Hack Back Comes Back and Online Privacy Won’t Go Away

In the shadow of the president's proposed budget, Congress resurrected several of its favorite issues: hacking back, online privacy rights and turning to technology to thwart terrorism.

Hack Back Bill Gets a Rewrite

Rep. Tom Graves, R-Ga., released an updated version of a controversial bill this week that would allow companies to hack back—in a limited way—when they’re under attack. The updated draft of Graves’ Active Cyber Defense Certainty Act still bars companies from destroying an attacker’s data but would allow them to destroy their own data if it’s in an attackers’ possession. It would also require companies to report any “active” cyber defense actions to police and expressly forbid companies from causing financial injury to their attackers.

National Security Agency Chief Adm. Michael Rogers expressed reservations about the bill during a House hearing this week saying it could lead to unintended consequences.

Online Privacy’s New Twist

A few weeks ago, Rep. Marsha Blackburn, R-Tenn., lead a high-profile—and successful—effort to roll back the Federal Communications Commission’s restrictions on internet service providers’ selling customers’ browsing data. Her argument for the repeal wasn’t against privacy; it was against having multiple regulators. Her latest bill, the Balancing the Rights of Web Surfers Equally and Responsibly, or BROWSER, Act, would designate the Federal Trade Commission as the “online privacy enforcer” and require both ISPs and edge services (think Netflix, Amazon or Google) to have clear privacy rules with opt-in/opt-out options for customer data.

Connecting the DHS Dots

The Homeland Security Department would be required to develop a master framework that links all of its existing datasets related to terrorism, weapons of mass destruction, national intelligence and other topics under legislation introduced recently by Rep. Will Hurd, R-Texas. The bill requires safeguards to monitor the database for insider threat activity or to exclude information that could expose intelligence-gathering sources or methods.

Everyone Likes Maps

A pair of senators wants to modernize how the federal government buys map-based digital data—and it buys tons of it. Sens. Orrin Hatch, R-Utah, and Mark Warner, D-Va., reintroduced the Geospatial Data Act, designed to improve the management and purchase of geospatial data and metadata, including avoiding duplicated purchases.

“We need to optimize the method in which we collect geospatial data to advance the technology for states, counties and citizens around the nation,” Hatch said in a statement.

Where’s Your Data?

Law enforcement would be restricted from serving warrants for U.S. citizens’ digital information stored abroad under new legislation—unless the country where that data’s stored either doesn’t object or doesn’t have a law enforcement cooperation agreement with the U.S. The bipartisan International Communications Privacy Act, sponsored by Sens. Orrin Hatch, R-Utah, Chris Coons, D-Del., and Dean Heller, R-Nev., would add some clarity to a thorny legal question currently working its way through the courts and that may reach the U.S. Supreme Court. Similar legislation was introduced in both chambers last year without success.

The DHS Distraction

Top Democrats on the House Homeland Security Committee wants answers from the Trump administration following a Foreign Policy report that the White House considered launching an investigation of the Homeland Security Department’s Automated Indicator Sharing program for cyber threats as a way of distracting from the Washington Post’s report that the president allegedly shared classified information about ISIS with Russian diplomats.

“AIS is still in its nascent stages, the letter from Reps. Bennie Thompson, D-Miss., and Cedric Richmond, D-La., states. “the department should be using its limited resources to grow the capability and build trusted partnerships with its customer base, rather than fighting off baseless accusations.” Thompson is ranking member of the full committee and Richmond is ranking on its cybersecurity panel.

Fly Local

The Federal Aviation Administration has been working diligently—but perhaps too slowly for some—to come up with rules for flying drones for fun and for profit. A group of senators thinks state, local and tribal governments also need a space in that air traffic control tower.

The Drone Federalism Act, introduced by Sens. Tom Cotton, R-Ark., Dianne Feinstein, D-Calif., Mike Lee, R-Utah, and Richard Blumenthal, D-Conn., would create a framework in which FAA would retain the authority of national airspace, while other governments would devise operating rules for drone operations with 200 feet of the ground or a structure.

Joseph Marks and Heather Kuldell contributed to this report.