At a glance.
- US House passes measure to extend NSA domestic surveillance authorities.
- US seeks to enlist Big Tech against COVID-19 disinformation.
- EU revives misinformation self-reporting system arranged with tech firms to control COVID-19 rumors and exploitation.
- Huawei wins a pyrrhic victory in Parliament.
- Crypto wars move to the child protection front.
US House passes compromise renewal of the USA Freedom Act.
The USA Freedom Act, whose authority for certain forms of surveillance is set to expire Sunday, passed the House of Representatives in a compromise form yesterday. The Washington Post reports that the modified bill permanently cancels NSA's authority (currently dormant, since in 2019 NSA elected to make no further use of it) to collect phone records of suspected terrorists and US citizens in contact with suspected terrorists. It also bars warrantless collection of cell tower and GPS data. The bill also modifies the Foreign Intelligence and Surveillance Act (FISA), now "requiring agents to certify to the FISA court that they have told the Justice Department about all information that might call into question a surveillance application’s accuracy," a shortcoming that was strongly criticized by a Justice Department Inspector General report. The measure does leave Section 215 of FISA intact, with authorities to collect "tangible materials" the FBI finds particularly important.
The bill would have to both pass the Senate and obtain the President's signature before becoming law. In the law's present form both are now seen as real possibilities (although neither is a sure thing, and neither will happen before Sunday).
US Government asks Big Tech to help control coronavirus misinformation.
The US Administration is seeking to enlist Big Tech in a coordinated effort to correct these forms of misinformation. Facebook, Cisco, Google, Amazon, Apple, Microsoft, IBM and Twitter have all been asked to help, as the Washington Post and Politico report. The hope is that some technical solution or solutions might help, but it’s unclear that anyone has any idea of how to do this at scale. (And colloidal silver is exhibit A for the persistence of manifest nonsense.) Democrats have pressed the Vice President, who leads the Administration's coronavirus task force, to take stronger action against misinformation. A letter Virginia Senator Mark Warner sent Vice President Pence yesterday admonishes the Administration for mixed and incautious messaging.
EU dusts off rumor-control self-reporting system during coronovirus pandemic.
The European Union is also reviving the self-reporting system it established with US Big Tech in the hope of finding some way of muting disinformation on the coronavirus. The Wall Street Journal says the pandemic has prompted what some are calling an "infodemic," and the European Union wants help containing the cognitive as well as the physical contagion.
Parliament doesn't vote to ban Huawei from UK networks...
...but it seems headed in that direction. An attempt by restive, security-hawk Conservative MPs to have Parliament ban Huawei entirely from the UK's 5G infrastructure was defeated, but the Chinese manufacturer's victory is being seen as at best pyrrhic. The amendment to the Telecommunications Infrastructure (Leasehold Property) Bill that was defeated would have prevented mobile operators from buying equipment from any vendor declared "high risk" (and that's Huawei). The Register notes that the price of the Government's victory was a promise to unhappy Tory backbenchers that it would bring a Telecoms Security Bill to the House before the summer recess. That bill is expected to be unfriendly to Chinese vendors. And in fact the Culture Secretary, whose portfolio includes telecommunications, incautiously suggested that HM Government's intention was to pare Huawei's participation in Britain's 5G buildout back to, effectively, nothing.
Crypto wars: child-protection front.
Senatorial supporters of the EARN IT Act, with Senator Richard Blumenthal (Democrat of Connecticut) prominent among them, insist that the proposed law has nothing whatsoever to do with subverting encryption, CNBC reports. The bill would connect the immunity from liability and prosecution carriers currently enjoy under Section 230 of the Communications Decency Act to the carriers' adherence to a set of best practices designed to control online child exploitation and abuse. Those best practices would be established by a "National Commission on Online Child Sexual Exploitation Prevention to recommend best practices related to identifying and reporting online child sexual exploitation. The Commission consists of the heads of DOJ, DHS, and FTC, along with 16 other members appointed equally by Congressional leadership, including representatives from: law enforcement, survivors and victims’ services organizations, constitutional law experts, technical experts, and industry."
Opponents like the EFF say the measure would be impossible to implement without fatally weakening encryption. Senator Blumenthal disagrees, saying, “Strong law enforcement is compatible with strong encryption. I believe it, Big Tech knows it and either is Facebook is lying — and I think they’re telling us the truth when they say that law enforcement is consistent with strong encryption — or Big Tech is using encryption as a subterfuge to oppose this bill.”
The FBI might not believe it quite as strongly as the Senator suggests. Director Wray has continued in the tradition of his predecessor, calling for controls on "warrantless encryption." "We are all for strong encryption," Director Wray said at a recent conference, "and contrary to what you might hear, we’re not advocating for 'back doors.' We’ve been asking for providers to make sure that they themselves maintain some kind of access to the encrypted data we need, so they can still provide it in response to a court order." Critics, like those at TechDirt, see "warrantless encryption" as simply encryption, and regard Director Wray's comments as at best self-contradictory: "some kind of access" amounts to a back door.