Stringrays, Blocked Nominations and a Ton of Tech Bills
Congress is on a roll of tech-focused bills, including one that adds cyber positions to an agency.
We guarantee you missed at least one of these things last week and this week is looking just as busy.
Wyden Blocks Krebs Nomination Over Stingrays
Sen. Ron Wyden, D-Ore., is blocking the nomination of Chris Krebs to lead the Homeland Security Department’s cybersecurity and infrastructure protection division until the department reveals more information about how foreign governments are using fake cellphone towers to spy on Americans.
Wyden has been pushing the executive branch for months to be more transparent about how foreign governments are using the tools, known as Stingrays, in the Washington, D.C. area. In an announcement to colleagues, Wyden asked that a PowerPoint presentation Homeland Security gave to federal agencies on the issue be publicly released. The slides are currently marked “for official use only.”
Krebs has been filling his job on an acting basis for several months.
But Wy stop there?
Wyden also sent a letter to Federal Communications Commissioner Ajit Pai Friday asking the commission to investigate a telecom company that is allegedly sharing Americans’ cellphone data locations with law enforcement without due legal processes.
The company, Secarus Technologies, is mostly known for providing paid phone services for prison inmates to speak with their friends and relatives. The company also acts as a data aggregator for major cellphone services, though, which means it has access to phone location data of people who’ve never called a state or federal prison.
And, according to Wyden’s letter, Secarus is sharing that location data with law enforcement “for nothing more than the legal equivalent of a pinky promise.”
Confused about how Secarus has access to that data? Here’s an explainer from the Electronic Frontier Foundation.
More Cyber at GAO, Updating Congress.gov and, Just Maybe, a New Congressional Tech office
The House Appropriations Committee approved a legislative branch appropriations bill Thursday that funded 80 new positions at the Government Accountability Office, partly to take on an “enhanced focus” conducting audits of cybersecurity and critical infrastructure protections as well as focusing on other science and technology issues.
The bill also gives the Library of Congress a 90-day deadline to include a calendar of House and Senate committee hearings and markups on its Congress.gov website. Currently, Congress.gov is a repository for congressional bill information and tracks bills’ progress to either law or obscurity.
Finally, the bill orders up a study on whether Congress should revive a defunct organization called the Office of Technology Assessment, which was shuttered in 1995. Think tanks have argued that a revived OTA could help Congress, which is not known for its tech-savvy, deal with issues ranging from cybersecurity and cloud technology to artificial intelligence and autonomous vehicles.
Yep, It Was the Russians
The Senate Intelligence Committee released the first summary of its findings about Russia’s digital efforts to undermine the 2016 U.S. election, Tuesday, along with an updated set of recommendations to improve election security going forward.
One big picture takeaway: The Homeland Security Department didn’t act quickly or forcefully enough to inform states of the danger Russian hackers posed before Election Day.
The report concludes Russian government-linked hackers probed at least 18 states’ election systems and possibly three others.
There’s “ample evidence” the hackers were developing capabilities to undermine confidence in the voting process, the report finds. It’s unclear, though, whether they opted not to follow through with those capabilities or always planned to exploit them at a later date.
The committee plans to hold another closed hearing on the findings Wednesday with former top intelligence officials.
Bug Bounties and Backdoors and Bipartisanship, Oh My
Last week was a big one for tech and cyber on the Hill.
A bipartisan duo of House lawmakers introduced a bill that would give agencies two years to make a slate of digital updates, including revamping their websites and improving digital customer service. An equally bipartisan sextet, meanwhile, reintroduced a bill banning government encryption backdoors. And Sens. Joni Ernst, R-Iowa, and Catherine Cortez Masto, D-Nev., introduced legislation that would create a 15-member board to keep the White House and Congress up to speed on the latest advancements in artificial intelligence.
The House Foreign Affairs Committee forwarded a bill mandating a State Department bug bounty. Homeland Security Secretary Kirstjen Nielsen also told Senators that Kaspersky anti-virus is off all federal network but the Russian software remains on some contractor systems.
Finally, House Armed Services lawmakers sent their draft of the National Defense Authorization Act to the floor with language that downsizes the Defense Information Security Agency and offers more military cyber aid to critical infrastructure. Oh, and two tech loan programs are on the chopping block in President Trump’s rescission request to Congress.
What could possibly come next?
Glad You Asked
At 2:30 p.m. Tuesday, the Senate Commerce Committee will examine trends in mobile technology.
The Senate Homeland Security Committee will hear testimony from Sec. Kirstjen Nielsen at the same time.
At 10 a.m. Wednesday, the House Energy and Commerce Committee will hold a hearing focused on national security issues in the telecommunications sector.
The House Oversight Committee will convene a 1:30 p.m. hearing that day on analyzing the President’s Management Agenda.
At 10 a.m. Wednesday, the Senate Judiciary Committee will hold a hearing about Cambridge Analytica and the future of data privacy.
At 2:30 p.m. that day, a Senate Commerce panel will probe the future of the International Space Station. A Senate Appropriations panel will examine the FBI’s budget request at the same time.
At 10 a.m. Thursday, a Senate appropriations panel will pore over the Federal Communications Commission and Federal Trade Commission budget requests.
At that same time, the House Education Committee will explore privacy and data security issues in education.
At 9:15 a.m. Friday, the House Energy and Commerce Committee will continue its “disrupter series” with a hearing on quantum computing.