Further Reading, Other Developments, and Coming Events (14 October)

Further Reading

  •  “The Man Who Speaks Softly—and Commands a Big Cyber Army” By Garrett Graff — WIRED. A profile of General Paul Nakasone, the leader of both the United States’ National Security Agency (NSA) and Cyber Command, who has operated mostly in the background during the tumultuous Trump Administration. He has likely set the template for both organizations going forward for some time. A fascinating read chock with insider details.
  • Facebook Bans Anti-Vaccination Ads, Clamping Down Again” by Mike Isaac — The New York Times. In another sign of the social media platform responding to pressure in the United States and Europe, it was announced that anti-vaccination advertisements would no longer be accepted. This follows bans on Holocaust denial and QAnon material. Of course, this newest announcement is a classic Facebook half-step. Only paid advertisements will be banned, but users can continue to post about their opposition to vaccination.
  • To Mend a Broken Internet, Create Online Parks” By Eli Pariser — WIRED. An interesting argument that a public online space maintained by the government much like parks or public libraries may be just what democracies across the globe need to roll back the tide of extremism and division.
  • QAnon is tearing families apart” By Travis Andrews — The Washington Post. This is a terrifying tour through the fallout of the QAnon conspiracy that sucks some in so deeply they are marginally connected to reality in many ways.
  • AT&T has trouble figuring out where it offers government-funded Internet” By John Brodkin — Ars Technica.  So, yeah, about all that government cash given to big telecom companies that was supposed to bring more broadband coverage. Turns out, they definitely took the cash. The broadband service has been a much more elusive thing to verify. In one example, AT&T may or may not have provided service to 133,000 households in Mississippi after receiving funds from the Federal Communications Commission (FCC). Mississippi state authorities are arguing most of the service is non-existent. AT&T is basically saying it’s all a misunderstanding.

Other Developments

  • The California Attorney General’s Office (AG) has released yet another revision of the regulations necessary to implement the “California Consumer Privacy Act” (CCPA) (AB 375) and comments are due by 28 October. Of course, if Proposition 24 passes next month, the “California Privacy Rights Act” will largely replace the CCPA, requiring the drafting of even more regulations. Nonetheless, what everyone thought was the final set of CCPA regulations took effect on 14 August, but in the notice from the Office of Administrative Law was notice that the AG had withdrawn four portions of the proposed regulations. In the new draft regulations, the AG explained:
    • Proposed section 999.306, subd. (b)(3), provides examples of how businesses that collect personal information in the course of interacting with consumers offline can provide the notice of right to opt-out of the sale of personal information through an offline method.
    • Proposed section 999.315, subd. (h), provides guidance on how a business’s methods for submitting requests to opt-out should be easy and require minimal steps. It provides illustrative examples of methods designed with the purpose or substantial effect of subverting or impairing a consumer’s choice to opt-out.
    • Proposed section 999.326, subd. (a), clarifies the proof that a business may require an authorized agent to provide, as well as what the business may require a consumer to do to verify their request.
    • Proposed section 999.332, subd. (a), clarifies that businesses subject to either section 999.330, section 999.331, or both of these sections are required to include a description of the processes set forth in those sections in their privacy policies.
  • Facebook announced an update to its “hate speech policy to prohibit any content that denies or distorts the Holocaust.” Facebook claimed:
    • Following a year of consultation with external experts, we recently banned anti-Semitic stereotypes about the collective power of Jews that often depicts them running the world or its major institutions.  
    • Today’s announcement marks another step in our effort to fight hate on our services. Our decision is supported by the well-documented rise in anti-Semitism globally and the alarming level of ignorance about the Holocaust, especially among young people. According to a recent survey of adults in the US aged 18-39, almost a quarter said they believed the Holocaust was a myth, that it had been exaggerated or they weren’t sure.
  • In a 2018 interview, Facebook CEO Mark Zuckerberg asserted:
    • I find that deeply offensive. But at the end of the day, I don’t believe that our platform should take that down because I think there are things that different people get wrong. I don’t think that they’re intentionally getting it wrong…
    • What we will do is we’ll say, “Okay, you have your page, and if you’re not trying to organize harm against someone, or attacking someone, then you can put up that content on your page, even if people might disagree with it or find it offensive.” But that doesn’t mean that we have a responsibility to make it widely distributed in News Feed.
    • He clarified in a follow up email:
      • I personally find Holocaust denial deeply offensive, and I absolutely didn’t intend to defend the intent of people who deny that.
      • Our goal with fake news is not to prevent anyone from saying something untrue — but to stop fake news and misinformation spreading across our services. If something is spreading and is rated false by fact checkers, it would lose the vast majority of its distribution in News Feed. And of course if a post crossed line into advocating for violence or hate against a particular group, it would be removed. These issues are very challenging but I believe that often the best way to fight offensive bad speech is with good speech.
  • The Government Accountability Office (GAO) issued an evaluation of the Trump Administration’s 5G Strategy and found more processes and actions are needed if this plan to vault the United States (U.S.) ahead of other nations will come to fruition. Specifically, “report examines the extent to which the Administration has developed a national strategy on 5G that address our six desirable characteristics of an effective national strategy.” The GAO identified the six desirable characteristics: (1) purpose, scope, and methodology; (2) problem definition and risk assessment; (3) goals, subordinate objectives, activities, and performance measures; (4) resources, investments, and risk management; (5) organizational roles, responsibilities, and coordination; and (6) integration and implementation. However, this assessment is necessarily limited, for National Security Council staff took the highly unusual approach of not engaging with the GAO, which may be another norm broken by the Trump Administration. The GAO stated “[t]he March 2020 5G national strategy partially addresses five of our desirable characteristics of an effective national strategy and does not address one, as summarized in table 1:
    • The GAO explained:
      • According to National Telecommunications and Information Administration (NTIA) and Office of Science and Technology Policy (OSTP) officials, the 5G national strategy was intentionally written to be at a high level and as a result, it may not include all elements of our six desirable characteristics of national strategies. These officials stated that the 5G implementation plan required by the Secure 5G and Beyond Act of 2020 is expected to include specific details, not covered in the 5G national strategy, on the U.S. government’s response to 5G risks and challenges. The implementation plan is expected to align and correspond to the lines of effort in the 5G national strategy. NTIA officials told us that the implementation plan to the 5G national strategy would be finalized by the end of October 2020. However, the officials we spoke to were unable to provide details on the final content of the implementation plan such as whether the plan would include all elements of our six desirable characteristics of national strategies given that it was not final. National strategies and their implementation plans should include all elements of the six desirable characteristics to enhance their usefulness as guidance and to ensure accountability and coordinate investments. Until the administration ensures that the implementation plan includes all elements of the six desirable characteristics, the guidance the plan provides decision makers in allocating resources to address 5G risks and challenges will likely be limited.
  • The Irish Council for Civil Liberties (ICCL) wrote the European Commission (EC) to make the case the United Kingdom (UK) is not deserving of an adequacy decision after Brexit because of institutional and cultural weaknesses at the Information Commissioner’s Office (ICO). The ICCL made the case that the ICO has been one of the most ineffectual enforcers of the General Data Protection Regulation (GDPR), especially with respect to what the ICCL called the largest data infringement under the GDPR and the largest data breach of all time: Real-Time Bidding. The ICCL took the ICO to task with having not followed through on fining companies for GDPR violations and having a tiny staff dedicated to data protection and technology issues. The ICCL invoked Article 45 of the GDPR to encourage the EC to deny the UK the adequacy decision it would need in order to transfer the personal data of EU residents to the UK.
  • In an unrelated development, the Information Commissioner’s Office (ICO) wrapped up its investigation into Facebook and Cambridge Analytica and detailed its additional findings in a letter to the Digital, Culture and Media and Sport Select Committee in the House of Commons. ICO head Elizabeth Denham asserted:
    • [w]e concluded that SCL Elections Ltd and Cambridge Analytica (SCL/CA) were purchasing significant volumes of commercially available personal data (at one estimate over 130 billion data points), in the main about millions of US voters, to combine it with the Facebook derived insight information they had obtained from an academic at Cambridge University, Dr Aleksandr Kogan, and elsewhere. In the main their models were also built from ‘off the shelf’ analytical tools and there was evidence that their own staff were concerned about some of the public statements the leadership of the company were making about their impact and influence.
    • From my review of the materials recovered by the investigation I have found no further evidence to change my earlier view that SCL/CA were not involved in the EU referendum campaign in the UK -beyond some initial enquiries made by SCL/CA in relation to UKIP data in the early stages of the referendum process. This strand of work does not appear to have then been taken forward by SCL/CA
    • I have concluded my wider investigations of several organisations on both the remain and the leave side of the UK’s referendum about membership of the EU. I identified no significant breaches of the privacy and electronic marketing regulations and data protection legislation that met the threshold for formal regulatory action. Where the organisation continued in operation, I have provided advice and guidance to support better future compliance with the rules.
    • During the investigation concerns about possible Russian interference in elections globally came to the fore. As I explained to the sub-committee in April 2019, I referred details of reported possible Russia-located activity to access data linked to the investigation to the National Crime Agency. These matters fall outside the remit of the ICO. We did not find any additional evidence of Russian involvement in our analysis of material contained in the SCL / CA servers we obtained.
  • The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory regarding “recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability.” CISA and the FBI revealed that that these tactics have penetrated systems related to elections but claimed there has been no degrading of the integrity of electoral systems.
  • The agencies stated:
    • The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application. 
    • This recent malicious activity has often, but not exclusively, been directed at federal and state, local, tribal, and territorial (SLTT) government networks. Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks.
    • CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised.
  • Canada’s Privacy Commissioner Daniel Therrien released the “2019-2020 Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act” and asserted:
    • Technologies have been very useful in halting the spread of COVID-19 by allowing essential activities to continue safely. They can and do serve the public good.
    • At the same time, however, they raise new privacy risks. For example, telemedicine creates risks to doctor-patient confidentiality when virtual platforms involve commercial enterprises. E-learning platforms can capture sensitive information about students’ learning disabilities and other behavioural issues.
    • As the pandemic speeds up digitization, basic privacy principles that would allow us to use public health measures without jeopardizing our rights are, in some cases, best practices rather than requirements under the existing legal framework.
    • We see, for instance, that the law has not properly contemplated privacy protection in the context of public-private partnerships, nor does it mandate app developers to consider Privacy by Design, or the principles of necessity and proportionality.
    • The law is simply not up to protecting our rights in a digital environment. Risks to privacy and other rights are heightened by the fact that the pandemic is fueling rapid societal and economic transformation in a context where our laws fail to provide Canadians with effective protection.
    • In our previous annual report, we shared our vision of how best to protect the privacy rights of Canadians and called on parliamentarians to adopt rights-based privacy laws.
    • We noted that privacy is a fundamental human right (the freedom to live and develop free from surveillance). It is also a precondition for exercising other human rights, such as equality rights in an age when machines and algorithms make decisions about us, and democratic rights when technologies can thwart democratic processes.
    • Regulating privacy is essential not only to support electronic commerce and digital services; it is a matter of justice.

