At a glance.
- EU member states request permission to surveil journalists.
- Vacant US cyber leadership position fuels worries from experts.
- DOJ announces new unit devoted to foreign cyberactivity.
EU member states request permission to surveil journalists.
In September the European Commission proposed regulations for media that included a measure preventing EU governments from conducting unlawful surveillance – including the use of spyware – on journalists. However, EU member states are asking for a national security exemption to this rule. As POLITICO reports, French officials last month penned a document requesting a clause that would allow EU countries to surveil journalists if necessary for national security, stating that the protections were too extreme. "The particularly exorbitant nature of this immunity raises questions — both in terms of its necessity and its proportionality," the document reads. It is "essential to strike a fair balance between the need to protect the confidentiality of journalists' sources and the need to protect citizens and the state against serious threats [...] whoever the perpetrators may be.” Member states’ deputy ambassadors are set to meet today to voice their agreement with France’s stance, but privacy advocates say the exemption would be ripe for abuse. Julie Majerczak, head of the Brussels bureau of Reporters Without Borders (RSF), called the requested clause a “Pandora’s box.” She and the heads of fifty-nine other civil society organizations signed an open letter Monday urging EU deputy ambassadors to rethink the exemption. Romanian lawmaker Ramona Strugariu of Renew Europe stated, "Member states who are champions in providing guarantees for the freedom of speech should give a very serious thought to what kind of precedent they are setting and what standards they commit to."
Vacant US cyber leadership position fuels worries from experts.
As US officials continue to grapple with the fact that several federal civilian agencies were exposed in cyberattacks linked to exploitation of vulnerabilities in the popular MOVEit file transfer product, cybersecurity experts say a lack of cyber leadership in the federal government will only make matters worse. President Joe Biden has yet to appoint a replacement for Chris Inglis, the nation’s first national cyber director, who stepped down in February. Experts say without a leader at the reins, implementation of the US’s recently released national cyber strategy is unlikely to go smoothly. John Costello, former chief of staff for the Office of the National Cyber Director, told Nextgov, “The fact the president has not nominated a new national cyber director — who would lead this effort— since Chris Inglis’s departure in February is a worrying oversight that needs to be addressed if we hope to build a more resilient cyber ecosystem long-term.” Last month a group of lawmakers submitted a letter to the president agreeing with Costello’s sentiments and pushing for the nomination of acting National Cyber Director Kemba Walden. Mike Walters, vice president of vulnerability and threat research and cofounder of the security patch management software Action1, agrees as well, saying the lack of a national cyber director “has hindered the administration's response" to the MOVEit vulnerability.
DOJ announces new unit devoted to foreign cyberactivity.
Assistant Attorney General Matthew Olsen announced at an event yesterday that the US Department of Justice (DOJ) is establishing a new section to its National Security Division focused on prosecuting malicious foreign cyberactivity. The Record explains that the move is part of the DOJ’s efforts to be more proactive in fighting digital threats from foreign actors. Olson said the new unit will help the division to “increase the scale and speed of our disruption campaigns and prosecutions of nation-state cyberthreats as well as state-sponsored cyber criminals” and will staff prosecutors who will be “positioned to act quickly as soon as the FBI or an [intelligence community] partner identifies a cyber enabled threat and we will be in a position to support investigations and disruption.” While Olson acknowledged that the National Security Cyber Section, or NatSec Cyber, is still in its “earliest stages,” CyberScoop notes that the section has already been approved by Congress and was laid out in Deputy Attorney General Lisa Monaco’s Comprehensive Cyber Review released in July 2022.