At a glance.
- Russian election trolling hasn't abated, and shows an increase in sophistication and capability.
- More from the Cyberspace Solarium: the US State Department may get a new cyber arm, and a "state of cyber distress" may be defined.
- Congress and US Cyber Command consider capability building.
- EARN IT Act prompts renewed battle in the crypto wars.
- Voluntary principles for controlling online child exploitation are issued.
Russian troll farms remain active against US elections.
A study by New York University’s Brennan Center for Justice concludes that Russian disinformation operations directed against the 2020 election began last year, and that the operators behind the IRA troll farm have returned, using many of the same accounts. The study finds that the trolls have gotten better at impersonating candidates and parties, and are prepared to go beyond the simple amplification tactics seen so far. It will be interesting to see how successful exposure and blocking of such accounts will prove to be--Facebook, for one, seems to be devoting considerable attention to identifying and stopping coordinated inauthentic behavior.
More previews of the Cyberspace Solarium report.
The report of the Cyberspace Solarium, due to be issued next week, may contain a recommendation that the State Department establish a new office charged with assessing emerging technology and foreign cybersecurity efforts, Fifth Domain reports. The commission is also expected (according to another Fifth Domain piece) to recommend that the President be given authority to declare a "cyber state of distress" that would unlock access to a “cyber response and recovery fund.”
US Cyber Command considers its force structure.
US Cyber Command commander, General Paul Nakasone, indicated to Congress this week that his organization will probably require some expansion if it's to meet its mission commitments, FCW reports. Its responsibilities have increased noticeably since its inception. Fifth Domain suggests that General Nakasone's assessment found a receptive audience, in the House at least.
New action in the crypto wars.
The crypto wars have returned with considerable éclat as Senators Graham (Republican of South Carolina), Blumenthal (Democrat of Connecticut), and Feinstein (Democrat of California) introduce the EARN IT Act ("Eliminating Abusive and Rampant Neglect of Interactive Technologies") in the US Senate. The bill has bipartisan co-sponsorship from Senators Cramer (Republican of North Dakota), Jones (Democrat of Alabama), Joni Ernst (Republican of Iowa), Bob Casey (Democrat of Pennsylvania), Sheldon Whitehouse (Democrat of Rhode Island), and Dick Durbin (Democrat of Illinois).
WIRED sees that bill as a "sneak attack" on encryption. Nominally a measure directed against child exploitation, opponents from an unusually broad ideological spectrum see it as a roundabout way of subverting encryption. The bill would amend Section 230 to remove platforms' protections against liability to action brought for child exploitation content they host. It’s worth noting that the crypto wars have been going on for a long time. Institutionally, in the US the Justice Department has long provided the paladins of the anti-encryption forces. During the previous Administration, former FBI Director Comey being the public face of what he characterized as responsible encryption within a framework of ordered liberty. That role now seems occupied by Attorney General Barr.
Voluntary principles for controlling online child exploitation.
The US Justice Department has also introduced a set of voluntary principles designed to control online child exploitation. Computing says that Facebook, Google, and a number of other tech firms have signed on. There are eleven principles in total grouped under seven heads:
- "Prevent child sexual abuse material." Two principles aimed at suppressing known and new cases of child abuse.
- "Target online grooming and preparatory behaviour." Two principles intended to identify and combat grooming, and to recognizing and fighting "advertising, recruiting, soliciting, or procuring a child."
- "Target livestreaming." One principle committing the adherents to work against livestreaming of abuse or exploitation.
- "Search." A single principle that would prevent search results from surfacing child abuse or exploitation.
- "A specialised approach for children." One principle that would protect children from risky online behavior.
- "Victim/survivor considerations." Reporting and offering reporting options for potential victimization.
- "Collaborate & respond to evolving threat." Three principles committing companies to regular cooperation and publication of regular, transparent reports.
The document suggests it has “Ministerial Approval” in all Five of the Eyes (and the use of British spellings suggests it's not an all-American production). It will be interesting to see what the EARN IT Act would do for child safety beyond what conscientious adoption of the voluntary principles would--possibly more reliable evidence-gathering in criminal cases, but that alone seems unlikely to make EARN IT any friends on the other side of the crypto wars.