certificates for those Member States that need additional time.
      • 13 Member States have already started to issue EU Digital COVID Certificates.
  • Senate Finance Committee Chair Ron Wyden (D-OR) and Ranking Member Mike Crapo (R-ID) “introduced legislation to strengthen U.S. semiconductor supply chains by incentivizing domestic manufacturing of this critical technology.” They stated that “[t]he “Facilitating American-Built Semiconductors (FABS) Act” is cosponsored by Senators John Cornyn (R-TX) Mark Warner (D-VA) Steve Daines (R-MT) and Debbie Stabenow (D-MI). Wyden and Crapo claimed:
    • The share of global semiconductor production in the United States has dropped from 37 percent in 1990 to just 12 percent today. Semiconductor production is increasingly concentrated overseas, with 75 percent of global production now in East Asia. As much as 70 percent of the cost difference for producing semiconductors overseas is driven by foreign subsidies, rather than comparative advantages. The senators’ bill would close that gap by incentivizing production of semiconductors in the United States.
    • The legislation would create a 25 percent investment tax credit for investments in semiconductor manufacturing, both for manufacturing equipment and the construction of semiconductor manufacturing facilities. The proposal includes incentives for the manufacturing of semiconductors, as well as for the manufacturing of the specialized tooling equipment required in the semiconductor manufacturing process.
    • Taxpayers could elect to receive the tax credit as a direct payment, and must make this election before their facility or equipment is placed in service. To provide certainty and predictability for taxpayers, the credit would be permanent.
  • Senate Intelligence Committee Chair Mark Warner (D-VA) and Senate Health, Education, Labor and Pensions Committee Ranking Member Susan Collins (R-ME) “urged the Biden administration to ensure that school systems across the country are equipped to fend off the growing number of cyberattacks targeting K-12 schools.” Warner and Collins wrote Secretary of Education Miguel Cardona and “strongly urge[d] the Biden Administration to publicize guidance stating allowable Elementary and Secondary School Emergency Relief Fund (ESSER) and Governor’s Emergency Education Relief Fund (GEER) monies can be spent on cybersecurity resources and engage with school districts to increase awareness of the critical need for prioritizing stronger cybersecurity measures.” Warner and Collins added:
    • School systems must have strong cybersecurity resources available to protect themselves against cyber and ransom attacks. With the increasingly persistent attacks on our schools, they simply cannot wait until they are a target to take action.  
    • The COVID-19 relief bills Congress passed over the past year allocated millions to ESSER and GEER funds, which can be used for this purpose. In total, these bills included almost $200 billion for ESSER and over $7 billion for GEER. These available funds provide schools with a unique opportunity to invest in cybersecurity resources. While we understand schools must divide these funds across various crucial concerns, the pandemic has catapulted our school systems to an inflection point where investment in cybersecurity is now more critical than ever.
    • We have heard from school districts unsure whether they can use relief funds for this purpose. We greatly appreciate the Department of Education recently issuing a “Frequently Asked Questions” document, which confirms they can be used to improve cybersecurity “to better meet educational and other needs of students related to preventing, preparing for, or responding to COVID-19.”  We respectfully ask that the Administration take steps to publicize this information and help school districts understand the importance of using funding for cybersecurity efforts, including by promulgating lists of recommended cybersecurity benchmarks that additional resources could help school districts attain. Specifically, we urge the Education Department to issue public guidance clearly stating that states and local education authorities (LEAs) can use ESSER or GEER funds to improve cybersecurity, with guidance on suggested spending priorities to address the endemic threat of ransomware disproportionately impacting school systems. We also ask that the Department develop a plan to make sure school districts are aware of this allowable use and engage with LEAs to ensure they understand the importance of these resources.
    • We implore the Administration to recognize the urgent national need to prioritize cybersecurity in our nation’s education systems. Because of the relief funding Congress has provided over the past year, we have a real opportunity to address accumulating cybersecurity risks in schools. We encourage the Administration to ensure school systems are aware of this use for these funds and engage with LEAs, so they are equipped to take on this challenge. 
  • Germany’s Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) “published supervisory principles for the use of algorithms in decision-making processes by financial institutions…intended to promote the responsible use of big data and artificial intelligence (BDAI) and facilitate control of the associated risks” per the agency’s press release. BaFin added:
    • With the findings of the study and the outcome of the subsequent consultation (BaFin Perspectives Issue 1 | 2019) serving as a starting point, BaFin examined which supervisory principles and general conditions had to be established to ensure a controlled use of BDAI. These considerations have resulted in a 16-page paper which is intended to offer guidance to the institutions supervised by BaFin. In addition, BaFin hopes that the paper will stimulate discussion with a range of stakeholders. For instance, the European Commission announced last year in its Digital Finance Strategy that it intended to clarify with the European Supervisory Authorities (ESAs) by 2024 at the latest which expectations should be placed on the use of BDAI technology. BaFin’s paper outlining these principles will represent a vital contribution to the shared work of the ESAs and the European Commission.
    • Any regulatory questions in relation to BDAI are beset by a fundamental conundrum: how to draw the difficult distinction between BDAI processes and processes driven by conventional statistics. From a risk standpoint, there are three characteristics of particular relevance to modern BDAI methods:
      • First, the algorithms used are frequently much more complex than conventional statistical processes. This renders them opaque.
      • Second, recalibration cycles are getting shorter and shorter. This is due to the combination of algorithms that are constantly learning with the fact that new data becomes available on an almost daily basis. As a result, the boundaries between calibration and validation are increasingly blurred.
      • Third, the use of BDAI methods is leading to an increase in automation. This makes it ever-easier to scale processes, with the impact of the individual algorithm being amplified.
    • The principles thus apply primarily to those algorithms which exhibit these three traits.
