Lawmakers Weigh Another Election Security Bill and Warn Canada About Huawei

Companies that produce election systems for state and local governments would have to be wholly owned and operated inside the United States under a bill introduced by a bipartisan trio of senators Thursday.

The Protect Our Elections Act includes a waiver if the Homeland Security Department approves a U.S. subsidiary of a foreign company that has taken steps to mitigate overseas control of its U.S. divisions. The government provides similar waivers to some national security contractors.

The bill, sponsored by Sens. Chris Van Hollen, D-Md., Ben Cardin, D-Md., and Susan Collins, R-Maine, would also require that vendors abide by cybersecurity best practices developed by a government commission. That’s similar to requirements in the Secure Elections Act, which has gained broad bipartisan support.

Neither bill has time to pass before the 2018 midterms.

Digital Double-Dipping Discouraged

Sens. Ron Wyden, D-Ore., and John Thune, R-S.D., don’t want multiple state governments hitting consumers with taxes for online music, movies, books or other digital goods.

On Thursday, the pair of lawmakers reintroduced the Digital Goods and Services Tax Fairness Act, a bill originally penned in 2015 to protect online products from “discriminatory and duplicative” taxes. The bill effectively requires that retailers determine a single address for consumers, which is the only jurisdiction the digital products can be taxed in.  

The legislation also prohibits state and local governments from imposing taxes on online products that wouldn’t apply to their physical world counterparts, such as an online newspaper subscription versus a traditional subscription. It also mandates taxes on digital goods are only ever paid by the end user.

“Preventing unfair taxes on music, books and other important goods and services benefits consumers and innovators alike,” Wyden said in a statement. “This bipartisan legislation solves a 21st-century tax riddle by establishing a comprehensive set of rules for states to follow.”  

What Happens in Canada Doesn’t Stay in Canada

Canada’s decision to break from its main intelligence partners and include the Chinese company Huawei in its 5G telecommunications infrastructure could have dangerous consequences for both Canada and the U.S., according to a letter two U.S. senators sent Thursday to Prime Minister Justin Trudeau.

The letter comes after Congress barred federal contracts with Huawei over concerns the company could be used as a Chinese spying tool. The Federal Communications Commission is also attempting to limit telecom contracts with Huawei across the country.

“While Canada has strong telecommunications security safeguards in place, we have serious concerns that such safeguards are inadequate given what the United States and other allies know about Huawei,” Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla., wrote.

Canada, the U.S., the United Kingdom, Australia and New Zealand have an especially close intelligence sharing relationship known as the Five Eyes. If Huawei gains a foothold in Canadian 5G networks, that could both damage Canada’s security and imperil information Canada shares with Five Eyes partners, Warner and Rubio write.

What Did Google Know and When Did It Know It?

Republican leaders of the Senate Commerce Committee are seeking answers from Google about a vulnerability in its now-shuttered Google+ social networking site that compromised data of 500,000 users.

The senators want to know when Google learned of the incident, whether it disclosed it to the Federal Trade Commission or other federal agencies and if there are similar vulnerabilities the search giant has not yet disclosed, according to a letter to CEO Sundar Pichai.

That Won’t Break the Bank

A bill that would direct the Homeland Security Department to work with a consortium to help state and local governments respond to cybersecurity incidents would just cost about $3 million in grant funding per year, according to a Congressional Budget Office estimate released Tuesday.

The Budget Office gave the National Cybersecurity Preparedness Consortium a total price tag of $15 million over five years.

Another bill that would put the power of legislation behind Homeland Security’s cyber incident response and hunt teams would cost less than $500,000 in additional funds over five years, the Budget Office found.

China Chip Fallout Continues

Three Democratic senators want to know what the federal government is doing to mitigate against a potentially massive—but hotly disputed—compromise of computer server motherboards reported by Bloomberg Businessweek.

China managed to implant those motherboards, which are common across the U.S. government’s national security infrastructure, with tiny chips that could be used for spying, according to the Bloomberg Businessweek report. FBI Director Chris Wray and Homeland Security Sec. Kirstjen Nielsen both reacted with extreme skepticism to the report, however, and other publications have not been able to verify it.

Sens. Edward Markey, D-Mass., Sherrod Brown, D-Ohio, and Catherine Cortez Masto, D-Nev., want to know what the Defense Department and CIA have done to make sure their computers aren’t compromised by the Chinese chips, according to a letter sent to President Donald Trump Thursday.

The senators also ask if the government knows of similar vulnerabilities that aren’t public yet.

House Intelligence Committee lawmakers have also requested briefings on the alleged vulnerability.

Coming Up

There are no tech and cyber hearings this week. Plenty of lawmakers from both chambers are back home shaking hands, kissing babies and trying to get re-elected.