Coming Events

  • The European Union Agency for Cybersecurity (ENISA), Europol’s European Cybercrime Centre (EC3) and the Computer Emergency Response Team for the EU Institutions, Bodies and Agencies (CERT-EU) will hold the 4th annual IoT Security Conference series “to raise awareness on the security challenges facing the Internet of Things (IoT) ecosystem across the European Union:”
    • Artificial Intelligence – 14 October at 15:00 to 16:30 CET
    • Supply Chain for IoT – 21 October at 15:00 to 16:30 CET
  • The House Intelligence Committee will conduct a virtual hearing titled “Misinformation, Conspiracy Theories, and ‘Infodemics’: Stopping the Spread Online.”
  • The Federal Communications Commission (FCC) will hold an open commission meeting on 27 October, and the agency has released a tentative agenda:
    • Restoring Internet Freedom Order Remand – The Commission will consider an Order on Remand that would respond to the remand from the U.S. Court of Appeals for the D.C. Circuit and conclude that the Restoring Internet Freedom Order promotes public safety, facilitates broadband infrastructure deployment, and allows the Commission to continue to provide Lifeline support for broadband Internet access service. (WC Docket Nos. 17-108, 17-287, 11- 42)
    • Establishing a 5G Fund for Rural America – The Commission will consider a Report and Order that would establish the 5G Fund for Rural America to ensure that all Americans have access to the next generation of wireless connectivity. (GN Docket No. 20-32)
    • Increasing Unlicensed Wireless Opportunities in TV White Spaces – The Commission will consider a Report and Order that would increase opportunities for unlicensed white space devices to operate on broadcast television channels 2-35 and expand wireless broadband connectivity in rural and underserved areas. (ET Docket No. 20-36)
    • Streamlining State and Local Approval of Certain Wireless Structure Modifications – The Commission will consider a Report and Order that would further accelerate the deployment of 5G by providing that modifications to existing towers involving limited ground excavation or deployment would be subject to streamlined state and local review pursuant to section 6409(a) of the Spectrum Act of 2012. (WT Docket No. 19-250; RM-11849)
    • Revitalizing AM Radio Service with All-Digital Broadcast Option – The Commission will consider a Report and Order that would authorize AM stations to transition to an all-digital signal on a voluntary basis and would also adopt technical specifications for such stations. (MB Docket Nos. 13-249, 19-311)
    • Expanding Audio Description of Video Content to More TV Markets – The Commission will consider a Report and Order that would expand audio description requirements to 40 additional television markets over the next four years in order to increase the amount of video programming that is accessible to blind and visually impaired Americans. (MB Docket No. 11-43)
    • Modernizing Unbundling and Resale Requirements – The Commission will consider a Report and Order to modernize the Commission’s unbundling and resale regulations, eliminating requirements where they stifle broadband deployment and the transition to next- generation networks, but preserving them where they are still necessary to promote robust intermodal competition. (WC Docket No. 19-308)
    • Enforcement Bureau Action – The Commission will consider an enforcement action.
  • On October 29, the Federal Trade Commission (FTC) will hold a seminar titled “Green Lights & Red Flags: FTC Rules of the Road for Business workshop” that “will bring together Ohio business owners and marketing executives with national and state legal experts to provide practical insights to business and legal professionals about how established consumer protection principles apply in today’s fast-paced marketplace.”
  • The Senate Commerce, Science, and Transportation Committee will reportedly hold a hearing on 29 October regarding 47 U.S.C. 230 with testimony from:
    • Jack Dorsey, Chief Executive Officer of Twitter;
    • Sundar Pichai, Chief Executive Officer of Alphabet Inc. and its subsidiary, Google; and 
    • Mark Zuckerberg, Chief Executive Officer of Facebook.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Image by Thanks for your Like • donations welcome from Pixabay

Further Reading, Other Developments, and Coming Events (5 October)

Coming Events

  • On 6 October, the House Administration Committee’s Elections Subcommittee will hold a virtual hearing titled “Voting Rights and Election Administration: Combatting Misinformation in the 2020 Election.”
  • The United States’ Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) announced that its third annual National Cybersecurity Summit “will be held virtually as a series of webinars every Wednesday for four weeks beginning September 16 and ending October 7:”
    • October 7: Defending our Democracy
    • One can register for the event here.
  • On October 29, the Federal Trade Commission (FTC) will hold a seminar titled “Green Lights & Red Flags: FTC Rules of the Road for Business workshop” that “will bring together Ohio business owners and marketing executives with national and state legal experts to provide practical insights to business and legal professionals about how established consumer protection principles apply in today’s fast-paced marketplace.”

Other Developments

  • The House Intelligence Committee released an unclassified executive summary of “The China Deep Dive: A Report on the Intelligence Community’s Capabilities and Competencies with Respect to the People’s Republic of China.” In a press release, the committee “found that “the United States’ (U.S.) Intelligence Community (IC) has not sufficiently adapted to a changing geopolitical and technological environment increasingly shaped by a rising China and the growing importance of interlocking non-military transnational threats, such as global health, economic security, and climate change.” The committee further claimed “[a]bsent a significant realignment of resources, the U.S. government and intelligence community will fail to achieve the outcomes required to enable continued U.S. competition with China on the global stage for decades to come, and to protect the U.S. health and security.”
    • The committee stated that while its “review was scoped to assess the IC’s efforts against the China target, some of its findings address not merely China, but also broader issues foundational to the IC’s structure and continued ability to operate in a 21st century environment—an environment shaped by the ravages of COVID-19.”
    • The committee made the following findings:
      • Intelligence Community [REDACTED] compete with China. Absent a significant realignment of resources, the U.S. government will fail to achieve the outcomes required to enable U.S. competition with China on the global stage.
      • The Intelligence Community places insufficient emphasis and focus on “soft,” often interconnected long-term national security threats, such as infectious diseases of pandemic potential and climate change, and such threats’ macroeconomic impacts on U.S. national security. This could jeopardize the future relevance of the Intelligence Community’s analysis to policymakers on certain long-range challenges, particularly given the growing importance of these policy challenges to decision-makers and the public and the devastating impact of the current pandemic on U.S. national life.
      • The Intelligence Community has failed to fully achieve the integration objectives outlined in the 2004 Intelligence Reform and Terrorism Prevention Act (IRTPA) for targets and topics unrelated to counterterrorism.
      • The Intelligence Community is struggling to adapt to the increasing availability and commodification of data, [REDACTED].
      • The increasing pace of global events, fueled by the rise of social media and mobile communications, will continue to stress the IC’s ability to provide timely and accurate analysis within customers’ decision-making window.
      • The future successful application of artificial intelligence, machine learning, and other advanced analytic techniques will be integral enablers for the U.S. national security enterprise. Conversely, there is a high degree of strategic risk associated with stasis and a failure to modernize.
      • Existing intelligence requirement prioritization mechanisms [REDACTED] particularly with respect to decision-makers outside of the Department of Defense.
    • The committee made the following recommendations broadly about the IC:
      • The Committee recommends the creation of a bipartisan, bicameral congressional study group to evaluate the current organization of and authorities provided to the intelligence community, with the express goal of making necessary reforms to the National Security Act of 1947 and the Intelligence Reform and Preventing Terrorism Act (IRPTA) of 2004.
      • The Executive Branch, in consultation with congressional intelligence and appropriations committees, must undertake a zero-based review of all intelligence program expenditures, assess the programs’ continued relevance to forward-looking mission sets, such as the increased relevance of “soft” transnational threats and continued competition with China, and take immediate corrective action to align taxpayer resources in support of strategic requirements.
      • An external entity should conduct a formal review of the governance of open-source intelligence (OSINT) within the intelligence community, and submit to congressional intelligence and appropriations committees a proposal to streamline and strengthen U.S. government capabilities.
      • The Office of the Director of National Intelligence (ODNI) should identify shared artificial intelligence and machine learning (AI/ML) use cases across the intelligence community and use the its coordinating and budgetary authorities to consolidate spending, expertise, and data around shared community-wide AI/ML capabilities.
    • Specific to the People’s Republic of China, the committee stated
      • ODNI should strengthen its ability to effectively track [REDACTED]
      • The IC should [REDACTED] existing intelligence collection prioritization frameworks, particularly to inform resource allocation decisions.
      • The IC should formalize and broaden programs designed to mentor the next generation of China analysts. Agencies should leverage best practices from across the community, and develop internal Senior Steering Groups to prioritize investments in specific China-focused programs.
      • The IC should conduct a review of security clearance adjudication policies surrounding [REDACTED]
      • If an officer possesses critical skills relevant to China mission-set, such as proficiency in Mandarin Chinese, the Intelligence Community should [REDACTED]
      • The IC should engage in a dialogue with the U.S. Department of Education on the requirements for the future of the U.S. national security workforce.
      • The Intelligence Community should codify and nurture cadres of officers with China-focused expertise [REDACTED]
      • The U.S. should expand its diplomatic, economic, and defense presence in the Indo-Pacific region, to include in the Pacific Island Countries and Southeast Asia.
      • The IC should consider developing a series of reskilling programs to leverage existing talent and expertise previously cultivated in counterterrorism programs.
      • The IC should streamline China-focused reporting across regional areas of responsibility.
      • The IC should leverage lessons learned from providing support to the counterterrorism mission in order to identify ways in which it can embed real-time support to customers, especially those located outside of the Department of Defense, such as the Department of State, the United States Trade Representative, or U.S. health and disaster preparedness agencies.
      • In recognition of the growing importance of economic and policy agencies to the overall success of the U.S. government’s approach to China, the intelligence community should develop plans to increase analytic support to, or otherwise ensure consistent, agile communications and appropriate interactions with, non-traditional agencies, such as the Department of Commerce, the Department of Homeland Security, the National Science Foundation, the Department of Education, and U.S. public health agencies.
  • The United States (U.S.), Australia, India, and Japan convened a virtual session of the Quadrilateral Security Dialogue (aka The Quad) late last month ahead of in person talks in Tokyo set for tomorrow. The renewal of this diplomatic relationship is being portrayed by the People’s Republic of China (PRC) as “an anti-China frontline,” a “mini-NATO,” and a reflection of the U.S.’ “Cold War mentality” according to the PRC’s Vice Foreign Minister. Nonetheless, the four nations issued a statement indicating the “four democracies discussed ways to work together to respond to the COVID-19 pandemic, promote transparency and counter disinformation, and protect the rules-based order the region has long enjoyed,” a statement that includes some pokes at the PRC. First, obviously the PRC is not a democracy and is in the process of cracking down on democracy in Hong Kong. Second, the PRC’s government is not renowned for its transparency and is coming to be one of the world’s foremost purveyors of disinformation online. Third, the U.S. has been arguing since the Obama Administration that the PRC is violating the rules and norms that have ensured prosperity and peace in the Pacific and Indian Oceans since World War II. Not surprisingly, the PRC sees this order as having been established by the U.S. and largely for its benefit.
    • The four nations added:
      • Noting the importance of digital connectivity and secure networks, the officials discussed ways to promote the use of trusted vendors, particularly for fifth generation (5G) networks. They explored ways to enhance coordination on counterterrorism, maritime security, cyber security, and regional connectivity, as well as quality infrastructure based upon international best practices, such as the G20 Principles for Quality Infrastructure Investment. Participants also highlighted the need to improve supply chains in sectors including critical minerals, medical supplies, and pharmaceuticals.
      • The officials reaffirmed their countries’ strong support for ASEAN centrality and ASEAN-led regional architecture. They explored ways to work together in the Mekong sub-region, in the South China Sea, and across the Indo-Pacific to support international law, pluralism, regional stability, and post-pandemic recovery efforts.
    • Again, many of these policy goals and problems are arising because of PRC actions, at least according to The Quad The U.S. and its allies have been fighting the PRC’s 5G push and have accused the PRC of stepping up its cyber activities, including espionage.
    • Moreover, Japan created and advocated what eventually became the G20 Principles for Quality Infrastructure Investment as a policy counterpoint to the PRC’s Silk Belt and Road initiative that has resulted in massive aid from and indebtedness to Beijing in the developing world.
    • The Quad’s work, alongside bilateral relationships in the region, could well coalesce into an informal alliance against the PRC, an outcome that would likely help Washington achieve some of its professed policy goals.
  • Representative Jennifer Wexton (D-VA) and Senator Mazie K. Hirono (D-HI) introduced the “COVID-19 Disinformation Research and Reporting Act” (H.R.8395/S.4732) that “would examine the role of disinformation and misinformation on the public response to COVID-19 and the role that social media has in promoting the spread of false information” per their press release. The bill would require the “National Academies of Sciences, Engineering, and Medicine to conduct a study on the current understanding of the spread of COVID–19-related disinformation and misinformation on the internet and social media platforms.”
    • Wexton and Hirono asserted:
      • Disinformation and misinformation can be particularly dangerous during public health emergencies like COVID-19. This kind of false information can erode trust in science, government officials, and medical and public health experts. Disinformation and misinformation can also make it harder to get accurate and important materials to vulnerable communities, particularly once a vaccine becomes available. The internet and social media have made it easier to spread fake medical information such as unproven treatments for COVID-19.
    • The National Academies of Science, Engineering, and Medicine would need to submit a report to Congress, including “potential strategies to mitigate the dissemination and negative impacts of COVID–19-related disinformation and misinformation (and specifically the dissemination of disinformation and misinformation on social media),” which would likely have utility in fighting other disinformation and misinformation spread online. In fact, the sponsors may be using the current pandemic as the rationale to pass a bill that may otherwise be opposed. It is not hard to imagine the opposition from many on the right if Wexton, Hirono and their cosponsors had proposed legislation to study online extremism and hate in the United States, resulting in a report on how the U.S. might mitigate these phenomena given the role extremists and white supremacists have played in the Republican Party under President Donald Trump.
    • The bill is being sponsored by other Democrats in each chamber but no Republicans.
  • Senate Majority Whip John Thune (R-SD) and 18 Republican colleagues sent President Donald Trump a letter “to express our concerns about a Request For Information (RFI) released by the Department of Defense (DOD) that contradicts the successful free-market strategy you have embraced for 5G.” Late last month, The United States Department of Defense (DOD) released a  RFI on the possibility of the agency sharing its prized portions of electromagnetic spectrum with commercial providers to speed the development and adoption of 5G in the United States. The Senators argued:
    • Rather than rely on private industry and market forces to foster multiple, facilities-based 5G networks, the RFI seeks information on a government-managed process for 5G networks.
    • Nationalizing 5G and experimenting with untested models for 5G deployment is not the way the United States will win the 5G race.  While we recognize the need for secure communications networks for our military, we are concerned that such a proposal threatens our national security.  When bad actors only need to penetrate one network, they have a greater likelihood of disrupting the United States’ communications services.
  • The Department of Defense (DOD) implemented a new rule designed to drive better cybersecurity among United States (U.S.) defense contractors. This rule brings together two different lines of effort to require the Defense Industrial Base (DIB) to employ better cybersecurity given the risks they face by holding and using classified information, Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). The Executive Branch has long wrestled with how to best push contractors to secure their systems, and Congress and the White House have opted for using federal contract requirements in that contractors must certify compliance. However, the most recent initiative, the Cybersecurity Maturity Model Certification (CMMC) Framework will require contractors to be certified by third party assessors. And yet, it is not clear the DOD has wrestled with the often misaligned incentives present in third party certification schemes.
  • Nonetheless, the DOD explained this is “an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DOD Assessment Methodology and CMMC framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DOD supply chain.
  • The DOD added
    • This rule amends DFARS subpart 204.73, Safeguarding Covered Defense Information and Cyber Incident Reporting, to implement the National Institute of Standards and Technology (NIST) Special Publication 800-171 DOD Assessment Methodology. The new coverage in the subpart directs contracting officers to verify in the Supplier Performance Risk System (SPRS) that an offeror has a current NIST SP 800-171 DOD Assessment on record, prior to contract award, if the offeror is required to implement NIST SP 800-171 pursuant to DFARS clause 252.204-7012. The contracting officer is also directed to include a new DFARS provision 252.204-7019, Notice of NIST SP 800-171 DOD Assessment Requirements, and a new DFARS clause 252.204-7020, NIST SP 800-171 DOD Assessment Requirements, in solicitations and contracts including solicitations using FAR part 12 procedures for the acquisition of commercial items, except for solicitations solely for the acquisition of COTS items.
    • This rule adds a new DFARS subpart, Subpart 204.75, CMMC, to specify the policy and procedures for awarding a contract, or exercising an option on a contract, that includes the requirement for a CMMC certification. Specifically, this subpart directs contracting officers to verify in SPRS that the apparently successful offeror’s or contractor’s CMMC certification is current and meets the required level prior to making the award.
  • The House Republican’s China Task Force (CTF) released its final report with its recommendations on how the United States (U.S.) should change its policies to counter the People’s Republic of China (PRC), which includes a slew of technology-related recommendations.
    • The CTF asserted:
      • Since the establishment of diplomatic relations with the PRC more than 40 years ago, the United States has sought to draw the PRC into the community of nations as a responsible stakeholder. U.S. leaders pursued a strategy of engagement based on the assumption that expanding the bilateral economic relationship with the PRC would advance the U.S. national interest and lead the Chinese Communist Party (CCP) to change. This engagement strategy often turned a blind eye to the CCP’s human rights violations, economic malfeasance, expansionist aggression, and empty promises, as well as the CCP’s deep commitment to a hostile Communist ideology that drives this malign behavior. This strategy has, simply put, failed.
    • The CTF made these recommendations:
      • Supply Chain Security
        • Better securing our medical and national security supply chains by:
        • Providing aggressive, smart, and targeted tax incentives to accelerate our research and development (R&D) and production of crucial medicines, medical supplies, ingredients, tests, and vaccines;
        • Creating a grant program necessary to catalyze domestic production of important technologies and designing tax incentives to secure U.S. supply of advanced semiconductors; and
        • Overhauling the federal permitting process for mineral development and prioritizing advancements in mineral refining so neither industry nor the Defense Industrial Base are reliant on the CCP.
      • National Security
        • Working with the DoD to modernize force structure, posture, operational concepts, and acquisitions in order to deter CCP aggression in the Indo-Pacific and around the world.
        • Ensuring modernization of all three legs of the nuclear triad as well as development and fielding of conventional capabilities critical to counter the PLA in the Indo-Pacific, including ground-launched cruise and ballistic missiles.
        • Underscoring the need for a minimum three to five percent real growth in the defense budget per year in order to deter and defeat the PLA and other key adversaries.
        • Increasing focus on how the U.S. military protects space capabilities and carrying out space exploration goals by leveraging private sector investments.
        • Cutting off material support of CCP military industrial base companies, including divestment from companies with ties to the CCP’s military.
        • Safeguarding the U.S. electoral process and the integrity of our elections with various measures, including the identification of foreign malign actors and ensuring any individuals who engage in interference are inadmissible for entry to the U.S. or deportable if already present.
        • Providing more resources for investigations, criminal prosecutions, and other actions against CCP sponsored IP theft in addition to closing loopholes the CCP has exploited in our visa system.
        • Enhancing federal counterintelligence capabilities and bolstering Mandarin language capacity.
      • Technology
        • Taking a whole-of-government approach to assess the security risks posed by the PRC in 5G networks and increasing cooperation between the U.S. and its allies and partners in identifying and countering them.
        • Supporting the formation of a new D-10 group of leading democracies to develop and deploy 5G and subsequent generations and establishing a reimbursement program for companies to remove equipment from their communications networks that poses a national security risk.
        • Securing international leadership in the technologies of tomorrow, including AI, quantum, 5G, and autonomous vehicles.
        • Sanctioning PRC telecommunications companies engaged in economic or industrial espionage and any PRC entity that tries to hack COVID-19 researchers working on a vaccine.
      • Economics and Energy
        • Ensuring no U.S. taxpayer dollars support any PRC state- owned enterprises.
        • Harmonizing export control policies with our partners and allies to keep critical technologies, including semiconductor manufacturing equipment and R&D, from our adversaries.
        • Applying heightened scrutiny for investments in U.S. companies or operations from the PRC.
        • Strengthening trade relationships with our allies to establish U.S. standards and counter the PRC’s influence.
        • Pursuing trade policies that deter and protect against the PRC’s theft of IP.
        • Enforcing reciprocal treatment of PRC investment into the U.S. to restore symmetry in bilateral investment rules.
        • Ensuring PRC companies are held to the same financial disclosure standards as American companies when listing on U.S. stock exchanges.
        • Working to deepen our trade ties with Taiwan and resolving specific outstanding trade issues so the Administration can take steps to launch trade agreement negotiations once those issues are addressed.
        • Strengthening the Development Finance Corporation, Export Import Bank, and other government efforts to more robustly counter the CCP’s Belt and Road Initiative and debt trap diplomacy.
        • Continuing to advance U.S. energy security in order to be a global counter against the PRC, particularly on the nuclear energy front.
      • Competitiveness
        • Doubling the funding of basic science and technology research over the next 10 years.
        • Increasing coordination and funding for STEM education to create a more capable, skilled workforce.
        • Strengthening the protection of sensitive research at America’s colleges and universities and leading research institutions which includes restricting all federal employees and contractors from participating in foreign talent programs.
        • Requiring colleges and universities to annually report all donations from the PRC.