    • In order to formulate the principles as precisely as possible, the algorithm-based decision-making process was broken down into two very simplified phases: development and application. The development phase examines how the algorithm is selected, calibrated and validated. For instance, principles for the development phase relate to the relevant data strategy, as well as documentation to ensure clarity for both internal and external parties. In the application phase, the results of the algorithm must be interpreted and included in decision-making processes. This can either be done automatically or by involving experts. A functioning mechanism comprising elements such as sufficient checks and feedback loops for the development phase must be established in all cases. Aside from these two phases, there are overarching principles such as the necessity for a clear responsibility structure and adequate risk and outsourcing management.
    • These principles represent but a milestone in the efforts by BaFin and Deutsche Bundesbank to create legal and application certainty for the responsible use of BDAI within the financial sector. The work is not finished: BaFin and the Bundesbank aim to publish a discussion paper by mid-July specifically on the use of machine learning in Pillar I and Pillar II models, which they intend to consult on together. The focus will be on models which must be granted regulatory approval in the context of solvency supervision or which are subject to prudential review.
  • The Department of Defense’s (DOD) Chief Information Officer (CIO) issued an “Outside the Continental United States (OCONUS) Cloud Strategy.” The CIO explained “[t]he DOD OCONUS Cloud Strategy establishes goals and objectives specifically focused on delivering cloud innovation forward to the tactical edge with the intent of achieving the following outcomes:
    • An All-Domain Advantage: Modem warfare will require a force that can quickly utilize all appropriate assets in a decisive and concerted response. As such, operational strategies and plans will leverage information from strategic-level commands; sensors across air, land, sea, and space; cyber threat and vulnerability sources; and logistics and resource systems. Additionally, executing these strategies and plans will require cutting-edge analytics of critical information to ensure conditions remain appropriate and opportunities still exist. Cloud computing must enable this data aggregation by providing compute and store capacity with the global reach and innovative services to realize data potential through a data-centric design.
    • Information Advantage for the Warfighter: The combination of access to a greater breadth of data and the growing use of wearable digital components, Internet of military things (IoMT), and unmanned systems (UMS) enable warfighters to transform cloud resources into an operational and tactical advantage. AI/ML must analyze and process large data files to inform the warfighter’s decision. This will require computing capacity and innovative services at the tactical edge. Through mobile data centers and edge computing technologies, cloud computing must support these processing power requirements for our warfighters when and where needed.
    • Continued Innovation of Capabilities: DoD’s weapon systems and mission capabilities will be increasingly influenced by and dependent on software. Abilities such as rapidly implementing or tuning AI/ML algorithms, immediately responding to cyber threats, and deploying new software to fighter aircraft in flight will be critical. Accordingly, fighting and winning on the next battlefield will be dependent on the Department’s proficiency in the rapid acquisition, integration, testing, and deployment of new software and cloud computing capabilities. Cloud computing, applying continuous delivery of services models (e.g., Development, Security, and Operations (DevSecOps), Continuous Integration/Continuous Delivery or Continuous Integration/Continuous Deployment (CI/CD)), and Infrastructure as Code (IaC)) must enable continued innovation of digitally driven capabilities while in the fight.
  • Representative Anna Eshoo (D-CA) and House Minority Whip Steve Scalise (R-LA) “introduced the “Secure Equipment Act of 2021” to prohibit the Federal Communications Commission (FCC) from reviewing or issuing new equipment licenses to companies on the FCC’s “Covered Equipment or Services List” that pose a national security threat.” Senators Marco Rubio (R-FL) and Ed Markey (D-MA) introduced similar legislation last month. Eshoo and Scalise explained:
    • This legislation would prevent equipment manufactured by Chinese state-backed firms such as Huawei, ZTE, Hytera, Hikvision and Dahua from being further utilized and marketed in the United States.
    • As directed by Congress, in 2020, the FCC published a list of telecommunications companies deemed to be a national security threat, prohibited the use of federal funds for purchasing equipment made by those companies, and authorized funding for U.S. telecommunications carriers to rip and replace equipment made by those companies. Yet, carriers can still privately purchase this equipment on the open market. The Secure Equipment Act adds an extra layer of security that slams the door on Chinese actors from having a presence in the U.S. telecommunications network.
    • In an unusual move, acting FCC Chair Jessica Rosenworcel was quoted in Eshoo and Scalise’s press release:
      • The introduction of the Secure Equipment Act of 2021 is welcome news. This legislation will help protect our national security by ensuring that untrustworthy communications equipment is not authorized for use within our borders. And we’re not wasting time–last month, I shared a plan with my colleagues to update the Federal Communications Commission’s equipment authorization procedures consistent with this effort. I thank Congresswoman Eshoo and Congressman Scalise for their work–having this policy written into the law will send a strong, bipartisan signal that the United States is committed to developing a market for secure 5G alternatives.
  • New Zealand’s Office of the Privacy Commissioner (OPC) revealed it “has been contacting individual organisations about specific privacy breaches that have been raised with us.” The OPC stated “[w]e’re taking a more proactive approach to remind and warn individual organisations of their statutory responsibilities under the Privacy Act 2020.” The OPC continued:
    • There is, in particular, the requirement that organisations notify the Privacy Commissioner of a serious privacy breach. This would include a ransomware attack when personal information is either accessed, stolen, or rendered inaccessible. Section 114 of the Privacy Act 2020 says an organisation must notify the Commissioner as soon as practicable after it becomes aware that a notifiable privacy breach has occurred. Although the Act is silent on precise timing, we have determined that, unless there are extenuating circumstances, this should be within 72 hours.
    • If an organisation fails to do so, we can consider prosecuting a case against it. If convicted, it would have committed an offence under section 118 of the Act, making it liable for a fine of up to $10,000.

