Welcome to the CAVEAT Weekly Newsletter, where we break down some of the major developments and happenings occurring worldwide when discussing cybersecurity, privacy, digital surveillance, and technology policy.
At 1,500 words, this briefing is about a 6-minute read.
At a Glance.
- Federal moves raise concerns about election security.
- Former FTC Commissioners file lawsuit against Trump administration.
Election security concerns grow amid Federal changes.
The News.
On Monday, reports emerged that the Trump administration’s cuts to both funding and personnel could negatively impact state and local election security. Out of these cuts, the halting of Cybersecurity and Infrastructure Security Agency’s (CISA) election security programs could be the most impactful. For context, these programs are tasked with scanning election system networks for threats and sharing relevant data with both election officials and the public. Currently, these programs have been halted pending the Department of Homeland Security’s review, with no timeline on when this review is supposed to take place. If these programs were to be discontinued or indefinitely paused, state and local governments would be required to supplement these security efforts.
Pennsylvania’s Secretary of State, Al Schmidt, commented on these haltings, stating that “there is no difference between red states and blue states when it comes to concerns about election security, and no state can do this on their own.” Schmidt continued expressing these concerns in a letter to Homeland Security Secretary Kristi Noem, emphasizing that “withdrawing CISA’s support for local election officials will make elections less secure.”
The Knowledge.
Outside of CISA halting many of its election security programs, President Trump also signed a new Executive Order (EO) at the end of March. The EO on Preserving and Protecting the Integrity of American Elections is one of the most controversial orders so far, testing the limits of executive power. More specifically, the EO would make the following changes:
- Requires the Election Assistance Commission to add proof of citizenship to the national voter registration form.
- Directs the Justice Department to “take all necessary action to enforce” rejecting mail-in ballots not received by Election Day.
- Empowers the Department of Government Efficiency (DOGE) to review voter rolls for compliance with federal laws.
However, this EO has already begun to see some substantial pushback, as a lawsuit has already been filed against the move. This lawsuit claims the order is an unconstitutional attempt to wrestle authority over elections from states while also imposing new voting requirements. The suit stated that “although the Order extensively reflects the President’s personal grievances, conspiratorial beliefs, and election denialism, nowhere does it (nor could it) identify any legal authority he possesses to impose such sweeping changes upon how Americans vote.” It is unclear when this lawsuit will be resolved.
The Impact.
As the Trump administration changes how the federal government approaches elections, this volatility will likely create higher chances of risks developing in both the short and long term. While it is unclear when CISA’s internal review will be finished and how the legal challenges against the administration’s EO will proceed, these efforts are indicative of the other election-related moves that the administration will aim to implement over the coming months.
US citizens should understand that these changes could lead to security and integrity risks for upcoming elections. Furthermore, if state and local governments lose their federal election support, these changes could result in inconsistent security measures, privacy concerns, and voter access issues.
FTC commissioners sue Trump.
The News.
Last week, two former Federal Trade Commission (FTC) members filed a lawsuit against the Trump administration, seeking both back pay and reinstatement. When the two former commissioners were terminated, the Trump administration stated that their respective services at the FTC were “inconsistent” with the administration’s policies.
The two plaintiffs, Rebecca Kelly Slaughter and Alvaro Bedoya, submitted their complaint writing that the “plaintiffs will not and do not accept this unlawful action: Plaintiffs bring this action to vindicate their right to serve the remainder of their respective terms, defend the integrity of the Commission, and to continue their work for the American people.” This lawsuit now joins several others, including those filed by former members of the National Labor Relations Board and the Merit Systems Protection Board. With this lawsuit, Bedoya stated that “if the President can break a 90-year-old Supreme Court ruling to fire us for no reason, he can do it to the Fed, the FDIC, and the SEC.” The Supreme Court ruling that Bedoya referenced refers to a 1935 case, known as Humphrey’s Executor v. United States, where the court ruled that a commission member can only be removed due to "inefficiency, neglect of duty, or malfeasance in office.”
While no timeline has been released for when this court case will be resolved, the FTC currently only has two sitting members, FTC Chair Andrew Ferguson and Melissa Holyoak. While the Trump administration has nominated Mark Meador for a spot, he still awaits Senate confirmation.
The Knowledge.
These lawsuits are reflective of the substantial pushback seen against the Trump administration's personnel cuts from both agencies and committees. Outside of the lawsuits already mentioned, on March 11th, a group of former government employees also filed a lawsuit against the administration claiming that the mass-firings of workers were illegal and should be reversed. In their class-action lawsuit, the plaintiffs stated that “what is needed is for this court to order the defendant agencies to return all affected employees to work for at least the pendency of this litigation.”
Each of these lawsuits is in response to a larger ongoing political effort by the Trump administration to test the boundaries of executive power and uproot former precedents. As these boundaries are tested, the judicial branch has been reacting to these numerous attempts to expand executive power, often ruling against the administration. For example, at the beginning of March, a federal judge blocked the administration’s firing of Democratic Chair Cathy Harris from the Merit Systems Protection Board. In the District Judge’s ruling, Judge Contreras stated that the agency’s “mission and purpose [required] independence.” However, given how fast the Trump administration is moving to test its power limits and how many lawsuits have been filed in response, it is unlikely that these limits will be clearly defined for some time.
The Impact.
These ongoing legal challenges between the Trump administration and former government officials and employees will likely take significant time to resolve. With multiple lawsuits still ongoing, the final determinations on the administration’s authority to remove commission members and other federal employees remain unclear.
While these cases remain ongoing, US citizens should be prepared that these challenges will create instability and potentially hamper agency effectiveness. For example, these reductions may hinder their ability to carry out essential functions and potentially disrupt regulatory oversight efforts.
Highlighting key conversations.
In this week’s Caveat Podcast, our team met with Daniel Barber, the CEO and Co-Founder of DataGrail. During this conversation, our team and Daniel discussed the criticality of privacy and compliance and why companies need to focus more on these core principles. Outside of this conversation, our team also discussed a new law proposed in California that would regulate kids’ use of artificial intelligence companions.
Like what you read and curious about the conversation? Head over to the Caveat Podcast for the full scoop and additional compelling insights. Our Caveat Podcast is a weekly show where we discuss topics related to surveillance, digital privacy, cybersecurity law, and policy. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
Other noteworthy stories.
Apple fined $162 million over privacy tool.
What: The French government has fined Apple for abusing mobile app advertising.
Why: On Monday, the French government fined Apple over the company’s “App Tracking Transparency tool,” which is the company’s privacy control tool. For context, this tool is used to allow iPhone and iPad users to decide which apps can track their activity. However, advertisers and game developers claimed that this tool made it more expensive and difficult to engage with the platform and enabled Apple to abuse its dominant market position.
After this announcement, Apple released a statement saying that “while [they] are disappointed with today’s decision, the French Competition Authority has not required any specific changes to [the App Tracking Transparency tool].”
EU Commission proposes expanding Europol.
What: The European Commission is seeking to expand Europol to counter new geopolitical challenges.
Why: On Tuesday, the Commission stated it would propose expanding the role of the law enforcement agency, Europol, and increase the law enforcement agency’s access to strategic data. The Commission stated that by expanding Europol, the agency would be able to handle more advanced challenges, such as digital crime and hybrid threats, to counter organized crime, terrorist groups, and other hostile actors. In this announcement, the European Commission Executive Vice President, Henna Virkkunen, stated that “we are going to make Europol a truly operational police agency.” Furthermore, Virkkunen also implied that the Commission was proposing strengthening the border agency, Frontex, and reforming the criminal justice cooperation agency, Eurojust.