Further Reading

  • In U.S.-China Tech Feud, Taiwan Feels Heat From Both Sides” By Raymond Zhong — The New York Times. Not surprisingly, this island nation (or renegade province according to the People’s Republic of China (PRC)) is being squeezed in the trade war between the United States (U.S.) and the PRC. The main factor that has led to its central role is the Taiwan Semiconductor Manufacturing Company (TSMC), which produces many of the semiconductors needed by both nations. However, with the U.S. tightening ever further the PRC’s access to this technology, Taiwan’s place in the technology world becomes ever more important. Many in. Taiwan see this technological prowess as a bulwark against a PRC-style takeover as in Hong Kong.
  • Beautiful, perk-filled and mostly empty: What the future holds for tech’s billion-dollar headquarters” By Heather Kelly — The Washington Post. Understandably, COVID-19 has caused many large companies to rethink their real estate footprint. Tech is no different as some companies have told workers to stay home until well into next year. Might the pandemic mark a paradigm shift and companies will require much less building and office space? Or will top companies continue their trend of building company towns of sorts?
  • Ad Tech Could Be the Next Internet Bubble” By Gilad Edelman — WIRED. This deep dive into the online advertising world peels back some of the fictions that have kept this multi-billion-dollar black box running. The question is what would happen to the world economy if it crashes?
  • What the antitrust proposals would actually mean for tech” By Emily Birnbaum — Protocol. This article surveys the waterfront on current antitrust proposals before Congress to address large technology companies.
  • Now You Can Use Instagram to Chat With Friends on Facebook Messenger” By Mike Issac — The New York Times. In a move sure not to make friends among those convinced Facebook is monopolistic, the platform has crossed a Rubicon of sorts by combining messaging platforms. Facebook is now allowing those using Messenger and Instagram to message users on the other platform. Soon, this will also be the case with WhatsApp. Critics claim Facebook is doing this to make the company harder to break up in an antitrust action.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Image by mohamed Hassan from Pixabay

Further Reading, Other Developments, and Coming Events (31 July)

First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates from 2019 and 2020 here.

Here are Further Reading, Other Developments, and Coming Events.

Coming Events

  • On 31 July, the House Intelligence Committee will mark up its Intelligence Authorization Act.
  • On 31 July the Select Committee on the Modernization of Congress will hold a business meeting “to consider proposed recommendations.”
  • On 3 August the House Oversight and Reform Committee will hold a hearing on the tenth “Federal Information Technology Acquisition Reform Act” (FITARA) scorecard on federal information technology.
  • On 4 August, the Senate Armed Services Committee will hold a hearing titled “Findings and Recommendations of the Cyberspace Solarium Commission” with these witnesses:
    • Senator Angus S. King, Jr. (I-ME), Co-Chair, Cyberspace Solarium Commission
    • Representative Michael J. Gallagher (R-WI), Co-Chair, Cyberspace Solarium Commission
    • Brigadier General John C. Inglis, ANG (Ret.), Commissioner, Cyberspace Solarium Commission
  • On 6 August, the Federal Communications Commission (FCC) will hold an open meeting to likely consider the following items:
    • C-band Auction Procedures. The Commission will consider a Public Notice that would adopt procedures for the auction of new flexible-use overlay licenses in the 3.7–3.98 GHz band (Auction 107) for 5G, the Internet of Things, and other advanced wireless services. (AU Docket No. 20-25)
    • Radio Duplication Rules. The Commission will consider a Report and Order that would eliminate the radio duplication rule with regard to AM stations and retain the rule for FM stations. (MB Docket Nos. 19-310. 17-105)
    • Common Antenna Siting Rules. The Commission will consider a Report and Order that would eliminate the common antenna siting rules for FM and TV broadcaster applicants and licensees. (MB Docket Nos. 19-282, 17-105)
    • Telecommunications Relay Service. The Commission will consider a Report and Order to repeal certain TRS rules that are no longer needed in light of changes in technology and voice communications services. (CG Docket No. 03-123)
  • The National Institute of Standards and Technology (NIST) will hold the “Exploring Artificial Intelligence (AI) Trustworthiness: Workshop Series Kickoff Webinar,” “a NIST initiative involving private and public sector organizations and individuals in discussions about building blocks for trustworthy AI systems and the associated measurements, methods, standards, and tools to implement those building blocks when developing, using, and testing AI systems” on 6 August.
  • On 18 August, the National Institute of Standards and Technology (NIST) will host the “Bias in AI Workshop, a virtual event to develop a shared understanding of bias in AI, what it is, and how to measure it.”

