Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–YOUR DESTINY LIES ON A DIFFERENT PATH THAN MINE: A small group of lawmakers will vote against the sweeping omnibus spending deal because of the inclusion of a cybersecurity bill. “I just think it’s very troubling,” Rep. Zoe Lofgren (D-Calif.) told The Hill. “The bill should not be in the omnibus. It’s a surveillance bill more than a cyber bill. I’m going to vote against the omnibus as a consequence.” The cyber bill would encourage businesses to share more data on hackers with the government. “There’s plenty wrong with this omnibus, but there’s nothing more egregious than the cyber language they secretly slipped in,” Rep. Justin Amash (R-Mich.) told The Hill by email. Proponents of the bill say the decision to attach it to the omnibus was necessary to avoid further delays on much-needed legislation. A broad swath of lawmakers, many industry groups and the White House support the measure as a critical first step to help the country better respond to cyberattacks. “This is the most protective of privacy of any cyber bill that we have advanced and we need to keep in mind the overriding interest all Americans have in protecting their privacy from these innumerable hacks,” Intelligence Committee ranking member Adam Schiff (D-Calif.), a cosponsor of his panel’s cyber bill, told The Hill. “Our privacy is being violated every day. And the longer we delay on measures like this, the more we subject ourselves to those kind of intrusions into our privacy.” But privacy groups and civil liberties advocates have warned the bill will could shuttle more of Americans’ personal data to the National Security Agency (NSA). To read our full piece, click here.
{mosads}–WHO’S SCRUFFY LOOKING?: Lawmakers, privacy advocates and civil liberties groups sparred Wednesday over the final text of a major cybersecurity bill released overnight as part of an omnibus spending package. The bill, which would encourage businesses to share more data on hackers with the government, has drawn fierce opposition from privacy groups and a vocal coalition of lawmakers. These opponents came out swinging Wednesday against what they see as a bill that would merely shuttle more of Americans’ personal data to the National Security Agency (NSA), without actually boosting the nation’s cyber defenses. They lamented leadership’s decision to move the controversial bill in the omnibus package, which many see as a must-pass measure, and called for a more fulsome debate over the cyber legislation’s negotiated language. “This ‘cybersecurity’ bill was a bad bill when it passed the Senate and it is an even worse bill today,” said Sen. Ron Wyden (D-Ore.), who led the upper chamber’s charge against its version of the bill, which passed in October. But the cyber bill’s backers — including a broad swath of lawmakers, many industry groups and even the White House — shot right back, arguing the final text addressed many of the opposition’s privacy concerns. “The [final] bill contains the strongest privacy protections to date,” said House Intelligence Committee ranking member Adam Schiff (D-Calif.) “It is the most significant effort by Congress to address the cyber threat to date, and should now become law.” To read our full piece, click here.
AN UPDATE ON CYBER POLICY:
–R2-D2, YOU KNOW BETTER THAN TO TRUST A STRANGE COMPUTER! The House passed legislation on Wednesday requiring the president to provide Congress with a strategy for combating terrorists’ use of social media.
The measure, approved by voice vote, would mandate a report from the president within six months with a comprehensive strategy to disrupt terrorist organizations’ social media use and online radicalization efforts, as well as a separate report in a shorter timeframe evaluating training programs for law enforcement personnel.
“We must first have a strategy before we can effectively defeat this enemy on every battlefield, including the cyber battlefield,” said Rep. Ted Poe (R-Texas), the bill’s author.
Messages promoting terrorism violate rules governing use of social media platforms like Twitter or Facebook. Companies such as Twitter already work with law enforcement to identify and shut down accounts and posts threatening terrorism as they investigate reports of rule violations.
Passage of the bill comes after an ABC News report this week that Homeland Security Secretary Jeh Johnson opted against ending a policy preventing officials from reviewing visa applicants’ social media accounts.
To read our full piece, click here.
–DO OR DO NOT. THERE IS NO TRY. House Majority Leader Kevin McCarthy (R-Calif.) on Wednesday expressed support for the inclusion of information-sharing legislation in the omnibus.
“These House-passed policies becoming law is an important step to increase our defenses against damaging cyberattacks,” McCarthy said in a statement.
LIGHTER CLICK:
–THE FORCE WILL BE WITH YOU. ALWAYS. Despite a suggested editorial moratorium on Star Wars, we believe that it’s important to bring you this moving musical gem that includes, in no particular order, 1.) Harrison Ford looking like he doesn’t care, 2.) C-3PO looking like he doesn’t know where he is or what’s going on, and 3.) harmonizing!
Watch, here.
WHO’S IN THE SPOTLIGHT:
–DONALD TRUMP (AGAIN) (SORRY). Donald Trump doubled down on his comments that he would support “closing that Internet up in some way” during last night’s Republican primary debate, leaving some unanswered questions about how that might work.
Cutting off part of the Internet has been done — by Egypt during the Arab Spring in 2011, leaving “virtually all of Egypt’s Internet addresses” unreachable to people outside of the country and cutting of all of the Internet to people within Egypt.
Read on, here.
A REPORT IN FOCUS:
–NEVER TELL ME THE ODDS. Verizon, which publishes one of the best-known security analyses each year, takes a look at breaches of protected health information for the first time.
Protected health information, or PHI, covers a vast swath of information from email addresses, medical insurance and Social Security numbers to actual medical records.
Among Verizon’s findings: 90 percent of industries have experienced a health data breach.
Physical breaches accounted for the highest number of incidents, with hacking and malware clocking in lower.
Read on, here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
Chinese President Xi Jinping on Tuesday called for “cyber sovereignty,” arguing that countries should be allowed to determine independently how they wish to govern the Internet. (The Hill)
Former Speaker Newt Gingrich (R-Ga.) said Wednesday that the Consumer Financial Protection Bureau was a flawed bureaucracy that can’t be trusted with personal information. (The Hill)
The omnibus spending bill released by congressional leaders early Wednesday morning seeks to block some federal employees from using a personal email account similar to the one used by former Secretary of State Hillary Clinton. (The Hill)
Do the Republican GOP candidates understand the cyber issues they discussed during Tuesday’s debate? (CSM Monitor)
Watch an infamous hacker take his DIY self-driving car for a test drive. (Motherboard)
If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A