Today at a glance.
- The British Government will give Huawei a limited place in the UK’s 5G infrastructure.
- China finds information control difficult during the coronavirus epidemic.
- Energy sector cyber incident reporting remains largely voluntary.
- New York State considers a ban on facial recognition technology.
Huawei will get a place in British infrastructure.
But the compromise may be unsatisfying to both Huawei and its prospective customers, who would like to see unfettered access to the market, and, on the other hand, to security hawks and close allies who see Huawei hardware as an unacceptable threat.
Computing writes that the British Government has decided to allow Huawei into the “non-core,” the “peripheral” precincts of its networks, excluding the company from national security systems and other critical infrastructure. Britain will also continue to inspect Huawei products before giving them a clean bill of health and permission to join the infrastructure.
How satisfactory all parties will find the compromise remains to be seen. Some in Prime Minister Boris Johnson’s Conservative Party complain that the UK, having recovered its sovereignty from Brussels with Brexit, has now decided to hand that sovereignty over to Beijing.
Fear and anger make information free?
It seems so, at least in China. The government routinely seeks to exercise control over information, and such control would seem to be particularly important during times of crisis. The ongoing coronavirus epidemic has challenged Beijing’s information machine, the New York Times reports, as angry, frightened citizens take to social media to express their dismay with the way officials and the nation’s healthcare system has handled the crisis.
The government’s current difficulties show how hard the problem of information control can be, especially with all of the ambiguity and intensionality of natural language. To take a simple example, people want to criticize General Secretary Xi Jinping, but doing so is risky. Instead, they call the General Secretary “Trump,” and everyone gets that Xi is meant. There are no signs that Beijing intends to relax its attempts to control information, but for now at least they hold a losing hand.
Reporting cyber incidents in the electrical power sector.
Power grids have been the targets of hacking before, with the most notable instances being the 2015 and 2016 Russian takedowns of sections of Ukraine’s grid, and the industry has long been warned that it faces a significant cyber risk. But utilities’ reporting of cyber incidents has remained less rigorous than the disclosure requirements surrounding many kinds of data breaches.
This past June the US Federal Energy Regulatory Commission (FERC) issued its Critical Infrastructure Protection Reliability Standard CIP-008-6 (Cyber Security – Incident Reporting and Response Planning) which expanded reporting requirements beyond the previous reporting threshold, which had been “Critical Infrastructure Protection Reliability Standard CIP-008-6 (Cyber Security – Incident Reporting and Response Planning) “when an incident has disrupted or compromised or disrupted one or more reliability tasks.”
The Utility Workers’ Union of America finds even the new standard wanting. It leaves, says the union as reported by Nextgov, the decision as to what counts as an attempted cyber attack up to the utilities themselves. FERC itself may share some of that uneasiness. Its five-year review of the North American Electric Reliabiltiy Corporation (NERC) directed NERC to come up with some standard criteria for incident reporting.
Facial recognition in the Empire State.
Even as the London Metropolitan Police prepare to deploy facial recognition systems, New York State is considering a fairly comprehensive ban on using such systems itself. The New York Law Journal reports that the state Senate is working on a bill that would ban the use of facial recognition and certain other biometric modalities pending deliberations by a panel of law enforcement and other experts to consider the implications of this family of technologies.