Other Developments

  • The European Commission (EC) released a report on the status of efforts across the European Union (EU) to implement the EU Toolbox on 5G Cybersecurity, the bloc’s approach to navigating security issues presented by equipment and services offered by companies from the People’s Republic of China such as Huawei. The EC concluded
    • All  Member  States  reported  that  concrete  steps  have  been  taken  to  implement  the  Toolbox.  Most  Member  States  carried  out  a  gap  analysis  and  launched  a  process  to  review  and  upgrade  existing security measures and enforcement mechanisms. Many Member States have already adopted or are well advanced in the preparation of more advanced security measures on 5G cybersecurity.
    • However,  work  is  still  ongoing  in  many  Member  States  on  defining  the  content  and  scope  of  the  measures and in some cases, political decisions still need to be made in this regard. In addition, even where  measures  are  in  progress  or  being  planned,  not  all  Member  States  have  shared  detailed information about every measure, due to diverse stages in the national implementation processor for national security reasons. Nevertheless, a number of findings can be formulated based on the analysis presented  in  this  report as  regards  the  implementation  of  the  Toolbox  and  areas  where  specific  attention  is  needed  in  the  next  phases  of  the  implementation  of  the  Toolbox  at  national  and/or  EU  level.
  • The United States (US) and Australia released this joint statement after this week’s Australia-United States Ministerial Consultations (AUSMIN) after the heads of their defense and foreign ministries met in Washington DC. The two countries listed a number of steps and initiatives designed to counter the People’s Republic of China (PRC). Among other developments:
    • The US and Australia signed a classified Statement of Principles on Alliance Defense Cooperation and Force Posture Priorities in the Indo-Pacific.
    • The two nations “plan to continue to counter these threats vigorously, including through collaboration with international partners, and through a new working group between the Department of Foreign Affairs and Trade and the Department of State, which will monitor and respond to disinformation efforts.”
    • The US and Australia “expressed deep concern that the targeting of intellectual property and sensitive business information, including information relating to the development of vaccines and treatments for pandemic response, presents an increasing threat to the global economy, and they committed to holding malicious actors accountable.”
    • The countries “noted the role of 5G network security best practices, such as the Prague Proposals, and expressed their intent to work with like-minded partners to develop end-to-end technical solutions for 5G that use trusted vendors….[and] [a]cknowledging that 5G is only the starting point, the two nations also reaffirm their commitment to lifting the security of critical and emerging technologies that will be vital to our nations’ prosperity.”
    • The US and Australia “welcomed the announcement that Lynas has signed a Phase 1 contract with the U.S. Department of Defense for an engineering and market feasibility study for the design of a heavy rare earth separation facility in the United States” and “the continued development of a U.S.-Australia Critical Minerals Plan of Action to improve the security of critical minerals in the United States and Australia.” 
  • The United Kingdom’s National Cyber Security Centre (NCSC) has issued a report titled “The Cyber Threat to Sports Organisations” “to demystify the cyber threat to sports organisations by highlighting the cyber security issues that affect the sector on a daily basis: business email compromise, digital fraud, and venue security.” The NCSC asserted
    • cyber attacks against sports organisations are very common, with 70% of those surveyed experiencing at least one attack per annum. This is significantly higher than the average across UK business.
    • The primary cyber threat comes from cyber criminals with a financial motive. Criminal attacks typically take advantage of poor implementation of technical controls and normal human traits such as trust and ineffective password policies.
    • There have been a small number of Hostile Nation-state attacks against sports organisations; typically, these attacks have exploited the same vulnerabilities used by criminals.
    • The most common outcome of cyber attacks is unauthorised access to email accounts (Business Email Compromise) leading to fraud. Ransomware is also a significant issue in the sector.
  • Top Republicans on one of the committees with jurisdiction over technology have written Google and Apple regarding their “app store and the policies you have in place to ensure apps are appropriately vetted, particularly those with close ties to China and the Chinese Communist Party (CCP).” House Energy and Commerce Committee Ranking Member Greg Walden (R-OR) and Consumer Protection and Commerce Subcommittee Ranking Member Cathy McMorris Rodgers (R-WA) are asking the companies to respond by 12 August to a series of questions. They asserted
    • As with any crisis, there are those that seek to exploit opportunities for their own malicious intent. We believe that bad actors may be taking advantage of the American people’s trust in your brand, which likely extends to apps available through your store. While we want an open and transparent marketplace that does not limit innovators outside your company, we know there are those that seek to use apps as a means to push through pop-up ads or hijack devices to make it a tool for eavesdropping.
    • The level of permissions that these apps require may include access to camera, microphone, and contacts, as well as functionality to load other malware for bad actors to control a device even after the original app has been removed. This is especially alarming when it comes from companies with direct or indirect links to the CCP.
  • A Washington DC think tank published a report written in part with Representatives Robin Kelly (D-IL) and Will Hurd (R-TX) titled “AI and the Workforce.” The Bipartisan Policy Center explained that “[b]ased on our discussions with stakeholders, we have identified the following key principles:
    • 1. The United States should embrace and take a leadership role in the AI-driven economy by filling the AI talent gap and preparing the rest of the workforce for the jobs of the future. However, in doing so, policymakers should make inclusivity and equal opportunity a priority.
    • 2. Closing the AI talent gap requires a targeted approach to training, recruiting, and retaining skilled workers. This AI talent should ideally have a multi-disciplinary skill set that includes ethics.
    • 3. The AI talent gap is not the only challenge of the AI-driven economy, so the federal government should focus more broadly on the jobs of the future and skills that are complemented by AI technology. Additionally, encouraging workers to develop basic AI and technological literacy can help them better determine how to complement AI systems.
    • 4. The educational system from kindergarten through post-college is not yet designed for the AI-driven economy and should be modernized.
    • 5. The skills that will be in demand in the future will continuously change, so lifelong learning and ways to help displaced and mid-career workers transition into new jobs is critical for the workforce of the future.
    • In September 2018, Kelly and Hurd released a white paper detailing the “lessons learned from the Subcommittee’s oversight and hearings on AI and sets forth recommendations for moving forward.” 
  • The National Cyber Security Centre (NCSC) updated its “Mobile Device Guidance” regarding “Windows 10, Android and VPNs. The NCSC stated “[o]ver the next few months, we’ll be bringing our Chrome OS and Ubuntu Linux guidance up to date and into the new format.”
  • Cybersecurity company FireEye released a report on a new type of Russian disinformation campaign where hackers are gaining access to legitimate news sources and planting fake stories that are subsequently amplified on social media.
    • FireEye explained it
      • has tied together several information operations that we assess with moderate confidence comprise part of a broader influence campaign, ongoing since at least March 2017, aligned with Russian security interests. The operations have primarily targeted audiences in Lithuania, Latvia, and Poland with narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in Eastern Europe, occasionally leveraging other themes such as anti-U.S. and COVID-19-related narratives as part of this broader anti-NATO agenda. We have dubbed this campaign “Ghostwriter.”
    • FireEye added
      • Many, though not all, of the incidents we suspect to be part of the Ghostwriter campaign appear to have leveraged website compromises or spoofed email accounts to disseminate fabricated content, including falsified news articles, quotes, correspondence and other documents designed to appear as coming from military officials and political figures in the target countries. This falsified content has been referenced as source material in articles and op-eds authored by at least 14 inauthentic personas posing as locals, journalists, and analysts within those countries.

Further Reading

  • Rite Aid deployed facial recognition systems in hundreds of U.S. stores” by Jeffrey Dastin– Reuters. A major United States retailer was using facial recognition technology mostly at stores in poorer, more ethnically diverse areas that seems connected to a company in the People’s Republic of China. Rite Aid has ceased use of this system that was implemented to address shoplifting and other crime and guards and other personnel were supposed to act when the system turned up a hit on a person in the store who had committed a crime or made trouble in another location. Given the accuracy of this sort of technology, there were a range of false positives. Additionally, locations in New York City that had similar crime profiles in majority white, affluent areas were much less likely to have this system. The company, DeepCamLLC, providing the technology appears intimately connected to a Chinese firm, Shenzhen Shenmu, that appears funded by a Beijing run venture capital/investment fund.
  • Facebook Wins Temporary Halt to EU Antitrust Data Demands” by Stephanie Bodoni – Bloomberg. In a setback for the European Commission’s (EC) investigation, the European Union General Court has temporarily blocked data and document requests in a pair of rulings. The court ruled for Facebook in finding the EC’s request “may unavoidably include personal information” and so “it is important to ensure that confidential treatment of such information is safeguarded, especially when the information does, at first sight, not appear to have any link with the subject matter of the commission’s investigation.” A Facebook attorney claimed the requests were going to net “highly sensitive personal information such as employees’ medical information, personal financial documents, and private information about family members of employees.” The court is expected to issue a final decision on the data requests, which has obvious implications for the EC’s investigation of Facebook.
  • Google’s Top Search Result? Surprise! It’s Google” By Adrianne Jeffries and Leon Yin – The Markup. Google’s search results have changed tremendously over the last 15 years from showing the top organic results to now reserving the 50% of the page for Google results and products. As a result a number of online businesses that compete with Google products have withered and some have died. Google denies abusing its market power, but competitors and possibly some regulators think otherwise, possibly foreshadowing future anti-competitive enforcement actions.
  • Five Eyes alliance could expand in scope to counteract China” by Patrick Wintour – The Guardian. The United States, United Kingdom, Canada, New Zealand, and Australia may expand both the scope of heir Five Eyes arrangement and the membership as a means of pushing back on Chinese policies and actions. Japan could possibly join the alliance and perhaps it serves as the basis for a trade agreement to address Beijing.
  • Huawei to double down on HSBC as legal battle over extradition of Meng Wanzhou intensifies” by Zhou Xin – South China Morning Post. As the daughter of Huawei’s founder continues to be held in Canada facing possible extradition to the United States (US) to be tried on charges of violating US sanctions on Iran. Meng Wanzhou’s lawyers are focusing on the evidence provided by Hong Kong based bank HSBC to the US Department of Justice as being deficient in a number of ways. The People’s Republic of China is still holding two Canadians incommunicado who were arrested and charged with espionage after Meng was detained in British Columbia.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Further Reading, Other Developments, and Coming Events (30 July)

First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates from 2019 and 2020 here.

Here are Further Reading, Other Developments, and Coming Events.