Further Reading

  • China’s Tech Clampdown Is Spreading Like Wildfire” By Stephanie Yang — The Wall Street Journal. The latest salvos in China’s campaign against its tech companies make one thing clear: Jack Ma’s businesses aren’t the only ones under the regulatory microscope. What started out as a government crackdown on anticompetitive practices among Chinese internet giants has grown into a broader effort to clean up how the country’s fast-growing—and, until recently, freewheeling—tech sector operates.
  • Tencent bans nose picking, spanking and other ‘violations’ on its WeChat livestreaming service” By Arjun Kharpal — CNBC. If you were thinking about picking your nose or putting underwear over your head while livestreaming on WeChat, think again. Tencent runs WeChat, a messaging app that is used by over a billion people. The app is an integral part of daily life in China and can be used for everything from payments to booking flights. Last year, Tencent launched a live broadcasting feature called “Channels.”
  • My trip to Europe is about America rallying the world’s democracies” By President Joe Biden — The Washington Post. On Wednesday, I depart for Europe on the first foreign travel of my presidency. It is a trip stacked with meetings with many of our closest democratic partners — including the Group of Seven nations, our NATO allies and the leadership of the European Union — before concluding by meeting with Vladimir Putin. In this moment of global uncertainty, as the world still grapples with a once-in-a-century pandemic, this trip is about realizing America’s renewed commitment to our allies and partners, and demonstrating the capacity of democracies to both meet the challenges and deter the threats of this new age.
  • DOD-NTIA Open 5G Challenge Could Lead to New Requirements” By Mariam Baksh — Nextgov. The Defense Department and the National Telecommunications and Information Administration partnered on a challenge to validate the technology behind the government’s main strategy to compete with China on fifth-generation networks, according to an official. The government is betting big on open radio access network, or O-RAN, technology, which would use software to allow different components of 5G networks to work together. Such software would create an alternative to the hardware-based proprietary models that tie operators to only four “kit” providers—two of which are Chinese equipment providers Huawei and ZTE.
  • Why Amazon Is Confronting the Richest Man in India” By Aman Sethi — The New York Times. Amazon and one of the world’s richest men are engaged in a multibillion-dollar, politically fraught clash over Rani Pillai’s favorite place to buy groceries. Ms. Pillai, a 47-year-old retired nurse, is a regular shopper at Big Bazaar, a low-slung supermarket nestled beneath a metro station in a middle-class neighborhood in east Delhi. She tried online shopping last year, during India’s coronavirus lockdown. It didn’t compare to Big Bazaar, where jars of mango pickle jostle for space with pasta sauce, while family packs of instant noodles are stacked near giant sacks of basmati rice.
  • How Snapchat became the forgotten social platform” By Terry Nguyen — Vox. Caren Babaknia has a lot of silly videos saved on Snapchat. Since high school, the 24-year-old has stored thousands of random, short clips under his Memories tab. He never thought they would be viewed by anyone or worth anything. That changed last November when Snapchat launched Spotlight, a TikTok-like short video feature, and established an initiative that paid users to post. The company distributed up to $1 million a day to users with the most popular Spotlight videos.
  • Judge Chooses Timeline for JEDI Cloud Case” By Frank Konkel — Nextgov. Days after attorneys for the Pentagon, Microsoft and Amazon Web Services proposed competing schedules for moving forward in ongoing JEDI litigation, Judge Patricia Campbell-Smith selected AWS’ proposed schedule through at least July.
  • Trojan Shield: How the FBI Secretly Ran a Phone Network for Criminals” By Joseph Cox — Vice. For years the FBI has secretly run an encrypted communications app used by organized crime in order to surreptitiously collect its users’ messages and monitor criminals’ activity on a massive scale, according to a newly unsealed court document. In all, the elaborate operation netted more than 20 million messages from over 11,800 devices used by suspected criminals.

