Tech and cybersecurity are poised to be at the forefront of Congress’s agenda in 2019.
Lawmakers have increasingly set their sights on Silicon Valley, demanding a crackdown on tech giants like Facebook and Twitter. At the same time, cybersecurity efforts are increasingly focusing on the threat from abroad, particularly from Russia and China.
Congress has a hard lift ahead with many determined to pass a federal privacy standard as well as election security legislation to safeguard the 2020 vote.
Here’s what to look out for in the new year.
Tech giants face antitrust scrutiny
Many lawmakers have begun to turn on Big Tech, growing more willing to question whether the internet giants are too dominant.
Members on both sides of the aisle pointed to Google’s market power this week when CEO Sundar Pichai testified before the House Judiciary Committee.
{mosads}Google has suffered back-to-back multibillion-dollar antitrust fines at the hands of the European Union in each of the last two years. Critics say that the company has established a stranglehold on internet search and digital advertising to the detriment of news outlets, local businesses, internet startups and other would-be competitors.
And some in the U.S. would like to see regulators here take a similarly tough stand on Google and other Silicon Valley giants.
Rep. David Cicilline (D-R.I.), who will likely be the chairman of the House Judiciary’s antitrust subcommittee in the new Congress, hinted during the hearing with Pichai that he believes that Google should be broken up. The day after the hearing he brought up his concerns about Big Tech with the Trump administration’s top antitrust enforcers.
“As I noted during the hearing, anyone who believes in an open internet should be very alarmed by reports of this conduct as well as the findings by the European Commission that Google has abused its dominance through this conduct,” Cicilline told top Federal Trade Commission and Justice Department officials Wednesday. “While I was disappointed that Mr. Pichai was not more forthcoming about this issue during the hearing, it’s also clear that Google is not the only platform that has the ability and incentive to engage in this type of anticompetitive conduct online.”
Congress under pressure to secure 2020 election
The 2018 midterms are still fresh, but Washington is already thinking about how to keep the 2020 race secure from foreign threats.
Officials have said that Russia once again interfered in the elections this year, with Defense Secretary James Mattis the first to go public with that revelation.
News last week that hackers surveilled the emails of top staffers at the National Republican Congressional Committee (NRCC) has also resurfaced concerns about cybersecurity for political committees and campaigns.
Congress attempted to pass election security legislation this current session. But its best shot at getting a measure signed into law — the bipartisan Secure Elections Act, meant to guard election systems from cyberattacks — was held up in committee over what was said to be a lack of Republican support.
Democrats, including Sen. Mark Warner (D-Va.), have instead pointed fingers at the White House for holding up the measure.
Sen. James Lankford (R-Okla.), one of the bill’s cosponsors, said last week that the legislation won’t come up in committee during the lame duck session — a move confirmed by Senate Rules Committee Chairman Roy Blunt (R-Mo.).
State election officials have raised concerns over the bill, claiming that some provisions — including one to rename a technical advisory group and add more members to it — could hurt security efforts.
But those officials are hopeful that a bill will be passed sooner rather than later, giving them enough time and funding to implement the law’s conditions before the 2020 presidential election.
Rep. Jim Himes (D-Conn.) says he is considering reintroducing the House version of the Secure Elections Act. Its current co-sponsor, Rep. Tom Rooney (R-Fla.) is set to retire from Congress come January.
“I think with Tom retiring, my plan would be to do so,” Himes told The Hill. “I mean it is early, so I haven’t figured out intricate legislative strategy, but I think it is a bill with a lot of merit. I think it has support on the Senate side so I am excited to move with it.”
One thing is certain: In the coming year, the pressure will only grow for Congress to deliver on election security.
Lawmakers make new push for privacy bill
Congress has made an internet privacy bill one of their top priorities for next year with mounting data scandals and new internet privacy rules in the European Union and California setting the tone.
It remains to be seen if or when lawmakers will be able to come up with a bill that can win over both sides of the aisle, but the effort has gained new urgency. Privacy advocates are pushing for new protections and industry lobbyists want Congress to erase a tough new privacy law in California with a federal standard.
Consumer groups want a bill that will give users more control over their own data, force companies to be more transparent about what they do with that data and empower federal and state authorities to enforce privacy protections.
“Privacy is a fundamental human right,” Nuala O’Connor, the president of the Center for Democracy and Technology, said in a statement Thursday. “Physical safety, free expression, access to justice, and economic security depend on it. Yet, under the current patchwork of privacy laws in the U.S., it is impossible for individuals to understand, let only manage, the many ways their data is used. It’s beyond time for Congress to act.”
Meanwhile, Republicans and industry groups appear to be focused on coming up with a bill that will make sure tech companies don’t have to navigate conflicting state regulations.
“I’m of the opinion that we are better off with more of an overarching data protection framework for users, and I think that would be good to do,” Google CEO Sundar Pichai told the House Judiciary Committee on Tuesday.
Encryption fight heats up
The encryption debate is certain to reemerge in the coming months, as tech companies in the U.S. are already speaking out against a new anti-encryption law passed last week in Australia.
The law would require companies to help police bypass encryption in their messaging apps and essentially require the firms to build a “backdoor” for law enforcement into messaging apps like Signal and WhatsApp.
Silicon Valley quickly condemned the law. The Reform Government Surveillance group — a coalition of tech companies including Facebook, Microsoft and Google — called the measure “deeply flawed, overly broad, and lacking in adequate independent oversight over the new authorities.”
“RGS has consistently opposed any government action that would undermine the cybersecurity, human rights, or the right to privacy of our users – unfortunately, the Assistance and Access Bill that was just passed through the Australian Parliament will do just that,” the group said in a statement last week, after the bill’s passing.
{mossecondads}U.S. law enforcement and privacy advocates have clashed over encryption in the past, most notably after the FBI and Apple had a showdown in 2015 over a request to unlock a phone belonging to one of the shooters in the deadly San Bernardino attack.
Administration officials have been looking for a way to break the deadlock over encryption in the U.S. and as other countries pass similar laws that momentum could grow. Any moves on that front are certain to spark another fight between government and Silicon Valley.
New life for supply chain security bill?
Lawmakers are also likely to take up legislation on national security risks in the supply chain in the coming months, as more concerns are raised about Chinese-manufactured products making their way into the country.
A bipartisan bill introduced by Sens. James Lankford (R-Okla.) and Claire McCaskill (D-Mo.) earlier this year would create a council to review foreign-manufactured products for potential threats and mandate the government to create standards for evaluating those risks.
While a spokesperson for Lankford said this week that the senator is working to get the bill passed before the end of the year, McCaskill, who is leaving Congress, is less optimistic.
“I can’t imagine it’s going to get in anything,” she said Wednesday.
However, Sen. Gary Peters (D-Mich.), the incoming ranking member on the Senate Homeland Security and Governmental Affairs Committees, said Wednesday that he would consider being a cosponsor for the bill if it failed to pass this Congress and needed to be reintroduced in the new year.
Concerns about supply chain risks have been amplified by Chinese firms like Huawei and ZTE, whose products have been considered a potential national security risk.
The Moscow-based Kaspersky Lab also saw its software banned from the federal government over the past year over security concerns, a move the company unsuccessfully challenged in court.
— Olivia Beavers contributed reporting.