Senate Homeland Security Committee Chairman Gary Peters, D-Mich., hopes soon to introduce legislation with ranking member Rob Portman, R-Ohio, that would require critical infrastructure owners and operators to report “significant” cyberattacks, Peters said during a hearing Thursday. The bill would require entities to report incidents to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Accountability on who’s in charge will be an important element, said Portman: “Cyber reporting legislation might better inform that strategy. I think we can get that right. I think we can get a bipartisan product.” Senate Intelligence Committee Chairman Mark Warner, D-Va., said previously he and co-authors of his own legislation were in conversations with Peters and Portman (see 2108020033). It’s long past time to pass cyber incident reporting legislation, testified CISA Director Jen Easterly: The bill would allow CISA to aid victims directly and share information across sectors. The information would be “profoundly useful” for determining strategy and informing investments, said National Cyber Director Chris Inglis. OMB Federal Chief Information Security Officer Christopher DeRusha said it’s important to have a universal standard rather than a state patchwork.
Karl Herchenroeder
Karl Herchenroeder, Associate Editor, is a technology policy journalist for publications including Communications Daily. Born in Rockville, Maryland, he joined the Warren Communications News staff in 2018. He began his journalism career in 2012 at the Aspen Times in Aspen, Colorado, where he covered city government. After that, he covered the nuclear industry for ExchangeMonitor in Washington. You can follow Herchenroeder on Twitter: @karlherk
The Computer & Communications Industry Association and NetChoice sued Texas over its social media law Wednesday (see 2109030048 and 2109100049), calling it a First Amendment violation. See a news bulletin here. The associations filed a lawsuit against a similar social media law passed in Florida.
The FBI needs to provide a complete briefing to the Senate Homeland Security Committee on why the agency held back the digital key associated with the Kaseya cyberattack (see 2109010005), Chairman Gary Peters, D-Mich., said during a hearing Tuesday. Director Christopher Wray said the bureau will work with the committee to provide more information, but some of the communication should be done in a classified setting. Peters questioned why the FBI reportedly held back the digital key for unlocking computers of hundreds of businesses and organizations subject to the Kaseya attack. He asked why the FBI didn’t share the key sooner, which might have helped avoid some recovery costs. Wray said the investigation is ongoing so he’s limited in what he can say, but generally, encryption keys require a lot of testing and validation: “That takes time.” Decisions are made jointly with agencies like the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said Wray. Ranking member Rob Portman, Ohio, agreed with the “necessity” for the committee to have all information “on the cyber front.”
Google and Facebook didn’t engage in anticompetitive behavior through a 2018 digital advertising agreement, representatives from the companies told the Senate Antitrust Subcommittee during Tuesday’s hearing (see 2109200060). A lawsuit from state law enforcers accused the companies of an illegal price-fixing scheme via the agreement.
An FTC investigator met this month with a group of Nebraska farmers who allege John Deere is abusing data privacy. Deere’s “monopolistic” data practices are preventing farmers’ right to repair, they alleged.
The FTC voted 3-2 along party lines Wednesday to withdraw from its 2020 joint vertical transaction guidelines with DOJ, despite “anxiety” from Commissioner Rebecca Kelly Slaughter and protests from Republican commissioners (see 2109100043). The guidelines remain at DOJ, the department said.
The FTC voted along party lines in passing eight omnibus resolutions designed to increase investigative powers for agency staff, focused tech and several other areas over the next decade, the agency announced Tuesday. The points of focus include “Acts or Practices Affecting Children,” “Bias in Algorithms and Biometrics,” “Deceptive and Manipulative Conduct on the Internet,” “Repair Restrictions” and “Abuse of Intellectual Property.” See also our news bulletin here.
President Joe Biden is expected to swiftly follow up his Monday nomination of Alvaro Bedoya as an FTC commissioner by announcing his pick of Mozilla Foundation Senior Adviser Alan Davidson for NTIA administrator (see 2108020061), Democratic Capitol Hill aides and telecom industry lobbyists told us. Bedoya is expected to replace Commissioner Rohit Chopra as the third FTC Democrat. Chopra awaits Senate confirmation to head the Consumer Financial Protection Bureau. FTC Chair Lina Khan, consumer advocates and USTelecom welcomed the pick. See also our news bulletin here.
If the FTC withdraws from its joint vertical merger guidelines with DOJ, it could cause friction between the two agencies and fuel legal arguments for opponents, former commission officials said in interviews last week. Commissioners are expected to withdraw from the agency's June 2020 joint guidelines with DOJ at a commission meeting Wednesday (see 2109080060). The guidelines would remain in effect for DOJ unless the department also acts.
Consumer advocates praised President Joe Biden’s nomination of Alvaro Bedoya as FTC commissioner. He’s expected to replace Commissioner Rohit Chopra, who awaits Senate confirmation to head the Consumer Financial Protection Bureau. The White House made its announcement at around 4 p.m. EDT Monday, and the advocates' comments came beforehand.