At a glance.
- US DOJ's Civil Cyber-Fraud Initiative incentivizes data security.
- The challenges of revising Section 702.
- Governing autonomous systems in military conflict.
US DOJ’s Civil Cyber-Fraud Initiative incentivizes data security.
JDSupra discusses a recent settlement that highlights how the US Department of Justice’s Civil Cyber-Fraud Initiative is being used to hold entities accountable for putting systems and data at risk. The US Department of Justice (DOJ) recently resolved a settlement against Jelly Bean Communications Design LLC concerning a cyberattack targeting a website the design firm had created. The delightfully-named firm designed, hosted, and maintained HealthyKids.org, a federally-funded Florida children’s health insurance website. Under its contract with the Florida Healthy Kids Corporation, Jelly Bean agreed the hosting environment would comply with Health Insurance Portability and Accountability Act rules, which require that the personal health information collected on the site would be properly secured. The False Claims Act settlement agreement not only alleged that Jelly Bean failed to adequately protect the data, but the firm knowingly neglected to maintain, patch, and update software systems supporting the site, leaving the data vulnerable to attack. In fact, the DOJ’s investigation revealed that the site’s software had not been updated since a month after it was created nearly seven years ago.
The challenges of revising Section 702.
As we’ve previously discussed, Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows the government to conduct warrantless searches of foreigners abroad, is set to expire at the end of the year. Foreign Affairs offers an overview of the debate among US lawmakers and intelligence officials over whether the measure should be renewed, and posits the discussion needs to take a broader look at surveillance as a whole. For the most part, the White House and the intelligence community are in support of 702 being renewed with only minor changes, while other lawmakers say the measure conflicts with Americans Fourth Amendment rights, which protect them from “unreasonable searches and seizures.” It’s worth noting that even if Section 702 is not renewed or is severely limited, it’s likely intelligence officials will find ways to circumvent any new restrictions. For instance, the rise of the data brokerage market has made it easy for governments to acquire any desired data for the right price.
Governing autonomous systems in military conflict.
Artificial intelligence is increasingly being used to power military systems and technologies. Earlier this year, Australia, the UK and the US conducted a trial of AI-enabled aerial and ground vehicles used to detect and track targets. China is reportedly already using AI-powered underwater sensors in the South China Sea, and AI has been used in direct conflict in the war in Ukraine. While AI-powered military systems have their benefits, the risks of removing the human element from warfare cannot be overlooked. World governments are grappling with how to minimize these risks without stifling the advantages that autonomous systems can afford. In February the US released a declaration in outlining its vision for responsible use of AI and autonomous systems by the military. However, the vision lacked clear guidelines for regulation of these systems, and some experts say a more comprehensive framework is needed to guide notification procedures when autonomous military systems are involved. Foreign Affairs suggests that world governments should look to the Cold War-era’s U.S.-Soviet Incidents at Sea Agreement, a 1972 accord aimed at lowering the risk of accidents and unintended conflict between military vessels on the high seas by creating notification protocols and information-sharing procedures.