At a glance.
- Big Tech leaders testify before US House Judiciary antitrust subcommittee.
- New Zealand regulations address the use of algorithms.
- Lindy Cameron to succeed Ciaran Martin as UK's NCSC head.
- Vermont's new privacy laws.
- Colorado to pentest election-related systems.
Big Tech's big day on Capitol Hill.
The New York Times sees the session in historical terms: the hearings before the antitrust subcommittee of the US House Judiciary Committee represent the industry's "Big Tobacco moment," as "captains of the New Gilded Age" face virtual inquisitors to "defend their powerful businesses from the hammer of government." Amazon's Jeff Bezos, Apple's Tim Cook, Facebook's Mark Zuckerberg, and Google's Sundar Pichai appear today via socially distanced teleconference.
A piece in the Telegraph (illustrated with a cartoon of the four on horseback, like the outriders of the Apocalypse, but with curiously innocuous faces) outlines the specific areas on which the companies are thought most exposed to challenge. The paper suggests five questions:
- "Have technology companies become monopolies?"
- "Is Apple unfair to app developers?"
- "Is Google promoting its own services over rivals in search results?"
- "Is Amazon unfairly using data on its sellers?"
- "Has Facebook used its acquisitions to dominate social media?"
It's safe to assume we know the answers the Telegraph's questions would receive (which would be "No," repeated five times) so any interesting responses would have to be elicited in follow-ups.
Although the subcommittee is specifically interested in antitrust issues, the hearings may well move into other areas. TheHill focuses on Section 230 of the Communications Decency Act, and would like to see the subcommittee members ask three questions:
- "Why shouldn’t digital platforms be subject to “know your customer” and security credentialing requirements?"
- "Why shouldn’t algorithms that drive information be regulated?"
- "Why shouldn’t digital platforms have complaint reporting and internal appeal processes related to the Good Samaritan liability exemption?"
The Wall Street Journal has a useful crib sheet for the hearings.
Algorithms, Wellington style.
The government of New Zealand has introduced a set of regulations designed to control the use of algorithms, especially their use in ways that could be construed as profiling, the Guardian reports. In this sense the algorithms to be controlled are realized as computer programs, and especially as programs that handle large sets of data.
The Guardian writes: "19 government agencies as initial signatories. In it, departments pledge to be publicly transparent about how decision-making is driven by algorithms, including giving 'plain English' explanations; to make available information about the processes used and how data is stored unless forbidden by law (such as for reasons of national security); and to identify and manage biases informing algorithms." Neither police nor intelligence services are among the initial signatories.
NCSC gets a new honcho.
GCHQ's National Cyber Security Centre (NCSC) will have a new chief. Lindy Cameron will replace Ciaran Martin as director when he steps down this summer to become Professor of Practice in Public Management at the Blavatnik School of Government at Oxford University, the Independent reports. Mr. Martin has been the first director of the UK's NCSC.
Ms Cameron, a native of Northern Ireland, is a graduate of the Ministry of Defence’s Royal College of Defence Studies. She arrives at GCHQ from the Northern Ireland Office, where she served as deputy head to the Permanent Secretary. Before that she had worked as Director-General in charge of the Department for International Development programs in Asia, Africa and the Middle East. Her principal challenges are expected to involved dealing with the disentanglement of the UK's infrastructure from Huawei and in managing the Russian threat so vividly described in the recent report of Parliament's Intelligence and Security Committee.
Vermont's new privacy laws.
The US state of Vermont's amended privacy law came into effect at the beginning of this month. The principal effect of the law is to expand the definition of what counts as personally identifiable information (PII) to include, the Daily Swig says, "numbers originating from government identification documents, genetic information, and health or wellness program records." JDSupra reports that the state's law now requires organizations to treat the exposure of "login credentials" (a user name and an associated password) as a reportable security breach on a par with loss of PII.
JDSupra also discusses Vermont's new Student Online Personal Information Protection Act, designed specifically to protect pre-Kindergarten through 12th-grade students. In general, online and mobile service providers will be enjoined from:
- "Engaging in targeted advertising based on any information the operator has acquired because of the use of its site, service, or application for PreK-12 purposes;
- "Using information that is created or gathered by the operator’s site, service, or application to amass a profile about a student, except for PreK-12 purposes;
- "Selling, bartering, or renting a student’s information; or
- "Disclosing covered information to a third party, unless a specific exception applies (including certain disclosures for educational purposes)."
Colorado to conduct penetration tests of election systems.
The US state of Colorado has engaged security firm Synack to conduct penetration tests of systems related to the conduct of elections, StateScoop reports.