Coming Events

  • On 30 July, the Senate Commerce, Science, and Transportation Committee’s Security Subcommittee will hold a hearing titled “The China Challenge: Realignment of U.S. Economic Policies to Build Resiliency and Competitiveness” with these witnesses:
    • The Honorable Nazak Nikakhtar, Assistant Secretary for Industry and Analysis, International Trade Administration, U.S. Department of Commerce
    • Dr. Rush Doshi, Director of the Chinese Strategy Initiative, The Brookings Institution
    • Mr. Michael Wessel, Commissioner, U.S. – China Economic and Security Review Commission
  • On 30 July, the House Armed Services Committee’s Intelligence and Emerging Threats and Capabilities Subcommittee will hold a hearing titled “Review of the Recommendations of the Cyberspace Solarium Commission” with these witnesses:
    • Senator Angus King (I-ME), Chairman, Cyberspace Solarium Commission
    • Representative Mike Gallagher (R-WI), Chairman, Cyberspace Solarium Commission
    • The Honorable Patrick Murphy, Commissioner, Cyberspace Solarium Commission
    • Mr. Frank Cilluffo, Commissioner, Cyberspace Solarium Commission
  • On 31 July, the House Intelligence Committee will mark up its Intelligence Authorization Act.
  • On 31 July the Select Committee on the Modernization of Congress will hold a business meeting “to consider proposed recommendations.”
  • On 3 August the House Oversight and Reform Committee will hold a hearing on the tenth “Federal Information Technology Acquisition Reform Act” (FITARA) scorecard on federal information technology.
  • On 4 August, the Senate Armed Services Committee will hold a hearing titled “Findings and Recommendations of the Cyberspace Solarium Commission” with these witnesses:
    • Senator Angus S. King, Jr. (I-ME), Co-Chair, Cyberspace Solarium Commission
    • Representative Michael J. Gallagher (R-WI), Co-Chair, Cyberspace Solarium Commission
    • Brigadier General John C. Inglis, ANG (Ret.), Commissioner, Cyberspace Solarium Commission
  • On 6 August, the Federal Communications Commission (FCC) will hold an open meeting to likely consider the following items:
    • C-band Auction Procedures. The Commission will consider a Public Notice that would adopt procedures for the auction of new flexible-use overlay licenses in the 3.7–3.98 GHz band (Auction 107) for 5G, the Internet of Things, and other advanced wireless services. (AU Docket No. 20-25)
    • Radio Duplication Rules. The Commission will consider a Report and Order that would eliminate the radio duplication rule with regard to AM stations and retain the rule for FM stations. (MB Docket Nos. 19-310. 17-105)
    • Common Antenna Siting Rules. The Commission will consider a Report and Order that would eliminate the common antenna siting rules for FM and TV broadcaster applicants and licensees. (MB Docket Nos. 19-282, 17-105)
    • Telecommunications Relay Service. The Commission will consider a Report and Order to repeal certain TRS rules that are no longer needed in light of changes in technology and voice communications services. (CG Docket No. 03-123)
  • The National Institute of Standards and Technology (NIST) will hold the “Exploring Artificial Intelligence (AI) Trustworthiness: Workshop Series Kickoff Webinar,” “a NIST initiative involving private and public sector organizations and individuals in discussions about building blocks for trustworthy AI systems and the associated measurements, methods, standards, and tools to implement those building blocks when developing, using, and testing AI systems” on 6 August.
  • On 18 August, the National Institute of Standards and Technology (NIST) will host the “Bias in AI Workshop, a virtual event to develop a shared understanding of bias in AI, what it is, and how to measure it.”

Other Developments

  • Senate Armed Services Committee Chair James Inhofe (R-OK) has publicly placed a hold on the re-nomination of Federal Communications Commission member over the agency’s April decision to permit Ligado to proceed with its plan “to deploy a low-power terrestrial nationwide network in the 1526-1536 MHz, 1627.5-1637.5 MHz, and 1646.5-1656.5 MHz bands that will primarily support Internet of Things (IoT) services.” This is the latest means of pressing the FCC Inhofe and allies on Capitol Hill and in the Trump Administration have taken. In the recently passed “National Defense Authorization Act (NDAA) for Fiscal Year 2021” (S.4049) there is language requiring “the Secretary of Defense to enter into an agreement with the National Academies of Science, Engineering, and Medicine to conduct an independent technical review of the Order and Authorization adopted by the FCC on April 19, 2020 (FCC 20–48). The independent technical review would include a comparison of the two different approaches used for evaluation of potential harmful interference. The provision also would require the National Academies of Science, Engineering, and Medicine to submit a report on the independent technical review.” This provision may make it into the final FY 2021 NDAA, which would stop Ligado from proceeding before the conclusion of the study.
  • Senator Josh Hawley (R-MO) has released yet another bill amending 47 USC 230 (aka Section 230), the “Behavioral Advertising Decisions Are Downgrading Services (BAD ADS) Act,” that “remove Section 230 immunity from Big Tech companies that display manipulative, behavioral ads or provide data to be used for them.” Considering that targeting advertising forms a significant part of the revenue stream for such companies, this seems to be of a piece with other bills of Hawley’s and others to pressure social media platforms. Hawley noted he “has been a leading critic of Section 230’s protection of Big Tech firms and recently called for Twitter to lose immunity if it chooses to editorialize on political speech.”
  • The United States National Counterintelligence and Security Center (US NCSC) issued a statement on election security on the 100th day before the 2020 Presidential Election. US NCSC Director William Evanina described the risks facing the US heading into November but did not detail US efforts to address and counter the efforts of foreign nations to influence and disrupt Presidential and Congressional elections this fall. The US NCSC explained it is working with other federal agencies and stakeholders, however.
    • US NCSC Director William Evanina explained the purpose of the press release is to “share insights with the American public about foreign threats to our election and offer steps to citizens across the country to build resilience and help mitigate these threats…[and] to update Americans on the evolving election threat landscape, while also safeguarding our intelligence sources and methods.” Evanina noted “Office of the Director of National Intelligence (ODNI) has been providing robust intelligence-based briefings on election security to the presidential campaigns, political committees, and Congressional audiences.” Including the assertion “[i]n leading these classified briefings, I have worked to ensure fidelity, accountability, consistency and transparency with these stakeholders and presented the most timely and accurate information we have to offer” may be Evanina’s way of pushing back on concerns that the White House has placed people loyal to the President at the top of some IC entities who may lack independence. Top Democrats
    • The US NCSC head asserted “[e]lection security remains a top priority for the Intelligence Community and we are committed in our support to the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI), given their leadership roles in this area.”
    • Evanina claimed “[a]t this time, we’re primarily concerned with China, Russia and Iran — although other nation states and non-state actors could also do harm to our electoral process….[and] [o]ur insights and judgments will evolve as the election season progresses:
      • China is expanding its influence efforts to shape the policy environment in the United States, pressure political figures it views as opposed to China’s interests, and counter criticism of China. Beijing recognizes its efforts might affect the presidential race.
      • Russia’s persistent objective is to weaken the United States and diminish our global role. Using a range of efforts, including internet trolls and other proxies, Russia continues to spread disinformation in the U.S. that is designed to undermine confidence in our democratic process and denigrate what it sees as an anti-Russia “establishment” in America.
      • Iran seeks to undermine U.S. democratic institutions and divide the country in advance of the elections. Iran’s efforts center around online influence, such as spreading disinformation on social media and recirculating anti-U.S. content.
    • Speaker of the House Nancy Pelosi (D-CA), Senate Minority Leader Chuck Schumer (D-NY), House Intelligence Committee Chair Adam Schiff (D-CA), and Senate Intelligence Committee Ranking Member Mark Warner (D-VA) released their response to the NCSC statement:
      • The statement just released by NCSC Director William Evanina does not go nearly far enough in arming the American people with the knowledge they need about how foreign powers are seeking to influence our political process. The statement gives a false sense of equivalence to the actions of foreign adversaries by listing three countries of unequal intent, motivation and capability together. The statement, moreover, fails to fully delineate the goal, nature, scope and capacity to influence our election, information the American people must have as we go into November. To say without more, for example, that Russia seeks to ‘denigrate what it sees as an anti-Russia ‘establishment’ in America’ is so generic as to be almost meaningless. The statement omits much on a subject of immense importance.
      • “In our letter two weeks ago, we called on the FBI to provide a defensive briefing to the entire Congress about specific threats related to a concerted foreign disinformation campaign, and this is more important than ever.  But a far more concrete and specific statement needs to be made to the American people, consistent with the need to protect sources and methods.  We can trust the American people with knowing what to do with the information they receive and making those decisions for themselves. But they cannot do so if they are kept in the dark about what our adversaries are doing, and how they are doing it.  When it comes to American elections, Americans must decide.”
    • Senate Majority Leader Mitch McConnell (R-KY) and Senate Intelligence Committee Chair Marco Rubio (R-FL) issued their own statement:
      • We are disappointed by the statement from Senator Schumer, Senator Warner, Speaker Pelosi, and Representative Schiff about Bill Evanina, the Director of the National Counterintelligence and Security Center. Evanina is a career law enforcement and intelligence professional with extensive experience in counterintelligence. His reputation as a straight-shooter immune from politics is well-deserved. It is for this reason that Evanina received overwhelming support from the Senate when he was confirmed to be Director of the NCSC and again when the Administration tapped him to lead the nation’s efforts to protect the 2020 elections from foreign interference.
      • We believe the statement baselessly impugns his character and politicizes intelligence matters. Their manufactured complaint undercuts Director Evanina’s nonpartisan public outreach to increase Americans’ awareness of foreign influence campaigns right at the beginning of his efforts.
      • Prior to their public statements, Director Evanina had previewed his efforts and already offered to provide another round of briefings to the Congress on the threat and steps the US government has taken over the last three and a half years to combat it. We believe the threat is real, and is more complex than many partisans may wish to admit. We welcome these briefings, and hope our colleagues will listen to the career professionals who have been given this mission.
      •  We will not discuss classified information in public, but we are confident that while the threat remains, we are far better prepared than four years ago. The intelligence community, law enforcement, election officials, and others involved in securing our elections are far better postured, and Congress dramatically better informed, than any of us were in 2016—and our Democrat colleagues know it.
  • The Australian Cyber Security Centre (ACSC) and the Digital Transformation Agency (DTA) issued “new Cloud Security Guidance co-designed with industry to support the secure adoption of cloud services across government and industry.” The agencies stated this new release “will guide organisations including government, Cloud Service Providers (CSP), and Information Security Registered Assessors Program (IRAP) assessors on how to perform a comprehensive assessment of a cloud service provider and its cloud services, so a risk-informed decision can be made about its suitability to handle an organisation’s data.” ACSC and DTA added “The Cloud Security Guidance is supported by forthcoming updates to the Australian Government Information Security Manual (ISM), the Attorney-General’s Protective Security Policy Framework (PSPF), and the DTA’s Secure Cloud Strategy.”
  • The National Institute of Standards and Technology (NIST) studied how well facial recognition technology and services could identify people wearing masks and, to no great surprise, the results were not good with respect to accuracy. NIST stressed that the facial recognition technology were not calibrated for masks in qualifying its results. In its Interagency Report NISTIR 8311, NIST found
    • Algorithm accuracy with masked faces declined substantially across the board. Using unmasked images, the most accurate algorithms fail to authenticate a person about 0.3% of the time. Masked images raised even these top algorithms’ failure rate to about 5%, while many otherwise competent algorithms failed between 20% to 50% of the time.
    • Masked images more frequently caused algorithms to be unable to process a face, technically termed “failure to enroll or template” (FTE). Face recognition algorithms typically work by measuring a face’s features — their size and distance from one another, for example — and then comparing these measurements to those from another photo. An FTE means the algorithm could not extract a face’s features well enough to make an effective comparison in the first place.
    • The more of the nose a mask covers, the lower the algorithm’s accuracy. The study explored three levels of nose coverage — low, medium and high — finding that accuracy degrades with greater nose coverage.
    • While false negatives increased, false positives remained stable or modestly declined. Errors in face recognition can take the form of either a “false negative,” where the algorithm fails to match two photos of the same person, or a “false positive,” where it incorrectly indicates a match between photos of two different people. The modest decline in false positive rates show that occlusion with masks does not undermine this aspect of security.
    • The shape and color of a mask matters. Algorithm error rates were generally lower with round masks. Black masks also degraded algorithm performance in comparison to surgical blue ones, though because of time and resource constraints the team was not able to test the effect of color completely.
    • NIST explained this report
      • is the first of a series of reports on the performance of face recognition algorithms on faces occluded by protective face masks [2] commonly worn to reduce inhalation of viruses or other contaminants. This study is being run under the Ongoing Face Recognition Vendor Test (FRVT) executed by the National Institute of Standards and Technology (NIST). This report documents accuracy of algorithms to recognize persons wearing face masks. The results in this report apply to algorithms provided to NIST before the COVID-19 pandemic, which were developed without expectation that NIST would execute them on masked face images.
  • The United States National Science Foundation (NSF) and the Office of Science and Technology Policy (OSTP) inside the White House announced the establishment of the Quantum Leap Challenges Institutes program and “$75 million for three new institutes designed to have a tangible impact in solving” problems associated with quantum information science and engineering. NSF added “Quantum Leap Challenge Institutes also form the centerpiece of NSF’s Quantum Leap, an ongoing, agency-wide effort to enable quantum systems research and development.” NSF and OSTP named the following institutes:
    • NSF Quantum Leap Challenge Institute for Present and Future Quantum Computing. Today’s quantum computing prototypes are rudimentary, error-prone, and small-scale. This institute, led by the University of California, Berkeley, plans to learn from these to design advanced, large-scale quantum computers, develop efficient algorithms for current and future quantum computing platforms, and ultimately demonstrate that quantum computers outperform even the best conceivable classical computers.
  • The United States Department of Energy (DOE) published its “Blueprint for the Quantum Internet” “that lays out a blueprint strategy for the development of a national quantum internet, bringing the United States to the forefront of the global quantum race and ushering in a new era of communications” and held an event to roll out the new document and approach. The Blueprint is part of the Administration’s effort to implement the “National Quantum Initiative Act” (P.L. 115-368), a bill “[t]o provide for a coordinated Federal program to accelerate quantum research and development for the economic and national security of the United States.” Under Secretary of Energy for Science Paul Dabbar explained in a blog post that “[t]he Blueprint lays out four priority research opportunities to make this happen:
    • Providing the foundational building blocks for Quantum Internet;
    • Integrating Quantum networking devices;
    • Creating repeating, switching, and routing technologies for Quantum entanglement;
    • Enabling error correction of Quantum networking functions.
  • The European Commission (EC) is requesting feedback until 10 September on its impact assessment for future European Union legislation on artificial intelligence (AI). The EC explained “the  overall  policy  objective  is  to  ensure  the  development  and  uptake  of lawful  and trustworthy  AI across the Single Market through the creation of an ecosystem of trust.” Earlier this year, as part of its Digital Strategy, the EC recently released a white paper earlier this year, “On Artificial Intelligence – A European approach to excellence and trust,” in which the Commission articulates its support for “a regulatory and investment oriented approach with the twin objective of promoting the uptake of AI and of addressing the risks associated with certain uses of this new technology.” The EC stated that “[t]he purpose of this White Paper is to set out policy options on how to achieve these objectives…[but] does not address the development and use of AI for military purposes.”

