Cyber and Privacy Public Policy Digest
Last week in Washington was very much in keeping with a Congress, and a White House, seemingly intent on limiting unforced errors before an election. The House of Representatives was on their post-Memorial Day district work period (recess), while the Senate was in session with much of the privacy and cyber policy confined to the committees. President Obama, was travelling overseas to attend the 70th Anniversary of D-Day and to hold consultations with skittish NATO allies.
House of Representatives
While the Senate floor offered little in the way of privacy or cyber related policy making, there was activity in the Committees. The Senate Appropriations committee examined funding levels for the Commerce-Justice-Science funding bill and the Senate Intelligence Committee, on the one year anniversary of the Edward Snowden revelations, began its attempt at crafting the USA Freedom Act.
Senate Appropriations Approves the FY15 C-J-S Bill
The Senate Appropriations Committee unanimously cleared the FY2015 Commerce Justice and Science Appropriations measure for full Senate consideration. Aside from a couple of amendments concerning the issue of internet domain names, there wasn’t too much controversy or concern within the cyber and privacy communities. As with its House counterpart, the Senate Appropriations Committee largely funded the cyber portions of its bill at the level requested by the Administration with little, if any, policy riders attached to the money. The cyber functions of both the National Institute of Standards and Technology (NIST) and the FBI received modest increases, and the bill looks ready for Senate consideration, hopefully before Congress adjourns for the August recess.
Senate Intelligence Committee at Examines USA Freedom Act
The House passed the USA Freedom Act two weeks ago after months of behind the scenes negotiations- negotiations which left one time proponents of the legislation abandoning the bill during the final roll call vote. In the House, the Chairman and Ranking Member of the House Intelligence Committee, once skeptics of the legislation, unexpectedly endorsed the package prompting concerns among others that the language concerning the bulk collection of data was too permissive and that many of the programs revealed by the Snowden disclosures would continue unabated.
The Senate Intelligence Committee began its examination of the House passed legislation with neither the bill’s proponents nor skeptics in a position to drive a consensus. Tech companies weighed in heavily in favor of efforts to strengthen the House passed bill with Senators Udall and Wyden leading the efforts from within the Committee. On the other side of the matter are the Committee’s Chair, Ranking Member, and former Chairman (Sen. Rockefeller) who feel that the House bill went too far in reconstructing a program that, in their minds, effectively stopped threats while maintaining civil liberties. Any Senate resolution to this matter will be delicate attempt at finding the “Goldilocks” zone- flexible enough for those concerned with national security, while also providing additional protections for the tech community and civil liberties activists. It will also have to meet the approval of the Judiciary Committee, where Senators will be tougher critics of the NSA and whose members have shown a greater degree of a libertarian streak than the Intel Committee membership.
Franken Holds Hearing on Location Based Apps
On Wednesday, Senate Judiciary Subcommittee on Privacy chairman Al Franken (D-MN) held a hearing on his Location Privacy Protection Act. Terming the wide range of these applications “Stalking apps”, Sen. Franken called for companies to get user permission before collecting or sharing location based data. Appearing at the hearing were witnesses from the Justice Department’s Office of Violence Against Women, the FTC, the National Network to End Domestic Violence, and the National Consumers’ League. The hearing, far from providing much resolution to the issue, became a forum for the ongoing debate between advocates of industry driven best practices and those advocating for the creation of a national regulation. With a dwindling amount of legislative days remaining it would be a surprise if the legislation moved beyond the hearing stage and onto the legislative calendar.
The White House
In Asia, Sec. Hagel Speaks Out on Cyber-Security
At the multi-national Shang-Ri La dialogue in Singapore, Secretary of Defense Chuck Hagel made some news by equating the threats of cyber-attack to the stability found in open sea lanes. In his run through of threats to East Asian security Sec. Hagel said, “We see ongoing territorial and maritime disputes in the South and East China Seas; North Korea’s provocative behavior and its nuclear weapons and missile programs; the long-term challenge of climate change and natural disasters; and the destructive and destabilizing power of cyber attacks.”
Later in his speech, the Secretary criticized China for its decisions on cyber policy and its withdrawal from a cooperative working group with the United States on these issues, “As we expand this dialogue, the United States also supports a sustained and substantive exchange with China on cyber issues. Although China has announced a suspension of the U.S.-China Cyber Working Group, we will continue to raise cyber issues with our Chinese counterparts, because dialogue is essential for reducing the risk of miscalculation and escalation in cyberspace.”
The Chinese expressed displeasure at the Secretary’s remarks. These remarks, on the heels of the indictments announced by the Attorney General two weeks ago, show the rapid escalation of importance of Chinese-US cyber security issues in U.S. foreign policy, an issue set that seems poised to grow in regardless of Congressional control or whomever wins the next Presidential election.
Following the release of their data broker report and ever increasing activity in big data, Commissioner Julie Brill spoke before some of policy making counterparts in Brussels. While much of the media and policy attention seems focused on so-called “big data”, Commissioner Brill focused her remarks on the data crumbs that come from the multitude of interactions consumers have across a range of platforms and retailers. The aggregation of these small amounts of data, in Commissioner Brill’s opinion, creates a dynamic that can overtake the use/risk based model of regulation that is emerging on both sides of the Atlantic.
This Week’s Schedule
Wednesday, June 11, 9:00 am House Appropriations Committee – Markup Full committee markup of the FY2015 Homeland Security Appropriations Bill; and the Revised Report on the Suballocation of Budget Allocations for FY2015.
Wednesday, June 11, 2:30 pm Senate Homeland Security and Governmental Affairs Committee – Hearing Efficiency and Effectiveness of Federal Programs and the Federal Workforce Subcommittee hearing on “A More Efficient and Effective Government: Examining Federal IT Initiatives and the IT Workforce.”
Tuesday, June 10, 1:00 pm Federal Communications Commission (FCC) (F.R. Page 22672) – Meeting Federal Communications Commission (FCC) (F.R. Page 22672) holds a meeting of the Technological Advisory Council.
Wednesday, June 11, 8:00 am Commerce Department (DOC); National Institute of Standards and Technology (NIST) (F.R. Page 28485) – Meeting Commerce Department (DOC); National Institute of Standards and Technology (NIST) (F.R. Page 28485) holds a meeting of the Information Security and Privacy Advisory Board, June 11-13.
Thursday, June 12, 8:00 am Commerce Department (DOC); National Institute of Standards and Technology (NIST) (F.R. Page 28485) – Meeting Commerce Department (DOC); National Institute of Standards and Technology (NIST) (F.R. Page 28485) holds a meeting of the Information Security and Privacy Advisory Board, June 11-13.
Friday, June 13, 8:00 am Commerce Department (DOC); National Institute of Standards and Technology (NIST) (F.R. Page 28485) – Meeting Commerce Department (DOC); National Institute of Standards and Technology (NIST) (F.R. Page 28485) holds a meeting of the Information Security and Privacy Advisory Board, June 11-13.