Welcome to the CAVEAT Weekly Newsletter, where we break down some of the major developments and happenings occurring worldwide when discussing cybersecurity, privacy, digital surveillance, and technology policy.
At 1,650 words, this briefing is about a 7-minute read.
At a Glance.
- The Biden Administration announces its support for the UN cybercrime convention.
- House panel questions chip equipment makers over ties to China.
The Biden Administration plans to support the UN’s cybercrime convention.
The News.
On Sunday, the Biden Administration announced its intentions to support the United Nations (UN) cybercrime convention when the treaty is voted on. Support for this vote comes after months of internal deliberations within the White House and various agencies regarding concerns that the treaty could be potentially misused by nations like Russia and China. With their support, an anonymous official stated that the administration’s support comes after reviewing “hundreds” of submissions from nongovernmental organizations and after consulting with foreign allies. The official also stated that “the United States (US) government assessed that [its] ability to influence the implementation of the convention in a rights-respecting manner is greater with the US joining consensus with allies and partners.”
If the treaty were to be passed by the UN, it would be the first legally binding global cybercrime treaty, but it would still require the US Senate to pass the treaty with a two-thirds vote. Given the US’s recent election and polarized political system, passing this treaty within the Senate will pose a substantial challenge.
The Knowledge.
For greater context, this treaty was recently finalized this August but has been in creation for several years. The treaty centers around giving nations the ability to conduct widespread surveillance measures and allow law enforcement agencies to cooperate across borders when investigating and prosecuting cybercrime.
However, since being introduced, this treaty has faced substantial criticism. Senator Ron Wyden discussed these concerns when he wrote a letter to the White House as well as the Commerce, Justice, and State Departments urging the administration to not support the treaty. One key concern surrounding the treaty was related to a clause that would allow other nations that have signed the treaty to request data on potential serious crimes that have occurred in another nation. In his letter, Senator Wyden expressed his concerns about giving nations, such as Russia and China, the ability to access surveillance information about monitored individuals. Additionally, Senator Wyden also expressed concern with how authoritarian regimes could use this treaty to justify censorship and freedom of expression under the guise of stopping cybercrime. Nick Ashton-Hart, the head of the UN cybercrime convention delegation, also commented on the treaty emphasizing that the document “is not a trojan horse, it’s a russian horse, and it always was.”
Despite these criticisms, proponents of the treaty have emphasized that this treaty is critical to ensuring the US's influence over the document as well as ensuring that nations like Russia and China were not able to freely amend the document to their desire. John Lynch, the chief of the Justice Department's Computer Crime and Intellectual Property Section, commented on this dynamic, stating “if we walk away, we decide to just give up this process, [and] the Russians [and] Chinese will use this to amend the convention.”
The Impact.
While this treaty still has to go a long way before being signed into law both internationally and domestically, it has the potential to set a substantial precedent when handling cybercrime. Giving nations the ability to both expand surveillance efforts and expand investigations across borders would demonstrate a massive change in how cybercrime is presently handled.
For citizens and stakeholders of signatory countries, people should be aware of the broad powers that this treaty will provide both their nation’s government as well as other signers. Given the broad powers that this treaty would provide both domestic and international governments when handling cybercrime, anyone who could be potentially impacted by this treaty should express their opinions on the matter to government officials before the treaty is officially signed and should be prepared to act accordingly if the treaty were passed into law.
House panel questions chip manufacturing equipment makers over ties to China.
The News.
Last week, the House China select committee wrote a letter to several semiconductor equipment makers to discuss their associated sales with China. This inquiry letter was sent in response to lawmakers' concerns regarding China’s competitive achievements with chipmaking. More specifically, the Committee sent five letters to American, Japanese, and Dutch firms asking these companies for information on their total revenue from their sales to China as well as requested a list of their top customers from these associated transactions. The Congressmembers wrote letters to Applied Materials, Lam Research, KLA, ASML, and Tokyo Electron.
When requesting this information, the committee stated that it would help them “better understand the flow” of semiconductor manufacturing equipment to China. Committee Chair Representative John Moolenaar and Ranking Member Representative Raja Krishnamoorthi wrote that these sales “allow the [People’s Republic of China (PRC)] to continue to progress in critical fields such as artificial intelligence (AI), which are at the very heart of the strategic competition between the [US] and the PRC.”