Further Reading

  • Google Takes Aim at Amazon. Again.” – The New York Times. For the fifth time in the last decade, Google will try to take on Amazon, in part, because the latter’s dominance in online retailing is threatening the former’s dominance in online advertising. Google is offering a suite of inducements for retailers to use its platform, Google Shopping. One wonders if Google gains traction whether Amazon would point to the competition as proof it is not engaged in anti-competitive practices to regulators.
  • Twitter’s security woes included broad access to user accounts” – Ad Age. This piece details the years long tension inside the social media giant between strengthening internal security and developing features to make more money. Not surprisingly, the latter consideration almost always trumped the former, a situation exacerbated by Twitter’s growing use of third-party contractors to handle back end functions, including security. Apparently, many contractors would spy on celebrities’ accounts, sometimes using workarounds to defeat Twitter’s security. Even though this article claims it was only contractors, one wonders if some Twitter employees were doing the same. Whatever the case, Twitter’s board has been warned about weak security for years and opted against heeding this advice, a factor that likely allowed the platform to get hacked a few weeks ago. Worse still, the incentives do not seem aligned to drive better security in the future. 
  • We’re in the middle of the COVID-19 crisis. Big Tech is already preparing for the next one.” – Protocol. For people who think large technology companies have not had a prominent enough role during the current pandemic, this news will be reassuring. The Consumer Technology Association (CTA), a non-profit organized under Section 501(c)(6) of United States’ tax laws, has commenced with a “Public Health Tech Initiative” “[t]o ensure an effective public sector response to future pandemics like COVID-19.” This group “will explore and create recommendations for the use of technology in dealing with and recovering from future public health emergencies.”
  • Car Companies Want to Monitor Your Every Move With Emotion-Detecting AI” – Vice’s Motherboard. A number of companies are selling auto manufacturers on a suite of technology that could record everything that happens in your car, including facial analysis algorithms, for a variety of purposes with financial motives such as behavioral advertising, setting insurance rates, and others. The United States does not have any laws that directly regulate such practices whereas the European Union does, suggesting such technology would be deployed less in Europe.
  • Russian Intelligence Agencies Push Disinformation on Pandemic” – The New York Times. United States (US) intelligence agencies declassified and share intelligence with journalists purporting to show how Russian Federation intelligence agencies have adapted their techniques in their nonstop disinformation campaign against the US, the North Atlantic Treaty Organization, and others. As Facebook, Twitter, and others have grown adept at locating and removing content from obvious Russian outlets like RT and Sputnik, Russian agencies are utilizing more subtle techniques, aiming at the same goal of undermining confidence among Americans and elsewhere in the government.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Republicans Boycott Hearing on Online Foreign Influence Operations

Despite the minority abstaining from the hearing, one of the committees in the House with jurisdiction over online matters continued its inquiry into influence campaigns in the context of the coming election.

First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates from 2019 and 2020 here.

On 18 June, the House Intelligence Committee held a hearing titled “Emerging Trends in Online Foreign Influence Operations: Social Media, COVID-19, and Election Security” with witnesses from Facebook, Twitter, and Google. This is a follow up to a 2017 hearing to examine the three social media giants’ roles in amplifying or preventing online influence campaigns. The Committee Republicans opted against participating altogether, the second hearing they have boycotted this year.

By way of explanation for the boycott, Committee Member Representative Brad Wenstrup (R-OH) claimed in a 19 June interview on Fox News that the hearing was “just one more step in…Schiff’s playbook to politicize things, to split us further apart, and to use it for some type of political gain.” Wenstrup added

Although this may not be classified material, it is also a chance for our adversaries to understand what steps we are taking to try and stop them from foreign influence. You know, on the Intelligence Committee, we deal with sensitive secrets. We should be operating in a secure facility. And, we should not be in an environment where we are online.

In his opening statement at the hearing, Chair Adam Schiff (D-CA) stated

Today’s important conversation is essential to our oversight of how the Intelligence Community and Nation are working to keep our elections and political discourse from foreign interference. I had hoped it would be a bipartisan discussion. Unfortunately, and without reason or justification, our Republican colleagues once again have decided to absent themselves from the work of the committee. I repeat my hope that they will reconsider this ill-considered path and join us for future hearings.

Schiff stated

  • This is the second hearing of the House Intelligence Committee held with witnesses from Google, Facebook, and Twitter. The first was in November 2017, where we continued to piece together the full breadth of the Russian attack on our democracy one year earlier and inform the public about what we had found. It was a breathtaking and audacious attack that took place on several fronts, including social media platforms used daily by millions of Americans. Through subsequent disclosures by the technology companies, Department of Justice, and this committee, the world learned that Russia’s Internet Research Agency undertook a determined effort to use social media to divide Americans in advance of the 2016 election. These IRA trolls took to a broad array of platforms to launch a sophisticated and pernicious campaign that exploited wedge issues already challenging our Nation, such as immigration, the Second Amendment, race relations, and other issues. Today’s hearing is not intended to look back at 2016 as much as it is to look forward.
  • Election day is a mere five months away, and malicious actors, including Russia but also others, persist in attempts to interfere in our political system in order to gain an advantage against our country and to undermine our most precious right: that to a free and fair vote.  
  • We are holding this hearing and we engage regularly with tech and social media companies because they are arguably best positioned to sound the alarm if and when another external actor attempts to interfere in our democratic discourse, first, because their technical capacity and security acumen allows them to detect malicious activity on their platforms and make attributions through technical indicators that are available only to the companies themselves, and, second, because we cannot have complete confidence that the White House will allow the Intelligence Community to look fully and promptly inform Congress if it detects foreign interference, especially if that interference appears to assist the President’s reelection.
  • That is a dangerous and  unprecedented state of affairs, but, nonetheless, it reflects the reality and why this hearing is so important.
  • To the witnesses: As you describe in your respective written statements, a lot has changed since 2016. In many ways, we are better prepared today than we were four years ago. Each of your companies have taken significant steps and invested resources to detect coordinated inauthentic behavior and foreign interference, and, while there cannot be a guarantee, it would be far more difficult for Russia or another foreign adversary to run the same 2016 playbook undetected.
  • Both Facebook and Twitter now regularly update the public, the committee, and Congress on their findings as they identify and disrupt coordinated inauthentic behavior and foreign interference targeting the United States and other nations globally. U.S. Government agencies with a responsibility to unearth and fight foreign interference coordinate and meet regularly with technology companies and with us.
  • The companies themselves have established mechanisms to share threat information and indicators, both among themselves and with smaller industry peers. Independent researchers have taken up the mantle in cooperation with platforms to apply their skills and knowledge to detecting and analyzing malicious networks and comprehensive public reports.
  • These are positive developments, but, as I look across the landscape, I can’t say that I am confident that the 2020 election will be free of interference by malicious actors, foreign or domestic, who aspire to weaponize your platforms to divide Americans, pit us against one another, and weaken our democracy.
  • We are learning, but our adversaries are also learning as well, and not only Russia. Modest investments in the IRA and the hacking-and-dumping campaign aimed at the Clinton campaign paid off in spades, helping to elect the Kremlin’s favorite candidate and widening fissures between Americans, the lesson being: Influence operations on social media are cheap and effective, and attribution to specific threat actors isn’t always straightforward.

Schiff added

  • While each of your platforms has begun to adopt policies around deepfakes and manipulated media, it remains to be seen whether they are sufficient to detect and remove sinister manipulated media at speed. For once a visceral first impression has been made, even if proven false later, it is nearly impossible to repair the damage.
  • I am also concerned because the nature of your platforms, all of them, is to embrace and monetize virtuality and virality. The more sensational, the more divisive, the more shocking or emotionally charged, the faster it circulates. A tweet or Instagram photo or a YouTube video can be viewed by millions of Americans in the span of hours.
  • A policy that only identifies and acts upon misinformation, whether from a foreign or domestic source, after millions of people have seen it is only a partial response at best. I recognize that, at scale, the challenge of moderation is daunting.
  • As we get closer to November, the stakes will only grow. And make no mistake: Foreign actors and Presidents alike are testing the limits of manipulated media right now. And, finally, I am concerned because of an issue that I raised back in 2017 and repeatedly since.
  • I am concerned about whether social media platforms like YouTube, Facebook, Instagram, and others wittingly or otherwise optimize for extreme content. These technologies are designed to engage users and keep them coming back, which is pushing us further apart and isolating Americans into information silos.
  • Ultimately, the best and only corrective measure to address the pernicious problem of misinformation and foreign interference is ensuring that credible, verified, factual information rises above the polluting disinformation and falsehoods, whether about the location of polling places or about the medical consensus surrounding COVID-19.

Facebook Head of Security Policy Nathaniel Gleicher stated

  • Over the past 3years, we have worked to protect more than 200 elections around the world. We have learned lessons from each of these, and we are applying these lessons to protect the 2020 election in November.  
  • We have taken a variety of steps to support the integrity and security of the electoral process, including: launching Facebook Protect, a program that helps secure the accounts of elected officials, candidates, and their staff; increasing political and issue ad transparency; investigating and stopping coordinated inauthentic behavior –we have removed more than 50 deceptive networks in 2019 alone –and labeling posts by state-controlled media outlets so that people understand where their news is coming from.  
  • Yesterday, we began blocking ads in the United States from these state-controlled outlets to provide an extra layer of protection against foreign influence in the public debate ahead of the 2020 election in November.  
  • In addition, we know that misinformation and influence operations are at their most virulent in information vacuums.   
  • So we combine our enforcement efforts with ensuring that people can access authentic, accurate information about major civic moments, like this global pandemic or voting.   
  • This is why we are creating a new Voter Information Center to fight misinformation, to encourage people to vote, and to make voters have accurate and up-to-date information from their local, State, and Federal election authorities.

