At a glance.
- Upcoming Supreme Court cases could determine the future of the web.
- Officials weigh in on NIST’s update of the Cybersecurity Framework.
- European Parliament rejects proposed EU-US Data Privacy Framework.
- FTC establishes new tech regulation office.
Upcoming Supreme Court cases could determine the future of the web.
Online platforms will have their day(s) in court this week, as the US Supreme Court is set to hear two major cases that could greatly impact how content is created and shared on the web. The first case, Gonzalez v. Google, questions whether video streaming platform YouTube should be held accountable for videos promoting ISIS that potentially served as motivation for the attacks that took place in Paris in 2015 and resulted in the deaths of over one hundred people, including American college student Nohemi Gonzalez. The plaintiffs in the case, which will be heard tomorrow, allege that YouTube’s algorithms helped promote the controversial content that led to the attack. On Wednesday the Supreme Court will hear Twitter v. Taamneh, in which the plaintiffs argue that Google, Twitter, and Facebook should similarly be held liable for an Istanbul ISIS attack that killed nearly thirty people. As Time explains, the cases could determine the future of Section 230, a measure of the Communications Decency Act that protects internet companies from being held legally responsible for content posted by users. If the US’s highest court determines that online platforms are culpable, it could not only mean the end of Section 230, but the end of the internet as we know it. Anupam Chander, a Georgetown University law professor, told Yahoo News, “Section 230 is the foundational law of the modern internet. It was devised in 1996 to encourage the development of internet platforms that would facilitate speech.”
Cyberscoop notes that on Friday the Supreme Court will decide whether to review a case that questions if the National Security Agency’s (NSA) digital surveillance of Americans’ internet activities violates citizens’ privacy rights. A petition filed by the American Civil Liberties Union and Knight First Amendment Institute on behalf of the Wikimedia Foundation challenges whether the government has the right to use “state secrets privilege” to prevent the proceeding of a case challenging NSA’s monitoring efforts. The case is the culmination of a years-long dispute between Wikimedia and NSA over the agency’s use of upstream surveillance. James Buatti, legal director for the Wikimedia Foundation, stated, “We see this kind of mass surveillance as a really significant threat to the privacy and free expression rights of Wikimedia users. It’s very much like the same reason a library couldn’t achieve its mission if its patrons had to worry about the government monitoring what books they checked out,” The Justice Department has asked the Court not to review the case.
Officials weigh in on NIST’s update of the Cybersecurity Framework.
As we’ve previously discussed, the National Institute of Standards and Technology (NIST) is working on an update to its Cybersecurity Framework (CSF), and the changes are expected to help businesses ensure their products and services are designed with security as a priority, particularly when it comes to private critical infrastructure operators. As Executive Gov explains, NIST’s goal is to incorporate new guidance and resources in the CSF in order to better address the ever-evolving cyber threat landscape. NIST hosted a webinar last week to discuss their plans for the update, and the government officials in attendance were vocal about their support of the changes. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, stated, “The framework has served as a powerful tool for providing a common taxonomy to help organizations create cybersecurity programs that align with the organization’s risk tolerance, that enable continuous improvement and facilitate communication around complex topics using a common lexicon.” The Federal News Network notes that one of the major changes will be the addition of a sixth function to the framework focused on governance. Cherilyn Pascoe, CSF Program Lead at NIST, explained, “This is not a decision that we’re making lightly. The five functions within the framework have really become the definition for cybersecurity, they are included in policies and requirements and standards around the world. But we do believe that elevating governance through a function is the right thing and the right time to do it.”
European Parliament rejects proposed EU-US Data Privacy Framework.
In December the European Commission announced a recommendation for the adoption of a EU-US Data Privacy Framework that would dictate how EU citizen data is handled by American companies. Last week the European Parliament’s Committee on Civil Liberties, Justice, and Home Affairs issued a draft motion for a resolution that the European Commission reject the proposed framework, stating that it is not in compliance with the General Data Protection Regulation, especially when it comes to the US’s allowance of large-scale collection of user data for national security purposes without a warrant. The European Commission feels that US President Joe Biden’s recent executive order provides an “adequate” level of protection for EU data, but the Committee feels that this protection is insufficient, particularly because an EO can simply be reversed or amended by the president at any time. However, as Computer World notes, the Committee’s approval is not required, so it remains to be seen if it has an impact on the future of the framework.
FTC establishes new tech regulation office.
The Washington Post reports that The US Federal Trade Commission (FTC) has launched an Office of Technology focused on keeping Silicon Valley tech giants like Google and Apple in check. The FTC’s Democratic Chair Lina Khan hopes that this dedicated tech unit, which will more than double the number of technologists on staff, will help rein in the ever-expanding influence of the tech sector and support investigation of potential misconduct through collaboration with teams across the agency’s competition and consumer protection bureaus. FTC Chief Technology Officer Stephanie Nguyen stated, “Actually being able to have staff internally to approach these matters and help with subject matter expertise is critical,” said Nguyen, who will lead the office.