The letters give each company until December 1st to pass over the requested information detailing their top customers in China by revenues, a list of US export license applications with the Commerce Department, and any data on the volume of manufacturing equipment shipped to China. Additionally, the lawmakers have also asked for details on each company’s plans for any new or expanded offshoring of production.
The Knowledge.
The House’s inquiry into these companies marks another instance of US federal authorities demonstrating their concerns about China’s ability to access both chip manufacturing equipment as well as advanced chips themselves. For months now, federal lawmakers have routinely expressed their growing concerns regarding China’s ability to access these emerging technologies and gain both military and competitive advantages over the US.
Throughout the Biden administration, federal agencies began addressing this problem through export controls. Earlier this year, the Commerce Department revealed new rules aimed at stopping the exports of semiconductor manufacturing equipment to Chinese chipmakers. While this rule did make exemptions for some of the companies mentioned above, like ASML and Tokyo Electron, the rule aimed to expand the Foreign Direct Product Rule to bar several Chinese semiconductor fabrication companies from receiving exports from many countries.
This rule was not the only instance of the Biden administration imposing these controls. Throughout his administration, President Biden routinely used export controls to limit China’s ability to access these advanced technologies. Given the strong bipartisan support behind controlling China’s access to advanced chips and chip manufacturing equipment, it is likely that the pressure shown by the Biden administration will be continued in Trump’s second administration.
The Impact.
While the House Committee’s letter is only an initial line of questioning, this development is notable and signals that the incoming Republican administration will likely continue to pressure chip manufacturers regarding their ties to the PRC. US citizens and businesses should expect both Congress and the next administration to continue monitoring these relationships and enforcing export controls to secure the US’s competitiveness in these emerging markets.
For companies involved in semiconductor chip manufacturing in any capacity, businesses should understand that federal authorities are continuing to increase the scope of their investigations and how strictly they plan to control these technologies. Businesses should ensure that they remain compliant with existing regulations as well as monitor for new rules and regulations to prevent any unnecessary legal or financial penalties from being imposed.
Highlighting Key Conversations.
In this week’s Caveat Podcast, our team sat down to discuss their reactions to the presidential election and what they expect to occur from his second term in office. Additionally, our team also sat down with Sarah Hutchins, a partner at Parker Poe, to talk about the growing number of state data privacy laws that have emerged over recent years. Throughout this conversation, our team discussed how these state laws have emerged due to efforts like targeted advertising, wiretapping, and other similar practices.
Like what you read and curious about the conversation? Head over to the Caveat Podcast for the full scoop and additional compelling insights. Our Caveat Podcast is a weekly show where we discuss topics related to surveillance, digital privacy, cybersecurity law, and policy. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
Other Noteworthy Stories.
Judge dismisses lawsuits against OpenAI.
What: A federal judge dismissed two lawsuits against OpenAI over the company’s alleged use of copyrighted content for AI training.
Why: Last week, US District Judge Colleen McMahon dismissed both Raw Story’s and AlterNet’s lawsuits against OpenAI. These lawsuits, originally filed back in February, alleged that OpenAI was removing the copyright management information from their articles before feeding them into ChatGPT.
In her ruling, Judge McMahon ruled that both Raw Story and AlterNet lacked the standing to bring a case against OpenAI and failed to allege “any actual adverse effects.” Aside from these lawsuits being dismissed, several other news outlets have ongoing lawsuits against OpenAI, which have yet to be resolved. These lawsuits involve The Associated Press, News Corp, The Atlantic, Vox Media, and Axel Springer.
German Interior Minister Warns of Cyber Threat Ahead of Elections.
What: Germany’s Interior Minister warned that the nation needs to increase its defenses against cyber-attacks and disinformation campaigns as it prepares for snap elections.
Why: On Tuesday, Nancy Faeser, the Interior Minister, stated that “we must also protect our democracy in the digital world” when discussing digital security ahead of the country’s upcoming elections. Additionally, Minister Faeser stated that “we must arm ourselves against threats from hacker attacks, manipulation, and disinformation.” With this announcement, the Interior Minister also emphasized concerns about the threats coming from Russia.
Germany’s snap elections are set to take place early next year in February. For context, these snap elections were held after Chancellor Olaf Scholz’s coalition collapsed this year.