Twitter Director of Global Public Policy Strategy and Development Nick Pickles asserted

  • The threat of an interference in elections by foreign and domestic actors is real and evolving.   
  • Since 2016, we have made a number of significant investments to address these challenges and prepare against bad actors, taking lessons from the 2018 midterms and elections around the world.   I am grateful for the opportunity to discuss our approach today, and I will begin by focusing on the policies, product changes, and partnerships Twitter now has in place.
  • The Twitter rules directly address a number of potential threats to the integrity of elections.   Under our civic integrity policy, individuals may not use Twitter for the purpose of manipulating or interfering in elections or other civic processes. This includes posting or sharing content that may suppress participation or mislead people about when, where, or how to participate in a civic process.   
  • We recently expanded this policy to cover civic events–for example, the Census–in addition to elections. We prohibit the use of Twitter services in a manner that intends to artificially amplify or suppress the conversation. Our rules prohibit fake accounts and those impersonating others. We do not permit the distribution of hacked materials that contain private information, trade secrets, or could put people in harm’s way.  
  • In addition to these new rules, Twitter’s advertising policies also play an important part in protecting the public conversation.  
  • Firstly, Twitter does not allow political advertising. Online political advertising represents entirely new challenges to civic discourse that today’s democratic infrastructure may not be prepared to handle, particularly the machine-learning-based optimization of messaging and microtargeting.
  • Secondly, Twitter does not allow news media entities controlled by state authorities to advertise.    This decision was initially taken with regard to Russia Today and Sputnik based on the Russian activities during the 2016 election. Last year, we expanded this policy to cover all state-controlled media entities globally, in addition to individuals who were affiliated with those organizations. While our policies are vital to protect the conversation, we also want to be proactive in helping people on Twitter find credible information by providing them with additional context.  
  • We prioritize interventions regarding misinformation based on the highest potential for harm and are currently focused on three main areas of content: synthetic and manipulated media, elections and civic integrity, and COVID-19.  
  • Where content does not break our rules and warrant removal, in these three areas, we may label tweets to help people come to their own views by providing additional context. These labels may link to a curated set of tweets posted by people on Twitter that include factual statements, counterpoint opinions and perspectives, and ongoing public conversation around the issue.

Google Director for Law Enforcement and Information Security Richard Salgado focused “on three main areas: first, our efforts to combat election-related interference; second, how we are empowering people with authoritative information; and, third, how we are improving transparency and accountability in advertising.” Salgado stated:

  • “[a]s we previously reported to the committee, our investigation into the 2016 elections found relatively little violative foreign-government activity on our platform. Entering the 2018 midterms, we continued to improve our ability to detect and prevent election-related threats and engaged in information-sharing with others in the private sector and the government. While we saw limited misconduct linked to state-sponsored activity in the 2018 midterms, we continue to keep the public informed. We recently launched a quarterly bulletin to provide additional information about our findings concerning coordinated influence operations. This joins other public reporting across products as we shed light on what it is that we are seeing. Looking ahead to the November elections, we know that COVID-19 pandemic, widespread protests, and other significant events can provide fodder for nation-state-sponsored disinformation campaigns. We remain steadfast in our commitment to protect our users.
  • Second, we have continued to improve the integrity of our products. Our approach is built on a framework of three strategies: making quality count in our ranking systems, giving users more context, and counteracting malicious actors. In Search, ranking algorithms are an important tool in our fight against disinformation. Ranking elevates information that our algorithms determine is the most authoritative above information that may be less reliable. Similarly, our work on YouTube focuses on identifying and removing content that violates our policies and elevating authoritative content when users search for breaking news. At the same time, we find and limit the spread of borderline content that comes close but just stops short of violating our policies. The work to protect Google products and our users is no small job, but it is important. We invest heavily in automated tools to tackle a broad set of malicious behaviors and in people who review content and help improve these tools. We applied many of these strategies in response to the COVID-19 pandemic and developed new ways to connect users to authoritative government information. Similarly, we worked to remove misinformation that poses harm to people and undermines efforts to reduce infection rates. On YouTube, we have clear policies prohibiting content that promotes medically unsubstantiated treatments or disputes the existence of COVID-19. We also reduce recommendations of borderline content.
  • Third, Google has made election advertising far more transparent. We now require advertisers purchasing U.S. election ads to verify who they are and disclose who paid for the ad in the ad itself. We launched a transparency report with a searchable ad library as well. Microtargeting of election ads was never allowed on Google systems, but targeting of election ads in the U.S.is now further limited to general geographic location, age, gender, and context where the ad would appear. This aligns with long-established practices in media such as TV, radio, and print. Finally, this April, we announced that we will extend identity verification to all advertisers on our platform, with a roll-out beginning this summer.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

House Action On FISA Fizzles; A Conference Committee Is Requested

First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates from 2019 and 2020 here.

Despite House Democratic leadership’s plans to pass the Foreign Intelligence Surveillance Act (FISA) reauthorization the Senate sent back to the House earlier this month, plans for a vote last week were scrapped when the coalition that made possible passage of substantially the same bill in March fell apart. Instead, the House voted for a motion to disagree with the Senate’s amendments, to request a conference, and to appoint conferees. It remains to be seen whether the Senate opts to go to conference with the House, but a statement from a spokesperson for the Senate Majority Leader suggested he would support doing so. In the meantime, intelligence and law enforcement agencies cannot use the authorities the bill would renew and reform for they expired on 15 March except for investigations that started before that date.

At week’s beginning, it appeared as if the House would bring the amended “USA FREEDOM Reauthorization Act of 2020” (H.R. 6172) to the floor and possibly take a run at adding language that barely failed to get added during debate in the Senate that would further pare back the ability of federal law enforcement agencies to use the FISA process for surveillance. However, the Trump Administration more forcefully stated its objections to the amended bill, including a veto threat issued via Twitter, that caused Republican support for the bill to cave, and with it the chances of passage, for Republican votes were needed to pass the bill in the first place. Consequently, House Democratic Leadership explored the possibility of a clean vote on the Senate-amended bill, with the House Rules Committee reporting a rule for debate, but this effort was also scuttled as there were not the votes for passage of the bill, sending it to the White House. Instead, House Democratic Leadership opted to go to conference committee, which succeeded in a 284-122 proxy vote, one of the first taken under the new procedure. Thereafter, the House named the following conferees: House Judiciary Committee Chair Jerrold Nadler (D-NY) and Ranking Member Jim Jordan (R-OH); House Intelligence Committee Chair Adam Schiff (D-CA) and Ranking Member Devin Nunes (R-CA) and Representative Zoe Lofgren (D-CA).

House Democratic plans on the FISA reauthorization went from amendment to passing the bill the Senate passed to requesting a conference after the Democratic-Republican coalition that got the bill out of the House in March crumbled.  

As noted, this week, the Trump Administration’s opposition has stiffened with the President getting on the field via Twitter, the Department of Justice (DOJ) publicly stating its opposition, and House Republican leadership urging its Members to vote no on H.R.6172. Moreover, progressive Democrats and allied advocacy groups were pushing House Democratic Leadership to adopt provisions blocking the collection and surveillance of web browsing and search engine history under Section 215. Also, some House Democrats had announced their intention to vote against H.R. 6172 regardless of whether the Section 215 narrowing was added, and so it was not clear the Speaker had the votes to pass a bill the President had vowed to veto anyway.

On 26 May, President Donald Trump tweeted “I hope all Republican House Members vote NO on FISA until such time as our Country is able to determine how and why the greatest political, criminal, and subversive scandal in USA history took place!” On 27 May, Trump tweeted

If the FISA Bill is passed tonight on the House floor, I will quickly VETO it. Our Country has just suffered through the greatest political crime in its history. The massive abuse of FISA was a big part of it!

Also on 27 May, Assistant Attorney General Stephen Boyd released the following statement on H.R.6172:

The Department worked closely with House leaders on both sides of the aisle to draft legislation to reauthorize three national security authorities in the U.S.A. Freedom Act while also imposing reforms to other aspects of FISA designed to address issues identified by the DOJ Inspector General. Although that legislation was approved with a large, bipartisan House majority, the Senate thereafter made significant changes that the Department opposed because they would unacceptably impair our ability to pursue terrorists and spies. We have proposed specific fixes to the most significant problems created by the changes the Senate made. Instead of addressing those issues, the House is now poised to further amend the legislation in a manner that will weaken national security tools while doing nothing to address the abuses identified by the DOJ Inspector General.

Accordingly, the Department opposes the Senate-passed bill in its current form and also opposes the Lofgren amendment in the House. Given the cumulative negative effect of these legislative changes on the Department’s ability to identify and track terrorists and spies, the Department must oppose the legislation now under consideration in the House. If passed, the Attorney General would recommend that the President veto the legislation.

And yet this week, the head of the DOJ’s National Security Division John Demers said there is no pressing need for reauthorization at this time. He remarked in an interview:

We’re going to have to look at where we can fill in the gaps using criminal tools. They’re not perfect. Foreign partners are not crazy when we use their information as the basis of criminal tools, because we don’t have the same protections that we do to protect underlying information as we do on the national security side. We are going to do the best we can to fill those holes and keep those investigations going.

Two weeks ago, following Senate amendment and passage of H.R.6172, a DOJ spokesperson said of the bill, it “would unacceptably degrade our ability to conduct surveillance of terrorists, spies and other national security threats.”

Early in the week, Representatives Zoe Lofgren (D-CA) and Warren Davidson (R-OH) submitted an amendment along the lines of the language Senators Ron Wyden (D-OR) and Steve Daines (R-MT) that the Senate rejected by one vote to bar the collection of web browsing and internet search history via a FISA order under Section 215. Lofgren and Davidson had negotiated with other House Democratic stakeholders on language acceptable to them.

Regarding their amendment, in their press release, Lofgren and Davidson claimed “[t]he amendment – which is supported by Reps. Adam Schiff, Chair of the House Permanent Select Committee on Intelligence, and Jerrold Nadler, Chair of the House Judiciary Committee – is an outright prohibition: the government will not be able to use Section 215 to collect the websites that a U.S. person visits, the videos that a U.S. person watches, or the search queries that a U.S. person makes…[and] [s]pecifically:

  • If the government is not sure if you’re a U.S. person, but you could be, the government cannot get your internet activity without a Title I FISA warrant.
  • If the government wants to order a service provider to produce a list of everyone who has visited a particular website, watched a particular video, or made a particular search query: the government cannot make that order unless it can guarantee that no U.S. persons’ IP addresses, device identifiers, or other identifiers will be disclosed to the government.
    • This amendment does not allow for the incidental collection of U.S. persons’ web browsing or search information when the target is a specific-selection term that would or could produce such information.
  • This prohibition is a strict liability-type provision. (It isn’t a knowledge standard or a reasonable-belief standard. An order must not result in the production of a U.S. person’s web browsing or search information.)
  • If the order would or could result in the production of a U.S. person’s web browsing or search information, the government cannot order it without a Title I FISA warrant that must be narrowly tailored toward the subject of the warrant.

It appeared this amendment would be made in order during debate, but opposition from both the left and right in the House and among stakeholders made this untenable. The fact that the Lofgren/Davidson amendment was narrower in that it would only provide this protection to people in the United States whereas the Wyden/Daines amendment would have outright barred the practice under FISA led to opposition on the left. Early on 27 May, Wyden supported this language, but when House Intelligence Committee Chair Adam Schiff (D-CA) suggested that intelligence agencies could continue to collect web browsing and search histories of Americans, Wyden withdrew his support. Thereafter, House Democratic Leadership ultimately decided against allowing this amendment to have a vote.

In December, Lofgren and Davidson were among the Members who introduced the “Safeguarding Americans’ Private Records Act of 2020” (H.R.5675/S.3242) in both chambers. In their press release, the sponsors claimed “[t]he bill includes a host of reforms:

  • It would permanently end the flawed phone surveillance program, which secretly scooped up Americans’ telephone records for years.
  • It would close loopholes and prohibit secret interpretation of the law, like those that led to unconstitutional warrantless surveillance programs.
  • It would prohibit warrantless collection of geolocation information by intelligence agencies.
  • It would respond to issues raised by the Inspector General’s office by ensuring independent attorneys, known as amici, have access to all documents, records and proceedings of Foreign Intelligence Surveillance Court, to provide more oversight and transparency.

Notably, beyond revoking the authority for the NSA to restart the telephone collection program, the bill would also exclude from the definition of “tangible thing” in the Section 215 business records exception: Cell site location information, Global positioning system information, Internet website browsing information, and Internet search history information. The bill also contains language that would limit the use of Section 215 to only counterterrorism and foreign intelligence matters and limit the retention of any such material to three years unless it includes foreign intelligence. Moreover, the bill would increase the justification requirements the government must meet before a nondisclosure requirement (aka gag order) can be placed on a company subject to a Section 215 order.