Coming Events

  • On 23 June, the Senate Armed Services Committee’s Cyber Subcommittee will hold a hearing “To receive testimony on recent ransomware attacks” with these witnesses:
    • Ms. Mieke Eoyang, Deputy Assistant Secretary of Defense for Cyber Policy
    • Major General Kevin Kennedy, Director of Operations, United States Cyber Command
    • Rear Admiral Ronald Foy, Deputy Director for Global Operations, Joint Staff
  • On 24 June, the House Energy and Commerce Committee’s Health Subcommittee will hold a hearing titled “Empowered by Data: Legislation to Advance Equity and Public Health” that will likely include discussion of the following bills:
    • H.R. 379, the “Improving Social Determinants of Health Act of 2021”
    • H.R. 666, the “Anti-Racism in Public Health Act of 2021”
    • H.R. 778, the “Secure Data and Privacy for Contact Tracing Act of 2021”
    • H.R. 791, the “Tracking COVID–19 Variants Act”
    • H.R. 831, the “Health Standards To Advance Transparency, Integrity, Science, Technology Infrastructure, and Confidential Statistics Act of 2021” or the “Health STATISTICS Act of 2021”
    • H.R. 925, the “Data to Save Moms Act”
    • H.R. 943, the “Social Determinants for Moms Act”
    • H.R. 976, the “Ensuring Transparent Honest Information on COVID–19 Act” or the “ETHIC Act”
    • H.R. 2125, the “Quit Because of COVID–19 Act”
    • H.R. 2503, the “Social Determinants Accelerator Act of 2021”
    • H.R. 3894, the “Collecting and Analyzing Resources Integral and Necessary for Guidance for Social Determinants of Health Act of 2021” or the “CARING for Social Determinants of Health Act of 2021”
    • H.R. 3969, to amend title XXVII of the Public Health Service Act to include activities to address social determinants of health in the calculation of medical loss ratios
    • H.R. ____, to require the Comptroller General of the United States to submit to Congress a report on actions taken by the Secretary of Health and Human Services to address social determinants of health
  • The House Appropriations Committee’s Financial Services and General Government Subcommittee will mark up its FY 2022 appropriations bill on 24 June, which includes funding and programmatic direction for a number of agencies including the Federal Communications Commission and Federal Trade Commission.
  • On 24 June, the House Small Business Committee’s Oversight, Investigations, and Regulations Subcommittee will hold a hearing titled “CMMC Implementation: What It Means for Small Businesses.” The subcommittee explained:
    • The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense’s latest initiative to increase cybersecurity preparedness across the defense industrial base. The hearing will provide Members the opportunity to learn more about this initiative, its implementation, and the compliance challenges it poses for small businesses.
    • The following witnesses will appear:
      • Mr. Jonathan T. Williams, Partner, PilieroMazza PLLC
      • Mr. Scott Singer, President, CyberNINES
      • Ms. Tina Wilson, Chief Executive Officer, T47 International, Inc.
      • Mr. Michael Dunbar, President, Ryzhka International LLC
  • On 27 July, the Federal Trade Commission (FTC) will hold PrivacyCon 2021.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2021. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Photo by Jr Korpa on Unsplash

Photo by Frederic Köberl on Unsplash

Photo by Kajetan Sumila on Unsplash

Photo by Kelsey Chance on Unsplash

Published by Michael Kans

An attorney who specializes in technology policy, law, and politics with other areas of expertise.

Published

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s