Overnight Cybersecurity: Senate narrowly rejects expanding FBI surveillance powers

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–IT WAS CLOSE: The Senate narrowly rejected expanding the FBI’s surveillance powers Wednesday in the wake of the worst mass shooting in U.S. history. Senators voted 58-38 on a procedural hurdle, with 60 votes needed to move forward. Majority Leader Mitch McConnell, who initially voted “yes,” switched his vote, which allows him to potentially bring the measure back up. A handful of Republicans — including GOP Sens. Rand Paul (Ky.) and Mike Lee (Utah) — voted against the GOP proposal that was spearheaded by Sen. John McCain (R-Ariz.) and backed by leadership. Sens. Mike Crapo (R-Idaho), Joe Donnelly (D-Ind.), Dianne Feinstein (D-Calif.) and Robert Menendez (D-N.J.) didn’t vote. The Senate GOP proposal — being offered as an amendment to the Commerce, Justice and Science appropriations bill — would allow the FBI to use “national security letters” to obtain people’s internet browsing history and other information without a warrant during a terrorism or federal intelligence probe. It would also permanently extend a Patriot Act provision — currently set to expire in 2019 — meant to monitor “lone wolf” extremists. Senate Republicans said they would likely be able to get enough votes if McConnell schedules a redo. “I’m not positive but I’ve been told, because I don’t count votes, that there were a couple of people who were in favor who were not there,” McCain said. To read our full piece, by Jordain Carney, click here.

{mosads}–GETTING CLOSER: The European Union and the U.S. have hammered out the most contentious issues in a pending transatlantic data flow agreement and a new draft is forthcoming, EU Justice Commissioner Vera Jourova told a European news outlet. The EU Commission is set to present the new draft of the so-called Privacy Shield in early July, Jourova said. The two sides have reached an agreement on bulk collection of personal data for national security purposes — a longtime sticking point — but still need to agree on how long the firms can retain data, and for what purpose. “We reached an accord on more precise listing of cases when bulk collection can occur and a better definition of how our American partners understand the difference between bulk collection which may be justified, and mass surveillance without any purpose, which is not tolerable,” Jourova said. “These specific points have already been finished and put down in written form,” she continued, adding that “we want to make sure that personal data will only be kept for that period which is necessary and to agree on exceptions which enable them to keep data for a longer time.” To read our full post, click here.

A POLICY UPDATE:

–IN CASE YOU DIDN’T STICK AROUND TIL SUPPERTIME LAST NIGHT… Two bills from Rep. John Ratcliffe (R-Texas) to foster relationships between Homeland Security and cybersecurity researchers passed the House on Tuesday night.

One bill, which passed 347-8, encourages Homeland Security to engage with promising private sector cybersecurity firms. It includes permission to open remote offices in areas “with high concentrations of such innovative and emerging technology developers and firms.” The agency is required to submit a private-sector engagement plan within six months.

The other bill, which passed 351-4, the Support for Rapid Innovation Act, encourages Homeland Security to fund and advise academic and private sector research with a focus on technologies with a “high probability of successful transition to the commercial market within two years.”

To read our full piece, click here.

MANY LIGHTER CLICKS:

–YO JERKS. DO NOT. DISPARAGE. INDEPENDENCE DAY. That’s all.

–IF ZUCK IS DOING IT… And by “it” we mean “taping over his laptop camera.” Good idea? Dad idea?

–BREAKING NEWS. The hacktivist network Anonymous sent shockwaves around the internet this morning with its latest announcement that it has released the names of all the people who worked at Kohl’s in 2003. (This is ClickHole, guys, DON’T GET EXCITED.)

A REPORT IN FOCUS:

–IT’S AN EXPLOSION! A new report from Kaspersky Lab, out today, found that ransomware attacks between April 2015 and March 2016 increased more than five-fold compared to the same period the year prior.

The U.S., Germany and Italy are the countries with the highest percentage of users hit with the malware, which encrypts victims’ computers for a ransom payment.

Read the full report, here.

A LOOK AHEAD:

THURSDAY

–The House Homeland Security Committee will meet about insider intelligence threats at 9:30 a.m.

WHO’S IN THE SPOTLIGHT:

–THE FED. Federal Reserve chairman Janet Yellen emphasized to lawmakers Wednesday that the digital theft of $81 million from the Bangladesh central bank’s account at the New York branch did not compromise the Fed’s systems…

…the same day that the former governor of the Bangladesh bank told the New York Times that the theft was absolutely the fault of the Fed and the banking transaction network the hackers used to steal the money.

Yellen said Wednesday that the Fed is considering “enhanced monitoring” for certain kinds of transactions.

To read about the former Bangladesh Bank head’s comments, click here. To read about Yellen’s testimony before the House Financial Services Committee, click here.

The former head of Bangladesh Bank says Swift thefts were not his fault. (The Hill)

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Sen. Elizabeth Warren (D-Mass.) threw her support this week behind strong Federal Communications Commission privacy rules for internet service providers. (The Hill)

The Office of Personnel Management (OPM) is pushing back on a scathing watchdog report that found security holes in the agency’s computer networks. (The Hill)

The man believed to have set up and maintained the private server in the basement of then-Secretary of State Hillary Clinton’s New York home invoked his Fifth Amendment rights against self-incrimination more than 125 times during a deposition as part of a civil court case on Wednesday. (The Hill)

The chairman of the House Armed Services Committee on Wednesday pressed a Pentagon official on the proposed change in authority for the U.S. military’s digital force. (The Hill)

The Application Developer’s Alliance sent an open letter to House lawmakers for “flip-flopping” on encryption.

Passing on PINs, banks go biometric. (The New York Times)

Password reuse behind GoToMyPC hack and others. (CSO)

Better know a Craigslist scammer. (Infoworld)

Apple did not encrypt the core of its recent iOS beta release. Is it a new age of openness? A move toward open source security? Or just a mistake? (Sophos)

On Brexit, the tech industry would prefer Britain remain. (Recode)

If you’d like to receive our newsletter in your inbox, please sign up here.