Two week ago, the Senate amended and passed H.R. 6172 by an 80-16 vote. Consideration of the bill was stalled in March when some Senators pushed for amendments, a demand to which the Senate Majority Leader finally agreed, provided these amendments would need 60 votes to be adopted. Consequently, once COVID-19 legislation had been considered, the Senate returned to H.R.6172, and debated and voted upon three amendments, one of which was agreed to. Senators Pat Leahy (D-VT) and Mike Lee’s (R-UT) amendment to expand the amicus process during the FISA process prevailed by a 77-19 vote. In an op-ed in The Washington Post, Leahy and Lee argued

  • The key to our proposal is to substantially strengthen a program that currently allows FISA judges, in very limited circumstances, to appoint outside legal scholars — called “amici”— to independently analyze FBI surveillance requests that are particularly sensitive. Out of thousands of cases, FISA judges have called for such an independent review by a court-appointed “amicus” only 16 times. Yet this protection is critical because, unlike every courtroom you may have stepped into or any court in a TV drama, the FISA court is not adversarial — meaning there is only a government lawyer and a judge, but no one to advocate for Americans under surveillance.
  • We propose measures that would authorize and actively encourage judges in this secret court to seek independent amicus reviews in all sensitive cases — such as those involving significant First Amendment issues — thereby adding a layer of protection for those who will likely never know they have been targeted for secret surveillance.

As mentioned, Wyden and Daines offered an amendment to narrow the Section 215 exception to the Fourth Amendment’s requirement that a search requires a warrant. Section 215 currently allows for FISA court approved searches of business records and all tangible things in the course of a national security investigation, and the underlying text of H.R. 6172 would exclude cell site location and GPS location from Section 215. The Wyden/Daines amendment would also exclude web browsing and search engine histories.

As Wyden explained during debate,

With web browsing and searches, you are talking about some of the most intimate, some of the most personal, some of the most private details of the lives of Americans. Every thought that can come into people’s heads can be revealed in an internet search or in a visit to a website: their health histories, their medical fears, their political views, their romantic lives, their religious beliefs. Collecting this information is as close to reading minds as surveillance can get. It is the digital mining of the personal lives of the American people.

However, the amendment failed to reach the 60-vote threshold necessary for adoption under the rule of debate for H.R. 6172, failing by one vote as four Senators did not vote.

As for the underlying bill the Senate considered, in March, the House passed H.R. 6172 by a 278-136 vote, a bill to reauthorize three expiring FISA provisions used by the National Security Agency (NSA) primarily to conduct surveillance: the business records exception, roving wiretaps, and the “lone wolf” provision. These authorities had been extended in December 2019 to March 15, 2020. However, the Senate did not act immediately on the bill and opted instead to send a 77-day extension of these now lapsed authorities to the House, which did not to take up the bill. The Senate was at an impasse on how to proceed, for some Members did not favor the House reforms while others wanted to implement further changes to the FISA process. Consequently, Senate Majority Leader Mitch McConnell (R-KY) promised amendment votes when the Senate took up H.R.6172.

Moreover, H.R. 6172 ends the NSA’s ability to use the so-called call detail record (CDR) program that had allowed the agency to access data on many billions of calls. Nonetheless, the NSA shut down the program in 2018 due to what it termed technical problems. This closure of the program was included in the bill even though the Trump Administration had explicitly requested it also be reauthorized.

As mentioned, H.R. 6172 would reauthorize the business records exception, which includes “any tangible thing,” in FISA first instituted in the USA PATRIOT Act in 2001 but would reform certain aspects of the program. For example, if the Federal Bureau of Investigation (FBI) or NSA is seeking a business record under FISA for which a law enforcement agency would need to obtain a warrant, then the FBI or NSA will also need to obtain a warrant. Currently, this is not the case. Additionally, under H.R.6172, the FISA application process under Section 215 could not be used to obtain a person’s cell site location or GPS information. However, the FBI or NSA would still be able to use Title I of FISA to seek cell site location or GPS data for purposes of conducting electronic surveillance related to alleged foreign intelligence. The bill would require that prosecutors must inform defendants of the evidence derived from electronic surveillance unless doing so would harm national security.

Moreover, records obtained under Section 215 could be retained no longer than five years subject to a number of exceptions that may serve to make this limitation a dead letter. For example, if such records are deemed to have a “secret meaning” or are certified by the FBI as being vital to national security, then such records may be held longer than five years. Given the tendency of agencies to read their authority as broadly as possible and the past record of IC agencies, it is likely these authorities will be stretched as far as legally possible. It bears note that all restrictions are prospective, meaning that current, ongoing uses of Section 215 would be exempted. The business records provision would be extended until December 1, 2023 as are the other two expiring authorities that permit so-called roving wiretaps and allow for surveillance of so-called “lone wolves.”

For FISA applications under Title I (i.e. electronic surveillance), any agency seeking a FISA order to surveil will need to disclose to the FISA court any information that may call into question the accuracy of the application or any doubtful information. Moreover, certain FISA applications to surveil Americans or residents would need to spell out the proposed investigative techniques to the FISA court. Moreover, any FISA application targeting U.S. officials or candidates for federal office must be approved by the Attorney General in writing before they can be submitted. H.R.6172 would permit the suspension or removal of any federal official, employee, or contractor for misconduct before the FISA court and increases criminal liability for violating FISA from five to eight years. Most of these reforms seem aimed at those Members, many of whom are Republican, that were alarmed by the defects in the FISA surveillance process of Trump Campaign associate Cater Page as turned up by the Department of Justice’s Office of the Inspector General investigation. Some of these Members were opposed to the House Judiciary Committee’s initial bill, which they thought did not implement sufficient reforms to the larger FISA process.

© Michael Kans, Michael Kans Blog and michaelkans.blog, 2019-2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Michael Kans, Michael Kans Blog, and michaelkans.blog with appropriate and specific direction to the original content.

Fourth Volume of Report in 2016 Russian Hacking Endorses IC’s Conclusions

In a report that largely vindicates the Intelligence Community’s (IC) assessment of the 2016 election, a Senate committee continues with its investigation of Russian hacking with a heavily redacted fourth volume. The Republican-led committee rebuts the President’s assertions the IC was wrong and biased.  

The Senate Intelligence Committee has released the fourth of five planned volumes, detailing Russia’s interference in the 2016 presidential election. This volume, titled “Review of the Intelligence Community Assessment,” assessed the classified version of the Intelligence Community’s (IC) review and conclusions regarding Russian efforts to aid President Donald Trump’s campaign and to harm former Secretary of State Hillary Clinton’s bid for the presidency. In this assessment, the Committee found “unprecedented Russian interference” well-described, analyzed, and investigated by the IC. However, much of the report is redacted, and according to Committee Member, Senator Angus King (I-ME), this was done to protect the sources and methods the IC used.

An unclassified version of “Assessing Russian Activities and Intentions in Recent US Elections” was released in mid-2017 that was heavily criticized by the President, the White House, and a number of Republicans. Additionally, the House Intelligence Committee, led by then Chair and Trump ally Devin Nunes (R-CA), found that the IC assessment was plagued by “significant intelligence tradecraft failings.”

Given that the majority of Russian interference was executed in cyberspace, often through social media, it remains to be seen whether these reports will spur proposals to change laws regulating cybersecurity or U.S. intelligence activities. Moreover, like so many issues, the response to COVID-19 will likely overshadow this report and any potential impact it may have otherwise had.

While the White House has largely been silent on this volume of the Senate Intelligence Committee’s investigation, the subject of Russia’s activities during the 2016 election remains touchy at the White House, suggesting efforts to reform how the U.S. responds to this sort of hacking will remain at the agency-level with heads of key entities using authorities they currently possess. This opens the possibility that agencies and private sector entities will not receive new latitude to fight off disinformation campaigns likely to be waged by more than just Russia as North Korea, China, and Iran are often identified as those nations most able to interfer in this year’s election.

The Committee’s previous three volumes are: “Volume I: Russian Efforts Against Election Infrastructure,” “Volume II: Russia’s Use of Social Media,” and “Volume III: U.S. Government Response to Russian Activities.”

As threshold matters, the Committee found

  • [S]pecific intelligence as well as open source assessments support the assessment that President Putin approved and directed aspects of this influence campaign.
  • Further, a body of reporting, to include different intelligence disciplines, open source reporting on Russian leadership policy preferences, and Russian media content, showed that Moscow sought to denigrate then-candidate Clinton.
  • ICA presents information from public Russian leadership commentary, Russian state media reports, and specific intelligence reporting to support the assessment that Putin and the Russian Government demonstrated a preference for candidate Trump.

The Senate Intelligence Committee made the following findings:

1. The Committee found the Intelligence Community Assessment (ICA) presents a coherent and well-constructed intelligence basis for the case of unprecedented Russian interference in the 2016 U.S. presidential election. On the analytic lines of the ICA, the Committee concludes that all [REDACTED] lines are supported with all-source intelligence, although with varying substantiation. The Committee did not discover any significant analytic tradecraft issues in the preparation or final presentation of the ICA.

The ICA reflects proper analytic tradecraft despite being tasked and completed within a compressed time frame. The compact timeframe was a contributing factor for not conducting formal analysis of competing hypotheses.

The differing confidence levels on one analytic judgment are justified and properly represented. Those in disagreement all stated that they had the opportunity to express differing points of view. The decision regarding the presentation of differing confidence levels was the responsibility of the Director of the Central Intelligence Agency (CIA) John Brennan and the Director of the National Security Agency (NSA) Admiral Michael Rogers, both of whom independently expressed to the Committee that they reached the final wording openly and with sufficient exchanges of views.

Multiple intelligence disciplines are used and identified throughout the ICA. Where the Committee noted concerns about the use of specific sources, in no case did the Committee conclude any analytic line was compromised as a result.

In all the interviews of those who drafted and prepared the ICA, the Committee heard consistently that analysts were under no politically motivated pressure to reach specific conclusions. All analysts expressed that they were free to debate, object to content, and assess confidence levels, as is normal and proper for the analytic process.

2. The Committee found that the agencies responsible for the !CA-CIA, NSA, and FBI, under the aegis of ODNI-met the primary tasking as directed by President Obama, which was to assemble a product that reflected the intelligence available to the Intelligence Community (IC) regarding Russian interference in the 2016 election.

3. The Committee found that the ICA provides a proper representation of the intelligence collected by CIA, NSA, and FBI on Russian interference in 2016, and this body of evidence supports the substance and judgments of the ICA.

[REDACTED] Regarding FBI, the ICA states, in its “Scope and Sourcing” introduction, that “[w]e also do not include information from ongoing investigations.” [REDACTED] The Committee found that the information provided by Christopher Steele to FBI was not used in the body of the ICA or to support any of its analytic judgments. However, a summary of this material was included in Annex A as a compromise to FBI’s insistence that the information was responsive to the presidential tasking.

4. The Committee found the ICA makes a clear argument that the manner and aggressiveness of the Russian interference was historically unprecedented. However, the ICA and its sources do not provide a substantial representation of Russian interference in the 2008 and 2012 presidential elections, as the Committee understands was part of the President’s original tasking.

5. [REDACTED]The Committee found that the ICA did not provide a set of policy on how to respond to future Russian active measures, which was part of the tasking the President conveyed to the Director of National Intelligence (DNI) James Clapper. The ICA did include, in the compartmented version, an unclassified section independently produced by DHS, FBI, and the Department of Commerce’s National Institute of Standards and Technology (NIST), “DHS/FBI/NIST Recommendations: Options to Protect and Defend US Election Infrastructure and US Political Parties.”

The absence of policy recommendations was deliberate, due to the well-established norm that the IC provides insight and warning to policy makers, but does not itself make policy.

6. The Committee found the ICA would benefit from a more comprehensive presentation of how Russian propaganda-as generated by Russia’s multiple state-owned platforms-was used to complement the full Russian influence campaign.

Open source collection is a long-standing discipline for CIA and other elements of the IC, and open source reporting is used throughout the ICA to support specific analytic assertions. However, open source reporting on RT and Sputnik’s coverage of WikiLeaks releases of Democratic National Committee (DNC) information would have strengthened the ICA’s examination of Russia’s use of propaganda. On this point, the Committee finds that Annex [REDACTED] of the ICA-“Open Source Center Analysis: Russia: Kremlin’s TV Seeks to Influence Politics, Fuel Discontent in US,” published December 12, 2012-should have been updated to provide a summary of Kremlin propaganda in 2016, thereby making a more relevant contribution to the ICA. An update to this assessment was not produced by the Open Source Enterprise until after the publication of the ICA.

7. [REDACTED] The role of social media has been a significant focus by the Committee and is discussed in a separate volume of this report.